From: Caleb Case <ccase@tresys.com>
To: Karl MacMillan <kmacmillan@mentalrootkit.com>
Cc: B Topscher <bryan@jennandbryan.com>,
selinux@tycho.nsa.gov, dgoeddel@TrustedCS.com,
method@manicmethod.com, Stephen Smalley <sds@tycho.nsa.gov>
Subject: Re: [BUG] Segfault on duplicate require of sensitivity
Date: Tue, 15 May 2007 13:09:16 -0400 [thread overview]
Message-ID: <1179248956.25191.41.camel@localhost> (raw)
In-Reply-To: <1179239973.5130.9.camel@localhost.localdomain>
On Tue, 2007-05-15 at 10:39 -0400, Karl MacMillan wrote:
> On Tue, 2007-05-15 at 10:16 -0400, Caleb Case wrote:
> > It turns out that level_datum_t is not defined as an actual datum:
> >
>
> [...]
>
> >
> > The options I see here are not good. One option: the level_datum_t
> > should be changed into a conforming *_datum_t and the fallout of this
> > change handled in the rest of the code which expects to see a
> > level_datum_t->level. Second option: level_datum_t is treated specially
> > in require_symbol (using the symbol_type as the switch).
> >
>
> Making it a _datum_t seems to be the right choice - what is your concern
> about following that path?
>
> Karl
Mainly I am concerned because level_datum_t is exported in libsepol's
protected headers and will require changes to anything that statically
links to libsepol.
>
> > On Thu, 2007-04-19 at 11:29 -0400, B Topscher wrote:
> > > When I have sensitivity required in two different locations I get
> > > segmentation faults when I try and load the module. For example,
> > > because s0 and s15 are already declared on other files if I require
> > > them in the TE file I get a segfault. I looked in the module.tmp file
> > > that was created on build and saw that s0 and s15 are declared
> > > somewhere. However, if I comment out my require in the TE file it
> > > loads the module fine.
> > >
> > >
> > > if in the TE I have:
> > >
> > > require {
> > > sensitivity s0;
> > > }
> > >
> > > function( domain_t )
> > >
> > > and the IF I have
> > >
> > > interface(`function',`
> > > gen_require(`
> > > sensitivity s0;
> > > ')
> > > .......
> > > ')
> > >
> > > When I build and then semodule -i module.pp, I get a segfault when
> > > committing changes (according to semodule -v).
> > >
> > > Thank you
> > > Bryan
>
--
Caleb Case
Tresys Technology
410-290-1411 x144
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
next prev parent reply other threads:[~2007-05-15 17:09 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-04-19 15:29 [BUG] Segfault on duplicate require of sensitivity B Topscher
2007-05-15 14:16 ` Caleb Case
2007-05-15 14:39 ` Karl MacMillan
2007-05-15 17:09 ` Caleb Case [this message]
2007-05-15 17:18 ` Joshua Brindle
2007-05-15 17:19 ` Karl MacMillan
2007-05-15 17:40 ` Joshua Brindle
2007-05-25 17:26 ` Caleb Case
2007-05-31 18:25 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1179248956.25191.41.camel@localhost \
--to=ccase@tresys.com \
--cc=bryan@jennandbryan.com \
--cc=dgoeddel@TrustedCS.com \
--cc=kmacmillan@mentalrootkit.com \
--cc=method@manicmethod.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.