Commit Graph

96 Commits

Author SHA1 Message Date
Daniel J Walsh
c53a1651b7 - Upgrade to latest from NSA
Dropped tests from all Makefile target.
Merged fix warnings patch from Karl MacMillan.
Merged libsepol test framework patch from Karl MacMillan.
2006-05-08 15:02:44 +00:00
Daniel J Walsh
aa55ea3c11 - Upgrade to latest from NSA
Merged fix warnings patch from Karl MacMillan.
Merged libsepol test framework patch from Karl MacMillan.
2006-05-08 14:15:58 +00:00
Daniel J Walsh
c704b5731d - Upgrade to latest from NSA
Fixed cond_normalize to traverse the entire cond list at link time.
2006-05-01 18:37:16 +00:00
Daniel J Walsh
d927fe6e5d - Upgrade to latest from NSA
Merged fix for leak of optional package sections from Ivan Gyurdiev.
2006-04-05 17:43:10 +00:00
Daniel J Walsh
adbebcb7e5 - Upgrade to latest from NSA
Generalize test for bitmap overflow in ebitmap_set_bit.
2006-03-29 20:36:50 +00:00
Daniel J Walsh
058dbc84ac - Upgrade to latest from NSA
Fixed attr_convert_callback and expand_convert_type_set typemap bug.
2006-03-27 22:04:50 +00:00
Daniel J Walsh
d808811bca - Upgrade to latest from NSA
Fixed avrule_block_write num_decls endian bug.
2006-03-24 17:58:27 +00:00
Daniel J Walsh
2405135ad9 - Upgrade to latest from NSA
Fixed sepol_module_package_write buffer overflow bug.
2006-03-20 20:24:57 +00:00
Daniel J Walsh
71e431529d - Upgrade to latest from NSA
Updated version for release.
Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
Merged sepol_policydb_mls_enabled interface and error handling changes from
    Ivan Gyurdiev.
2006-03-17 17:11:39 +00:00
Daniel J Walsh
adf555659a - Upgrade to latest from NSA
Merged node_expand_addr bugfix and node_compare* change from Ivan Gyurdiev.
2006-02-17 19:47:41 +00:00
Daniel J Walsh
79c3d309c6 - Upgrade to latest from NSA
always prepend patch from Ivan Gyurdiev.
Merged bug fix patch from Ivan Gyurdiev.
Added a defined flag to level_datum_t for use by checkpolicy.
Merged nodecon support patch from Ivan Gyurdiev.
Merged cleanups patch from Ivan Gyurdiev.
2006-02-16 18:40:45 +00:00
Daniel J Walsh
81037ffe80 - Upgrade to latest from NSA
Merged optionals in base patch from Joshua Brindle.
2006-02-13 15:50:33 +00:00
Daniel J Walsh
6f864b41d4 - Upgrade to latest from NSA
Merged seuser/user_extra support patch from Joshua Brindle.
Merged fix patch from Ivan Gyurdiev.
2006-02-07 15:27:01 +00:00
Daniel J Walsh
384f984753 - Upgrade to latest from NSA
Merged assertion copying bugfix from Joshua Brindle.
Merged sepol_av_to_string patch from Joshua Brindle.
Merged clone record on set_con patch from Ivan Gyurdiev.
2006-02-02 17:08:27 +00:00
Daniel J Walsh
2716390087 - Upgrade to latest from NSA
Merged cond_expr mapping and package section count bug fixes from Joshua
    Brindle.
Merged improve port/fcontext API patch from Ivan Gyurdiev.
Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
2006-01-30 23:34:34 +00:00
Daniel J Walsh
2cf76a44c7 - Upgrade to latest from NSA
Merged size_t -> unsigned int patch from Ivan Gyurdiev.
2006-01-13 14:51:35 +00:00
Daniel J Walsh
9a4cd99459 - Upgrade to latest from NSA
Merged 2nd const in APIs patch from Ivan Gyurdiev.
2006-01-10 13:48:05 +00:00
Daniel J Walsh
c05bbf4efe - Upgrade to latest from NSA
Merged const in APIs patch from Ivan Gyurdiev.
Merged compare2 function patch from Ivan Gyurdiev.
Fixed hierarchy checker to only check allow rules.
2006-01-06 15:35:55 +00:00
Daniel J Walsh
731af03464 - Upgrade to latest from NSA
- av_to_string overflow checking
- sepol_context_to_string error handling
- hierarchy checking memory leak fixes and optimizations
- avrule_block_read variable initialization
Marked deprecated code in genbools and genusers.
2006-01-05 19:43:51 +00:00
Daniel J Walsh
34791d4da3 - Upgrade to latest from NSA
Merged bugfix for sepol_port_modify from Russell Coker.
Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
Merged port ordering patch from Ivan Gyurdiev.
2006-01-05 16:01:15 +00:00
Daniel J Walsh
e9cf9fcd73 - Upgrade to latest from NSA
- support ordering of records in compare function
- enable port interfaces
- add interfaces for context validity and range checks
- add include guards
2006-01-04 18:10:14 +00:00
Daniel J Walsh
cb69f78922 - Upgrade to latest from NSA
Fixed mls_range_cpy bug.
2005-12-16 14:15:10 +00:00
Daniel J Walsh
8cd727418f - Upgrade to latest from NSA 2005-12-07 20:27:56 +00:00
Daniel J Walsh
bd181d3431 - Upgrade to latest from NSA
Dropped handle from user_del_role interface.
2005-12-06 03:43:47 +00:00
Daniel J Walsh
7c682bfbee - Upgrade to latest from NSA
Merged remove defrole from sepol patch from Ivan Gyurdiev.
2005-11-29 02:50:16 +00:00
Daniel J Walsh
6d0505a855 - Upgrade to latest from NSA
Merged module function and map file cleanup from Ivan Gyurdiev.
Merged MLS and genusers cleanups from Ivan Gyurdiev.
2005-11-16 20:46:33 +00:00
Daniel J Walsh
b3866cb702 - Upgrade to latest from NSA Prepare for removal of booleans* and *.users
files.
Cleaned up sepol_genbools to not regenerate the image if there were no
    changes in the boolean values, including the degenerate case where
    there are no booleans or booleans.local files.
Cleaned up sepol_genusers to not warn on missing local.users.
Tue Nov 8 2005 Dan Walsh <dwalsh@redhat.com> 1.9.38-1
- Upgrade to latest from NSA
Removed sepol_port_* from libsepol.map, as the port interfaces are not yet
    stable.
2005-11-10 02:38:10 +00:00
Daniel J Walsh
bd12c81f8a - Upgrade to latest from NSA
Removed sepol_port_* from libsepol.map, as the port interfaces are not yet
    stable.
2005-11-08 23:31:51 +00:00
Daniel J Walsh
e378155999 - Upgrade to latest from NSA
Merged context destroy cleanup patch from Ivan Gyurdiev.
2005-11-07 14:44:25 +00:00
Daniel J Walsh
7516f6ef74 - Upgrade to latest from NSA
Merged context_to_string interface change patch from Ivan Gyurdiev.
2005-11-03 18:28:38 +00:00
Daniel J Walsh
5cd6399b11 - Upgrade to latest from NSA
Added src/dso.h and src/*_internal.h. Added hidden_def for exported symbols
    used within libsepol. Added hidden for symbols that should not be
    exported by the wildcards in libsepol.map.
2005-11-03 14:34:12 +00:00
Daniel J Walsh
56a0f6aaaf - Upgrade to latest from NSA
Merged record interface, record bugfix, and set_roles patches from Ivan
    Gyurdiev.
2005-10-31 20:23:34 +00:00
Daniel J Walsh
04b9e3711c - Upgrade to latest from NSA
Merged count specification change from Ivan Gyurdiev.
2005-10-28 14:14:06 +00:00
Daniel J Walsh
5f5c84c009 - Upgrade to latest from NSA
Added further checking and error reporting to sepol_module_package_read and
    _info.
Merged sepol handle passing, DEBUG conversion, and memory leak fix patches
    from Ivan Gyurdiev.
2005-10-26 19:47:04 +00:00
Daniel J Walsh
80d5fef297 - Upgrade to latest from NSA
Removed processing of system.users from sepol_genusers and dropped delusers
    logic.
Removed policydb_destroy from error path of policydb_read, since
    create/init/destroy/free of policydb is handled by the caller now.
Fixed sepol_module_package_read to handle a failed policydb_read properly.
Merged query/exists and count patches from Ivan Gyurdiev.
Merged fix for pruned types in expand code from Joshua Brindle.
Merged new module package format code from Joshua Brindle.
2005-10-25 19:13:06 +00:00
Daniel J Walsh
467b5dd5f9 - Upgrade to latest from NSA
Merged context interface cleanup, record conversion code, key passing, and
    bug fix patches from Ivan Gyurdiev.
2005-10-24 17:49:18 +00:00
Daniel J Walsh
7769e13f97 - Upgrade to latest from NSA
Merged users cleanup patch from Ivan Gyurdiev.
Merged user record memory leak fix from Ivan Gyurdiev.
Merged reorganize users patch from Ivan Gyurdiev.
2005-10-21 18:40:07 +00:00
Daniel J Walsh
1910dd43b2 Added check flag to expand_module() to control assertion and hierarchy
checking on expansion.
Reworked check_assertions() and hierarchy_check_constraints() to take
    handles and use callback-based error reporting.
Changed expand_module() to call check_assertions() and
    hierarchy_check_constraints() prior to returning the expanded policy.
2005-10-20 20:23:56 +00:00
Daniel J Walsh
4a81528b1e - Upgrade to latest from NSA
Changed sepol_module_package_set_file_contexts to copy the file contexts
    data since it is internally managed.
Added sepol_policy_file_set_handle interface to associate a handle with a
    policy file.
Added handle argument to policydb_from_image/to_image.
Added sepol_module_package_set_file_contexts interface.
Dropped sepol_module_package_create_file interface.
Reworked policydb_read/write, policydb_from_image/to_image, and
    sepol_module_package_read/write to use callback-based error reporting
    system rather than DEBUG.
2005-10-18 17:43:53 +00:00
Daniel J Walsh
0bc673768a - Upgrade to latest from NSA
Reworked link_packages, link_modules, and expand_module to use
    callback-based error reporting system rather than error buffering.
2005-10-18 13:37:22 +00:00
Daniel J Walsh
1fbaab2d69 - Upgrade to latest from NSA
Merged conditional expression mapping fix in the module linking code from
    Joshua Brindle.
2005-10-15 12:21:10 +00:00
Daniel J Walsh
c253681af1 - Upgrade to latest from NSA
Hid sepol_module_package type definition, and added get interfaces.
Merged new callback-based error reporting system from Ivan Gyurdiev.
Merged support for require blocks inside conditionals from Joshua Brindle
    (Tresys).
2005-10-14 12:25:03 +00:00
Daniel J Walsh
724f9037b6 - Upgrade to latest from NSA
Fixed use of policydb_from_image/to_image to ensure proper init of
    policydb.
1) policydb_read no longer calls policydb_init. Caller must do so first.
2) policydb_init no longer takes policy_type argument. Caller must set
    policy_type separately.
3) expand_module automatically enables the global branch. Caller no longer
    needs to do so.
4) policydb_write uses the policy_type and policyvers from the policydb
    itself, and sepol_set_policyvers() has been removed.
2005-10-12 19:34:29 +00:00
Daniel J Walsh
83b8afcf8d - Upgrade to latest from NSA
Fixed use of policydb_from_image/to_image to ensure proper init of
    policydb.
1) policydb_read no longer calls policydb_init. Caller must do so first.
2) policydb_init no longer takes policy_type argument. Caller must set
    policy_type separately.
3) expand_module automatically enables the global branch. Caller no longer
    needs to do so.
4) policydb_write uses the policy_type and policyvers from the policydb
    itself, and sepol_set_policyvers() has been removed.
2005-10-10 12:20:32 +00:00
Daniel J Walsh
6429db41c2 - Upgrade to latest from NSA
Merged function renaming and static cleanup from Ivan Gyurdiev.
2005-10-07 14:11:02 +00:00
Daniel J Walsh
434d1e4d13 - Upgrade to latest from NSA
Merged function renaming and static cleanup from Ivan Gyurdiev.
2005-10-07 14:06:36 +00:00
Daniel J Walsh
8cf50aeb89 - Upgrade to latest from NSA
Merged bug fix for check_assertions handling of no assertions from Joshua
    Brindle (Tresys).
Tue Oct 4 2005 Dan Walsh <dwalsh@redhat.com> 1.9.10-1
- Upgrade to latest from NSA
Merged iterate patch from Ivan Gyurdiev.
Merged MLS in modules patch from Joshua Brindle (Tresys).
2005-10-06 13:31:44 +00:00
Daniel J Walsh
3ddcc8419b - Upgrade to latest from NSA
Merged iterate patch from Ivan Gyurdiev.
Merged MLS in modules patch from Joshua Brindle (Tresys).
2005-10-04 17:58:33 +00:00
Daniel J Walsh
f22a649173 - Upgrade to latest from NSA
Merged pointer typedef elimination patch from Ivan Gyurdiev.
Merged user list function, new mls functions, and bugfix patch from Ivan
    Gyurdiev.
2005-10-03 13:19:50 +00:00
Daniel J Walsh
bfa19b4c5a - Upgrade to latest from NSA
Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
2005-09-29 01:06:23 +00:00