* [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration
@ 2021-06-24 19:58 James Carter
2021-06-24 19:58 ` [PATCH 2/2] libsepol/cil: Only reset AST if optional " James Carter
2021-06-26 12:33 ` [PATCH 1/2] libsepol/cil: Add function to determine if a subtree " Nicolas Iooss
0 siblings, 2 replies; 4+ messages in thread
From: James Carter @ 2021-06-24 19:58 UTC (permalink / raw)
To: selinux; +Cc: James Carter
Create the function cil_tree_subtree_has_decl() that returns CIL_TRUE
if the subtree has a declaration in it and CIL_FALSE otherwise.
Signed-off-by: James Carter <jwcart2@gmail.com>
---
libsepol/cil/src/cil_tree.c | 16 ++++++++++++++++
libsepol/cil/src/cil_tree.h | 2 ++
2 files changed, 18 insertions(+)
diff --git a/libsepol/cil/src/cil_tree.c b/libsepol/cil/src/cil_tree.c
index 067268eb..4cf8dcc8 100644
--- a/libsepol/cil/src/cil_tree.c
+++ b/libsepol/cil/src/cil_tree.c
@@ -136,6 +136,22 @@ __attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *n
cil_log(lvl,"\n");
}
+int cil_tree_subtree_has_decl(struct cil_tree_node *node)
+{
+ while (node) {
+ if (node->flavor >= CIL_MIN_DECLARATIVE) {
+ return CIL_TRUE;
+ }
+ if (node->cl_head != NULL) {
+ if (cil_tree_subtree_has_decl(node->cl_head))
+ return CIL_TRUE;
+ }
+ node = node->next;
+ }
+
+ return CIL_FALSE;
+}
+
int cil_tree_init(struct cil_tree **tree)
{
struct cil_tree *new_tree = cil_malloc(sizeof(*new_tree));
diff --git a/libsepol/cil/src/cil_tree.h b/libsepol/cil/src/cil_tree.h
index bac9f1e4..f4d22071 100644
--- a/libsepol/cil/src/cil_tree.h
+++ b/libsepol/cil/src/cil_tree.h
@@ -54,6 +54,8 @@ struct cil_tree_node *cil_tree_get_next_path(struct cil_tree_node *node, char **
char *cil_tree_get_cil_path(struct cil_tree_node *node);
__attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *node, enum cil_log_level lvl, const char* msg, ...);
+int cil_tree_subtree_has_decl(struct cil_tree_node *node);
+
int cil_tree_init(struct cil_tree **tree);
void cil_tree_destroy(struct cil_tree **tree);
void cil_tree_subtree_destroy(struct cil_tree_node *node);
--
2.26.3
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] libsepol/cil: Only reset AST if optional has a declaration
2021-06-24 19:58 [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration James Carter
@ 2021-06-24 19:58 ` James Carter
2021-06-26 12:33 ` [PATCH 1/2] libsepol/cil: Add function to determine if a subtree " Nicolas Iooss
1 sibling, 0 replies; 4+ messages in thread
From: James Carter @ 2021-06-24 19:58 UTC (permalink / raw)
To: selinux; +Cc: James Carter
When disabling optionals, the AST needs to be reset only if one
of the optional blocks being disabled contains a declaration.
Call the function cil_tree_subtree_has_decl() for each optional
block being disabled and only reset the AST if one of them has
a declaration in it.
Signed-off-by: James Carter <jwcart2@gmail.com>
---
libsepol/cil/src/cil_resolve_ast.c | 58 +++++++++++++++++-------------
1 file changed, 34 insertions(+), 24 deletions(-)
diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
index 5245cc15..0ea5b169 100644
--- a/libsepol/cil/src/cil_resolve_ast.c
+++ b/libsepol/cil/src/cil_resolve_ast.c
@@ -4230,33 +4230,43 @@ int cil_resolve_ast(struct cil_db *db, struct cil_tree_node *current)
if (changed) {
struct cil_list_item *item;
if (pass > CIL_PASS_CALL1) {
- /* Need to re-resolve because an optional was disabled that contained
- * one or more declarations. We only need to reset to the call1 pass
- * because things done in the preceding passes aren't allowed in
- * optionals, and thus can't be disabled.
- * Note: set pass to CIL_PASS_CALL1 because the pass++ will increment
- * it to CIL_PASS_CALL2
- */
- cil_log(CIL_INFO, "Resetting declarations\n");
-
- if (pass >= CIL_PASS_MISC1) {
- __cil_ordered_lists_reset(&extra_args.sidorder_lists);
- __cil_ordered_lists_reset(&extra_args.classorder_lists);
- __cil_ordered_lists_reset(&extra_args.unordered_classorder_lists);
- __cil_ordered_lists_reset(&extra_args.catorder_lists);
- __cil_ordered_lists_reset(&extra_args.sensitivityorder_lists);
- cil_list_destroy(&db->sidorder, CIL_FALSE);
- cil_list_destroy(&db->classorder, CIL_FALSE);
- cil_list_destroy(&db->catorder, CIL_FALSE);
- cil_list_destroy(&db->sensitivityorder, CIL_FALSE);
+ int has_decls = CIL_FALSE;
+
+ cil_list_for_each(item, extra_args.to_destroy) {
+ has_decls = cil_tree_subtree_has_decl(item->data);
+ if (has_decls) {
+ break;
+ }
}
- pass = CIL_PASS_CALL1;
+ if (has_decls) {
+ /* Need to re-resolve because an optional was disabled that
+ * contained one or more declarations.
+ * Everything that needs to be reset comes after the
+ * CIL_PASS_CALL2 pass. We set pass to CIL_PASS_CALL1 because
+ * the pass++ will increment it to CIL_PASS_CALL2
+ */
+ cil_log(CIL_INFO, "Resetting declarations\n");
+
+ if (pass >= CIL_PASS_MISC1) {
+ __cil_ordered_lists_reset(&extra_args.sidorder_lists);
+ __cil_ordered_lists_reset(&extra_args.classorder_lists);
+ __cil_ordered_lists_reset(&extra_args.unordered_classorder_lists);
+ __cil_ordered_lists_reset(&extra_args.catorder_lists);
+ __cil_ordered_lists_reset(&extra_args.sensitivityorder_lists);
+ cil_list_destroy(&db->sidorder, CIL_FALSE);
+ cil_list_destroy(&db->classorder, CIL_FALSE);
+ cil_list_destroy(&db->catorder, CIL_FALSE);
+ cil_list_destroy(&db->sensitivityorder, CIL_FALSE);
+ }
- rc = cil_reset_ast(current);
- if (rc != SEPOL_OK) {
- cil_log(CIL_ERR, "Failed to reset declarations\n");
- goto exit;
+ pass = CIL_PASS_CALL1;
+
+ rc = cil_reset_ast(current);
+ if (rc != SEPOL_OK) {
+ cil_log(CIL_ERR, "Failed to reset declarations\n");
+ goto exit;
+ }
}
}
cil_list_for_each(item, extra_args.to_destroy) {
--
2.26.3
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration
2021-06-24 19:58 [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration James Carter
2021-06-24 19:58 ` [PATCH 2/2] libsepol/cil: Only reset AST if optional " James Carter
@ 2021-06-26 12:33 ` Nicolas Iooss
2021-06-30 19:45 ` Nicolas Iooss
1 sibling, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2021-06-26 12:33 UTC (permalink / raw)
To: James Carter; +Cc: SElinux list
On Thu, Jun 24, 2021 at 9:58 PM James Carter <jwcart2@gmail.com> wrote:
>
> Create the function cil_tree_subtree_has_decl() that returns CIL_TRUE
> if the subtree has a declaration in it and CIL_FALSE otherwise.
>
> Signed-off-by: James Carter <jwcart2@gmail.com>
For these 2 patches:
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Thanks!
> ---
> libsepol/cil/src/cil_tree.c | 16 ++++++++++++++++
> libsepol/cil/src/cil_tree.h | 2 ++
> 2 files changed, 18 insertions(+)
>
> diff --git a/libsepol/cil/src/cil_tree.c b/libsepol/cil/src/cil_tree.c
> index 067268eb..4cf8dcc8 100644
> --- a/libsepol/cil/src/cil_tree.c
> +++ b/libsepol/cil/src/cil_tree.c
> @@ -136,6 +136,22 @@ __attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *n
> cil_log(lvl,"\n");
> }
>
> +int cil_tree_subtree_has_decl(struct cil_tree_node *node)
> +{
> + while (node) {
> + if (node->flavor >= CIL_MIN_DECLARATIVE) {
> + return CIL_TRUE;
> + }
> + if (node->cl_head != NULL) {
> + if (cil_tree_subtree_has_decl(node->cl_head))
> + return CIL_TRUE;
> + }
> + node = node->next;
> + }
> +
> + return CIL_FALSE;
> +}
> +
> int cil_tree_init(struct cil_tree **tree)
> {
> struct cil_tree *new_tree = cil_malloc(sizeof(*new_tree));
> diff --git a/libsepol/cil/src/cil_tree.h b/libsepol/cil/src/cil_tree.h
> index bac9f1e4..f4d22071 100644
> --- a/libsepol/cil/src/cil_tree.h
> +++ b/libsepol/cil/src/cil_tree.h
> @@ -54,6 +54,8 @@ struct cil_tree_node *cil_tree_get_next_path(struct cil_tree_node *node, char **
> char *cil_tree_get_cil_path(struct cil_tree_node *node);
> __attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *node, enum cil_log_level lvl, const char* msg, ...);
>
> +int cil_tree_subtree_has_decl(struct cil_tree_node *node);
> +
> int cil_tree_init(struct cil_tree **tree);
> void cil_tree_destroy(struct cil_tree **tree);
> void cil_tree_subtree_destroy(struct cil_tree_node *node);
> --
> 2.26.3
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration
2021-06-26 12:33 ` [PATCH 1/2] libsepol/cil: Add function to determine if a subtree " Nicolas Iooss
@ 2021-06-30 19:45 ` Nicolas Iooss
0 siblings, 0 replies; 4+ messages in thread
From: Nicolas Iooss @ 2021-06-30 19:45 UTC (permalink / raw)
To: James Carter; +Cc: SElinux list
On Sat, Jun 26, 2021 at 2:33 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>
> On Thu, Jun 24, 2021 at 9:58 PM James Carter <jwcart2@gmail.com> wrote:
> >
> > Create the function cil_tree_subtree_has_decl() that returns CIL_TRUE
> > if the subtree has a declaration in it and CIL_FALSE otherwise.
> >
> > Signed-off-by: James Carter <jwcart2@gmail.com>
>
> For these 2 patches:
>
> Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
I applied them.
Thanks!
Nicolas
> > ---
> > libsepol/cil/src/cil_tree.c | 16 ++++++++++++++++
> > libsepol/cil/src/cil_tree.h | 2 ++
> > 2 files changed, 18 insertions(+)
> >
> > diff --git a/libsepol/cil/src/cil_tree.c b/libsepol/cil/src/cil_tree.c
> > index 067268eb..4cf8dcc8 100644
> > --- a/libsepol/cil/src/cil_tree.c
> > +++ b/libsepol/cil/src/cil_tree.c
> > @@ -136,6 +136,22 @@ __attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *n
> > cil_log(lvl,"\n");
> > }
> >
> > +int cil_tree_subtree_has_decl(struct cil_tree_node *node)
> > +{
> > + while (node) {
> > + if (node->flavor >= CIL_MIN_DECLARATIVE) {
> > + return CIL_TRUE;
> > + }
> > + if (node->cl_head != NULL) {
> > + if (cil_tree_subtree_has_decl(node->cl_head))
> > + return CIL_TRUE;
> > + }
> > + node = node->next;
> > + }
> > +
> > + return CIL_FALSE;
> > +}
> > +
> > int cil_tree_init(struct cil_tree **tree)
> > {
> > struct cil_tree *new_tree = cil_malloc(sizeof(*new_tree));
> > diff --git a/libsepol/cil/src/cil_tree.h b/libsepol/cil/src/cil_tree.h
> > index bac9f1e4..f4d22071 100644
> > --- a/libsepol/cil/src/cil_tree.h
> > +++ b/libsepol/cil/src/cil_tree.h
> > @@ -54,6 +54,8 @@ struct cil_tree_node *cil_tree_get_next_path(struct cil_tree_node *node, char **
> > char *cil_tree_get_cil_path(struct cil_tree_node *node);
> > __attribute__((format (printf, 3, 4))) void cil_tree_log(struct cil_tree_node *node, enum cil_log_level lvl, const char* msg, ...);
> >
> > +int cil_tree_subtree_has_decl(struct cil_tree_node *node);
> > +
> > int cil_tree_init(struct cil_tree **tree);
> > void cil_tree_destroy(struct cil_tree **tree);
> > void cil_tree_subtree_destroy(struct cil_tree_node *node);
> > --
> > 2.26.3
> >
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-06-30 19:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-24 19:58 [PATCH 1/2] libsepol/cil: Add function to determine if a subtree has a declaration James Carter
2021-06-24 19:58 ` [PATCH 2/2] libsepol/cil: Only reset AST if optional " James Carter
2021-06-26 12:33 ` [PATCH 1/2] libsepol/cil: Add function to determine if a subtree " Nicolas Iooss
2021-06-30 19:45 ` Nicolas Iooss
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.