* [PATCH] Subject: remove expand_rule function
@ 2008-07-26 8:29 Joshua Brindle
0 siblings, 0 replies; 4+ messages in thread
From: Joshua Brindle @ 2008-07-26 8:29 UTC (permalink / raw)
To: selinux; +Cc: sds
This removes the (apparently) unused expand_rule function
Signed-off-by: Joshua Brindle <method@manicmethod.com>
---
libsepol/src/expand.c | 29 -----------------------------
1 files changed, 0 insertions(+), 29 deletions(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 3194f8a..14dc4fc 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -1917,35 +1917,6 @@ int expand_convert_type_set(policydb_t * p, uint32_t * typemap,
return 0;
}
-/* Expand a rule into a given avtab - checking for conflicting type
- * rules. Return 1 on success, 0 if the rule conflicts with something
- * (and hence was not added), or -1 on error. */
-int expand_rule(sepol_handle_t * handle,
- policydb_t * source_pol,
- avrule_t * source_rule, avtab_t * dest_avtab,
- cond_av_list_t ** cond, cond_av_list_t ** other, int enabled)
-{
- int retval;
- ebitmap_t stypes, ttypes;
-
- if (source_rule->specified & AVRULE_NEVERALLOW)
- return 1;
-
- ebitmap_init(&stypes);
- ebitmap_init(&ttypes);
-
- if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1))
- return -1;
- if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1))
- return -1;
- retval = expand_rule_helper(handle, source_pol, NULL,
- source_rule, dest_avtab,
- cond, other, enabled, &stypes, &ttypes);
- ebitmap_destroy(&stypes);
- ebitmap_destroy(&ttypes);
- return retval;
-}
-
int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap)
{
unsigned int i;
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH] Subject: remove expand_rule function
@ 2008-08-12 17:59 Joshua Brindle
2008-08-14 17:49 ` Stephen Smalley
0 siblings, 1 reply; 4+ messages in thread
From: Joshua Brindle @ 2008-08-12 17:59 UTC (permalink / raw)
To: selinux; +Cc: sds
Send again with the right date and time ;)
This removes the (apparently) unused expand_rule function
Signed-off-by: Joshua Brindle <method@manicmethod.com>
---
libsepol/src/expand.c | 29 -----------------------------
1 files changed, 0 insertions(+), 29 deletions(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 3194f8a..14dc4fc 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -1917,35 +1917,6 @@ int expand_convert_type_set(policydb_t * p, uint32_t * typemap,
return 0;
}
-/* Expand a rule into a given avtab - checking for conflicting type
- * rules. Return 1 on success, 0 if the rule conflicts with something
- * (and hence was not added), or -1 on error. */
-int expand_rule(sepol_handle_t * handle,
- policydb_t * source_pol,
- avrule_t * source_rule, avtab_t * dest_avtab,
- cond_av_list_t ** cond, cond_av_list_t ** other, int enabled)
-{
- int retval;
- ebitmap_t stypes, ttypes;
-
- if (source_rule->specified & AVRULE_NEVERALLOW)
- return 1;
-
- ebitmap_init(&stypes);
- ebitmap_init(&ttypes);
-
- if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1))
- return -1;
- if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1))
- return -1;
- retval = expand_rule_helper(handle, source_pol, NULL,
- source_rule, dest_avtab,
- cond, other, enabled, &stypes, &ttypes);
- ebitmap_destroy(&stypes);
- ebitmap_destroy(&ttypes);
- return retval;
-}
-
int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap)
{
unsigned int i;
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] Subject: remove expand_rule function
2008-08-12 17:59 [PATCH] Subject: remove expand_rule function Joshua Brindle
@ 2008-08-14 17:49 ` Stephen Smalley
2008-08-14 18:36 ` Joshua Brindle
0 siblings, 1 reply; 4+ messages in thread
From: Stephen Smalley @ 2008-08-14 17:49 UTC (permalink / raw)
To: Joshua Brindle; +Cc: selinux
On Tue, 2008-08-12 at 13:59 -0400, Joshua Brindle wrote:
> Send again with the right date and time ;)
>
> This removes the (apparently) unused expand_rule function
>
> Signed-off-by: Joshua Brindle <method@manicmethod.com>
Have you checked the history to see when/why this function stopped being
used? And whether any external users like setools are using it?
> ---
>
> libsepol/src/expand.c | 29 -----------------------------
> 1 files changed, 0 insertions(+), 29 deletions(-)
>
> diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
> index 3194f8a..14dc4fc 100644
> --- a/libsepol/src/expand.c
> +++ b/libsepol/src/expand.c
> @@ -1917,35 +1917,6 @@ int expand_convert_type_set(policydb_t * p, uint32_t * typemap,
> return 0;
> }
>
> -/* Expand a rule into a given avtab - checking for conflicting type
> - * rules. Return 1 on success, 0 if the rule conflicts with something
> - * (and hence was not added), or -1 on error. */
> -int expand_rule(sepol_handle_t * handle,
> - policydb_t * source_pol,
> - avrule_t * source_rule, avtab_t * dest_avtab,
> - cond_av_list_t ** cond, cond_av_list_t ** other, int enabled)
> -{
> - int retval;
> - ebitmap_t stypes, ttypes;
> -
> - if (source_rule->specified & AVRULE_NEVERALLOW)
> - return 1;
> -
> - ebitmap_init(&stypes);
> - ebitmap_init(&ttypes);
> -
> - if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1))
> - return -1;
> - if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1))
> - return -1;
> - retval = expand_rule_helper(handle, source_pol, NULL,
> - source_rule, dest_avtab,
> - cond, other, enabled, &stypes, &ttypes);
> - ebitmap_destroy(&stypes);
> - ebitmap_destroy(&ttypes);
> - return retval;
> -}
> -
> int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap)
> {
> unsigned int i;
>
>
> --
> This message was distributed to subscribers of the selinux mailing list.
> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] Subject: remove expand_rule function
2008-08-14 17:49 ` Stephen Smalley
@ 2008-08-14 18:36 ` Joshua Brindle
0 siblings, 0 replies; 4+ messages in thread
From: Joshua Brindle @ 2008-08-14 18:36 UTC (permalink / raw)
To: Stephen Smalley; +Cc: selinux
Stephen Smalley wrote:
> On Tue, 2008-08-12 at 13:59 -0400, Joshua Brindle wrote:
>> Send again with the right date and time ;)
>>
>> This removes the (apparently) unused expand_rule function
>>
>> Signed-off-by: Joshua Brindle <method@manicmethod.com>
>
> Have you checked the history to see when/why this function stopped being
> used? And whether any external users like setools are using it?
>
it looks like it came in with the original expand patch and wasn't even in use then. SETools also does not use it.
>> ---
>>
>> libsepol/src/expand.c | 29 -----------------------------
>> 1 files changed, 0 insertions(+), 29 deletions(-)
>>
>> diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
>> index 3194f8a..14dc4fc 100644
>> --- a/libsepol/src/expand.c
>> +++ b/libsepol/src/expand.c
>> @@ -1917,35 +1917,6 @@ int expand_convert_type_set(policydb_t * p, uint32_t * typemap,
>> return 0;
>> }
>>
>> -/* Expand a rule into a given avtab - checking for conflicting type
>> - * rules. Return 1 on success, 0 if the rule conflicts with something
>> - * (and hence was not added), or -1 on error. */
>> -int expand_rule(sepol_handle_t * handle,
>> - policydb_t * source_pol,
>> - avrule_t * source_rule, avtab_t * dest_avtab,
>> - cond_av_list_t ** cond, cond_av_list_t ** other, int enabled)
>> -{
>> - int retval;
>> - ebitmap_t stypes, ttypes;
>> -
>> - if (source_rule->specified & AVRULE_NEVERALLOW)
>> - return 1;
>> -
>> - ebitmap_init(&stypes);
>> - ebitmap_init(&ttypes);
>> -
>> - if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1))
>> - return -1;
>> - if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1))
>> - return -1;
>> - retval = expand_rule_helper(handle, source_pol, NULL,
>> - source_rule, dest_avtab,
>> - cond, other, enabled, &stypes, &ttypes);
>> - ebitmap_destroy(&stypes);
>> - ebitmap_destroy(&ttypes);
>> - return retval;
>> -}
>> -
>> int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap)
>> {
>> unsigned int i;
>>
>>
>> --
>> This message was distributed to subscribers of the selinux mailing list.
>> If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
>> the words "unsubscribe selinux" without quotes as the message.
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2008-08-14 18:36 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-08-12 17:59 [PATCH] Subject: remove expand_rule function Joshua Brindle
2008-08-14 17:49 ` Stephen Smalley
2008-08-14 18:36 ` Joshua Brindle
-- strict thread matches above, loose matches on Subject: below --
2008-07-26 8:29 Joshua Brindle
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.