On Tue, May 5, 2020 at 3:03 PM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Currently sepolgen-ifgen parses a gen_tunable statement as interface
> and reports:
>
> Missing interface definition for gen_tunable
>
> Add grammar for gen_tunable statements in the refparser
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
This looks correct to me but I don't see that warning/error when
running sepolgen-ifgen without this patch.
Is this reproducible?
> ---
> python/sepolgen/src/sepolgen/refparser.py | 14 ++++++++++++++
> 1 file changed, 14 insertions(+)
>
> diff --git a/python/sepolgen/src/sepolgen/refparser.py b/python/sepolgen/src/sepolgen/refparser.py
> index 2e521a0f..be7e7890 100644
> --- a/python/sepolgen/src/sepolgen/refparser.py
> +++ b/python/sepolgen/src/sepolgen/refparser.py
> @@ -126,6 +126,7 @@ tokens = (
> 'GEN_REQ',
> 'TEMPLATE',
> 'GEN_CONTEXT',
> + 'GEN_TUNABLE',
> # m4
> 'IFELSE',
> 'IFDEF',
> @@ -192,6 +193,7 @@ reserved = {
> 'gen_require' : 'GEN_REQ',
> 'template' : 'TEMPLATE',
> 'gen_context' : 'GEN_CONTEXT',
> + 'gen_tunable' : 'GEN_TUNABLE',
> # M4
> 'ifelse' : 'IFELSE',
> 'ifndef' : 'IFNDEF',
> @@ -518,6 +520,7 @@ def p_policy_stmt(p):
> | range_transition_def
> | role_transition_def
> | bool
> + | gen_tunable
> | define
> | initial_sid
> | genfscon
> @@ -844,6 +847,17 @@ def p_bool(p):
> b.state = False
> p[0] = b
>
> +def p_gen_tunable(p):
> + '''gen_tunable : GEN_TUNABLE OPAREN IDENTIFIER COMMA TRUE CPAREN
> + | GEN_TUNABLE OPAREN IDENTIFIER COMMA FALSE CPAREN'''
> + b = refpolicy.Bool()
> + b.name = p[3]
> + if p[5] == "true":
> + b.state = True
> + else:
> + b.state = False
> + p[0] = b
> +
> def p_conditional(p):
> ''' conditional : IF OPAREN cond_expr CPAREN OBRACE interface_stmts CBRACE
> | IF OPAREN cond_expr CPAREN OBRACE interface_stmts CBRACE ELSE OBRACE interface_stmts CBRACE
> --
> 2.26.2
>
