Initial commit of 2.0 libsepol.

Package-Manager: portage-2.2_rc11/cvs/Linux 2.6.24-gentoo-r3 x86_64

1 files changed, 39 insertions, 0 deletions

diff --git a/sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff b/sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff
new file mode 100644
index 000000000000..a9e1b77d1b19
--- /dev/null
+++ b/sys-libs/libsepol/files/libsepol-2.0.32-expand_rule.diff
@@ -0,0 +1,39 @@
+diff -purN libsepol-2.0.32.orig/src/expand.c libsepol-2.0.32/src/expand.c
+--- libsepol-2.0.32.orig/src/expand.c	2008-08-26 09:40:22.000000000 -0400
++++ libsepol-2.0.32/src/expand.c	2008-09-19 19:36:39.918510539 -0400
+@@ -1917,6 +1917,35 @@ int expand_convert_type_set(policydb_t *
+ 	return 0;
+ }
+ 
++/* Expand a rule into a given avtab - checking for conflicting type
++ * rules.  Return 1 on success, 0 if the rule conflicts with something
++ * (and hence was not added), or -1 on error. */
++int expand_rule(sepol_handle_t * handle,
++		policydb_t * source_pol,
++		avrule_t * source_rule, avtab_t * dest_avtab,
++		cond_av_list_t ** cond, cond_av_list_t ** other, int enabled)
++{
++	int retval;
++	ebitmap_t stypes, ttypes;
++
++	if (source_rule->specified & AVRULE_NEVERALLOW)
++		return 1;
++
++	ebitmap_init(&stypes);
++	ebitmap_init(&ttypes);
++
++	if (type_set_expand(&source_rule->stypes, &stypes, source_pol, 1))
++		return -1;
++	if (type_set_expand(&source_rule->ttypes, &ttypes, source_pol, 1))
++		return -1;
++	retval = expand_rule_helper(handle, source_pol, NULL,
++				    source_rule, dest_avtab,
++				    cond, other, enabled, &stypes, &ttypes);
++	ebitmap_destroy(&stypes);
++	ebitmap_destroy(&ttypes);
++	return retval;
++}
++
+ int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * p, uint32_t * rolemap)
+ {
+ 	unsigned int i;