Stephen Smalley | 3057bcf | 2015-03-18 08:33:45 -0400 | [diff] [blame] | 1 | * Add device tree ocontext nodes to Xen policy, from Daniel De Graaf. |
| 2 | |
Steve Lawrence | f0c9966 | 2015-02-02 09:38:10 -0500 | [diff] [blame] | 3 | 1.2.2 2015-02-02 |
Steve Lawrence | ff5bbe6 | 2014-10-01 14:47:16 -0400 | [diff] [blame] | 4 | * Fix bugs found by hardened gcc flags, from Nicolas Iooss. |
Steve Lawrence | 79fd2d0 | 2014-08-26 09:48:54 -0400 | [diff] [blame] | 5 | * Remove unnecessary grammar in interface call param list to fix poor |
Steve Lawrence | 8f9d3a7 | 2014-08-26 13:58:44 -0400 | [diff] [blame] | 6 | interface vectors, from Steve Lawrence |
Steve Lawrence | 79fd2d0 | 2014-08-26 09:48:54 -0400 | [diff] [blame] | 7 | |
Stephen Smalley | 75fdea9 | 2013-10-31 10:13:10 -0400 | [diff] [blame] | 8 | 1.2.1 2013-10-31 |
| 9 | * Add back attributes flag to fix exception crash from Dan Walsh. |
| 10 | |
Stephen Smalley | 7c4bb77 | 2013-10-30 12:45:19 -0400 | [diff] [blame] | 11 | 1.2 2013-10-30 |
Stephen Smalley | 8e5d465 | 2013-10-30 12:42:05 -0400 | [diff] [blame] | 12 | * Return additional constraint information. |
Stephen Smalley | a080100 | 2013-10-25 15:14:23 -0400 | [diff] [blame] | 13 | * Fix bug in calls to attributes from Dan Walsh. |
| 14 | * Add support for filename transitions from Dan Walsh. |
| 15 | * Fix sepolgen tests from Dan Walsh. |
| 16 | |
Eric Paris | e9410c9 | 2013-02-01 16:57:55 -0500 | [diff] [blame] | 17 | 1.1.9 2013-02-01 |
| 18 | * audit.py: Handle times in foreign locals for audit2allow -b |
| 19 | * Use refpolicy_makefile() instead of hardcoding Makefile path |
| 20 | * understand role attributes |
| 21 | |
Eric Paris | 8638197 | 2012-09-13 10:33:58 -0400 | [diff] [blame] | 22 | 1.1.8 2012-09-13 |
| 23 | * Allow returning of bastard matches |
| 24 | * sepolgen: return and output constraint violation information |
| 25 | * audit2allow: one role/type pair per line |
| 26 | |
Eric Paris | f05a71b | 2012-06-28 14:02:29 -0400 | [diff] [blame] | 27 | 1.1.7 2012-06-28 |
| 28 | * Make use of setools optional within sepolgen |
| 29 | * We need to support files that have a + in them |
| 30 | |
Eric Paris | 7a86fe1 | 2012-03-28 15:44:05 -0400 | [diff] [blame] | 31 | 1.1.6 2012-03-28 |
| 32 | * Fix dead links to www.nsa.gov/selinux |
| 33 | * audit.py Dont crash if empty data is passed to sepolgen |
| 34 | * do not use md5 when calculating hash signatures |
| 35 | * fix detection of policy loads |
| 36 | |
Eric Paris | 339f807 | 2011-12-21 12:46:04 -0500 | [diff] [blame] | 37 | 1.1.5 2011-12-21 |
| 38 | * better analysis of why things broke |
| 39 | |
Eric Paris | d65c02f | 2011-12-05 16:20:45 -0500 | [diff] [blame] | 40 | 1.1.4 2011-12-05 |
| 41 | * Allow ~ as a file identifier |
| 42 | |
Eric Paris | 14e4b70 | 2011-11-03 15:26:36 -0400 | [diff] [blame] | 43 | 1.1.3 2011-11-03 |
| 44 | * Ignore permissive qualifier if found in an interface |
| 45 | * Return name field in avc data |
| 46 | |
Eric Paris | 418dbc7 | 2011-09-16 15:34:36 -0400 | [diff] [blame] | 47 | 1.1.2 2011-09-15 |
| 48 | * src: sepolgen: add attribute storing infrastructure |
| 49 | * Change perm-map and add open to try to get better results on |
| 50 | * look for booleans that might solve problems |
| 51 | * sepolgen: audit2allow is mistakakenly not allowing valid module names |
| 52 | * tree: default make target to all not install |
| 53 | |
Eric Paris | 1f8cf40 | 2011-08-26 15:11:58 -0400 | [diff] [blame] | 54 | 1.1.1 2011-08-26 |
| 55 | * refparser: include open among valid permissions |
| 56 | * refparser: add support for filename_trans rules |
| 57 | |
Steve Lawrence | 44121f6 | 2011-07-26 09:39:09 -0400 | [diff] [blame] | 58 | 1.1.0 2011-07-27 |
| 59 | * Release, minor version bump |
| 60 | |
Joshua Brindle | 4bbaeeb | 2010-03-24 13:47:39 -0400 | [diff] [blame] | 61 | 1.0.23 2010-03-24 |
| 62 | * Fix unit tests from Dan Walsh. |
| 63 | |
| 64 | 1.0.22 2010-03-23 |
| 65 | * improve parser error recovery from Karl MacMillan. |
| 66 | |
Joshua Brindle | e796cee | 2010-03-18 16:52:16 -0400 | [diff] [blame] | 67 | 1.0.21 2010-03-18 |
| 68 | * Add since-last-boot option to audit2allow from Dan Walsh. |
| 69 | * Fix sepolgen output to match what Chris expects for upstream |
| 70 | refpolicy from Dan Walsh. |
| 71 | |
Joshua Brindle | b5b2c2c | 2010-03-12 08:32:38 -0500 | [diff] [blame] | 72 | 1.0.20 2010-03-12 |
| 73 | * Add dontaudit flag to audit2allow from Dan Walsh. |
| 74 | |
Joshua Brindle | 32cf5d5 | 2009-11-27 15:03:02 -0500 | [diff] [blame] | 75 | 1.0.19 2009-11-27 |
| 76 | * fix sepolgen to read a "type 1403" msg as a policy load by Stephen |
| 77 | Smalley <sds@tycho.nsa.gov> |
| 78 | |
Joshua Brindle | f3c3bbd | 2009-10-14 15:54:16 -0400 | [diff] [blame] | 79 | 1.0.18 2009-10-14 |
| 80 | * Add support for Xen ocontexts from Paul Nuzzi. |
| 81 | |
Joshua Brindle | 4fabd7d | 2009-05-05 20:20:36 -0400 | [diff] [blame] | 82 | 1.0.17 2009-05-15 |
| 83 | * Fix typo in RoleTypeSet from Marshall Miller. |
| 84 | |
Joshua Brindle | 6ed00ee | 2009-02-17 12:19:32 -0500 | [diff] [blame] | 85 | 1.0.16 2009-02-18 |
| 86 | * Convert sepolgen to using hashlib instead of the deprecated md5 |
| 87 | module from Dan Walsh. |
| 88 | |
Joshua Brindle | a5dfb3a | 2009-01-12 10:49:36 -0500 | [diff] [blame] | 89 | 1.0.15 2009-01-12 |
| 90 | * fix to return length of role dict for len(roles) from Dan Walsh. |
| 91 | |
Joshua Brindle | 5214ee3 | 2008-09-07 18:57:50 -0400 | [diff] [blame] | 92 | 1.0.14 2008-09-12 |
| 93 | * fix multiple gen_requires block generation from Dan Walsh. |
| 94 | |
Joshua Brindle | 13cd4c8 | 2008-08-19 15:30:36 -0400 | [diff] [blame] | 95 | 1.0.13 2008-07-29 |
| 96 | * Only append s0 suffix if MLS is enabled from Karl MacMillan. |
| 97 | |
| 98 | 1.0.12 2008-06-30 |
| 99 | * Fix generation of role-type and role allow rules from Karl MacMillan. |
| 100 | |
| 101 | 1.0.11 2008-01-23 |
| 102 | * Merged sepolgen fixes from Dan Walsh. |
| 103 | |
| 104 | 1.0.10 2007-09-10 |
| 105 | * Expand the sepolgen parser to parse all current refpolicy modules from Karl MacMillan. |
| 106 | * Suppress generation of rules for non-denials from Karl MacMillan (take 3). |
| 107 | |
| 108 | 1.0.9 2007-08-16 |
| 109 | * Supress generation of rules for non-denials from Karl MacMillan. |
| 110 | |
| 111 | 1.0.8 2007-04-10 |
| 112 | * Merged updates to sepolgen parser and tools from Karl MacMillan. |
| 113 | This includes improved debugging support, handling of interface |
| 114 | calls with list parameters, support for role transition rules, |
| 115 | updated range transition rule support, and looser matching. |
| 116 | |
| 117 | 1.0.7 2007-03-26 |
| 118 | * Merged patch to discard self from types when generating requires from Karl MacMillan. |
| 119 | |
| 120 | 1.0.6 2007-03-21 |
| 121 | * Merged patch to move the sepolgen runtime data from /usr/share to /var/lib to facilitate a read-only /usr from Karl MacMillan. |
| 122 | |
| 123 | 1.0.5 2007-03-21 |
| 124 | * Merged patch to fix type_transition style and unit tests from Karl MacMillan. |
| 125 | |
| 126 | 1.0.4 2007-03-01 |
| 127 | * Merged better matching for refpolicy style from Karl MacMillan |
| 128 | * Merged support for extracting interface paramaters from interface calls from Karl MacMillan |
| 129 | * Merged support for parsing USER_AVC audit messages from Karl MacMillan. |
| 130 | |
| 131 | 1.0.3 2007-02-27 |
| 132 | * Merged support for enabling parser debugging from Karl MacMillan. |
| 133 | |
| 134 | 1.0.2 2007-02-22 |
| 135 | * Merged patch to leave generated files (e.g. local.te) in current directory from Karl MacMillan. |
| 136 | * Merged patch to make run-tests.py use unittest.main from Karl MacMillan. |
| 137 | * Merged patch to update PLY from Karl MacMillan. |
| 138 | * Merged patch to update the sepolgen parser to handle the latest reference policy from Karl MacMillan. |
| 139 | |
| 140 | 1.0.1 2007-02-21 |
| 141 | * Merged Makefile and refparser.py patch from Dan Walsh. |
| 142 | Fixes PYTHONLIBDIR definition and error handling on interface files. |
| 143 | |
| 144 | 1.0.0 2007-02-05 |
| 145 | * Initial merge from Karl MacMillan. |
| 146 | |