Commit Graph

111 Commits

Author SHA1 Message Date
Daniel J Walsh
288632e7be - NSA Released version - Same as previous but changed release number 2006-10-17 16:50:19 +00:00
Daniel J Walsh
04bc0ce6f1 - Upgrade to latest from NSA
Build libsepol's static object files with -fpic
2006-10-17 15:57:37 +00:00
Daniel J Walsh
dd59fb41a8 - Upgrade to latest from NSA
Merged mls user and range_transition support in modules from Darrel Goeddel
2006-09-28 15:03:27 +00:00
Daniel J Walsh
d51bbdb93e - Upgrade to latest from NSA
Merged range transition enhancements and user format changes Darrel Goeddel
2006-09-06 16:00:04 +00:00
Daniel J Walsh
156e9314f0 - Upgrade to latest from NSA
Merged conditionally expand neverallows patch from Jeremy Mowery.
Merged refactor expander patch from Jeremy Mowery.
2006-08-24 18:11:15 +00:00
Daniel J Walsh
f55a71fe00 - Upgrade to latest from NSA
Merged libsepol unit tests from Joshua Brindle.
Merged symtab datum patch from Karl MacMillan.
Merged netfilter contexts support from Chris PeBenito.
2006-08-03 20:26:10 +00:00
Daniel J Walsh
285dda519b - Upgrade to latest from NSA
Merged symtab datum patch from Karl MacMillan.
Merged netfilter contexts support from Chris PeBenito.
2006-08-03 15:23:51 +00:00
Daniel J Walsh
ae2ff08973 - Upgrade to latest from NSA
Merged helpful hierarchy check errors patch from Joshua Brindle.
Merged semodule_deps patch from Karl MacMillan. This adds source module
    names to the avrule decls.
2006-08-01 14:07:40 +00:00
Daniel J Walsh
c4ad64e188 - Upgrade to latest from NSA
Lindent.
Merged optionals in base take 2 patch set from Joshua Brindle.
2006-07-05 02:24:55 +00:00
Daniel J Walsh
6ab7e34097 - Upgrade to latest from NSA
Revert 1.12.16.
Merged cleaner fix for bool_ids overflow from Karl MacMillan, replacing the
    prior patch.
Merged fixes for several memory leaks in the error paths during policy read
    from Serge Hallyn.
2006-06-05 18:48:30 +00:00
Daniel J Walsh
56091823e1 - Upgrade to latest from NSA
Fixed bool_ids overflow bug in cond_node_find and cond_copy_list, based on
    bug report and suggested fix by Cedric Roux.
Merged sens_copy_callback, check_role_hierarchy_callback, and
    node_from_record fixes from Serge Hallyn.
2006-05-30 13:09:42 +00:00
Daniel J Walsh
4e6d19ba49 - Upgrade to latest from NSA
Added sepol_policydb_compat_net() interface for testing whether a policy
    requires the compatibility support for network checks to be enabled in
    the kernel.
2006-05-23 10:22:38 +00:00
Daniel J Walsh
af05b5a855 - Upgrade to latest from NSA
Merged patch to initialize sym_val_to_name arrays from Kevin Carr. Reworked
    to use calloc in the first place, and converted some other
    malloc/memset pairs to calloc calls.
2006-05-18 16:13:02 +00:00
Daniel J Walsh
ba09d11b46 - Upgrade to latest from NSA
Merged patch to revert role/user decl upgrade from Karl MacMillan.
2006-05-15 13:55:31 +00:00
Daniel J Walsh
c53a1651b7 - Upgrade to latest from NSA
Dropped tests from all Makefile target.
Merged fix warnings patch from Karl MacMillan.
Merged libsepol test framework patch from Karl MacMillan.
2006-05-08 15:02:44 +00:00
Daniel J Walsh
aa55ea3c11 - Upgrade to latest from NSA
Merged fix warnings patch from Karl MacMillan.
Merged libsepol test framework patch from Karl MacMillan.
2006-05-08 14:15:58 +00:00
Daniel J Walsh
c704b5731d - Upgrade to latest from NSA
Fixed cond_normalize to traverse the entire cond list at link time.
2006-05-01 18:37:16 +00:00
Daniel J Walsh
d927fe6e5d - Upgrade to latest from NSA
Merged fix for leak of optional package sections from Ivan Gyurdiev.
2006-04-05 17:43:10 +00:00
Daniel J Walsh
adbebcb7e5 - Upgrade to latest from NSA
Generalize test for bitmap overflow in ebitmap_set_bit.
2006-03-29 20:36:50 +00:00
Daniel J Walsh
058dbc84ac - Upgrade to latest from NSA
Fixed attr_convert_callback and expand_convert_type_set typemap bug.
2006-03-27 22:04:50 +00:00
Daniel J Walsh
d808811bca - Upgrade to latest from NSA
Fixed avrule_block_write num_decls endian bug.
2006-03-24 17:58:27 +00:00
Daniel J Walsh
2405135ad9 - Upgrade to latest from NSA
Fixed sepol_module_package_write buffer overflow bug.
2006-03-20 20:24:57 +00:00
Daniel J Walsh
71e431529d - Upgrade to latest from NSA
Updated version for release.
Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
Merged sepol_policydb_mls_enabled interface and error handling changes from
    Ivan Gyurdiev.
2006-03-17 17:11:39 +00:00
Daniel J Walsh
adf555659a - Upgrade to latest from NSA
Merged node_expand_addr bugfix and node_compare* change from Ivan Gyurdiev.
2006-02-17 19:47:41 +00:00
Daniel J Walsh
79c3d309c6 - Upgrade to latest from NSA
always prepend patch from Ivan Gyurdiev.
Merged bug fix patch from Ivan Gyurdiev.
Added a defined flag to level_datum_t for use by checkpolicy.
Merged nodecon support patch from Ivan Gyurdiev.
Merged cleanups patch from Ivan Gyurdiev.
2006-02-16 18:40:45 +00:00
Daniel J Walsh
81037ffe80 - Upgrade to latest from NSA
Merged optionals in base patch from Joshua Brindle.
2006-02-13 15:50:33 +00:00
Daniel J Walsh
6f864b41d4 - Upgrade to latest from NSA
Merged seuser/user_extra support patch from Joshua Brindle.
Merged fix patch from Ivan Gyurdiev.
2006-02-07 15:27:01 +00:00
Daniel J Walsh
384f984753 - Upgrade to latest from NSA
Merged assertion copying bugfix from Joshua Brindle.
Merged sepol_av_to_string patch from Joshua Brindle.
Merged clone record on set_con patch from Ivan Gyurdiev.
2006-02-02 17:08:27 +00:00
Daniel J Walsh
2716390087 - Upgrade to latest from NSA
Merged cond_expr mapping and package section count bug fixes from Joshua
    Brindle.
Merged improve port/fcontext API patch from Ivan Gyurdiev.
Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
2006-01-30 23:34:34 +00:00
Daniel J Walsh
2cf76a44c7 - Upgrade to latest from NSA
Merged size_t -> unsigned int patch from Ivan Gyurdiev.
2006-01-13 14:51:35 +00:00
Daniel J Walsh
9a4cd99459 - Upgrade to latest from NSA
Merged 2nd const in APIs patch from Ivan Gyurdiev.
2006-01-10 13:48:05 +00:00
Daniel J Walsh
c05bbf4efe - Upgrade to latest from NSA
Merged const in APIs patch from Ivan Gyurdiev.
Merged compare2 function patch from Ivan Gyurdiev.
Fixed hierarchy checker to only check allow rules.
2006-01-06 15:35:55 +00:00
Daniel J Walsh
731af03464 - Upgrade to latest from NSA
- av_to_string overflow checking
- sepol_context_to_string error handling
- hierarchy checking memory leak fixes and optimizations
- avrule_block_read variable initialization
Marked deprecated code in genbools and genusers.
2006-01-05 19:43:51 +00:00
Daniel J Walsh
34791d4da3 - Upgrade to latest from NSA
Merged bugfix for sepol_port_modify from Russell Coker.
Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
Merged port ordering patch from Ivan Gyurdiev.
2006-01-05 16:01:15 +00:00
Daniel J Walsh
e9cf9fcd73 - Upgrade to latest from NSA
- support ordering of records in compare function
- enable port interfaces
- add interfaces for context validity and range checks
- add include guards
2006-01-04 18:10:14 +00:00
Daniel J Walsh
cb69f78922 - Upgrade to latest from NSA
Fixed mls_range_cpy bug.
2005-12-16 14:15:10 +00:00
Daniel J Walsh
8cd727418f - Upgrade to latest from NSA 2005-12-07 20:27:56 +00:00
Daniel J Walsh
bd181d3431 - Upgrade to latest from NSA
Dropped handle from user_del_role interface.
2005-12-06 03:43:47 +00:00
Daniel J Walsh
7c682bfbee - Upgrade to latest from NSA
Merged remove defrole from sepol patch from Ivan Gyurdiev.
2005-11-29 02:50:16 +00:00
Daniel J Walsh
6d0505a855 - Upgrade to latest from NSA
Merged module function and map file cleanup from Ivan Gyurdiev.
Merged MLS and genusers cleanups from Ivan Gyurdiev.
2005-11-16 20:46:33 +00:00
Daniel J Walsh
b3866cb702 - Upgrade to latest from NSA Prepare for removal of booleans* and *.users
files.
Cleaned up sepol_genbools to not regenerate the image if there were no
    changes in the boolean values, including the degenerate case where
    there are no booleans or booleans.local files.
Cleaned up sepol_genusers to not warn on missing local.users.
Tue Nov 8 2005 Dan Walsh <dwalsh@redhat.com> 1.9.38-1
- Upgrade to latest from NSA
Removed sepol_port_* from libsepol.map, as the port interfaces are not yet
    stable.
2005-11-10 02:38:10 +00:00
Daniel J Walsh
bd12c81f8a - Upgrade to latest from NSA
Removed sepol_port_* from libsepol.map, as the port interfaces are not yet
    stable.
2005-11-08 23:31:51 +00:00
Daniel J Walsh
e378155999 - Upgrade to latest from NSA
Merged context destroy cleanup patch from Ivan Gyurdiev.
2005-11-07 14:44:25 +00:00
Daniel J Walsh
7516f6ef74 - Upgrade to latest from NSA
Merged context_to_string interface change patch from Ivan Gyurdiev.
2005-11-03 18:28:38 +00:00
Daniel J Walsh
5cd6399b11 - Upgrade to latest from NSA
Added src/dso.h and src/*_internal.h. Added hidden_def for exported symbols
    used within libsepol. Added hidden for symbols that should not be
    exported by the wildcards in libsepol.map.
2005-11-03 14:34:12 +00:00
Daniel J Walsh
56a0f6aaaf - Upgrade to latest from NSA
Merged record interface, record bugfix, and set_roles patches from Ivan
    Gyurdiev.
2005-10-31 20:23:34 +00:00
Daniel J Walsh
04b9e3711c - Upgrade to latest from NSA
Merged count specification change from Ivan Gyurdiev.
2005-10-28 14:14:06 +00:00
Daniel J Walsh
5f5c84c009 - Upgrade to latest from NSA
Added further checking and error reporting to sepol_module_package_read and
    _info.
Merged sepol handle passing, DEBUG conversion, and memory leak fix patches
    from Ivan Gyurdiev.
2005-10-26 19:47:04 +00:00
Daniel J Walsh
80d5fef297 - Upgrade to latest from NSA
Removed processing of system.users from sepol_genusers and dropped delusers
    logic.
Removed policydb_destroy from error path of policydb_read, since
    create/init/destroy/free of policydb is handled by the caller now.
Fixed sepol_module_package_read to handle a failed policydb_read properly.
Merged query/exists and count patches from Ivan Gyurdiev.
Merged fix for pruned types in expand code from Joshua Brindle.
Merged new module package format code from Joshua Brindle.
2005-10-25 19:13:06 +00:00
Daniel J Walsh
467b5dd5f9 - Upgrade to latest from NSA
Merged context interface cleanup, record conversion code, key passing, and
    bug fix patches from Ivan Gyurdiev.
2005-10-24 17:49:18 +00:00