Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
libsepol: drop broken warning on duplicate filename transitions
As per the issue below, libsepol segfaults on loading old kernel policies that contain duplicate filename transition rules. The segfault is due to the fact that the val_to_name arrays have not yet been populated at this point in the policydb_read() processing. Since this warning apparently never worked since it was first introduced, drop it and just silently discard the duplicate like the kernel does. I was not able to produce a policy with such duplicates using the current policy toolchain, either via CIL or via binary modules with manual semodule_link/expand. Fixes: SELinuxProject/selinux#239 Fixes: 8fdb225 ("libsepol,checkpolicy: convert rangetrans and filenametrans to hashtabs") Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com> Acked-by: Ondrej Mosnacek <omosnace@redhat.com>
- Loading branch information