From patchwork Sat Jan 16 11:33:08 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nicolas Iooss X-Patchwork-Id: 8048971 Return-Path: X-Original-To: patchwork-selinux@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 7AF3CBEEE5 for ; Sat, 16 Jan 2016 11:50:37 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 95DAB2034C for ; Sat, 16 Jan 2016 11:50:36 +0000 (UTC) Received: from emvm-gh1-uea09.nsa.gov (emvm-gh1-uea09.nsa.gov [63.239.67.10]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 8A43A20328 for ; Sat, 16 Jan 2016 11:50:35 +0000 (UTC) X-TM-IMSS-Message-ID: <8dd1c01c0000deec@nsa.gov> Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov ([10.208.42.194]) with ESMTP (TREND IMSS SMTP Service 7.1) id 8dd1c01c0000deec ; Sat, 16 Jan 2016 06:50:57 -0500 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u0GBmoix023442; Sat, 16 Jan 2016 06:48:54 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u0GBXdf1169350 for ; Sat, 16 Jan 2016 06:33:39 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u0GBXbk4022695 for ; Sat, 16 Jan 2016 06:33:38 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1ARAQCOKZpWnCIeaIFeGQEBAhABAgKDWm2IVrEYhB6HbwEBAQEBARIBAQEBAQgLCQkhhjGBAogbBAGfZqBMhlWKIoQaBY1CiVeFSIo/jFlcjgGCLgELAYI0cYZ3AQEB X-IPAS-Result: A1ARAQCOKZpWnCIeaIFeGQEBAhABAgKDWm2IVrEYhB6HbwEBAQEBARIBAQEBAQgLCQkhhjGBAogbBAGfZqBMhlWKIoQaBY1CiVeFSIo/jFlcjgGCLgELAYI0cYZ3AQEB X-IronPort-AV: E=Sophos;i="5.22,304,1449550800"; d="scan'208";a="5107707" Received: from emvm-gh1-uea08.nsa.gov ([10.208.42.193]) by goalie.tycho.ncsc.mil with ESMTP; 16 Jan 2016 06:33:35 -0500 X-TM-IMSS-Message-ID: <2137ed68000677a9@nsa.gov> Received: from mx1.polytechnique.org (mx1.polytechnique.org [129.104.30.34]) by nsa.gov ([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1; TLSv1/SSLv3 ADH-AES256-SHA (256/256)) id 2137ed68000677a9 ; Sat, 16 Jan 2016 06:33:05 -0500 Received: from iosakhe.numericable.fr (89-156-121-7.rev.numericable.fr [89.156.121.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-SHA256 (128/128 bits)) (No client certificate requested) by ssl.polytechnique.org (Postfix) with ESMTPSA id 164BB56480E for ; Sat, 16 Jan 2016 12:33:32 +0100 (CET) From: Nicolas Iooss To: selinux@tycho.nsa.gov Subject: [PATCH 1/2] sepolgen: Make sepolgen-ifgen output deterministic with Python>=3.3 Date: Sat, 16 Jan 2016 12:33:08 +0100 Message-Id: <1452943989-11913-1-git-send-email-nicolas.iooss@m4x.org> X-Mailer: git-send-email 2.7.0 X-AV-Checked: ClamAV using ClamSMTP at svoboda.polytechnique.org (Sat Jan 16 12:33:32 2016 +0100 (CET)) X-Org-Mail: nicolas.iooss.2010@polytechnique.org X-TM-AS-MML: disable X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Since Python 3.3, dictionary hashes are randomized and iterating over them is no longer deterministic. This makes it difficult to compare outputs of sepolgen-ifgen command. Make sepolgen-ifgen deterministic again with Python>=3.3 by always sorting the dictonaries and sets which are used to produce output. Signed-off-by: Nicolas Iooss --- sepolgen/src/sepolgen/access.py | 2 +- sepolgen/src/sepolgen/interfaces.py | 6 +++--- sepolgen/src/sepolgen/refpolicy.py | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/sepolgen/src/sepolgen/access.py b/sepolgen/src/sepolgen/access.py index 1f89ecde5fd9..a5d86982c0b1 100644 --- a/sepolgen/src/sepolgen/access.py +++ b/sepolgen/src/sepolgen/access.py @@ -128,7 +128,7 @@ class AccessVector(util.Comparison): is represented in a list. """ l = [self.src_type, self.tgt_type, self.obj_class] - l.extend(self.perms) + l.extend(sorted(self.perms)) return l def __str__(self): diff --git a/sepolgen/src/sepolgen/interfaces.py b/sepolgen/src/sepolgen/interfaces.py index 0b688bfd4072..48ae4f27a414 100644 --- a/sepolgen/src/sepolgen/interfaces.py +++ b/sepolgen/src/sepolgen/interfaces.py @@ -341,12 +341,12 @@ class InterfaceSet: self.output.write(str + "\n") def to_file(self, fd): - for iv in self.interfaces.values(): + for iv in sorted(self.interfaces.values(), key=lambda x: x.name): fd.write("[InterfaceVector %s " % iv.name) - for param in iv.params.values(): + for param in sorted(iv.params.values(), key=lambda x: x.name): fd.write("%s:%s " % (param.name, refpolicy.field_to_str[param.type])) fd.write("]\n") - avl = iv.access.to_list() + avl = sorted(iv.access.to_list()) for av in avl: fd.write(",".join(av)) fd.write("\n") diff --git a/sepolgen/src/sepolgen/refpolicy.py b/sepolgen/src/sepolgen/refpolicy.py index 737f95624d48..31b40d8fee00 100644 --- a/sepolgen/src/sepolgen/refpolicy.py +++ b/sepolgen/src/sepolgen/refpolicy.py @@ -251,10 +251,10 @@ class IdSet(set): self.compliment = False def to_space_str(self): - return list_to_space_str(self) + return list_to_space_str(sorted(self)) def to_comma_str(self): - return list_to_comma_str(self) + return list_to_comma_str(sorted(self)) class SecurityContext(Leaf): """An SELinux security context with optional MCS / MLS fields."""