909 lines
31 KiB
Text
909 lines
31 KiB
Text
* Pre-expands the role and user caches in CIL, by Gary Tierney.
|
|
2.6-rc1 2016-09-30
|
|
* Remove Android.mk files and only keep them in Android tree, from Bowgo Tsai.
|
|
* Check for too many permissions in classes and commons in CIL, from James Carter.
|
|
* Fix xperm mapping between avrule and avtab, from Jeff Vander Stoep.
|
|
* tests: Fix mispelling of optimization option, from Nicolas Iooss.
|
|
* Fix unused/uninitialized variables on mac build, from William Roberts.
|
|
* Produce more meaningful error messages for conflicting type rules in CIL, from Guido Trentalancia.
|
|
* make "make test" fail when a CUnit test fails, from Nicolas Iooss.
|
|
* tests: fix g_b_role_2 test, from Nicolas Iooss.
|
|
* Change which attributes CIL keeps in the binary policy, from James Carter.
|
|
* Port str_read() from kernel and remove multiple occurances of similar code, from William Roberts.
|
|
* Use calloc instead of malloc for all the *_to_val_structs, from William Roberts.
|
|
* Fix bugs found by AFL, from William Roberts.
|
|
* Fix memory leak in expand.c, from William Roberts.
|
|
* Fix invalid read when policy file is corrupt, from William Roberts.
|
|
* Fix possible use of uninitialized variables, from William Roberts.
|
|
* Warn instead of fail if permission is not resolved, from James Carter.
|
|
* Ignore object_r when adding userrole mappings to policydb, from Steve Lawrence.
|
|
* Add missing return to sepol_node_query(), from Petr Lautrbach.
|
|
* Add missing <stdarg.h> include, from Thomas Petazzoni.
|
|
* Correctly detect unknown classes in sepol_string_to_security_class, from Joshua Brindle.
|
|
* Sort object files for deterministic linking order, from Laurent Bigonville.
|
|
* Fix neverallowxperm checking on attributes, from Jeff Vander Stoep.
|
|
* Remove libsepol.map when cleaning, from Nicolas Iooss.
|
|
* Add high-level language line marking support to CIL, from James Carter.
|
|
* Change logic of bounds checking to match change in kernel, from James Carter.
|
|
* Fix multiple spelling errors, from Laurent Bigonville.
|
|
* Only apply bounds checking to source types in rules, from Stephen Smalley.
|
|
* Fix CIL and not add an attribute as a type in the attr_type_map, from James Carter
|
|
* Build policy on systems not supporting DCCP protocol, from Richard Haines.
|
|
* Fix extended permissions neverallow checking, from Jeff Vander Stoep.
|
|
* Fix CIL neverallow and bounds checking, from James Carter
|
|
* Android.mk: Add -D_GNU_SOURCE to common_cflags, from Nick Kralevich.
|
|
* Add support for portcon dccp protocol, from Richard Haines
|
|
* Fix bug in CIL when resetting classes, from Steve Lawrence
|
|
|
|
2.5 2016-02-23
|
|
* Fix unused variable annotations, from Nicolas Iooss.
|
|
* Fix uninitialized variable in CIL, from Nicolas Iooss.
|
|
* Validate extended avrules and permissionxs in CIL, from Steve Lawrence.
|
|
* Add support in CIL for neverallowx, from Steve Lawrence.
|
|
* Fully expand neverallowxperm rules, from Richard Haines.
|
|
* Add support for unordered classes to CIL, from Yuli Khodorkovskiy.
|
|
* Add neverallow support for ioctl extended permissions, from Jeff Vander Stoep.
|
|
* Improve CIL block and macro call recursion detection, from Steve Lawrence
|
|
* Fix CIL uninitialized false positive in cil_binary, from Yuli Khodorkovskiy
|
|
* Provide error in CIL if classperms are empty, from Yuli Khodorkovskiy
|
|
* Add userattribute{set} functionality to CIL, from Yuli Khodorkovskiy
|
|
* fix CIL blockinherit copying segfault and add macro restrictions, from Steve Lawrence
|
|
* fix CIL NULL pointer dereference when copying classpermission/set, from Steve Lawrence
|
|
* Add CIL support for ioctl whitelists, from Steve Lawrence
|
|
* Fix memory leak when destroying avtab, from Steve Lawrence
|
|
* Replace sscanf in module_to_cil, from Yuli Khodorkovskiy.
|
|
* Improve CIL resolution error messages, from Steve Lawrence
|
|
* Fix policydb_read for policy versions < 24, from Stephen Smalley.
|
|
* Added CIL bounds checking and refactored CIL Neverallow checking, from James Carter
|
|
* Refactored libsepol Neverallow and bounds (hierarchy) checking, from James Carter
|
|
* Treat types like an attribute in the attr_type_map, from James Carter
|
|
* Add new ebitmap function named ebitmap_match_any(), from James Carter
|
|
* switch operations to extended perms, from Jeff Vander Stoep.
|
|
* Write auditadm_r and secadm_r roles to base module when writing CIL, from Steve Lawrence
|
|
* Fix module to CIL to only associate declared roleattributes with in-scope types, from Steve Lawrence
|
|
* Don't allow categories/sensitivities inside blocks in CIL, from Yuli Khodorkovskiy.
|
|
* Replace fmemopen() with internal function in libsepol, from James Carter.
|
|
* Verify users prior to evaluating users in cil, from Yuli Khodorkovskiy.
|
|
* Binary modules do not support ioctl rules, from Stephen Smalley.
|
|
* Add support for ioctl command whitelisting, from Jeff Vander Stoep.
|
|
* Don't use symbol versioning for static object files, from Yuli Khodorkovskiy.
|
|
* Add sepol_module_policydb_to_cil(), sepol_module_package_to_cil(), and sepol_ppfile_to_module_package(), from James Carter.
|
|
* Move secilc out of libsepol, from Yuli Khodorkovskiy.
|
|
* fix building Xen policy with devicetreecon, and add devicetreecon
|
|
CIL documentation, from Richard Haines.
|
|
* bool_copy_callback set state on creation, from Thomas Hurd.
|
|
* Add device tree ocontext nodes to Xen policy, from Daniel De Graaf.
|
|
* Widen Xen IOMEM context entries, from Daniel De Graaf.
|
|
* Update CIL documentation, from Richard Haines
|
|
* Fix error path in mls_semantic_level_expand(), from Chris PeBenito.
|
|
* Fix MacOS X build, from Stephen Smalley.
|
|
* Enabling building CIL in Android, from Stephen Smalley.
|
|
* Update to latest CIL, includes new name resolution and fixes ordering
|
|
issues with blockinherit statements, and bug fixes
|
|
|
|
2.4 2015-02-02
|
|
* Remove assumption that SHLIBDIR is ../../ relative to LIBDIR, from Steve
|
|
Lawrence
|
|
* Fix bugs found by hardened gcc flags, from Nicolas Iooss.
|
|
* Build CIL into libsepol. libsepol can be built without CIL by setting the
|
|
DISABLE_CIL flag to 'y', from Steve Lawrence
|
|
* Add an API function to set target_platform, from Steve Lawrence
|
|
* Report all neverallow violations, from Stephen Smalley
|
|
* Improve check_assertions performance through hash tweaks from John Brooks.
|
|
* Allow libsepol C++ static library on device from Daniel Cashman.
|
|
|
|
2.3 2014-05-06
|
|
* Improve error message for name-based transition conflicts.
|
|
* Revert libsepol: filename_trans: use some better sorting to compare and merge.
|
|
* Report source file and line information for neverallow failures.
|
|
* Fix valgrind errors in constraint_expr_eval_reason from Richard Haines.
|
|
* Add sepol_validate_transition_reason_buffer function from Richard Haines.
|
|
|
|
2.2 2013-10-30
|
|
* Allow constraint denial cause to be determined from Richard Haines.
|
|
- Add kernel policy version 29.
|
|
- Add modular policy version 17.
|
|
- Add sepol_compute_av_reason_buffer(), sepol_string_to_security_class(), sepol_string_to_av_perm().
|
|
* Support overriding Makefile RANLIB from Sven Vermeulen.
|
|
* Fix man pages from Laurent Bigonville.
|
|
|
|
2.1.9 2013-02-01
|
|
* filename_trans: use some better sorting to compare and merge
|
|
* coverity fixes
|
|
* implement default type policy syntax
|
|
* Fix memory leak issues found by Klocwork
|
|
|
|
2.1.8 2012-09-13
|
|
* fix neverallow checking on attributes
|
|
* Move context_copy() after switch block in ocontext_copy_*().
|
|
* check for missing initial SID labeling statement.
|
|
* Add always_check_network policy capability
|
|
* role_fix_callback skips out-of-scope roles during expansion.
|
|
|
|
2.1.7 2012-06-28
|
|
* reserve policycapability for redhat testing of ptrace child
|
|
* cosmetic changes to make the source easier to read
|
|
* prepend instead of append to filename_trans list
|
|
* Android/MacOS X build support
|
|
|
|
2.1.6 2012-04-23
|
|
* allocate enough space to hold filename in trans rules
|
|
|
|
2.1.5 2012-03-28
|
|
* checkpolicy: implement new default labeling behaviors
|
|
|
|
2.1.4 2011-10-03
|
|
* regenerate .pc on VERSION change
|
|
* Move ebitmap_* functions from mcstrans to libsepol
|
|
* expand: do filename_trans type comparison on mapped representation
|
|
|
|
2.1.3 2011-09-15
|
|
* Skip writing role attributes for policy.X and
|
|
* Indicate when boolean is indeed a tunable.
|
|
* Separate tunable from boolean during compile.
|
|
* Write and read TUNABLE flags in related
|
|
* Copy and check the cond_bool_datum_t.flags during link.
|
|
* Permanently discard disabled branches of tunables in
|
|
* Skip tunable identifier and cond_node_t in expansion.
|
|
* Create a new preserve_tunables flag
|
|
* Preserve tunables when required by semodule program.
|
|
* setools expects expand_module_avrules to be an exported
|
|
* tree: default make target to all not
|
|
|
|
2.1.2 2011-08-03
|
|
* Only call role_fix_callback for base.p_roles during expansion.
|
|
* use mapped role number instead of module role number
|
|
|
|
2.1.1 2011-08-01
|
|
* Minor fix to reading policy with filename transition rules
|
|
|
|
2.1.0 2011-07-27
|
|
* Release, minor version bump
|
|
|
|
2.0.46 2011-07-25
|
|
* Add role attribute support by Harry Ciao
|
|
|
|
2.0.45 2011-05-02
|
|
* Warn if filename_trans rules are dropped by Steve Lawrence.
|
|
|
|
2.0.44 2011-04-13
|
|
* Fixes for new role_transition class field by Eric Paris.
|
|
* Add libsepol support for filename_trans rules by Eric Paris.
|
|
|
|
2.0.43 2011-04-11
|
|
* Add new class field in role_transition by Harry Ciao.
|
|
|
|
2.0.42 2010-12-16
|
|
* Fix compliation under GCC 4.6 by Justin Mattock
|
|
|
|
2.0.41 2009-11-18
|
|
* Fixed typo in error message from Manoj Srivastava.
|
|
|
|
2.0.40 2009-10-29
|
|
* Add pkgconfig file from Eamon Walsh.
|
|
|
|
2.0.39 2009-10-14
|
|
* Add support for building Xen policies from Paul Nuzzi.
|
|
|
|
2.0.38 2009-09-01
|
|
* Check last offset in the module package against the file size.
|
|
Reported by Manoj Srivastava for bug filed by Max Kellermann.
|
|
|
|
2.0.37 2009-07-07
|
|
* Add method to check disable dontaudit flag from Christopher Pardy.
|
|
|
|
2.0.36 2009-03-25
|
|
* Fix boolean state smashing from Joshua Brindle.
|
|
|
|
2.0.35 2009-02-19
|
|
* Fix alias field in module format, caused by boundary format change
|
|
from Caleb Case.
|
|
|
|
2.0.34 2008-10-09
|
|
* Add bounds support from KaiGai Kohei.
|
|
* Fix invalid aliases bug from Joshua Brindle.
|
|
|
|
2.0.33 2008-09-29
|
|
* Revert patch that removed expand_rule.
|
|
|
|
2.0.32 2008-07-07
|
|
* Allow require then declare in the source policy from Joshua Brindle.
|
|
|
|
2.0.31 2008-06-13
|
|
* Fix mls_semantic_level_expand() to handle a user require w/o MLS information from Stephen Smalley.
|
|
|
|
2.0.30 2008-06-06
|
|
* Fix endianness bug in the handling of network node addresses from Stephen Smalley.
|
|
Only affects big endian platforms.
|
|
Bug reported by John Weeks of Sun upon policy mismatch between x86 and sparc.
|
|
|
|
2.0.29 2008-05-27
|
|
* Merge user and role mapping support from Joshua Brindle.
|
|
|
|
2.0.28 2008-05-05
|
|
* Fix mls_level_convert() to gracefully handle an empty user declaration/require from Stephen Smalley.
|
|
|
|
2.0.27 2008-04-18
|
|
* Belatedly merge test for policy downgrade from Todd Miller.
|
|
|
|
2.0.26 2008-03-24
|
|
* Add permissive domain support from Eric Paris.
|
|
|
|
2.0.25 2008-03-04
|
|
* Drop unused ->buffer field from struct policy_file.
|
|
|
|
2.0.24 2008-03-04
|
|
* Add policy_file_init() initalizer for struct policy_file and use it, from Todd C. Miller.
|
|
|
|
2.0.23 2008-02-28
|
|
* Accept "Flask" as an alternate identifier string in kernel policies from Stephen Smalley.
|
|
|
|
2.0.22 2008-02-28
|
|
* Add support for open_perms policy capability from Eric Paris.
|
|
|
|
2.0.21 2008-02-20
|
|
* Fix invalid memory allocation in policydb_index_others() from Jason Tang.
|
|
|
|
2.0.20 2008-02-04
|
|
* Port of Yuichi Nakamura's tune avtab to reduce memory usage patch from the kernel avtab to libsepol from Stephen Smalley.
|
|
|
|
2.0.19 2008-02-02
|
|
* Add support for consuming avrule_blocks during expansion to reduce
|
|
peak memory usage from Joshua Brindle.
|
|
|
|
2.0.18 2008-01-02
|
|
* Added support for policy capabilities from Todd Miller.
|
|
|
|
2.0.17 2007-12-21
|
|
* Prevent generation of policy.18 with MLS enabled from Todd Miller.
|
|
|
|
2.0.16 2007-12-07
|
|
* print module magic number in hex on mismatch, from Todd Miller.
|
|
|
|
2.0.15 2007-11-29
|
|
* clarify and reduce neverallow error reporting from Stephen Smalley.
|
|
|
|
2.0.14 2007-11-05
|
|
* Reject self aliasing at link time from Stephen Smalley.
|
|
|
|
2.0.13 2007-11-05
|
|
* Allow handle_unknown in base to be overridden by semanage.conf from Stephen Smalley.
|
|
|
|
2.0.12 2007-10-11
|
|
* Fixed bug in require checking from Stephen Smalley.
|
|
* Added user hierarchy checking from Todd Miller.
|
|
|
|
2.0.11 2007-09-24
|
|
* Pass CFLAGS to CC even on link command, per Dennis Gilmore.
|
|
|
|
2.0.10 2007-09-18
|
|
* Merged support for the handle_unknown policydb flag from Eric Paris.
|
|
|
|
2.0.9 2007-08-29
|
|
* Moved next_entry and put_entry out-of-line to reduce code size from Ulrich Drepper.
|
|
|
|
2.0.8 2007-08-28
|
|
* Fixed module_package_read_offsets bug introduced by the prior patch.
|
|
|
|
2.0.7 2007-08-23
|
|
* Eliminate unaligned accesses from policy reading code from Stephen Smalley.
|
|
|
|
2.0.6 2007-08-16
|
|
* Allow dontaudits to be turned off during policy expansion from
|
|
Joshua Brindle.
|
|
|
|
2.0.5 2007-08-01
|
|
* Fix sepol_context_clone to handle a NULL context correctly.
|
|
This happens for e.g. semanage_fcontext_set_con(sh, fcontext, NULL)
|
|
to set the file context entry to "<<none>>".
|
|
|
|
2.0.4 2007-06-20
|
|
* Merged error handling patch from Eamon Walsh.
|
|
|
|
2.0.3 2007-04-13
|
|
* Merged add boolmap argument to expand_module_avrules() from Chris PeBenito.
|
|
|
|
2.0.2 2007-03-30
|
|
* Merged fix from Karl to remap booleans at expand time to
|
|
avoid holes in the symbol table.
|
|
|
|
2.0.1 2007-02-06
|
|
* Merged libsepol segfault fix from Stephen Smalley for when
|
|
sensitivities are required but not present in the base.
|
|
|
|
2.0.0 2007-02-01
|
|
* Merged patch to add errcodes.h to libsepol by Karl MacMillan.
|
|
|
|
1.16.0 2007-01-18
|
|
* Updated version for stable branch.
|
|
|
|
1.15.3 2006-11-27
|
|
* Merged patch to compile wit -fPIC instead of -fpic from
|
|
Manoj Srivastava to prevent hitting the global offest table
|
|
limit. Patch changed to include libselinux and libsemanage in
|
|
addition to libselinux.
|
|
1.15.2 2006-10-31
|
|
* Merged fix from Karl MacMillan for a segfault when linking
|
|
non-MLS modules with users in them.
|
|
|
|
1.15.1 2006-10-24
|
|
* Merged fix for version comparison that was preventing range
|
|
transition rules from being written for a version 5 base policy
|
|
from Darrel Goeddel.
|
|
|
|
1.14 2006-10-17
|
|
* Updated version for release.
|
|
|
|
1.12.28 2006-09-28
|
|
* Build libsepol's static object files with -fpic
|
|
|
|
1.12.27 2006-09-28
|
|
* Merged mls user and range_transition support in modules
|
|
from Darrel Goeddel
|
|
|
|
1.12.26 2006-09-05
|
|
* Merged range transition enhancements and user format changes
|
|
Darrel Goeddel
|
|
|
|
1.12.25 2006-08-24
|
|
* Merged conditionally expand neverallows patch from Jeremy Mowery.
|
|
* Merged refactor expander patch from Jeremy Mowery.
|
|
|
|
1.12.24 2006-08-03
|
|
* Merged libsepol unit tests from Joshua Brindle.
|
|
|
|
1.12.23 2006-08-03
|
|
* Merged symtab datum patch from Karl MacMillan.
|
|
|
|
1.12.22 2006-08-03
|
|
* Merged netfilter contexts support from Chris PeBenito.
|
|
|
|
1.12.21 2006-07-28
|
|
* Merged helpful hierarchy check errors patch from Joshua Brindle.
|
|
|
|
1.12.20 2006-07-25
|
|
* Merged semodule_deps patch from Karl MacMillan.
|
|
This adds source module names to the avrule decls.
|
|
|
|
1.12.19 2006-06-29
|
|
* Lindent.
|
|
|
|
1.12.18 2006-06-26
|
|
* Merged optionals in base take 2 patch set from Joshua Brindle.
|
|
|
|
1.12.17 2006-05-30
|
|
* Revert 1.12.16.
|
|
|
|
1.12.16 2006-05-30
|
|
* Merged cleaner fix for bool_ids overflow from Karl MacMillan,
|
|
replacing the prior patch.
|
|
|
|
1.12.15 2006-05-30
|
|
* Merged fixes for several memory leaks in the error paths during
|
|
policy read from Serge Hallyn.
|
|
|
|
1.12.14 2006-05-25
|
|
* Fixed bool_ids overflow bug in cond_node_find and cond_copy_list,
|
|
based on bug report and suggested fix by Cedric Roux.
|
|
|
|
1.12.13 2006-05-24
|
|
* Merged sens_copy_callback, check_role_hierarchy_callback,
|
|
and node_from_record fixes from Serge Hallyn.
|
|
|
|
1.12.12 2006-05-22
|
|
* Added sepol_policydb_compat_net() interface for testing whether
|
|
a policy requires the compatibility support for network checks
|
|
to be enabled in the kernel.
|
|
|
|
1.12.11 2006-05-17
|
|
* Merged patch to initialize sym_val_to_name arrays from Kevin Carr.
|
|
Reworked to use calloc in the first place, and converted some other
|
|
malloc/memset pairs to calloc calls.
|
|
|
|
1.12.10 2006-05-08
|
|
* Merged patch to revert role/user decl upgrade from Karl MacMillan.
|
|
|
|
1.12.9 2006-05-08
|
|
* Dropped tests from all Makefile target.
|
|
|
|
1.12.8 2006-05-05
|
|
* Merged fix warnings patch from Karl MacMillan.
|
|
|
|
1.12.7 2006-05-05
|
|
* Merged libsepol test framework patch from Karl MacMillan.
|
|
|
|
1.12.6 2006-04-28
|
|
* Fixed cond_normalize to traverse the entire cond list at link time.
|
|
|
|
1.12.5 2006-04-03
|
|
* Merged fix for leak of optional package sections from Ivan Gyurdiev.
|
|
|
|
1.12.4 2006-03-29
|
|
* Generalize test for bitmap overflow in ebitmap_set_bit.
|
|
|
|
1.12.3 2006-03-27
|
|
* Fixed attr_convert_callback and expand_convert_type_set
|
|
typemap bug.
|
|
|
|
1.12.2 2006-03-24
|
|
* Fixed avrule_block_write num_decls endian bug.
|
|
|
|
1.12.1 2006-03-20
|
|
* Fixed sepol_module_package_write buffer overflow bug.
|
|
|
|
1.12 2006-03-14
|
|
* Updated version for release.
|
|
|
|
1.11.20 2006-03-08
|
|
* Merged cond_evaluate_expr fix from Serge Hallyn (IBM).
|
|
* Fixed bug in copy_avrule_list reported by Ivan Gyurdiev.
|
|
|
|
1.11.19 2006-02-21
|
|
* Merged sepol_policydb_mls_enabled interface and error handling
|
|
changes from Ivan Gyurdiev.
|
|
|
|
1.11.18 2006-02-16
|
|
* Merged node_expand_addr bugfix and node_compare* change from
|
|
Ivan Gyurdiev.
|
|
|
|
1.11.17 2006-02-15
|
|
* Merged nodes, ports: always prepend patch from Ivan Gyurdiev.
|
|
* Merged bug fix patch from Ivan Gyurdiev.
|
|
|
|
1.11.16 2006-02-14
|
|
* Added a defined flag to level_datum_t for use by checkpolicy.
|
|
|
|
1.11.15 2006-02-14
|
|
* Merged nodecon support patch from Ivan Gyurdiev.
|
|
* Merged cleanups patch from Ivan Gyurdiev.
|
|
|
|
1.11.14 2006-02-13
|
|
* Merged optionals in base patch from Joshua Brindle.
|
|
|
|
1.11.13 2006-02-07
|
|
* Merged seuser/user_extra support patch from Joshua Brindle.
|
|
* Merged fix patch from Ivan Gyurdiev.
|
|
|
|
1.11.12 2006-02-02
|
|
* Merged clone record on set_con patch from Ivan Gyurdiev.
|
|
|
|
1.11.11 2006-02-01
|
|
* Merged assertion copying bugfix from Joshua Brindle.
|
|
* Merged sepol_av_to_string patch from Joshua Brindle.
|
|
|
|
1.11.10 2006-01-30
|
|
* Merged cond_expr mapping and package section count bug fixes
|
|
from Joshua Brindle.
|
|
* Merged improve port/fcontext API patch from Ivan Gyurdiev.
|
|
* Merged fixes for overflow bugs on 64-bit from Ivan Gyurdiev.
|
|
|
|
1.11.9 2006-01-12
|
|
* Merged size_t -> unsigned int patch from Ivan Gyurdiev.
|
|
|
|
1.11.8 2006-01-09
|
|
* Merged 2nd const in APIs patch from Ivan Gyurdiev.
|
|
|
|
1.11.7 2006-01-06
|
|
* Merged const in APIs patch from Ivan Gyurdiev.
|
|
* Merged compare2 function patch from Ivan Gyurdiev.
|
|
|
|
1.11.6 2006-01-06
|
|
* Fixed hierarchy checker to only check allow rules.
|
|
|
|
1.11.5 2006-01-05
|
|
* Merged further fixes from Russell Coker, specifically:
|
|
- av_to_string overflow checking
|
|
- sepol_context_to_string error handling
|
|
- hierarchy checking memory leak fixes and optimizations
|
|
- avrule_block_read variable initialization
|
|
* Marked deprecated code in genbools and genusers.
|
|
|
|
1.11.4 2006-01-05
|
|
* Merged bugfix for sepol_port_modify from Russell Coker.
|
|
|
|
1.11.3 2006-01-05
|
|
* Fixed bug in sepol_iface_modify error path noted by Ivan Gyurdiev.
|
|
* Merged port ordering patch from Ivan Gyurdiev.
|
|
|
|
1.11.2 2006-01-04
|
|
* Merged patch series from Ivan Gyurdiev.
|
|
This includes patches to:
|
|
- support ordering of records in compare function
|
|
- enable port interfaces
|
|
- add interfaces for context validity and range checks
|
|
- add include guards
|
|
|
|
1.11.1 2005-12-16
|
|
* Fixed mls_range_cpy bug.
|
|
|
|
1.10 2005-12-07
|
|
* Updated version for release.
|
|
|
|
1.9.42 2005-12-05
|
|
* Dropped handle from user_del_role interface.
|
|
|
|
1.9.41 2005-11-28
|
|
* Merged remove defrole from sepol patch from Ivan Gyurdiev.
|
|
|
|
1.9.40 2005-11-15
|
|
* Merged module function and map file cleanup from Ivan Gyurdiev.
|
|
* Merged MLS and genusers cleanups from Ivan Gyurdiev.
|
|
|
|
1.9.39 2005-11-09
|
|
Prepare for removal of booleans* and *.users files.
|
|
* Cleaned up sepol_genbools to not regenerate the image if
|
|
there were no changes in the boolean values, including the
|
|
degenerate case where there are no booleans or booleans.local
|
|
files.
|
|
* Cleaned up sepol_genusers to not warn on missing local.users.
|
|
|
|
1.9.38 2005-11-08
|
|
* Removed sepol_port_* from libsepol.map, as the port interfaces
|
|
are not yet stable.
|
|
|
|
1.9.37 2005-11-04
|
|
* Merged context destroy cleanup patch from Ivan Gyurdiev.
|
|
|
|
1.9.36 2005-11-03
|
|
* Merged context_to_string interface change patch from Ivan Gyurdiev.
|
|
|
|
1.9.35 2005-11-01
|
|
* Added src/dso.h and src/*_internal.h.
|
|
Added hidden_def for exported symbols used within libsepol.
|
|
Added hidden for symbols that should not be exported by
|
|
the wildcards in libsepol.map.
|
|
|
|
1.9.34 2005-10-31
|
|
* Merged record interface, record bugfix, and set_roles patches
|
|
from Ivan Gyurdiev.
|
|
|
|
1.9.33 2005-10-27
|
|
* Merged count specification change from Ivan Gyurdiev.
|
|
|
|
1.9.32 2005-10-26
|
|
* Added further checking and error reporting to
|
|
sepol_module_package_read and _info.
|
|
|
|
1.9.31 2005-10-26
|
|
* Merged sepol handle passing, DEBUG conversion, and memory leak
|
|
fix patches from Ivan Gyurdiev.
|
|
|
|
1.9.30 2005-10-25
|
|
* Removed processing of system.users from sepol_genusers and
|
|
dropped delusers logic.
|
|
|
|
1.9.29 2005-10-25
|
|
* Removed policydb_destroy from error path of policydb_read,
|
|
since create/init/destroy/free of policydb is handled by the
|
|
caller now.
|
|
* Fixed sepol_module_package_read to handle a failed policydb_read
|
|
properly.
|
|
|
|
1.9.28 2005-10-25
|
|
* Merged query/exists and count patches from Ivan Gyurdiev.
|
|
|
|
1.9.27 2005-10-25
|
|
* Merged fix for pruned types in expand code from Joshua Brindle.
|
|
* Merged new module package format code from Joshua Brindle.
|
|
|
|
1.9.26 2005-10-24
|
|
* Merged context interface cleanup, record conversion code,
|
|
key passing, and bug fix patches from Ivan Gyurdiev.
|
|
|
|
1.9.25 2005-10-21
|
|
* Merged users cleanup patch from Ivan Gyurdiev.
|
|
|
|
1.9.24 2005-10-21
|
|
* Merged user record memory leak fix from Ivan Gyurdiev.
|
|
* Merged reorganize users patch from Ivan Gyurdiev.
|
|
|
|
1.9.23 2005-10-19
|
|
* Added check flag to expand_module() to control assertion
|
|
and hierarchy checking on expansion.
|
|
|
|
1.9.22 2005-10-19
|
|
* Reworked check_assertions() and hierarchy_check_constraints()
|
|
to take handles and use callback-based error reporting.
|
|
* Changed expand_module() to call check_assertions() and
|
|
hierarchy_check_constraints() prior to returning the expanded
|
|
policy.
|
|
|
|
1.9.21 2005-10-18
|
|
* Changed sepol_module_package_set_file_contexts to copy the
|
|
file contexts data since it is internally managed.
|
|
|
|
1.9.20 2005-10-18
|
|
* Added sepol_policy_file_set_handle interface to associate
|
|
a handle with a policy file.
|
|
* Added handle argument to policydb_from_image/to_image.
|
|
* Added sepol_module_package_set_file_contexts interface.
|
|
* Dropped sepol_module_package_create_file interface.
|
|
* Reworked policydb_read/write, policydb_from_image/to_image,
|
|
and sepol_module_package_read/write to use callback-based error
|
|
reporting system rather than DEBUG.
|
|
|
|
1.9.19 2005-10-17
|
|
* Reworked link_packages, link_modules, and expand_module to use
|
|
callback-based error reporting system rather than error buffering.
|
|
|
|
1.9.18 2005-10-14
|
|
* Merged conditional expression mapping fix in the module linking
|
|
code from Joshua Brindle.
|
|
|
|
1.9.17 2005-10-13
|
|
* Hid sepol_module_package type definition, and added get interfaces.
|
|
|
|
1.9.16 2005-10-13
|
|
* Merged new callback-based error reporting system from Ivan
|
|
Gyurdiev.
|
|
|
|
1.9.15 2005-10-13
|
|
* Merged support for require blocks inside conditionals from
|
|
Joshua Brindle (Tresys).
|
|
|
|
1.9.14 2005-10-07
|
|
* Fixed use of policydb_from_image/to_image to ensure proper
|
|
init of policydb.
|
|
|
|
1.9.13 2005-10-07
|
|
* Isolated policydb internal headers under <sepol/policydb/*.h>.
|
|
These headers should only be used by users of the static libsepol.
|
|
Created new <sepol/policydb.h> with new public types and interfaces
|
|
for shared libsepol.
|
|
Created new <sepol/module.h> with public types and interfaces moved
|
|
or wrapped from old module.h, link.h, and expand.h, adjusted for
|
|
new public types for policydb and policy_file.
|
|
Added public interfaces to libsepol.map.
|
|
Some implementation changes visible to users of the static libsepol:
|
|
1) policydb_read no longer calls policydb_init.
|
|
Caller must do so first.
|
|
2) policydb_init no longer takes policy_type argument.
|
|
Caller must set policy_type separately.
|
|
3) expand_module automatically enables the global branch.
|
|
Caller no longer needs to do so.
|
|
4) policydb_write uses the policy_type and policyvers from the
|
|
policydb itself, and sepol_set_policyvers() has been removed.
|
|
|
|
1.9.12 2005-10-06
|
|
* Merged function renaming and static cleanup from Ivan Gyurdiev.
|
|
|
|
1.9.11 2005-10-05
|
|
* Merged bug fix for check_assertions handling of no assertions
|
|
from Joshua Brindle (Tresys).
|
|
|
|
1.9.10 2005-10-04
|
|
* Merged iterate patch from Ivan Gyurdiev.
|
|
|
|
1.9.9 2005-10-03
|
|
* Merged MLS in modules patch from Joshua Brindle (Tresys).
|
|
|
|
1.9.8 2005-09-30
|
|
* Merged pointer typedef elimination patch from Ivan Gyurdiev.
|
|
* Merged user list function, new mls functions, and bugfix patch
|
|
from Ivan Gyurdiev.
|
|
|
|
1.9.7 2005-09-28
|
|
* Merged sepol_get_num_roles fix from Karl MacMillan (Tresys).
|
|
|
|
1.9.6 2005-09-23
|
|
* Merged bug fix patches from Joshua Brindle (Tresys).
|
|
|
|
1.9.5 2005-09-21
|
|
* Merged boolean record and memory leak fix patches from Ivan
|
|
Gyurdiev.
|
|
|
|
1.9.4 2005-09-19
|
|
* Merged interface record patch from Ivan Gyurdiev.
|
|
|
|
1.9.3 2005-09-14
|
|
* Merged fix for sepol_enable/disable_debug from Ivan
|
|
Gyurdiev.
|
|
|
|
1.9.2 2005-09-14
|
|
* Merged stddef.h patch and debug conversion patch from
|
|
Ivan Gyurdiev.
|
|
|
|
1.9.1 2005-09-09
|
|
* Fixed expand_avtab and expand_cond_av_list to keep separate
|
|
entries with identical keys but different enabled flags.
|
|
|
|
1.8 2005-09-06
|
|
* Updated version for release.
|
|
|
|
1.7.24 2005-08-31
|
|
* Fixed symtab_insert return value for duplicate declarations.
|
|
|
|
1.7.23 2005-08-31
|
|
* Merged fix for memory error in policy_module_destroy from
|
|
Jason Tang (Tresys).
|
|
|
|
1.7.22 2005-08-26
|
|
* Merged fix for memory leak in sepol_context_to_sid from
|
|
Jason Tang (Tresys).
|
|
|
|
1.7.21 2005-08-25
|
|
* Merged fixes for resource leaks on error paths and
|
|
change to scope_destroy from Joshua Brindle (Tresys).
|
|
|
|
1.7.20 2005-08-23
|
|
* Merged more fixes for resource leaks on error paths
|
|
from Serge Hallyn (IBM). Bugs found by Coverity.
|
|
|
|
1.7.19 2005-08-19
|
|
* Changed to treat all type conflicts as fatal errors.
|
|
|
|
1.7.18 2005-08-18
|
|
* Merged several error handling fixes from
|
|
Serge Hallyn (IBM). Bugs found by Coverity.
|
|
|
|
1.7.17 2005-08-15
|
|
* Fixed further memory leaks found by valgrind.
|
|
|
|
1.7.16 2005-08-15
|
|
* Fixed several memory leaks found by valgrind.
|
|
|
|
1.7.15 2005-08-12
|
|
* Fixed empty list test in cond_write_av_list. Bug found by
|
|
Coverity, reported by Serge Hallyn (IBM).
|
|
* Merged patch to policydb_write to check errors
|
|
when writing the type->attribute reverse map from
|
|
Serge Hallyn (IBM). Bug found by Coverity.
|
|
* Fixed policydb_destroy to properly handle NULL type_attr_map
|
|
or attr_type_map.
|
|
|
|
1.7.14 2005-08-12
|
|
* Fixed use of uninitialized data by expand_avtab_node by
|
|
clearing type_val_to_struct in policydb_index_others.
|
|
|
|
1.7.13 2005-08-11
|
|
* Improved memory use by SELinux by both reducing the avtab
|
|
node size and reducing the number of avtab nodes (by not
|
|
expanding attributes in TE rules when possible). Added
|
|
expand_avtab and expand_cond_av_list functions for use by
|
|
assertion checker, hierarchy checker, compatibility code,
|
|
and dispol. Added new inline ebitmap operators and converted
|
|
existing users of ebitmaps to the new operators for greater
|
|
efficiency.
|
|
Note: The binary policy format version has been incremented to
|
|
version 20 as a result of these changes.
|
|
|
|
1.7.12 2005-08-10
|
|
* Fixed bug in constraint_node_clone handling of name sets.
|
|
|
|
1.7.11 2005-08-08
|
|
* Fix range_trans_clone to map the type values properly.
|
|
|
|
1.7.10 2005-08-02
|
|
* Merged patch to move module read/write code from libsemanage
|
|
to libsepol from Jason Tang (Tresys).
|
|
|
|
1.7.9 2005-08-02
|
|
* Enabled further compiler warning flags and fixed them.
|
|
|
|
1.7.8 2005-08-02
|
|
* Merged user, context, port records patch from Ivan Gyurdiev.
|
|
* Merged key extract function patch from Ivan Gyurdiev.
|
|
|
|
1.7.7 2005-07-27
|
|
* Merged mls_context_to_sid bugfix from Ivan Gyurdiev.
|
|
|
|
1.7.6 2005-07-26
|
|
* Merged context reorganization, memory leak fixes,
|
|
port and interface loading, replacements for genusers and
|
|
genbools, debug traceback, and bugfix patches from Ivan Gyurdiev.
|
|
* Merged uninitialized variable bugfix from Dan Walsh.
|
|
|
|
1.7.5 2005-07-18
|
|
* Merged debug support, policydb conversion functions from Ivan Gyurdiev (Red Hat).
|
|
* Removed genpolbools and genpolusers utilities.
|
|
|
|
1.7.4 2005-07-18
|
|
* Merged hierarchy check fix from Joshua Brindle (Tresys).
|
|
|
|
1.7.3 2005-07-13
|
|
* Merged header file cleanup and memory leak fix from Ivan Gyurdiev (Red Hat).
|
|
|
|
1.7.2 2005-07-11
|
|
* Merged genbools debugging message cleanup from Red Hat.
|
|
|
|
1.7.1 2005-07-06
|
|
* Merged loadable module support from Tresys Technology.
|
|
|
|
1.6 2005-06-20
|
|
* Updated version for release.
|
|
|
|
1.5.10 2005-05-19
|
|
* License changed to LGPL v2.1, see COPYING.
|
|
|
|
1.5.9 2005-05-16
|
|
* Added sepol_genbools_policydb and sepol_genusers_policydb for
|
|
audit2why.
|
|
|
|
1.5.8 2005-05-13
|
|
* Added sepol_ prefix to Flask types to avoid
|
|
namespace collision with libselinux.
|
|
|
|
1.5.7 2005-05-13
|
|
* Added sepol_compute_av_reason() for audit2why.
|
|
|
|
1.5.6 2005-04-25
|
|
* Fixed bug in role hierarchy checker.
|
|
|
|
1.5.5 2005-04-13
|
|
* Merged hierarchical type/role patch from Tresys Technology.
|
|
* Merged MLS fixes from Darrel Goeddel of TCS.
|
|
|
|
1.5.4 2005-04-13
|
|
* Changed sepol_genusers to not delete users by default,
|
|
and added a sepol_set_delusers function to enable deletion.
|
|
Also, removed special case handling of system_u and user_u.
|
|
|
|
1.5.3 2005-03-29
|
|
* Merged booleans.local patch from Dan Walsh.
|
|
|
|
1.5.2 2005-03-16
|
|
* Added man page for sepol_check_context.
|
|
|
|
1.5.1 2005-03-15
|
|
* Added man page for sepol_genusers function.
|
|
* Merged man pages for genpolusers and chkcon from Manoj Srivastava.
|
|
|
|
1.4 2005-03-09
|
|
* Updated version for release.
|
|
|
|
1.3.8 2005-03-08
|
|
* Cleaned up error handling in sepol_genusers and sepol_genbools.
|
|
|
|
1.3.7 2005-02-28
|
|
* Merged sepol_debug and fclose patch from Dan Walsh.
|
|
|
|
1.3.6 2005-02-22
|
|
* Changed sepol_genusers to also use getline and correctly handle
|
|
EOL.
|
|
|
|
1.3.5 2005-02-17
|
|
* Merged range_transition support from Darrel Goeddel (TCS).
|
|
|
|
1.3.4 2005-02-16
|
|
* Added sepol_genusers function.
|
|
|
|
1.3.3 2005-02-14
|
|
* Merged endianness and compute_av patches from Darrel Goeddel (TCS).
|
|
|
|
1.3.2 2005-02-09
|
|
* Changed relabel Makefile target to use restorecon.
|
|
|
|
1.3.1 2005-01-26
|
|
* Merged enhanced MLS support from Darrel Goeddel (TCS).
|
|
|
|
1.2.1 2005-01-19
|
|
* Merged build fix patch from Manoj Srivastava.
|
|
|
|
1.2 2004-10-07
|
|
* MLS build fixes.
|
|
* Added sepol_set_policydb_from_file and sepol_check_context for setfiles.
|
|
|
|
1.0 2004-08-19
|
|
* Initial public release.
|
|
|
|
0.4 2004-08-13
|
|
* Merged patch from Dan Walsh to ignore case on booleans.
|
|
* Changed sepol_genbools* to preserve the original policy version.
|
|
* Replaced exported global variables with set functions.
|
|
* Moved genpolbools utility from checkpolicy to libsepol.
|
|
* Added man pages for sepol_genbools* and genpolbools.
|
|
|
|
0.3 2004-08-10
|
|
* Added ChangeLog, COPYING, spec file.
|
|
* Added sepol_genbools_array() for load_policy.
|
|
* Created libsepol.map to limit exported symbols in shared library.
|
|
|
|
0.2 2004-08-09
|
|
* Exported other functions for checkpolicy and friends.
|
|
* Renamed service and sidtab functions to avoid libselinux conflict.
|
|
* Removed original code from checkpolicy, which now uses libsepol.
|
|
* Code cleanup: kill legacy references to kernel types/functions.
|
|
|
|
0.1 2004-08-06
|
|
* Moved checkpolicy core logic into a library.
|
|
* Exported sepol_genbools() for load_policy.
|