• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1module linker_test_1 1.0;
2
3require {
4	class file { read write };
5	class lnk_file append;
6	role g_b_role_2;
7	attribute g_b_attr_3;
8	attribute g_b_attr_5;
9	attribute o4_b_attr_1;
10	type g_b_type_3;
11}
12
13type tag_g_m1;
14
15#test for type in module and attr in module, added to in module
16attribute g_m1_attr_1;
17type g_m1_type_1, g_m1_attr_1;
18type g_m1_type_2;
19typeattribute g_m1_type_2 g_m1_attr_1;
20
21#add role in module test
22role g_m1_role_1 types g_m1_type_1;
23
24# test for attr declared in base, added to in module
25type g_m1_type_3;
26typeattribute g_m1_type_3 g_b_attr_3;
27
28# test for attr declared in base, added to in 2 modules
29type g_m1_type_4;
30typeattribute g_m1_type_4 g_b_attr_5;
31
32# test for attr declared in base optional, added to in module
33type g_m1_type_5;
34typeattribute g_m1_type_5 o4_b_attr_1;
35
36# test for attr declared in module, added to in base optional
37attribute g_m1_attr_2;
38
39#add type to base role test
40role g_b_role_2 types g_m1_type_1;
41role g_b_role_3 types g_m1_type_2;
42
43#add type to base optional role test
44role o1_b_role_2 types g_m1_type_1;
45
46#optional base role w/ adds in 2 modules
47role o4_b_role_1 types g_m1_type_2;
48
49# attr a added to in base optional, declared/added to in module, added to in other module
50attribute g_m1_attr_3;
51type g_m1_type_6, g_m1_attr_3;
52
53# attr a added to in base optional, declared/added in module , added to in other module optional
54attribute g_m1_attr_4;
55type g_m1_type_7, g_m1_attr_4;
56
57# alias tests
58typealias g_b_type_3 alias g_m_alias_1;
59
60# single boolean in module
61bool g_m1_bool_1 true;
62if (g_m1_bool_1) {
63	allow g_m1_type_1 g_m1_type_2 : lnk_file append;
64}
65
66
67optional {
68	require {
69		type optional_type;
70		attribute g_b_attr_4;
71		attribute o1_b_attr_2;
72		class lnk_file { ioctl };
73	}
74
75	type tag_o1_m1;
76
77	attribute o1_m1_attr_1;
78	type o1_m1_type_2, o1_m1_attr_1;
79
80	type o1_m1_type_1;
81	role o1_m1_role_1 types o1_m1_type_1;
82
83	type o1_m1_type_3;
84	typeattribute o1_m1_type_3 g_b_attr_4;
85
86	type o1_m1_type_5;
87	typeattribute o1_m1_type_5 o1_b_attr_2;
88
89	bool o1_m1_bool_1 false;
90	if (o1_m1_bool_1) {
91		allow o1_m1_type_2 o1_m1_type_1 : lnk_file ioctl;
92	}
93
94}
95
96optional {
97	require {
98		type optional_type;
99		#role g_b_role_4; // This causes a bug where the role scope doesn't get copied into base
100	}
101
102	type tag_o2_m1;
103
104	role g_b_role_4 types g_m1_type_2;
105}
106
107optional {
108	require {
109		attribute g_b_attr_6;
110	}
111
112	type tag_o3_m1;
113
114	type o3_m1_type_1;
115        role o3_b_role_1 types o3_m1_type_1;
116
117	type o3_m1_type_2, g_b_attr_6;
118
119	attribute o3_m1_attr_1;
120
121	# attr a added to in base optional, declared/added in module optional, added to in other module
122	attribute o3_m1_attr_2;
123	type o3_m1_type_3, o3_m1_attr_2;
124
125}
126
127optional {
128	require {
129		type enable_optional;
130	}
131	type tag_o4_m1;
132
133	attribute o4_m1_attr_1;
134	type o4_m1_type_1;
135	typeattribute o4_m1_type_1 o4_m1_attr_1;
136
137
138}
139