File: module1.conf

package info (click to toggle)
android-platform-external-libselinux 10.0.0%2Br36-1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm, bullseye
  • size: 34,176 kB
  • sloc: ansic: 147,112; python: 25,790; makefile: 1,930; yacc: 1,389; sh: 1,206; lex: 452; xml: 180
file content (145 lines) | stat: -rw-r--r-- 2,941 bytes parent folder | download | duplicates (11) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
 
module linker_test_1 1.0;

require { 
	class file { read write };
	class lnk_file append;
	role g_b_role_2;
	attribute g_b_attr_3;
	attribute g_b_attr_5;
	attribute o4_b_attr_1;
	type g_b_type_3;
}

type tag_g_m1;

#test for type in module and attr in module, added to in module
attribute g_m1_attr_1;
type g_m1_type_1, g_m1_attr_1;
type g_m1_type_2;
typeattribute g_m1_type_2 g_m1_attr_1;

#add role in module test
role g_m1_role_1;
role g_m1_role_1 types g_m1_type_1;

# test for attr declared in base, added to in module
type g_m1_type_3;
typeattribute g_m1_type_3 g_b_attr_3;

# test for attr declared in base, added to in 2 modules
type g_m1_type_4;
typeattribute g_m1_type_4 g_b_attr_5;

# test for attr declared in base optional, added to in module
type g_m1_type_5;
typeattribute g_m1_type_5 o4_b_attr_1;

# test for attr declared in module, added to in base optional
attribute g_m1_attr_2;

#add type to base role test
role g_b_role_2 types g_m1_type_1;
role g_b_role_3;
role g_b_role_3 types g_m1_type_2;

#add type to base optional role test
role o1_b_role_2;
role o1_b_role_2 types g_m1_type_1;

#optional base role w/ adds in 2 modules
role o4_b_role_1;
role o4_b_role_1 types g_m1_type_2;

# attr a added to in base optional, declared/added to in module, added to in other module
attribute g_m1_attr_3;
type g_m1_type_6, g_m1_attr_3;

# attr a added to in base optional, declared/added in module , added to in other module optional
attribute g_m1_attr_4;
type g_m1_type_7, g_m1_attr_4;

# alias tests
typealias g_b_type_3 alias g_m_alias_1;

# single boolean in module
bool g_m1_bool_1 true;
if (g_m1_bool_1) {
	allow g_m1_type_1 g_m1_type_2 : lnk_file append;
}


optional {
	require {
		type optional_type;
		attribute g_b_attr_4;
		attribute o1_b_attr_2;
		class lnk_file { ioctl };
	}

	type tag_o1_m1;

	attribute o1_m1_attr_1;
	type o1_m1_type_2, o1_m1_attr_1;
	
	type o1_m1_type_1;
	role o1_m1_role_1;
	role o1_m1_role_1 types o1_m1_type_1;

	type o1_m1_type_3;
	typeattribute o1_m1_type_3 g_b_attr_4;

	type o1_m1_type_5;
	typeattribute o1_m1_type_5 o1_b_attr_2;	

	bool o1_m1_bool_1 false;
	if (o1_m1_bool_1) {
		allow o1_m1_type_2 o1_m1_type_1 : lnk_file ioctl;
	}
	
}

optional {
	require {
		type optional_type;
		#role g_b_role_4; // This causes a bug where the role scope doesn't get copied into base
	}
	
	type tag_o2_m1;

	role g_b_role_4;
	role g_b_role_4 types g_m1_type_2;
}

optional {
	require {
		attribute g_b_attr_6;
	}

	type tag_o3_m1;

	type o3_m1_type_1;	
	role o3_b_role_1;
        role o3_b_role_1 types o3_m1_type_1;

	type o3_m1_type_2, g_b_attr_6;

	attribute o3_m1_attr_1;	

	# attr a added to in base optional, declared/added in module optional, added to in other module
	attribute o3_m1_attr_2;
	type o3_m1_type_3, o3_m1_attr_2;

}

optional {
	require {
		type enable_optional;
	}
	type tag_o4_m1;

	attribute o4_m1_attr_1;
	type o4_m1_type_1;
	typeattribute o4_m1_type_1 o4_m1_attr_1;


}