| Message ID | 20220111215446.595516-1-jwcart2@gmail.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Refactor and fix assertion checking | expand |
I plan on merging this series next week. Jim On Tue, Jan 11, 2022 at 4:54 PM James Carter <jwcart2@gmail.com> wrote: > > The first 13 patches refactor and cleanup the neverallow and > neverallowxperm checking code to make it easier to understand. > > The last 3 patches fixes errors in the assertion checking code. > > This series is to prepare for adding not-self support to assertion > checking. > > The only change for version 2 is in patch 7 where target_type should > have been used instead of source_type. > > James Carter (16): > libsepol: Return an error if check_assertion() returns an error. > libsepol: Change label in check_assertion_avtab_match() > libsepol: Remove uneeded error messages in assertion checking > libsepol: Check for error from check_assertion_extended_permissions() > libsepol: Use consistent return checking style > libsepol: Move check of target types to before check for self > libsepol: Create function check_assertion_self_match() and use it > libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions > libsepol: Remove unnessesary check for matching class > libsepol: Move assigning outer loop index out of inner loop > libsepol: Make use of previously created ebitmap when checking self > libsepol: Refactor match_any_class_permissions() to be clearer > libsepol: Make return value clearer when reporting neverallowx errors > libsepol: The src and tgt must be the same if neverallow uses self > libsepol: Set args avtab pointer when reporting assertion violations > libsepol: Fix two problems with neverallowxperm reporting > > libsepol/src/assertion.c | 193 +++++++++++++++++++++------------------ > 1 file changed, 102 insertions(+), 91 deletions(-) > > -- > 2.31.1 >
On Fri, Feb 18, 2022 at 4:16 PM James Carter <jwcart2@gmail.com> wrote: > > I plan on merging this series next week. > Jim > This series has been merged. Jim > > On Tue, Jan 11, 2022 at 4:54 PM James Carter <jwcart2@gmail.com> wrote: > > > > The first 13 patches refactor and cleanup the neverallow and > > neverallowxperm checking code to make it easier to understand. > > > > The last 3 patches fixes errors in the assertion checking code. > > > > This series is to prepare for adding not-self support to assertion > > checking. > > > > The only change for version 2 is in patch 7 where target_type should > > have been used instead of source_type. > > > > James Carter (16): > > libsepol: Return an error if check_assertion() returns an error. > > libsepol: Change label in check_assertion_avtab_match() > > libsepol: Remove uneeded error messages in assertion checking > > libsepol: Check for error from check_assertion_extended_permissions() > > libsepol: Use consistent return checking style > > libsepol: Move check of target types to before check for self > > libsepol: Create function check_assertion_self_match() and use it > > libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions > > libsepol: Remove unnessesary check for matching class > > libsepol: Move assigning outer loop index out of inner loop > > libsepol: Make use of previously created ebitmap when checking self > > libsepol: Refactor match_any_class_permissions() to be clearer > > libsepol: Make return value clearer when reporting neverallowx errors > > libsepol: The src and tgt must be the same if neverallow uses self > > libsepol: Set args avtab pointer when reporting assertion violations > > libsepol: Fix two problems with neverallowxperm reporting > > > > libsepol/src/assertion.c | 193 +++++++++++++++++++++------------------ > > 1 file changed, 102 insertions(+), 91 deletions(-) > > > > -- > > 2.31.1 > >