Patchset adds CIL ioctl whitelist support and documentation, as well as fixes memory leak discovered while examining existing ioctl support. Steve Lawrence (3): libsepol: fix memory leak when destroying avtab containing extended avrules libsepol/cil: add ioctl whitelist support secilc: Add documentation for allowx, auditallowx, dontauditx, and permissionx libsepol/cil/src/cil.c | 63 +++- libsepol/cil/src/cil_binary.c | 360 ++++++++++++++++++++- libsepol/cil/src/cil_build_ast.c | 175 ++++++++++ libsepol/cil/src/cil_build_ast.h | 4 + libsepol/cil/src/cil_copy_ast.c | 59 ++++ libsepol/cil/src/cil_flavor.h | 2 + libsepol/cil/src/cil_internal.h | 28 ++ libsepol/cil/src/cil_post.c | 144 ++++++++- libsepol/cil/src/cil_resolve_ast.c | 79 +++++ libsepol/cil/src/cil_verify.c | 4 +- libsepol/src/avtab.c | 4 + secilc/docs/cil_access_vector_rules.xml | 172 ++++++++++ .../docs/cil_class_and_permission_statements.xml | 95 ++++++ secilc/docs/cil_container_statements.xml | 23 +- 14 files changed, 1186 insertions(+), 26 deletions(-) -- 2.4.3 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
