[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Jason Zaman" <perfinion@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/
Date: Sat,  3 Sep 2022 19:54:05 +0000 (UTC)	[thread overview]
Message-ID: <1662230515.892145a3471364d8e677878406a7884e6557ec2d.perfinion@gentoo> (raw)

commit:     892145a3471364d8e677878406a7884e6557ec2d
Author:     Daniel Burgener <dburgener <AT> linux <DOT> microsoft <DOT> com>
AuthorDate: Tue Jul 19 21:47:43 2022 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Sep  3 18:41:55 2022 +0000
URL:        https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=892145a3

Drop explicit calls to seutil and kernel module interfaces in broad files interfaces

Historically, these calls were needed because the interfaces provided an
attribute used to check various assertions. However, that attribute was
dropped in 2005 with commit 15fefa4.

Keeping these calls in prevents removing these permissions from a call
to files_manage_all_files() with the $2 argument.

Signed-off-by: Daniel Burgener <dburgener <AT> linux.microsoft.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 policy/modules/kernel/files.if | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/policy/modules/kernel/files.if b/policy/modules/kernel/files.if
index 6a082670..fb27ed18 100644
--- a/policy/modules/kernel/files.if
+++ b/policy/modules/kernel/files.if
@@ -1239,10 +1239,6 @@ interface(`files_manage_all_files',`
 	manage_lnk_files_pattern($1, { file_type $2 }, { file_type $2 })
 	manage_fifo_files_pattern($1, { file_type $2 }, { file_type $2 })
 	manage_sock_files_pattern($1, { file_type $2 }, { file_type $2 })
-
-	# satisfy the assertions:
-	seutil_create_bin_policy($1)
-	files_manage_kernel_modules($1)
 ')
 
 ########################################
@@ -1513,10 +1509,6 @@ interface(`files_manage_non_auth_files',`
 	manage_lnk_files_pattern($1, non_auth_file_type, non_auth_file_type)
 	manage_fifo_files_pattern($1, non_auth_file_type, non_auth_file_type)
 	manage_sock_files_pattern($1, non_auth_file_type, non_auth_file_type)
-
-	# satisfy the assertions:
-	seutil_create_bin_policy($1)
-	files_manage_kernel_modules($1)
 ')
 
 ########################################

next             reply	other threads:[~2022-09-03 19:54 UTC|newest]

Thread overview: 268+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-03 19:54 Jason Zaman [this message]
  -- strict thread matches above, loose matches on Subject: below --
2024-09-22  0:03 [gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/ Jason Zaman
2024-03-01 19:56 Kenton Groombridge
2024-03-01 19:56 Kenton Groombridge
2023-02-13 15:35 Kenton Groombridge
2023-02-13 15:35 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-11-02 14:42 Kenton Groombridge
2022-02-07  2:14 Jason Zaman
2022-01-30  1:22 Jason Zaman
2021-11-21 23:02 Jason Zaman
2021-11-21 19:33 Jason Zaman
2021-11-21  3:00 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-11-11 21:27 Jason Zaman
2021-09-05 16:00 Jason Zaman
2021-09-05 16:00 Jason Zaman
2021-04-03  3:10 Jason Zaman
2021-04-03  3:10 Jason Zaman
2021-04-03  3:10 Jason Zaman
2021-04-03  3:10 Jason Zaman
2021-04-03  3:10 Jason Zaman
2021-03-21 22:10 Jason Zaman
2021-03-21 22:10 Jason Zaman
2021-01-11  1:27 Jason Zaman
2021-01-11  1:27 Jason Zaman
2020-10-13  3:02 Jason Zaman
2020-02-15  7:33 Jason Zaman
2019-07-13  7:01 Jason Zaman
2019-07-13  7:01 Jason Zaman
2019-03-26 10:17 Jason Zaman
2019-03-26 10:17 Jason Zaman
2019-02-10  6:18 Jason Zaman
2019-02-10  4:14 Jason Zaman
2019-02-10  4:14 Jason Zaman
2019-02-10  4:14 Jason Zaman
2018-09-11  9:06 Jason Zaman
2018-09-11  9:06 Jason Zaman
2018-07-12 14:37 Jason Zaman
2018-06-09  5:24 Jason Zaman
2018-01-18 16:37 Sven Vermeulen
2018-01-18 16:37 Sven Vermeulen
2017-12-14  5:15 Jason Zaman
2017-12-12  7:59 Jason Zaman
2017-11-05  8:01 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-10-29 20:42 Jason Zaman
2017-09-09  2:43 Jason Zaman
2017-09-09  2:43 Jason Zaman
2017-09-09  2:43 Jason Zaman
2017-09-09  2:43 Jason Zaman
2017-06-05 17:34 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-06-05 17:25 Jason Zaman
2017-05-18 17:03 Sven Vermeulen
2017-05-07 16:09 Jason Zaman
2017-03-30 17:06 Jason Zaman
2017-03-02 10:17 Sven Vermeulen
2017-03-02 10:17 Sven Vermeulen
2017-03-02 10:17 Sven Vermeulen
2017-02-27 11:40 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-02-27 10:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-02-21  7:11 Jason Zaman
2017-02-21  7:11 Jason Zaman
2017-02-17  8:44 Jason Zaman
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-13 18:43 Sven Vermeulen
2017-01-01 16:44 Jason Zaman
2017-01-01 16:37 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2017-01-01 16:36 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2017-01-01 16:36 Jason Zaman
2017-01-01 16:36 Jason Zaman
2016-12-08  4:47 Jason Zaman
2016-12-08  4:47 Jason Zaman
2016-12-06 12:26 Jason Zaman
2016-08-31 16:38 Jason Zaman
2016-08-31 16:38 Jason Zaman
2016-08-13 18:35 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-08-13 18:35 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2016-08-13 18:32 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2016-07-31 10:40 Sven Vermeulen
2016-07-31 10:40 Sven Vermeulen
2016-07-03 11:34 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-07-03 11:34 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2016-07-03 11:27 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2016-06-23 15:59 Jason Zaman
2016-06-02  6:32 Jason Zaman
2016-06-02  6:32 Jason Zaman
2016-05-13  5:37 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-03-23 18:36 Jason Zaman
2016-02-12  3:51 Jason Zaman
2016-02-12  3:51 Jason Zaman
2016-02-12  3:51 Jason Zaman
2016-02-12  3:51 Jason Zaman
2016-02-12  3:51 Jason Zaman
2016-01-30 17:21 Jason Zaman
2016-01-30 17:21 Jason Zaman
2016-01-30 17:21 Jason Zaman
2015-12-17 18:49 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-12-17 16:10 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-12-17 16:10 Jason Zaman
2015-12-17 16:10 Jason Zaman
2015-10-14 18:36 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-10-13 14:50 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-10-11 10:48 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-09-20  7:00 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-09-20  7:00 Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 19:11 [gentoo-commits] proj/hardened-refpolicy:next " Jason Zaman
2015-08-27 19:11 ` [gentoo-commits] proj/hardened-refpolicy:master " Jason Zaman
2015-08-27 18:58 Jason Zaman
2015-07-13 17:35 [gentoo-commits] proj/hardened-refpolicy:swift " Sven Vermeulen
2015-07-13 17:42 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-06-07  9:31 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-06-09 10:52 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-05-30 16:15 Jason Zaman
2015-05-22 19:32 Jason Zaman
2015-05-22 19:32 Jason Zaman
2015-03-05 13:15 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-03-04 19:34 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-03-04 15:35 Sven Vermeulen
2015-03-04 15:20 Sven Vermeulen
2015-02-15 18:36 Sven Vermeulen
2015-02-15 17:39 Sven Vermeulen
2015-01-25 13:46 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2015-01-25 13:45 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2015-01-25 13:45 Sven Vermeulen
2014-12-15 18:52 Sven Vermeulen
2014-12-15 18:40 Sven Vermeulen
2014-11-28 10:04 [gentoo-commits] proj/hardened-refpolicy:next " Sven Vermeulen
2014-11-22 18:24 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-11-22 18:24 Sven Vermeulen
2014-11-22 17:43 Sven Vermeulen
2014-11-22 17:43 Sven Vermeulen
2014-10-25 19:21 Jason Zaman
2014-10-25 19:21 Jason Zaman
2014-08-31 18:27 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-26 14:55 Sven Vermeulen
2014-08-19 20:23 Sven Vermeulen
2014-08-19 20:07 Sven Vermeulen
2014-08-19 20:07 Sven Vermeulen
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-19  9:19 Jason Zaman
2014-08-15 14:51 Sven Vermeulen
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
2014-08-15 10:04 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-15 10:04 [gentoo-commits] proj/hardened-refpolicy:salt " Sven Vermeulen
2014-08-15 14:51 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-15 10:04 Sven Vermeulen
2014-08-08  8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-08  8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-08  8:50 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-08  8:48 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-08  8:48 Sven Vermeulen
2014-08-07  9:41 Sven Vermeulen
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-07  8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-08-06 18:13 [gentoo-commits] proj/hardened-refpolicy:testing " Sven Vermeulen
2014-08-07  8:06 ` [gentoo-commits] proj/hardened-refpolicy:master " Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-07-05 16:06 Sven Vermeulen
2014-06-25 19:06 Sven Vermeulen
2014-06-25 19:06 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-10 18:17 Sven Vermeulen
2014-06-07 18:20 Sven Vermeulen
2014-06-07 18:12 Sven Vermeulen
2014-05-01 18:59 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-21 15:25 Sven Vermeulen
2014-04-17 18:21 Sven Vermeulen
2014-04-11 17:48 Sven Vermeulen
2014-04-11 17:48 Sven Vermeulen
2014-04-08 16:12 Sven Vermeulen
2014-04-08 16:02 Sven Vermeulen
2014-04-08 16:02 Sven Vermeulen
2014-03-17  8:24 Sven Vermeulen
2014-02-17 19:55 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-02-09 10:54 Sven Vermeulen
2014-01-23 20:00 Sven Vermeulen
2014-01-19 19:01 Sven Vermeulen
2013-12-06 17:33 Sven Vermeulen
2013-11-03 11:19 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27 13:27 Sven Vermeulen
2013-09-27  6:50 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-09-24 17:10 Sven Vermeulen
2013-08-15 17:23 Sven Vermeulen
2013-08-15  9:22 Sven Vermeulen
2013-08-13 18:16 Sven Vermeulen
2013-05-16  9:06 Sven Vermeulen
2013-05-01 19:32 Sven Vermeulen
2013-05-01 18:42 Sven Vermeulen
2013-04-11 18:04 Sven Vermeulen
2013-04-11 17:30 Sven Vermeulen
2013-03-11 18:53 Sven Vermeulen
2013-03-10 15:29 Sven Vermeulen
2013-02-18 18:11 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2013-02-04 19:17 Sven Vermeulen
2012-12-29 18:24 Sven Vermeulen
2012-12-17 16:56 Sven Vermeulen
2012-12-08 18:21 Sven Vermeulen
2012-12-03  9:35 Sven Vermeulen
2012-12-03  9:35 Sven Vermeulen
2012-11-12 21:19 Sven Vermeulen
2012-11-10 17:40 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-31 18:04 Sven Vermeulen
2012-10-30 20:24 Sven Vermeulen
2012-10-30 20:24 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-19 15:06 Sven Vermeulen
2012-10-10 19:52 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-10-04 17:36 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-28 17:57 Sven Vermeulen
2012-09-08 17:30 Sven Vermeulen
2012-08-29 18:48 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-28 17:28 Sven Vermeulen
2012-08-15 13:04 Sven Vermeulen
2012-05-26 17:06 Sven Vermeulen
2012-05-16 18:34 Sven Vermeulen

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:6a08267 dfblob:fb27ed1 )
 OR (
bs:"[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/kernel/" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1662230515.892145a3471364d8e677878406a7884e6557ec2d.perfinion@gentoo \
    --to=perfinion@gentoo.org \
    --cc=gentoo-commits@lists.gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox