From 36fd76f78c41d6ddf6980e8487846ffa22742034 Mon Sep 17 00:00:00 2001 From: Jakub Bogusz Date: Tue, 24 Feb 2004 14:34:50 +0000 Subject: [PATCH] - obsolete Changed files: checkpolicy-excludetypes.patch -> 1.2 checkpolicy-lineno.patch -> 1.2 checkpolicy-roletrans.patch -> 1.2 checkpolicy-typealias.patch -> 1.3 --- checkpolicy-excludetypes.patch | 263 --------------------------------- checkpolicy-lineno.patch | 93 ------------ checkpolicy-roletrans.patch | 16 -- checkpolicy-typealias.patch | 119 --------------- 4 files changed, 491 deletions(-) delete mode 100644 checkpolicy-excludetypes.patch delete mode 100644 checkpolicy-lineno.patch delete mode 100644 checkpolicy-roletrans.patch delete mode 100644 checkpolicy-typealias.patch diff --git a/checkpolicy-excludetypes.patch b/checkpolicy-excludetypes.patch deleted file mode 100644 index 8396fe9..0000000 --- a/checkpolicy-excludetypes.patch +++ /dev/null @@ -1,263 +0,0 @@ ---- checkpolicy-1.4/policy_parse.y.excludetypes 2004-01-20 18:11:12.024833429 -0500 -+++ checkpolicy-1.4/policy_parse.y 2004-01-20 18:11:12.044834543 -0500 -@@ -520,6 +520,8 @@ - | tilde nested_id_set - { if (insert_id("~", 0)) return -1; - if (insert_separator(0)) return -1; } -+ | identifier '-' { if (insert_id("-", 0)) return -1; } identifier -+ { if (insert_separator(0)) return -1; } - ; - tilde_push : tilde - { if (insert_id("~", 1)) return -1; } -@@ -546,7 +548,7 @@ - ; - nested_id_list : nested_id_element | nested_id_list nested_id_element - ; --nested_id_element : identifier | nested_id_set -+nested_id_element : identifier | '-' { if (insert_id("-", 0)) return -1; } identifier | nested_id_set - ; - identifier : IDENTIFIER - { if (insert_id(yytext,0)) return -1; } -@@ -1661,15 +1663,19 @@ - - - static int set_types(ebitmap_t *set, -- char *id) -+ ebitmap_t *negset, -+ char *id, -+ int *add) - { - type_datum_t *t; - unsigned int i; - - if (strcmp(id, "*") == 0) { -- /* set all types */ -- for (i = 0; i < policydbp->p_types.nprim; i++) -- ebitmap_set_bit(set, i, TRUE); -+ /* set all types not in negset */ -+ for (i = 0; i < policydbp->p_types.nprim; i++) { -+ if (!ebitmap_get_bit(negset, i)) -+ ebitmap_set_bit(set, i, TRUE); -+ } - free(id); - return 0; - } -@@ -1686,6 +1692,12 @@ - return 0; - } - -+ if (strcmp(id, "-") == 0) { -+ *add = 0; -+ free(id); -+ return 0; -+ } -+ - t = hashtab_search(policydbp->p_types.table, id); - if (!t) { - sprintf(errormsg, "unknown type %s", id); -@@ -1695,18 +1707,42 @@ - } - - if (t->isattr) { -- /* set all types with this attribute */ -+ /* set or clear all types with this attribute, -+ but do not set anything explicitly cleared previously */ - for (i = ebitmap_startbit(&t->types); i < ebitmap_length(&t->types); i++) { - if (!ebitmap_get_bit(&t->types, i)) - continue; -- ebitmap_set_bit(set, i, TRUE); -+ if (!(*add)) { -+ ebitmap_set_bit(set, i, FALSE); -+ ebitmap_set_bit(negset, i, TRUE); -+ } else if (!ebitmap_get_bit(negset, i)) { -+ ebitmap_set_bit(set, i, TRUE); -+#if VERBOSE -+ } else { -+ char *name = type_val_to_name(i+1); -+ sprintf(errormsg, "ignoring %s due to prior -%s", name, name); -+ yywarn(errormsg); -+#endif -+ } - } - } else { -- /* set one type */ -- ebitmap_set_bit(set, t->value - 1, TRUE); -+ /* set or clear one type, but do not set anything -+ explicitly cleared previously */ -+ if (!(*add)) { -+ ebitmap_set_bit(set, t->value - 1, FALSE); -+ ebitmap_set_bit(negset, t->value - 1, TRUE); -+ } else if (!ebitmap_get_bit(negset, t->value - 1)) { -+ ebitmap_set_bit(set, t->value - 1, TRUE); -+#if VERBOSE -+ } else { -+ sprintf(errormsg, "ignoring %s due to prior -%s", id, id); -+ yywarn(errormsg); -+#endif -+ } - } - - free(id); -+ *add = 1; - return 0; - } - -@@ -1718,9 +1754,9 @@ - avtab_datum_t avdatum, *avdatump; - type_datum_t *datum; - class_datum_t *cladatum; -- ebitmap_t stypes, ttypes, tclasses; -+ ebitmap_t stypes, ttypes, tclasses, negset; - __u32 newtype = 0; -- int ret; -+ int ret, add = 1; - unsigned int i, j, k; - - if (pass == 1) { -@@ -1739,15 +1775,19 @@ - ebitmap_init(&ttypes); - ebitmap_init(&tclasses); - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { -- if (set_types(&stypes, id)) -+ if (set_types(&stypes, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { -- if (set_types(&ttypes, id)) -+ if (set_types(&ttypes, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - - while ((id = queue_remove(id_queue))) { - cladatum = hashtab_search(policydbp->p_classes.table, id); -@@ -1964,10 +2004,10 @@ - char *id; - class_datum_t *cladatum; - perm_datum_t *perdatum; -- ebitmap_t stypes, ttypes, tclasses; -+ ebitmap_t stypes, ttypes, tclasses, negset; - access_vector_t *avp; - unsigned int i, j, hiclass; -- int self = 0; -+ int self = 0, add = 1; - te_assert_t *newassert; - - if (pass == 1) { -@@ -1986,19 +2026,23 @@ - ebitmap_init(&ttypes); - ebitmap_init(&tclasses); - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { -- if (set_types(&stypes, id)) -+ if (set_types(&stypes, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { - if (strcmp(id, "self") == 0) { - self = 1; - continue; - } -- if (set_types(&ttypes, id)) -+ if (set_types(&ttypes, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - - hiclass = 0; - while ((id = queue_remove(id_queue))) { -@@ -2139,7 +2183,8 @@ - { - role_datum_t *role; - char *role_id, *id; -- int ret; -+ int ret, add = 1; -+ ebitmap_t negset; - - if (pass == 1) { - while ((id = queue_remove(id_queue))) -@@ -2173,10 +2218,12 @@ - } else - free(role_id); - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { -- if (set_types(&role->types, id)) -+ if (set_types(&role->types, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - - return 0; - } -@@ -2325,9 +2372,10 @@ - { - char *id; - role_datum_t *role; -- ebitmap_t roles, types; -+ ebitmap_t roles, types, negset; - struct role_trans *tr = 0; - unsigned int i, j; -+ int add = 1; - - if (pass == 1) { - while ((id = queue_remove(id_queue))) -@@ -2347,10 +2395,12 @@ - return -1; - } - -+ ebitmap_init(&negset); - while ((id = queue_remove(id_queue))) { -- if (set_types(&types, id)) -+ if (set_types(&types, &negset, id, &add)) - return -1; - } -+ ebitmap_destroy(&negset); - - id = (char *) queue_remove(id_queue); - if (!id) { -@@ -2587,8 +2637,10 @@ - struct constraint_expr *expr, *e1 = NULL, *e2; - user_datum_t *user; - role_datum_t *role; -+ ebitmap_t negset; - char *id; - __u32 val; -+ int add = 1; - - if (pass == 1) { - if (expr_type == CEXPR_NAMES) { -@@ -2656,6 +2708,7 @@ - case CEXPR_NAMES: - expr->attr = arg1; - expr->op = arg2; -+ ebitmap_init(&negset); - while ((id = (char *) queue_remove(id_queue))) { - if (expr->attr & CEXPR_USER) { - user = (user_datum_t *) hashtab_search(policydbp->p_users.table, -@@ -2678,7 +2731,7 @@ - } - val = role->value; - } else if (expr->attr & CEXPR_TYPE) { -- if (set_types(&expr->names, id)) { -+ if (set_types(&expr->names, &negset, id, &add)) { - free(expr); - return 0; - } -@@ -2696,6 +2749,7 @@ - } - free(id); - } -+ ebitmap_destroy(&negset); - return (uintptr_t)expr; - default: - yyerror("invalid constraint expression"); diff --git a/checkpolicy-lineno.patch b/checkpolicy-lineno.patch deleted file mode 100644 index 6d0de31..0000000 --- a/checkpolicy-lineno.patch +++ /dev/null @@ -1,93 +0,0 @@ -diff -ur checkpolicy-1.4.orig/checkpolicy.c checkpolicy-1.4/checkpolicy.c ---- checkpolicy-1.4.orig/checkpolicy.c 2003-12-01 14:24:57.000000000 -0500 -+++ checkpolicy-1.4/checkpolicy.c 2003-12-15 02:50:48.000000000 -0500 -@@ -45,6 +45,8 @@ - extern queue_t id_queue; - extern unsigned int policydb_errors; - extern unsigned long policydb_lineno; -+extern unsigned long source_lineno; -+extern char source_file[]; - extern unsigned int pass; - extern unsigned int ss_initialized; - -@@ -400,6 +402,8 @@ - } - rewind(yyin); - policydb_lineno = 1; -+ source_file[0] = '\0'; -+ source_lineno = 1; - yyrestart(yyin); - pass = 2; - if (yyparse() || policydb_errors) { -diff -ur checkpolicy-1.4.orig/policy_parse.y checkpolicy-1.4/policy_parse.y ---- checkpolicy-1.4.orig/policy_parse.y 2003-10-24 10:23:09.000000000 -0400 -+++ checkpolicy-1.4/policy_parse.y 2003-12-15 02:30:59.000000000 -0500 -@@ -18,6 +18,8 @@ - policydb_t *policydbp; - queue_t id_queue = 0; - unsigned int pass; -+char *curfile = 0; -+unsigned int curline; - - extern unsigned long policydb_lineno; - -diff -ur checkpolicy-1.4.orig/policy_scan.l checkpolicy-1.4/policy_scan.l ---- checkpolicy-1.4.orig/policy_scan.l 2003-06-26 13:23:12.000000000 -0400 -+++ checkpolicy-1.4/policy_scan.l 2003-12-15 02:51:18.000000000 -0500 -@@ -11,6 +11,9 @@ - static char linebuf[2][255]; - static unsigned int lno = 0; - -+char source_file[255]; -+unsigned long source_lineno = 1; -+ - unsigned long policydb_lineno = 1; - - unsigned int policydb_errors = 0; -@@ -23,6 +26,7 @@ - linebuf[lno][254] = 0; - lno = 1 - lno; - policydb_lineno++; -+ source_lineno++; - yyless(1); } - CLONE | - clone { return(CLONE); } -@@ -130,6 +134,8 @@ - {letter}({letter}|{digit}|_)* { return(IDENTIFIER); } - {letter}({letter}|{digit}|_|"."|"-")* { return(USER_IDENTIFIER); } - {digit}{digit}* { return(NUMBER); } -+#line[ ]1[ ]\"[^\n]*\" { source_lineno = 1; strncpy(source_file, yytext+9, 255); source_file[strlen(source_file)-1] = '\0'; } -+#line[ ]{digit}{digit}* { source_lineno = atoi(yytext+6)-1; } - #[^\n]* { /* delete comments */ } - [ \t\f]+ { /* delete whitespace */ } - "==" { return(EQUALS); } -@@ -154,6 +160,11 @@ - %% - int yyerror(char *msg) - { -+ if (source_file[0]) -+ fprintf(stderr, "%s:%ld:", -+ source_file, source_lineno); -+ else -+ fprintf(stderr, "(unknown source)::"); - fprintf(stderr, "ERROR '%s' at token '%s' on line %ld:\n%s\n%s\n", - msg, - yytext, -@@ -165,6 +176,11 @@ - - int yywarn(char *msg) - { -+ if (source_file[0]) -+ fprintf(stderr, "%s:%ld:", -+ source_file, source_lineno); -+ else -+ fprintf(stderr, "(unknown source)::"); - fprintf(stderr, "WARNING '%s' at token '%s' on line %ld:\n%s\n%s\n", - msg, - yytext, -@@ -172,5 +188,3 @@ - linebuf[0], linebuf[1]); - return 0; - } -- -- diff --git a/checkpolicy-roletrans.patch b/checkpolicy-roletrans.patch deleted file mode 100644 index 74e9ce4..0000000 --- a/checkpolicy-roletrans.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: checkpolicy/policy_parse.y -=================================================================== -RCS file: /nfshome/pal/CVS/selinux-usr/checkpolicy/policy_parse.y,v -retrieving revision 1.9 -diff -u -r1.9 policy_parse.y ---- checkpolicy/policy_parse.y 17 Dec 2003 16:52:20 -0000 1.9 -+++ checkpolicy/policy_parse.y 7 Jan 2004 13:19:04 -0000 -@@ -2339,8 +2339,6 @@ - return 0; - } - -- yywarn("Role transition rules are DEPRECATED, use domain transitions."); -- - ebitmap_init(&roles); - ebitmap_init(&types); - diff --git a/checkpolicy-typealias.patch b/checkpolicy-typealias.patch deleted file mode 100644 index df71268..0000000 --- a/checkpolicy-typealias.patch +++ /dev/null @@ -1,119 +0,0 @@ -Index: checkpolicy/policy_parse.y -=================================================================== -RCS file: /nfshome/pal/CVS/selinux-usr/checkpolicy/policy_parse.y,v -retrieving revision 1.11 -diff -u -r1.11 policy_parse.y ---- checkpolicy/policy_parse.y 15 Jan 2004 14:23:02 -0000 1.11 -+++ checkpolicy/policy_parse.y 15 Jan 2004 17:48:45 -0000 -@@ -42,6 +42,7 @@ - static int define_common_base(void); - static int define_av_base(void); - static int define_attrib(void); -+static int define_typealias(void); - static int define_type(int alias); - static int define_compute_type(int which); - static int define_te_avtab(int which); -@@ -82,6 +83,7 @@ - %token SID - %token ROLE - %token ROLES -+%token TYPEALIAS - %token TYPE - %token TYPES - %token ALIAS -@@ -240,6 +242,7 @@ - ; - te_decl : attribute_def - | type_def -+ | typealias_def - | transition_def - | te_avtab_def - ; -@@ -251,6 +254,9 @@ - | TYPE identifier opt_attr_list ';' - {if (define_type(0)) return -1;} - ; -+typealias_def : TYPEALIAS identifier alias_def -+ {if (define_typealias()) return -1;} -+ ; - opt_attr_list : ',' id_comma_list - | - ; -@@ -1479,6 +1485,61 @@ - return 0; - } - -+static int define_typealias(void) -+{ -+ char *id; -+ type_datum_t *t, *aliasdatum; -+ int ret; -+ -+ -+ if (pass == 2) { -+ while ((id = queue_remove(id_queue))) -+ free(id); -+ return 0; -+ } -+ -+ id = (char *) queue_remove(id_queue); -+ if (!id) { -+ yyerror("no type name for typealias definition?"); -+ return -1; -+ } -+ -+ t = hashtab_search(policydbp->p_types.table, id); -+ if (!t || t->isattr) { -+ sprintf(errormsg, "unknown type %s", id); -+ yyerror(errormsg); -+ free(id); -+ return -1; -+ } -+ -+ while ((id = queue_remove(id_queue))) { -+ aliasdatum = (type_datum_t *) malloc(sizeof(type_datum_t)); -+ if (!aliasdatum) { -+ yyerror("out of memory"); -+ return -1; -+ } -+ memset(aliasdatum, 0, sizeof(type_datum_t)); -+ aliasdatum->value = t->value; -+ -+ ret = hashtab_insert(policydbp->p_types.table, -+ (hashtab_key_t) id, (hashtab_datum_t) aliasdatum); -+ -+ if (ret == HASHTAB_PRESENT) { -+ sprintf(errormsg, "name conflict for type alias %s", id); -+ yyerror(errormsg); -+ free(aliasdatum); -+ free(id); -+ return -1; -+ } -+ if (ret == HASHTAB_OVERFLOW) { -+ yyerror("hash table overflow"); -+ free(aliasdatum); -+ free(id); -+ return -1; -+ } -+ } -+ return 0; -+} - - static int define_type(int alias) - { -Index: checkpolicy/policy_scan.l -=================================================================== -RCS file: /nfshome/pal/CVS/selinux-usr/checkpolicy/policy_scan.l,v -retrieving revision 1.3 -diff -u -r1.3 policy_scan.l ---- checkpolicy/policy_scan.l 17 Dec 2003 16:52:20 -0000 1.3 -+++ checkpolicy/policy_scan.l 15 Jan 2004 17:33:23 -0000 -@@ -46,6 +46,8 @@ - roles { return(ROLES); } - TYPES | - types { return(TYPES); } -+TYPEALIAS | -+typealias { return(TYPEALIAS); } - TYPE | - type { return(TYPE); } - ALIAS | -- 2.43.0