Currently, a declaration and requirment of the same identifier is different
depending on whether it is declared first or required first.
Nicolas Iooss reported that a require followed by a declaration is accepted,
but a duplicate declaration error is given if the declaration comes first.
This code works:
optional {
require {
type TYPE1;
}
}
optional {
require {
attribute ATTR;
}
type TYPE1, ATTR;
}
But this does not:
optional {
require {
attribute ATTR;
}
type TYPE1, ATTR;
}
optional {
require {
type TYPE1;
}
}
Handle the case of a declaration followed by a requirement the same as
a requirement followed by a declaration.
James Carter (2):
libsepol: Return +1 when declaration is followed by a require
checkpolicy: Remove uneeded return check in require_symbol()
checkpolicy/module_compiler.c | 20 ++++++--------------
libsepol/src/policydb.c | 3 ---
2 files changed, 6 insertions(+), 17 deletions(-)
--
2.7.4
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
