Cross Reference: /external/selinux/libsepol/cil/src/cil_reset

History log of /external/selinux/libsepol/cil/src/cil_reset_ast.c
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
f5602f5ff980435ee2aefed35ba643310ceeac25	01-Dec-2015	Steve Lawrence <slawrence@tresys.com>	libsepol/cil: Add support for neverallowx Add a new statement, neverallowx, which has the same syntax as allowx: (neverallowx foo bar (ioctl file (range 0x2000 0x20FF))) (allowx foo bar (ioctl file (0x20A0))) ; this fails Much of the changes just move functions around or split functions up to ease the sharing of avrule and avrulex comparisons with neverallows. This refactoring also modifies the avrule struct to include a union of either class permission information for standard avrules or extended permission information for extended avrules, also done to support sharing code. This also changes assertion.c and avtab.c to allow check_assertion_avtab_match to work with extended avrules. Signed-off-by: Steve Lawrence <slawrence@tresys.com> /external/selinux/libsepol/cil/src/cil_reset_ast.c
77779d2ca5a0c6efd113ff34cee432d5bb951f09	10-Sep-2015	Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com>	libsepol/cil: Add userattribute{set} functionality This adds a userattribute statement that may be used in userroles and constraints. The syntax is the same as typeattributset. Also, disallow roleattributes where roles are accepted in contexts. Specify a userattribute (userattribute foo) Add users to the set foo (userattributeset foo (u1 u2)) Signed-off-by: Yuli Khodorkovskiy <ykhodorkovskiy@tresys.com> Signed-off-by: James Carter <jwcart2@tycho.nsa.gov> /external/selinux/libsepol/cil/src/cil_reset_ast.c
f0290677091e7eee4a3724a2a86ede9e11f93802	17-Mar-2015	Daniel De Graaf <dgdegra@tycho.nsa.gov>	libsepol, checkpolicy: add device tree ocontext nodes to Xen policy In Xen on ARM, device tree nodes identified by a path (string) need to be labeled by the security policy. Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov> /external/selinux/libsepol/cil/src/cil_reset_ast.c
28ae74e112a031e1aeb22a2083568a881491b6db	18-Feb-2015	Steve Lawrence <slawrence@tresys.com>	Merge commit '76ba6eaa7333483a8cc0c73a7880f7acf99c2656'
bbbd58e1252a06550810ae6f7b40b867841da918	02-Oct-2014	Steve Lawrence <slawrence@tresys.com>	Merge commit 'a3abb2c05301b24ad2f8307d07734d89ddf808d8' into merge
bb0f8beff890195cfd459c67230c6130c86b3214	26-Aug-2014	Steve Lawrence <slawrence@tresys.com>	Merge commit 'b19eafb97feb6389d78e1693f276fc5b10e25bd6' as 'libsepol/cil'