This patch set adds support for tracking original file and line numbers for better error reporting when a high-level language is translated into CIL. It then uses that support to provide better error reporting for neverallow rules after generating CIL with checkpolicy or checkmodule. (Unfortunately, the original line number information is not saved in the pp file, so there is no benefit for policy modules.) James Carter (6): libsepol/cil: Add high-level language line marking support libsepol/cil: Store CIL filename in parse tree and AST libsepol/cil: Add cil_tree_log() and supporting functions libsepol/cil: Replace cil_log() calls with cil_tree_log() libsepol/cil: Remove path field from cil_tree_node struct libsepol: When generating CIL use HLL line mark for neverallows libsepol/cil/src/cil.c | 22 ++- libsepol/cil/src/cil_binary.c | 45 +++--- libsepol/cil/src/cil_build_ast.c | 294 +++++++++++++++---------------------- libsepol/cil/src/cil_build_ast.h | 2 + libsepol/cil/src/cil_copy_ast.c | 24 ++- libsepol/cil/src/cil_flavor.h | 1 + libsepol/cil/src/cil_fqn.c | 2 +- libsepol/cil/src/cil_internal.h | 9 ++ libsepol/cil/src/cil_lexer.h | 6 +- libsepol/cil/src/cil_lexer.l | 14 +- libsepol/cil/src/cil_parser.c | 245 ++++++++++++++++++++++++++----- libsepol/cil/src/cil_resolve_ast.c | 51 +++---- libsepol/cil/src/cil_tree.c | 86 ++++++++++- libsepol/cil/src/cil_tree.h | 6 +- libsepol/cil/src/cil_verify.c | 83 +++++------ libsepol/src/module_to_cil.c | 8 + 16 files changed, 568 insertions(+), 330 deletions(-) -- 2.5.5 _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
