It appears as though that's only for exact matches, and was just refactored to sort_specs()...
From: Roberts, William C Sent: Tuesday, December 29, 2015 12:46 PM To: 'seandroid-list@tycho.nsa.gov' <seandroid-list@tycho.nsa.gov> Subject: fc ordering I was under the impression that fc entry order does not matter. That they are sorted based on how specific the match is.. As per: https://fedoraproject.org/wiki/SELinux/ManagingFileContext In the current Android 6.0 release, I don't see the function sort_specs() anywhere in external/libselinux, or any code that sorts the fc entries. Looks like this code from 6.0: 512 /* Move exact pathname specifications to the end. */ 513 spec_copy = (spec_t *) malloc(sizeof(spec_t) * data->nspec); 514 if (!spec_copy) 515 goto finish; 516 j = 0; 517 for (i = 0; i < data->nspec; i++) 518 if (data->spec_arr[i].hasMetaChars) 519 memcpy(&spec_copy[j++], 520 &data->spec_arr[i], sizeof(spec_t)); 521 for (i = 0; i < data->nspec; i++) 522 if (!data->spec_arr[i].hasMetaChars) 523 memcpy(&spec_copy[j++], 524 &data->spec_arr[i], sizeof(spec_t)); 525 free(data->spec_arr); Was replaced with sort_specs() on upstream libselinux. Does anyone perhaps have any more light to shed? Am I way off here? Bill
_______________________________________________ Seandroid-list mailing list Seandroid-list@tycho.nsa.gov To unsubscribe, send email to seandroid-list-le...@tycho.nsa.gov. To get help, send an email containing "help" to seandroid-list-requ...@tycho.nsa.gov.
