[ SEPOL ] [ SEMANAGE ] Fix record interfaces

[ SEPOL ] [ SEMANAGE ] Fix record interfaces

[Ivan Gyurdiev]

[-- Attachment #1: Type: text/plain, Size: 2614 bytes --]

Okay, I can't justify not passing the handle into the records.

I said that all those errors are simple OMEM errors, but that may not 
remain the case in the future, and it's not even true right now - 
there's already a bunch of functions in the record files that really 
should emit a more informative error message when they fail (not omem).

Second, if the caller wants to use callbacks, then it wants _all_ errors 
routed to the callback, regardless of whether they're omem, or something 
else. It doesn't make sense to split the API in two - half using 
callbacks, and the other using status codes. The handle should be used 
everywhere.

=============================

So, this patch fixes a number of important issues:

- SEPOL: passes handle into all records
- SEPOL: removes DEBUG completely

- SEMANAGE: passes handle into all semanage records

- SEMANAGE: this requires the handle to be passed into parse/print - 
pass the handle where appropriate.

- SEMANAGE: this also breaks the database, which only works with a 
semanage handle, and uses sepol records directly. To correct this issue 
I've made the database only work with semanage records. This means the 
[object]_policydb databases are now configured to use the semanage 
records instead of the sepol ones.

This shifts the place where binary compatibility is assumed from the 
relay function ([object]_policy.c) to the ([object]_policydb.c) files, 
which are responsible for configuring which functions the database 
should use. This is a very good idea, because now policy_components.c no 
longer requires binary compatibility, since both the source and target 
databases work with semanage records - so compatibility is assumed in 
exactly one place, and not two.

I've removed the casts from the ([object]_policy.c) files, since they 
are no longer required.
I have not added new casts into ([object]_policydb.c), because I want 
this issue to remain visible, until we decide what to do about it. If we 
add convert functions, they would go into ([object]_policydb.c).

- SEMANAGE: I've removed the SEPOL_[object]_RTABLE record tables, since 
they are not needed after the change above. I've moved the 
SEMANAGE_[object]_RTABLE record tables out of the local case, and into 
their corresponding record files, where they should have been in the 
first place.

- SEPOL and SEMANAGE: I've dropped the status code for several functions 
which never fail:
    - port_set_port, port_set_range, port_set_proto, port_set_con
    - iface_set_ifcon, iface_set_msgcon

- SEMANAGE: various include cleanups in [object]_file.c and 
[object]_policydb.c


[-- Attachment #2: libsepol.libsemanage.records_fix.diff.bz2 --]
[-- Type: application/x-bzip, Size: 12120 bytes --]