On Wed, May 13, 2020 at 10:46 AM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> Commit 692716fc5fd5 ("libsepol/cil: raise default attrs_expand_size to 2") was
> reverted and attributes with one type are not expanded anymore.
>
> Fixes:
> ./secilc test/policy.cil
> ./secilc -c 32 -O -M 1 -f /dev/null -o opt-actual.bin test/opt-input.cil
> checkpolicy -b -C -M -o opt-actual.cil opt-actual.bin >/dev/null
> diff test/opt-expected.cil opt-actual.cil
> 11a12
> > (typeattribute at01)
> 21a23
> > (typeattributeset at01 (tp01))
> 25c27,28
> < (allow tp01 self (cl01 (p01a p01b p11a p11b)))
> ---
> > (allow tp01 at01 (cl01 (p11b)))
> > (allow tp01 self (cl01 (p01a p01b p11a)))
>
> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> secilc/test/opt-expected.cil | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/secilc/test/opt-expected.cil b/secilc/test/opt-expected.cil
> index 73ac9045f23e..14033f9be4dd 100644
> --- a/secilc/test/opt-expected.cil
> +++ b/secilc/test/opt-expected.cil
> @@ -9,6 +9,7 @@
> (category c01)
> (categoryorder (c01))
> (sensitivitycategory s01 (c01))
> +(typeattribute at01)
> (typeattribute at02)
> (boolean b01 false)
> (type tp01)
> @@ -19,10 +20,12 @@
> (type tpr3)
> (type tpr4)
> (type tpr5)
> +(typeattributeset at01 (tp01))
> (typeattributeset at02 (tp01 tp02))
> (allow at02 tpr1 (cl01 (p01a p01b p11a)))
> (allow at02 tpr3 (cl01 (p01a p01b p11a)))
> -(allow tp01 self (cl01 (p01a p01b p11a p11b)))
> +(allow tp01 at01 (cl01 (p11b)))
> +(allow tp01 self (cl01 (p01a p01b p11a)))
> (allow tp01 tpr1 (cl01 (p11b)))
> (dontaudit at02 tpr2 (cl01 (p01a p01b p11a)))
> (dontaudit at02 tpr4 (cl01 (p01a p01b p11a)))
> --
> 2.26.2
>
