All of lore.kernel.org
 help / color / mirror / Atom feed
* [refpolicy] [PATCH 0/4 v2] Create non_auth_file_type attribute and some eliminate set expressions
@ 2012-04-25 14:25 James Carter
  2012-05-04 13:15 ` Christopher J. PeBenito
  0 siblings, 1 reply; 2+ messages in thread
From: James Carter @ 2012-04-25 14:25 UTC (permalink / raw)
  To: refpolicy

This patch set reduces the binary policy size on my system from 4.7M to
2.1M with sediff showing no changes other than the addition of the new
attribute. This patch set also makes Refpolicy easier to convert to CIL.

It does this by eliminating some set expressions related to file
accesses. A new type attribute called non_auth_file_type is created
along with interfaces to allow access to files with this attribute.
These alternative interfaces can be used instead of the
*_except_auth_files interfaces which use a set expression that expands
into a large number of rules.

In this version of the patch set:
- White space errors have been corrected (I think)
- The new interfaces in files.if have been put together and placed
before the configuration file interfaces.
- Renamed the files_read_non_auth_dirs to be files_list_non_auth_dirs.
- Changed the authlogin.if interfaces to use the new interfaces and
deprecated them.

-- 
James Carter <jwcart2@tycho.nsa.gov>
National Security Agency

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-05-04 13:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-04-25 14:25 [refpolicy] [PATCH 0/4 v2] Create non_auth_file_type attribute and some eliminate set expressions James Carter
2012-05-04 13:15 ` Christopher J. PeBenito

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.