RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-11 07:18:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,056 Commits 8 Branches 22 Tags 3.8 MiB
52838ce632
Commit Graph

1056 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Chris PeBenito
42ec9f751a User: Convert to direct sepol structure access. Add iterator 2018-06-15 20:26:49 -04:00
Chris PeBenito
d2896d6a53 Role: Convert to direct sepol structure access. Add iterators. 2018-06-15 20:26:49 -04:00
Chris PeBenito
c45205c5b0 policyrep: Convert type and typeattrs to direct sepol structure access. 
Add iterators.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
9eba422499 policyrep: Convert commons and classes to direct sepol structure access. 
Add iterators.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
d476f22055 policyrep: Convert MLS symbols and levels/ranges to direct sepol structure access. 
Add iterators.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
8260b9b166 Boolean: Convert to direct sepol structure access. Add iterator. 2018-06-15 20:26:49 -04:00
Chris PeBenito
680664ba66 PolicyCapability: Convert to direct sepol structure access. Add iterator. 2018-06-15 20:26:49 -04:00
Chris PeBenito
a56f4b1400 policyrep: Convert to factory methods. 2018-06-15 20:26:49 -04:00
Chris PeBenito
8a9e9e7729 policyrep: Convert initial SID classes to factory methods. 2018-06-15 20:26:49 -04:00
Chris PeBenito
9ea0caa4f2 policyrep: Convert net contexts to factory methods. Add iterators. 2018-06-15 20:26:49 -04:00
Chris PeBenito
9df377d689 policyrep: Convert Xen contexts to factory methods. Add iterators. 2018-06-15 20:26:49 -04:00
Chris PeBenito
03d1a937ac policyrep: Add ebitmap and hashtab iterator base classes. 2018-06-15 20:26:49 -04:00
Chris PeBenito
5d70021fd0 policyrep: Change iterator size() methods to Pythonic __len__. 2018-06-15 20:26:49 -04:00
Chris PeBenito
a06d4a9476 Genfscon: Revise to directly use sepol data structures. 2018-06-15 20:26:49 -04:00
Chris PeBenito
80a95bd414 FSUse: Revise to directly use sepol data structures. 2018-06-15 20:26:49 -04:00
Chris PeBenito
bb5004df2d policyrep: Revise initial SIDs to directly use sepol data structures. 2018-06-15 20:26:49 -04:00
Chris PeBenito
2dd1e9366a policyrep: Revise network contexts to directly use sepol data structures. 2018-06-15 20:26:49 -04:00
Chris PeBenito
9c053cc5fe policyrep: Revise Xen contexts to directly use sepol data structures. 2018-06-15 20:26:49 -04:00
Chris PeBenito
c5b0348357 policyrep: Create a libsepol cython definition. 2018-06-15 20:26:49 -04:00
Chris PeBenito
3e2cf79f81 Additional C cleanups. 2018-06-15 20:26:49 -04:00
Chris PeBenito
4684eca5bc tests: Revise unit tests for binary-only policy support. 
Closes #72
 2018-06-15 20:26:49 -04:00
Chris PeBenito
42001334fe SELinuxPolicy: Revise invalid policy errors. 2018-06-15 20:26:49 -04:00
Chris PeBenito
8b0e93c0d6 Remove source policy loading support and module loading support. 2018-06-15 20:26:49 -04:00
Chris PeBenito
b9f3ef11da policyrep: Fix copyright. 2018-06-15 20:26:49 -04:00
Chris PeBenito
6621a5ed42 diff: Significantly improve memory utilization. 
Eliminate wrapper duplication on symbols (types, roles, etc.).  This
reduces memory use by an estimated 60%.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
633b310c5b Policyrep: cache objects that are likely to be duplicated. 
Cache instances using their pointer as hash, since it is unique, even
across multiple policies (i.e. in sediff).
 2018-06-15 20:26:49 -04:00
Chris PeBenito
dc3752e12d tests: Fix static analysis errors. 2018-06-15 20:26:49 -04:00
Chris PeBenito
d762f58dc1 Conditional: Make hashable. 
Then TERulesDifference can cache them, and especially their truth tables.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
8fe7a5ed1e policyrep: Intern strings inside the policy. 
Intern symbol names, aliases, permissions, etc. to ensure there are not
duplicate strings in memory.

Results in 25% memory savings in expanded TE rules when tested with the
entire refpolicy.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
3ed64fc213 policyrep/context.pxi: Remove unnecessary pass statement. 2018-06-15 20:26:49 -04:00
Chris PeBenito
8c9c06e678 .travis.yml: Update for Cython use. 2018-06-15 20:26:49 -04:00
Chris PeBenito
51b91d6130 Convert policyrep and SWIG wrapper into Cython libpolicyrep. 2018-06-15 20:26:49 -04:00
Chris PeBenito
2082f25320 iomemconquery: Fix IomemconRange import. 2018-06-15 20:26:49 -04:00
Chris PeBenito
880e8f26d2 libqpol: Revise logging callback. 
Process va_args into final message prior to hitting the handler in cython.
 2018-06-15 20:26:49 -04:00
Chris PeBenito
86214e6601 libqpol: Fix incorrect const usage in qpol_policy_get_semantic_level_by_name(). 2018-06-15 20:26:49 -04:00
Chris PeBenito
51b53eb4a5 setup.py: Update for cython extension. 2018-06-15 20:26:49 -04:00
Chris PeBenito
90a9e54a89 qpol.i: Remove SWIG qpol wrapper. 2018-06-15 20:26:49 -04:00
Chris PeBenito
a1aa0f33f5
Merge pull request #181 from bigon/bug_174 
Fix build failure with GCC 7 due to possible truncation of snprintf o…
 2017-11-09 18:06:28 -05:00
Chris PeBenito
e278288bf7 .travis.yml: Add retry for swig download. 2017-10-26 22:23:49 -04:00
Laurent Bigonville
e41adf0164 Fix build failure with GCC 7 due to possible truncation of snprintf output 
setools fails to build under GCC7 -Wformat -Werror with the following error:

x86_64-linux-gnu-gcc -pthread -DNDEBUG -g -fwrapv -O2 -Wall -Wstrict-prototypes -g -O2 -fdebug-prefix-map=/<<PKGBUILDDIR>>=. -fstack-protector-strong -Wformat -Werror=format-security -Wno-sign-compare -Wdate-time -D_FORTIFY_SOURCE=2 -fPIC -Ilibqpol -Ilibqpol/include -I/usr/include/python3.6m -c libqpol/policy_extend.c -o build/temp.linux-amd64-3.6/libqpol/policy_extend.o -Werror -Wextra -Waggregate-return -Wfloat-equal -Wformat -Wformat=2 -Winit-self -Wmissing-format-attribute -Wmissing-include-dirs -Wnested-externs -Wold-style-definition -Wpointer-arith -Wredundant-decls -Wstrict-prototypes -Wunknown-pragmas -Wwrite-strings -Wno-missing-field-initializers -Wno-unused-parameter -Wno-cast-qual -Wno-shadow -Wno-unreachable-code -fno-exceptions
libqpol/policy_extend.c: In function 'policy_extend':
libqpol/policy_extend.c:161:27: error: '%04zd' directive output may be truncated writing between 4 and 10 bytes into a region of size 5 [-Werror=format-truncation=]
    snprintf(buff, 9, "@ttr%04zd", i + 1);
                           ^~~~~
libqpol/policy_extend.c:161:22: note: directive argument in the range [1, 4294967295]
    snprintf(buff, 9, "@ttr%04zd", i + 1);
                      ^~~~~~~~~~~

Increase the size of the buffer to avoid collisions

Closes: https://github.com/TresysTechnology/setools/issues/174
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
 2017-09-26 16:36:59 +02:00
Chris PeBenito
0a8b3d4bb1 seinfo: Use subset in PortconQuery config. 
This will allow users to specify a single port number and see which
portcons apply.  This is more in line with user expectations than the
current exact match behavior.  Closes #171.
 2017-09-25 20:17:59 -04:00
Chris PeBenito
cc313f9791 __future__ print functions no longer need importing. 2017-09-24 20:40:29 -04:00
Chris PeBenito
856b56accb Update NetworkX support to 2.0. NetworkX 2.0 has API breakage. 
Now SETools requires NetworkX 2.0+.
 2017-09-23 14:03:26 -04:00
Chris PeBenito
8339fd3b1c SELinuxPolicy: Remove deprecated methods. 2017-09-20 19:40:34 -04:00
Chris PeBenito
486de4695e Nodecon: Fix deprecation warning messages. 2017-09-20 19:40:09 -04:00
Chris PeBenito
9fa55c25cb Update unit tests for Python 3 only use. 2017-09-19 20:58:03 -04:00
Chris PeBenito
9e9d9fec9d Used 'yield from' where possible. 2017-09-17 09:43:13 -04:00
Chris PeBenito
576268eeca Use the suppress context manager where possible to improve readability. 2017-09-17 09:43:13 -04:00
Chris PeBenito
1dd0bf31e1 ApolMainWindow: IOError is an alias for OSError in Python 3. 2017-09-17 09:43:13 -04:00
Chris PeBenito
af88deac17 PermissionMapEditor, EdgeAttrList: Use list .clear() method. 
Closes #110
 2017-09-17 09:43:13 -04:00