From 40a59af329d02b3897e8e087b98f21cd6d0a4558 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Fri, 15 May 2020 12:28:55 +0200
Subject: [PATCH] can_exec(): move from misc_macros to misc_patterns
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The file misc_macros.spt is due heavy usage of the m4 language
hard to parse for third party tools.
Move the macro can_exec() to misc_patterns.spt, which contains
only interface like define blocks.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 policy/support/misc_macros.spt   | 6 ------
 policy/support/misc_patterns.spt | 9 +++++++++
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/policy/support/misc_macros.spt b/policy/support/misc_macros.spt
index 511682a3b..348f16f82 100644
--- a/policy/support/misc_macros.spt
+++ b/policy/support/misc_macros.spt
@@ -62,12 +62,6 @@ user $1 roles { $3 }`'ifdef(`enable_mls', ` level $4 range $5')`'ifdef(`enable_m
 #
 define(`gen_context',`$1`'ifdef(`enable_mls',`:$2')`'ifdef(`enable_mcs',`:s0`'ifelse(`$3',,,`:$3')')')dnl
 
-########################################
-#
-# can_exec(domain,executable)
-#
-define(`can_exec',`allow $1 $2:file { mmap_exec_file_perms ioctl lock execute_no_trans };')
-
 ########################################
 #
 # gen_bool(name,default_value)
diff --git a/policy/support/misc_patterns.spt b/policy/support/misc_patterns.spt
index 0b48cc420..2e0b39c2a 100644
--- a/policy/support/misc_patterns.spt
+++ b/policy/support/misc_patterns.spt
@@ -111,3 +111,12 @@ define(`admin_process_pattern',`
 
 	allow $1 $2:process { ptrace signal_perms };
 ')
+
+#
+# File execution pattern
+#
+# Parameters:
+# 1. source domain
+# 2. executable file type
+#
+define(`can_exec',`allow $1 $2:file { mmap_exec_file_perms ioctl lock execute_no_trans };')