Closed bcressey closed 5 months ago
Thanks for the report, it looks like your patch does fix the issue.
For your patch to be reviewed and accepted it must be sent to the selinux@vger.kernel.org mailing list. You can use git send-email to do that.
Actually, I would like a bit more detail in the commit message, so I will take your patch and change the commit message (while giving you credit). Thanks again.
Closing since this is merged. Thanks!
The classcommon documentation gives this example:
In my project I extend that with a classmap:
However, this is no longer accepted by the CIL verifier after e81c466bca9a06e2ada7d783fe31dd44c9e04432:
The "all" check does not traverse the
class->common
list and so does not find any permissions. I've created a small patch to add that traversal, which fixes the problem for my policy at least.