From patchwork Thu May 21 15:24:46 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 11563313 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 48F091391 for ; Thu, 21 May 2020 15:25:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 307C4207D8 for ; Thu, 21 May 2020 15:25:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="mo+y+S67" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729817AbgEUPZe (ORCPT ); Thu, 21 May 2020 11:25:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35492 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730437AbgEUPZc (ORCPT ); Thu, 21 May 2020 11:25:32 -0400 Received: from mail-qt1-x841.google.com (mail-qt1-x841.google.com [IPv6:2607:f8b0:4864:20::841]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6FE4CC061A0E for ; Thu, 21 May 2020 08:25:32 -0700 (PDT) Received: by mail-qt1-x841.google.com with SMTP id i68so5779043qtb.5 for ; Thu, 21 May 2020 08:25:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=XioUBqoLdKBCf+xO282yrwQHVX4FycRp1HUmQOu6O7g=; b=mo+y+S67tgkNom76FsOEkrN5bHqfLGsdJe3MOC3Kf3Y/cgwGeHloXEv26buc0rCNLm XUSVPOqhc7g8Pp0ZiJPBFd+U3PowRr2lOaaNSztKlIBFrq/YGrAQUMpBa41R+tmcRlF1 wTB7716fap6Qvn9OrpiqsnZvZm8ps+LDRV0TNwymB2Pbmi/bB6YfblbGoc6udNPVJvRh 7157EKt9aouXaUVMHtyQzdGFpVHQJt7Ils9hSGIih7oRmQhtei45QyhBe4VfCzzE7dcs X0RmNEtvZERzkqce4fQzIqi2qMQif8PIney5ArZD/XXuz3jkGXY+vLRI7L+yqQHL3TJu tp0g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=XioUBqoLdKBCf+xO282yrwQHVX4FycRp1HUmQOu6O7g=; b=VOH5DRivOYgR6JmVpDzMCVzrMYiumWYt35bRaBbJ91QWK95WnZdllTmhpV4J/ynb0Q 1tXc8nNXtavLSFVlK9jrWDUKAbWHX+tRrMk2DVon90mVs3X9wnTh6hKaznxCdtWseeoa MFWMIPqSFp+gdii9x8pDr47/g2FqNq45feL7xbxVhmxNaw2SQ8Q8cqULpBawL9EyR9qa 2i6/2I+zrny8OGYr405kBuYM2deTGjN6x55QDEOZaRK5eMCzSsbTjIEPC7Hf7vMdaofA hYZZzDWTP4nz3/Dt5KwwlJ8aObI5cx2zu2edRmRC7gRmArGp7iNtQW0UDUzyuAhy4P7L TVPg== X-Gm-Message-State: AOAM533+PMP4jD6qOt+uQCn+OTx/pNQAAWyQV7xWnjtOELqQR+E5lWDC W+Ikr9CoCU7TzHkmsqtEdAR+jgSHfiI= X-Google-Smtp-Source: ABdhPJwY9sQGgsDsbELpq4Eevaxh1f53UI1KiVU7XaWNpCNKwLEf3Vy3NIlFzlnYIEVq2fAcu3qd6w== X-Received: by 2002:ac8:3873:: with SMTP id r48mr11162230qtb.240.1590074731467; Thu, 21 May 2020 08:25:31 -0700 (PDT) Received: from localhost.localdomain (pool-71-166-99-106.bltmmd.east.verizon.net. [71.166.99.106]) by smtp.gmail.com with ESMTPSA id z19sm5840135qtz.81.2020.05.21.08.25.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 May 2020 08:25:30 -0700 (PDT) From: James Carter To: selinux@vger.kernel.org Cc: James Carter Subject: [PATCH 1/3] libsepol: Write CIL default MLS rules on separate lines Date: Thu, 21 May 2020 11:24:46 -0400 Message-Id: <20200521152448.148333-1-jwcart2@gmail.com> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org When converting a non-MLS kernel binary policy to CIL, write the CIL default MLS rules (since CIL requires at least one sensitivity, and sensitivityorder statements) on separate lines. This improves the readability of the resulting CIL policy. Signed-off-by: James Carter --- libsepol/src/kernel_to_cil.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index ede78a20..cca77251 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -777,9 +777,9 @@ exit: static void write_default_mls_level(FILE *out) { - sepol_printf(out, "(sensitivity s0)"); - sepol_printf(out, "(sensitivityorder (s0))"); - sepol_printf(out, "(level %s (s0))", DEFAULT_LEVEL); + sepol_printf(out, "(sensitivity s0)\n"); + sepol_printf(out, "(sensitivityorder (s0))\n"); + sepol_printf(out, "(level %s (s0))\n", DEFAULT_LEVEL); } static int map_sensitivity_aliases_to_strs(char *key, void *data, void *args) From patchwork Thu May 21 15:24:47 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 11563323 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D35E2739 for ; Thu, 21 May 2020 15:25:51 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id BB74B207D8 for ; Thu, 21 May 2020 15:25:51 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="FQqvetQB" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730089AbgEUPZu (ORCPT ); Thu, 21 May 2020 11:25:50 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35528 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730033AbgEUPZq (ORCPT ); Thu, 21 May 2020 11:25:46 -0400 Received: from mail-qk1-x743.google.com (mail-qk1-x743.google.com [IPv6:2607:f8b0:4864:20::743]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E855DC061A0E for ; Thu, 21 May 2020 08:25:45 -0700 (PDT) Received: by mail-qk1-x743.google.com with SMTP id w3so2048278qkb.6 for ; Thu, 21 May 2020 08:25:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=pueDequ/3r0EC91R2eIjkfDkG4GVBlAfywCl/EUx9ik=; b=FQqvetQBBarQ3QWGtHyreGREG5nBq2hyUoS4in2ie6XCaGAUx0ZMlvgQo1htmLbN0O s6H0o/i1qdHPr7Tdv2XqivwSecqu1THTbq7a/dr58cmF/+dBLZe2vMhJAVV3rDUC6sFN ULUdISusESmgpdyvSTHDx3HQCih4rERzVn1DmDcxCKB4jC3MzG2vPTFaNuHFMHpkdLkK 0A4y+WNzTQFUigoLwkGVI1EAdUTicSfsptQfyO5wozqkxAugdiVX4HDvefjfDJuzvKlL ualvMTiL8sQ03CmGZJy9KR+qdVVjbTRMJWyjYPW5cM5iachoL0cnptvc8CvhG/j/+cnG H1gQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=pueDequ/3r0EC91R2eIjkfDkG4GVBlAfywCl/EUx9ik=; b=fxe8YmQeYiEWC6NDNzjjyOKNYioZPo8b5sv6nruoKWaRqWrN/LWy9Ox5VJR4fxZg83 oG4biG7PSQzVLcIVxlzt1sHoDUQVLkecBRcJAOSWnF5oWGeT1w/UmlIilRJfAXynICGw tWFRPmFqRV5Ik0cwqpHfHXRHbeWviDYQlsfbTIdYx49Jy1TWaK9MZJXaTAG+jCutYtME KEmh7J8i5crBZOj4hrkQle7ruPGkYdDXBOVNvdI/x8Vc5Klf/PBMhpYtH4oDKdlx6AIM WqdAc0NoyS8x7LbDJvOzWBcn1gBHNbvfcgigSH46BD+iV2vaXfIymW6723PnlNenUPLF EuCg== X-Gm-Message-State: AOAM531w/MR5tulD5pKSHzxLmGSFoMQJ6elsCfm4y70gYY7xBsRTeUjk N0N0VI3/GtfmHHxp+wX+WvJwNHyqQQM= X-Google-Smtp-Source: ABdhPJxvFpw3Y+Zcx0dUrAEtIWfWP3izA9faE7J6Dwv8o7e5cuwrgUXZW77MX3fsFiYLiLQPMdPwdw== X-Received: by 2002:a37:b185:: with SMTP id a127mr10273847qkf.87.1590074745024; Thu, 21 May 2020 08:25:45 -0700 (PDT) Received: from localhost.localdomain (pool-71-166-99-106.bltmmd.east.verizon.net. [71.166.99.106]) by smtp.gmail.com with ESMTPSA id z19sm5840135qtz.81.2020.05.21.08.25.37 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 May 2020 08:25:44 -0700 (PDT) From: James Carter To: selinux@vger.kernel.org Cc: James Carter Subject: [PATCH 2/3] libsepol: Improve writing CIL sensitivity rules Date: Thu, 21 May 2020 11:24:47 -0400 Message-Id: <20200521152448.148333-2-jwcart2@gmail.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: <20200521152448.148333-1-jwcart2@gmail.com> References: <20200521152448.148333-1-jwcart2@gmail.com> MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Improves writing of CIL sensitivity rules when converting MLS kernel policy to CIL. No changes to functionality, but eliminate useless checks for sensitivity aliases when using the p_sens_val_to_name array, find the actual number of aliases before allocating memory, and skip the sensitivity alias rules if there are no aliases. Signed-off-by: James Carter --- libsepol/src/kernel_to_cil.c | 59 ++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index cca77251..6103c1a6 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -782,6 +782,17 @@ static void write_default_mls_level(FILE *out) sepol_printf(out, "(level %s (s0))\n", DEFAULT_LEVEL); } +static int map_count_sensitivity_aliases(char *key, void *data, void *args) +{ + level_datum_t *sens = data; + unsigned *count = args; + + if (sens->isalias) + (*count)++; + + return SEPOL_OK; +} + static int map_sensitivity_aliases_to_strs(char *key, void *data, void *args) { level_datum_t *sens = data; @@ -799,26 +810,13 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) { level_datum_t *level; char *prev, *name, *actual; - struct strs *strs; - unsigned i, num; + struct strs *strs = NULL; + unsigned i, num = 0; int rc = 0; - rc = strs_init(&strs, pdb->p_levels.nprim); - if (rc != 0) { - goto exit; - } - /* sensitivities */ for (i=0; i < pdb->p_levels.nprim; i++) { name = pdb->p_sens_val_to_name[i]; - if (!name) continue; - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } - if (level->isalias) continue; - sepol_printf(out, "(sensitivity %s)\n", name); } @@ -827,14 +825,6 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) prev = NULL; for (i=0; i < pdb->p_levels.nprim; i++) { name = pdb->p_sens_val_to_name[i]; - if (!name) continue; - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } - if (level->isalias) continue; - if (prev) { sepol_printf(out, "%s ", prev); } @@ -845,6 +835,22 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) } sepol_printf(out, "))\n"); + rc = hashtab_map(pdb->p_levels.table, map_count_sensitivity_aliases, &num); + if (rc != 0) { + goto exit; + } + + if (num == 0) { + /* No aliases, so skip sensitivity alias rules */ + rc = 0; + goto exit; + } + + rc = strs_init(&strs, num); + if (rc != 0) { + goto exit; + } + rc = hashtab_map(pdb->p_levels.table, map_sensitivity_aliases_to_strs, strs); if (rc != 0) { goto exit; @@ -852,16 +858,9 @@ static int write_sensitivity_rules_to_cil(FILE *out, struct policydb *pdb) strs_sort(strs); - num = strs_num_items(strs); - /* sensitivity aliases */ for (i=0; i < num; i++) { name = strs_read_at_index(strs, i); - level = hashtab_search(pdb->p_levels.table, name); - if (!level) { - rc = -1; - goto exit; - } sepol_printf(out, "(sensitivityalias %s)\n", name); } From patchwork Thu May 21 15:24:48 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: James Carter X-Patchwork-Id: 11563327 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 69A58739 for ; Thu, 21 May 2020 15:25:57 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 5074720849 for ; Thu, 21 May 2020 15:25:57 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Ic9wPvAw" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730033AbgEUPZ4 (ORCPT ); Thu, 21 May 2020 11:25:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35552 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730046AbgEUPZz (ORCPT ); Thu, 21 May 2020 11:25:55 -0400 Received: from mail-qt1-x842.google.com (mail-qt1-x842.google.com [IPv6:2607:f8b0:4864:20::842]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4EA6EC061A0E for ; Thu, 21 May 2020 08:25:55 -0700 (PDT) Received: by mail-qt1-x842.google.com with SMTP id d7so5723830qtn.11 for ; Thu, 21 May 2020 08:25:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=YtfdXbFn2o3ZbJ67xT/SXkoVhP8jAGbq6xyqPrJ1CrU=; b=Ic9wPvAw5LejdFfTGiCfPHQjVIQaJ2t7ypdZRRtL8pDa7geiQkxzRH7/+HSx/XAqup y8PNjdHMxVHUSFSQF5rtzi1Z4z0RcGR3zDYhc47dkH/G111Nx8X+2DQtN6Xw+dZqxE2V pAJEYo7jgh8hkVRCzZ2Qia5hVXWthwe/5NT7cWPVUGz2NpAmY/05qu2i+aKzuyh7NoK6 J+ka97pRjXUeQj/rSBx3hxRSSSOXCKjM+5qtnqAgCnn4ZVTE82ilB1BaM5MOzNvdpDHp g9gs0m4PxtiGgnatPscsCrPLUfZ+0/KjQd01bEBH3vG7J2rBRFY9kwO0vfTMmahHUCYE R1Fw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YtfdXbFn2o3ZbJ67xT/SXkoVhP8jAGbq6xyqPrJ1CrU=; b=dq4spKlF53JpxRhmVqkwYA229SaOPA0Q8dRkY/LH54P7DndcC22r+UmNj6P8uxo/iO 2BRVVpJHI5ocPcUXR9OljEsxM7Fzk6n+xR+UzLHgHrxQaLyMvitQdesbq9Zw2NIxYRBF 8n9NGm+i3vgrZnqQuBelgY1qnpLaj/uaNFSXZwHJRV3/SXDpETrrH/3Gtu3/vLD0UcsZ xYctJ7ar3a2K4RUtPJKwmoGCDgrEq1ckmc8Ma28oCkAqF1op0U38W5BAMMQmQGWLo3tp wc0+sTK6Ag0jdSrC98LEESGV9R7JSwnpplvMjDvrcWbkgdYwU/7AbYDTYsO7ERLEhq6V CteA== X-Gm-Message-State: AOAM5318bDyhFniksIOVgvQiboAAY2WKOzK+Yy2JP2VL+NHRtZlQodxO e2yr+2tKBuzw+WPsj7XhDbNae9VSu5s= X-Google-Smtp-Source: ABdhPJy4jmiTp2QZM4s0ywPDiIp3wbC5VGuHjqqrm12gbW3PMKMpZ70rcb5dHRe7wa46EQ9MnrBlcA== X-Received: by 2002:ac8:60d4:: with SMTP id i20mr11113515qtm.324.1590074754409; Thu, 21 May 2020 08:25:54 -0700 (PDT) Received: from localhost.localdomain (pool-71-166-99-106.bltmmd.east.verizon.net. [71.166.99.106]) by smtp.gmail.com with ESMTPSA id z19sm5840135qtz.81.2020.05.21.08.25.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 21 May 2020 08:25:54 -0700 (PDT) From: James Carter To: selinux@vger.kernel.org Cc: James Carter Subject: [PATCH 3/3] libsepol: Improve writing CIL category rules Date: Thu, 21 May 2020 11:24:48 -0400 Message-Id: <20200521152448.148333-3-jwcart2@gmail.com> X-Mailer: git-send-email 2.25.4 In-Reply-To: <20200521152448.148333-1-jwcart2@gmail.com> References: <20200521152448.148333-1-jwcart2@gmail.com> MIME-Version: 1.0 Sender: selinux-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Improves writing of CIL category rules when converting MLS kernel policy to CIL. No changes to functionality, but eliminate useless checks for category aliases when using the p_cat_val_to_name array, find the actual number of aliases before allocating memory, and skip the category alias rules if there are no aliases. Signed-off-by: James Carter --- libsepol/src/kernel_to_cil.c | 59 ++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 30 deletions(-) diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c index 6103c1a6..319f3641 100644 --- a/libsepol/src/kernel_to_cil.c +++ b/libsepol/src/kernel_to_cil.c @@ -886,6 +886,17 @@ exit: return rc; } +static int map_count_category_aliases(char *key, void *data, void *args) +{ + cat_datum_t *cat = data; + unsigned *count = args; + + if (cat->isalias) + (*count)++; + + return SEPOL_OK; +} + static int map_category_aliases_to_strs(char *key, void *data, void *args) { cat_datum_t *cat = data; @@ -903,26 +914,13 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) { cat_datum_t *cat; char *prev, *name, *actual; - struct strs *strs; - unsigned i, num; + struct strs *strs = NULL; + unsigned i, num = 0; int rc = 0; - rc = strs_init(&strs, pdb->p_levels.nprim); - if (rc != 0) { - goto exit; - } - /* categories */ for (i=0; i < pdb->p_cats.nprim; i++) { name = pdb->p_cat_val_to_name[i]; - if (!name) continue; - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } - if (cat->isalias) continue; - sepol_printf(out, "(category %s)\n", name); } @@ -931,14 +929,6 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) prev = NULL; for (i=0; i < pdb->p_cats.nprim; i++) { name = pdb->p_cat_val_to_name[i]; - if (!name) continue; - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } - if (cat->isalias) continue; - if (prev) { sepol_printf(out, "%s ", prev); } @@ -949,6 +939,22 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) } sepol_printf(out, "))\n"); + rc = hashtab_map(pdb->p_cats.table, map_count_category_aliases, &num); + if (rc != 0) { + goto exit; + } + + if (num == 0) { + /* No aliases, so skip category alias rules */ + rc = 0; + goto exit; + } + + rc = strs_init(&strs, num); + if (rc != 0) { + goto exit; + } + rc = hashtab_map(pdb->p_cats.table, map_category_aliases_to_strs, strs); if (rc != 0) { goto exit; @@ -956,16 +962,9 @@ static int write_category_rules_to_cil(FILE *out, struct policydb *pdb) strs_sort(strs); - num = strs_num_items(strs); - /* category aliases */ for (i=0; i < num; i++) { name = strs_read_at_index(strs, i); - cat = hashtab_search(pdb->p_cats.table, name); - if (!cat) { - rc = -1; - goto exit; - } sepol_printf(out, "(categoryalias %s)\n", name); }