From f3d5e2eb212ebd4189428d6adb915880573962f9 Mon Sep 17 00:00:00 2001 From: Pierre-Hugues Husson Date: Wed, 9 Sep 2020 22:36:42 +0200 Subject: [PATCH 09/10] Revert "libsepol: Make an unknown permission an error in CIL" This reverts commit dc4e54126bf25dea4d51820922ccd1959be68fbc. This is required because some targets calls undefined permissions: - Realme X2 Pro calls sigcont - Honor 7X calls perf_event --- libsepol/cil/src/cil_resolve_ast.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index 87575860..e72abdeb 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -131,14 +131,18 @@ static int __cil_resolve_perms(symtab_t *class_symtab, symtab_t *common_symtab, } } if (rc != SEPOL_OK) { + struct cil_list *empty_list; if (class_flavor == CIL_MAP_CLASS) { cil_log(CIL_ERR, "Failed to resolve permission %s for map class\n", (char*)curr->data); - } else { - cil_log(CIL_ERR, "Failed to resolve permission %s\n", (char*)curr->data); + goto exit; } - goto exit; + cil_log(CIL_WARN, "Failed to resolve permission %s\n", (char*)curr->data); + /* Use an empty list to represent unknown perm */ + cil_list_init(&empty_list, perm_strs->flavor); + cil_list_append(*perm_datums, CIL_LIST, empty_list); + } else { + cil_list_append(*perm_datums, CIL_DATUM, perm_datum); } - cil_list_append(*perm_datums, CIL_DATUM, perm_datum); } else { cil_list_append(*perm_datums, curr->flavor, curr->data); } -- 2.17.1