mirror of
https://github.com/topjohnwu/selinux.git
synced 2024-12-05 01:56:27 +00:00
f9927d9370
The removal of attributes that are only used in neverallow rules is hindering AOSP adoption of the CIL compiler. This is because AOSP extracts neverallow rules from its policy.conf for use in the Android compatibility test suite. These neverallow rules are applied against the binary policy being tested to check for a violation. Any neverallow rules with an attribute that has been removed cannot be checked. Now attributes are kept unless they are not used in any allow rule and they are auto-generated or named "cil_gen_require" or do not have any types associated with them. Signed-off-by: James Carter <jwcart2@tycho.nsa.gov> |
||
---|---|---|
.. | ||
include/cil | ||
src | ||
test | ||
.gitignore |