On 09/16/2016 11:08 AM, William Roberts wrote: > On Fri, Sep 16, 2016 at 7:41 AM, Stephen Smalley <s...@tycho.nsa.gov> wrote: >> On 09/16/2016 09:08 AM, Janis Danisevskis wrote: >>> This patch reestablishes the default behavior of sefcontext_compile >>> to include precompiled regular expressions in the output. If linked >>> against PCRE2 the flag "-r" now causes the precompiled regular >>> expressions to be omitted from the output. >> >> I thought your original rationale was more compelling. If we add >> detection of the relevant arch properties, then we can do this. >> Otherwise, I don't think we should. > > I was assuming based on the thread earlier that those patches would be coming. > If we cant detect and compile on the current "undefined behavior" > case, then this > needs to stay as is. > > But I thought someone had a list of PCRE things that can be checked for > "arch", > so its just a matter of encoding those, assuming that list is correct. > > Binary file_contexts only make sense if you compile in the regex info, else > just use the textual representation.
That was my thought originally, but Janis did say that it was still faster, and Android presently only ships file_contexts.bin, so we can't just break that. _______________________________________________ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
