| Message ID | 20220825132718.jnuxg7oqkmm3dx2l@jmarcin-t14s-01 (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | eca72d8e47ac |
| Headers | show |
| Series | libsepol: fix missing double quotes in typetransition CIL rule | expand |
On Thu, Aug 25, 2022 at 9:45 AM Juraj Marcin <juraj@jurajmarcin.com> wrote: > > CIL Reference Guide defines typetransition rule with double quotes > around object name, but those are not present in the format string. > > This patch fixes this issue, so the CIL output produced by > sepol_kernel_policydb_to_cil() is in the correct format. > > Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com> Despite what the CIL Reference Guide says, the quotes are not required, but it is best practice to use them. Acked-by: James Carter <jwcart2@gmail.com> > --- > libsepol/src/kernel_to_cil.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c > index 5a1336a3..ad4121d5 100644 > --- a/libsepol/src/kernel_to_cil.c > +++ b/libsepol/src/kernel_to_cil.c > @@ -1894,7 +1894,7 @@ static int map_filename_trans_to_str(hashtab_key_t key, void *data, void *arg) > ebitmap_for_each_positive_bit(&datum->stypes, node, bit) { > src = pdb->p_type_val_to_name[bit]; > rc = strs_create_and_add(strs, > - "(typetransition %s %s %s %s %s)", > + "(typetransition %s %s %s \"%s\" %s)", > 5, src, tgt, class, filename, new); > if (rc) > return rc; > -- > 2.37.1 >
On Mon, Aug 29, 2022 at 2:49 PM James Carter <jwcart2@gmail.com> wrote: > > On Thu, Aug 25, 2022 at 9:45 AM Juraj Marcin <juraj@jurajmarcin.com> wrote: > > > > CIL Reference Guide defines typetransition rule with double quotes > > around object name, but those are not present in the format string. > > > > This patch fixes this issue, so the CIL output produced by > > sepol_kernel_policydb_to_cil() is in the correct format. > > > > Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com> > > Despite what the CIL Reference Guide says, the quotes are not > required, but it is best practice to use them. > > Acked-by: James Carter <jwcart2@gmail.com> > Merged. Thanks, Jim > > --- > > libsepol/src/kernel_to_cil.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c > > index 5a1336a3..ad4121d5 100644 > > --- a/libsepol/src/kernel_to_cil.c > > +++ b/libsepol/src/kernel_to_cil.c > > @@ -1894,7 +1894,7 @@ static int map_filename_trans_to_str(hashtab_key_t key, void *data, void *arg) > > ebitmap_for_each_positive_bit(&datum->stypes, node, bit) { > > src = pdb->p_type_val_to_name[bit]; > > rc = strs_create_and_add(strs, > > - "(typetransition %s %s %s %s %s)", > > + "(typetransition %s %s %s \"%s\" %s)", > > 5, src, tgt, class, filename, new); > > if (rc) > > return rc; > > -- > > 2.37.1 > >
diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 5a1336a3..ad4121d5 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -1894,7 +1894,7 @@ static int map_filename_trans_to_str(hashtab_key_t key, void *data, void *arg) ebitmap_for_each_positive_bit(&datum->stypes, node, bit) { src = pdb->p_type_val_to_name[bit]; rc = strs_create_and_add(strs, - "(typetransition %s %s %s %s %s)", + "(typetransition %s %s %s \"%s\" %s)", 5, src, tgt, class, filename, new); if (rc) return rc;
CIL Reference Guide defines typetransition rule with double quotes around object name, but those are not present in the format string. This patch fixes this issue, so the CIL output produced by sepol_kernel_policydb_to_cil() is in the correct format. Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com> --- libsepol/src/kernel_to_cil.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)