1 |
pebenito 08/10/03 03:20:03 |
2 |
|
3 |
Added: libsepol-2.0.32-expand_rule.diff |
4 |
Log: |
5 |
Initial commit of 2.0 libsepol. |
6 |
(Portage version: 2.2_rc11/cvs/Linux 2.6.24-gentoo-r3 x86_64) |
7 |
|
8 |
Revision Changes Path |
9 |
1.1 sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff |
10 |
|
11 |
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff?rev=1.1&view=markup |
12 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff?rev=1.1&content-type=text/plain |
13 |
|
14 |
Index: libsepol-2.0.32-expand_rule.diff |
15 |
=================================================================== |
16 |
diff -purN libsepol-2.0.32.orig/src/expand.c libsepol-2.0.32/src/expand.c |
17 |
--- libsepol-2.0.32.orig/src/expand.c 2008-08-26 09:40:22.000000000 -0400 |
18 |
+++ libsepol-2.0.32/src/expand.c 2008-09-19 19:36:39.918510539 -0400 |
19 |
@@ -1917,6 +1917,35 @@ int expand_convert_type_set(policydb_t * |
20 |
return 0; |
21 |
} |
22 |
|
23 |
+/* Expand a rule into a given avtab - checking for conflicting type |
24 |
+ * rules. Return 1 on success, 0 if the rule conflicts with something |
25 |
+ * (and hence was not added), or -1 on error. */ |
26 |
+int expand_rule(sepol_handle_t * handle, |
27 |
+ policydb_t * source_pol, |
28 |
+ avrule_t * source_rule, avtab_t * dest_avtab, |
29 |
+ cond_av_list_t ** cond, cond_av_list_t ** other, int enabled) |
30 |
+{ |
31 |
+ int retval; |
32 |
+ ebitmap_t stypes, ttypes; |
33 |
+ |
34 |
+ if (source_rule->specified & AVRULE_NEVERALLOW) |
35 |
+ return 1; |
36 |
+ |
37 |
+ ebitmap_init(&stypes); |
38 |
+ ebitmap_init(&ttypes); |
39 |
+ |
40 |
+ if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1)) |
41 |
+ return -1; |
42 |
+ if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1)) |
43 |
+ return -1; |
44 |
+ retval = expand_rule_helper(handle, source_pol, NULL, |
45 |
+ source_rule, dest_avtab, |
46 |
+ cond, other, enabled, &stypes, &ttypes); |
47 |
+ ebitmap_destroy(&stypes); |
48 |
+ ebitmap_destroy(&ttypes); |
49 |
+ return retval; |
50 |
+} |
51 |
+ |
52 |
int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap) |
53 |
{ |
54 |
unsigned int i; |