| Message ID | 20220105211602.359300-1-jwcart2@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/3] libsepol/cil: Do not copy blockabstracts when inheriting a block | expand |
FYI, I plan on merging this series at the end of the week. If anyone has any objections, please let me know. Jim On Wed, Jan 5, 2022 at 4:16 PM James Carter <jwcart2@gmail.com> wrote: > > Do not copy any blockabstract statements when copying a block to > resolve a blockinherit statement. Inheriting a block from what was > just inherited does not work, so there is no reason to create an > abstract block. > > Signed-off-by: James Carter <jwcart2@gmail.com> > --- > libsepol/cil/src/cil_copy_ast.c | 6 ++++++ > 1 file changed, 6 insertions(+) > > diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c > index 2fad972c..a4ead9db 100644 > --- a/libsepol/cil/src/cil_copy_ast.c > +++ b/libsepol/cil/src/cil_copy_ast.c > @@ -1725,6 +1725,12 @@ int __cil_copy_node_helper(struct cil_tree_node *orig, uint32_t *finished, void > copy_func = &cil_copy_block; > break; > case CIL_BLOCKABSTRACT: > + if (args->orig_dest->flavor == CIL_BLOCKINHERIT) { > + /* When inheriting a block, don't copy any blockabstract > + * statements. Inheriting a block from a block that was > + * just inherited never worked. */ > + return SEPOL_OK; > + } > copy_func = &cil_copy_blockabstract; > break; > case CIL_BLOCKINHERIT: > -- > 2.31.1 >
On Mon, Feb 7, 2022 at 1:55 PM James Carter <jwcart2@gmail.com> wrote: > > FYI, I plan on merging this series at the end of the week. If anyone > has any objections, please let me know. > Jim > This series has now been merged. Jim > On Wed, Jan 5, 2022 at 4:16 PM James Carter <jwcart2@gmail.com> wrote: > > > > Do not copy any blockabstract statements when copying a block to > > resolve a blockinherit statement. Inheriting a block from what was > > just inherited does not work, so there is no reason to create an > > abstract block. > > > > Signed-off-by: James Carter <jwcart2@gmail.com> > > --- > > libsepol/cil/src/cil_copy_ast.c | 6 ++++++ > > 1 file changed, 6 insertions(+) > > > > diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c > > index 2fad972c..a4ead9db 100644 > > --- a/libsepol/cil/src/cil_copy_ast.c > > +++ b/libsepol/cil/src/cil_copy_ast.c > > @@ -1725,6 +1725,12 @@ int __cil_copy_node_helper(struct cil_tree_node *orig, uint32_t *finished, void > > copy_func = &cil_copy_block; > > break; > > case CIL_BLOCKABSTRACT: > > + if (args->orig_dest->flavor == CIL_BLOCKINHERIT) { > > + /* When inheriting a block, don't copy any blockabstract > > + * statements. Inheriting a block from a block that was > > + * just inherited never worked. */ > > + return SEPOL_OK; > > + } > > copy_func = &cil_copy_blockabstract; > > break; > > case CIL_BLOCKINHERIT: > > -- > > 2.31.1 > >
diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c index 2fad972c..a4ead9db 100644 --- a/libsepol/cil/src/cil_copy_ast.c +++ b/libsepol/cil/src/cil_copy_ast.c @@ -1725,6 +1725,12 @@ int __cil_copy_node_helper(struct cil_tree_node *orig, uint32_t *finished, void copy_func = &cil_copy_block; break; case CIL_BLOCKABSTRACT: + if (args->orig_dest->flavor == CIL_BLOCKINHERIT) { + /* When inheriting a block, don't copy any blockabstract + * statements. Inheriting a block from a block that was + * just inherited never worked. */ + return SEPOL_OK; + } copy_func = &cil_copy_blockabstract; break; case CIL_BLOCKINHERIT:
Do not copy any blockabstract statements when copying a block to resolve a blockinherit statement. Inheriting a block from what was just inherited does not work, so there is no reason to create an abstract block. Signed-off-by: James Carter <jwcart2@gmail.com> --- libsepol/cil/src/cil_copy_ast.c | 6 ++++++ 1 file changed, 6 insertions(+)