On Sep 29, 2015 12:12 PM, "Joshua Brindle" <brindle@xxxxxxxxxxxxxxxxx> wrote:
>
> William Roberts wrote:
>>
>> Out of curiosity, whats the purpose of the types field in the struct
>> type_datum? This seems to never have anything in it.
>>
>
> type_datum is used for both types and attributes (as designated by the flavor field). In the attribute case the types field is the ebitmap of types have have this attribute.
What about if its a type, is it an ebitmap of attrs?
It is set in checkpolicy, look at policy_define.c:define_typeattribute().
>
>
>
>> Also, conditional.h has a field called bool, this would seem to conflict
>> with stdbool.h, whats the consensus on renaming this to boolean perhaps?
>>
>
> probably...
>
>
>>
>> On Thu, Sep 24, 2015 at 6:58 AM, Joshua Brindle<brindle@xxxxxxxxxxxxxxxxx>
>> wrote:
>>
>>> Stephen Smalley wrote:
>>>
>>>> On 09/24/2015 08:43 AM, James Carter wrote:
>>>>
>>>>> On 09/23/2015 06:39 PM, Roberts, William C wrote:
>>>>>
>>>>>> How would one find all the attributes of a type with libsepol, can
>>>>>> someone point me to any relevant structures or functions?
>>>>>>
>>>>>> The policydb_t structure has type_attr_map field which maps types to an
>>>>>
>>>>> ebitmap of attributes.
>>>>>
>>>> It also has the reverse map (attr_type_map) if you want that.
>>>>
>>>> In Android, external/sepolicy/tools/sepolicy-analyze has examples of
>>>> using both maps.
>>>>
>>>>
>>> seinfo also knows how to do it, if you need more examples:
>>>
>>> $ seinfo -x -tuntrusted_app sepolicy
>>> untrusted_app
>>> bluetoothdomain
>>> netdomain
>>> appdomain
>>> domain
>>>
>>> _______________________________________________
>>> Selinux mailing list
>>> Selinux@xxxxxxxxxxxxx
>>> To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
>>> To get help, send an email containing "help" to
>>> Selinux-request@xxxxxxxxxxxxx.
>>>
>>
>>
>>
>
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
