diff --git a/native/src/sepolicy/api.cpp b/native/src/sepolicy/api.cpp index f894476fb..843f47d22 100644 --- a/native/src/sepolicy/api.cpp +++ b/native/src/sepolicy/api.cpp @@ -54,17 +54,26 @@ static inline void expand(F &&f, T &&...args) { f(std::forward(args)...); } +template +static inline void expand(const Str &s, T &&...args) { + char buf[64]; + if (s.length() >= sizeof(buf)) return; + if (s.empty()) { + expand(std::forward(args)..., (char *) nullptr); + } else { + memcpy(buf, s.data(), s.length()); + buf[s.length()] = '\0'; + expand(std::forward(args)..., buf); + } +} + template static inline void expand(const StrVec &vec, T &&...args) { if (vec.empty()) { expand(std::forward(args)..., (char *) nullptr); } else { - char buf[64]; for (auto &s : vec) { - if (s.length() >= sizeof(buf)) continue; - memcpy(buf, s.data(), s.length()); - buf[s.length()] = '\0'; - expand(std::forward(args)..., buf); + expand(s, std::forward(args)...); } } } @@ -76,15 +85,6 @@ static inline void expand(const Xperms &vec, T &&...args) { } } -template -static inline void expand(const Str &s, T &&...args) { - char buf[64]; - if (s.length() >= sizeof(buf)) return; - memcpy(buf, s.data(), s.length()); - buf[s.length()] = '\0'; - expand(std::forward(args)..., buf); -} - void sepolicy::allow(StrVec src, StrVec tgt, StrVec cls, StrVec perm) { expand(src, tgt, cls, perm, [this](auto ...args) { print_rule("allow", args...); @@ -148,15 +148,14 @@ void sepolicy::attribute(Str name) { }); } -void sepolicy::type_transition(Str src, Str tgt, Str cls, Str def, StrVec obj) { - auto obj_str = obj.empty() ? std::string() : std::string(obj[0]); - auto o = obj.empty() ? nullptr : obj_str.data(); - expand(src, tgt, cls, def, [this, &o](auto ...args) { - print_rule("type_transition", args..., o); +void sepolicy::type_transition(Str src, Str tgt, Str cls, Str def, Str obj) { + expand(src, tgt, cls, def, obj, [this](auto s, auto t, auto c, auto d, auto o) { if (o) { - impl->add_filename_trans(args..., o); + print_rule("type_transition", s, t, c, d, o); + impl->add_filename_trans(s, t, c, d, o); } else { - impl->add_type_rule(args..., AVTAB_TRANSITION); + print_rule("type_transition", s, t, c, d); + impl->add_type_rule(s, t, c, d, AVTAB_TRANSITION); } }); } diff --git a/native/src/sepolicy/include/sepolicy.hpp b/native/src/sepolicy/include/sepolicy.hpp index 43f580710..582d5a151 100644 --- a/native/src/sepolicy/include/sepolicy.hpp +++ b/native/src/sepolicy/include/sepolicy.hpp @@ -62,7 +62,7 @@ struct sepolicy { void dontauditxperm(StrVec src, StrVec tgt, StrVec cls, Xperms xperm); // Type rules - void type_transition(Str src, Str tgt, Str cls, Str def, StrVec obj); + void type_transition(Str src, Str tgt, Str cls, Str def, Str obj); void type_change(Str src, Str tgt, Str cls, Str def); void type_member(Str src, Str tgt, Str cls, Str def); diff --git a/native/src/sepolicy/lib.rs b/native/src/sepolicy/lib.rs index ccd72f99c..9c44dbfed 100644 --- a/native/src/sepolicy/lib.rs +++ b/native/src/sepolicy/lib.rs @@ -74,14 +74,7 @@ mod ffi { #[cxx_name = "type"] fn type_(self: Pin<&mut sepolicy>, t: &str, a: Vec<&str>); fn attribute(self: Pin<&mut sepolicy>, t: &str); - fn type_transition( - self: Pin<&mut sepolicy>, - s: &str, - t: &str, - c: &str, - d: &str, - o: Vec<&str>, - ); + fn type_transition(self: Pin<&mut sepolicy>, s: &str, t: &str, c: &str, d: &str, o: &str); fn type_change(self: Pin<&mut sepolicy>, s: &str, t: &str, c: &str, d: &str); fn type_member(self: Pin<&mut sepolicy>, s: &str, t: &str, c: &str, d: &str); fn genfscon(self: Pin<&mut sepolicy>, s: &str, t: &str, c: &str); diff --git a/native/src/sepolicy/statement.rs b/native/src/sepolicy/statement.rs index c1b026904..a8aa182d6 100644 --- a/native/src/sepolicy/statement.rs +++ b/native/src/sepolicy/statement.rs @@ -257,9 +257,9 @@ fn exec_statement(sepolicy: Pin<&mut sepolicy>, tokens: &mut Tokens) -> LoggedRe match action { Token::TT => { let o = if tokens.peek().is_none() { - vec![] + "" } else { - vec![parse_id(tokens)?] + parse_id(tokens)? }; sepolicy.type_transition(s, t, c, d, o) }