1 module linker_test_1 1.0; 2 3 require { 4 class file { read write }; 5 class lnk_file append; 6 role g_b_role_2; 7 attribute g_b_attr_3; 8 attribute g_b_attr_5; 9 attribute o4_b_attr_1; 10 type g_b_type_3; 11 } 12 13 type tag_g_m1; 14 15 #test for type in module and attr in module, added to in module 16 attribute g_m1_attr_1; 17 type g_m1_type_1, g_m1_attr_1; 18 type g_m1_type_2; 19 typeattribute g_m1_type_2 g_m1_attr_1; 20 21 #add role in module test 22 role g_m1_role_1; 23 role g_m1_role_1 types g_m1_type_1; 24 25 # test for attr declared in base, added to in module 26 type g_m1_type_3; 27 typeattribute g_m1_type_3 g_b_attr_3; 28 29 # test for attr declared in base, added to in 2 modules 30 type g_m1_type_4; 31 typeattribute g_m1_type_4 g_b_attr_5; 32 33 # test for attr declared in base optional, added to in module 34 type g_m1_type_5; 35 typeattribute g_m1_type_5 o4_b_attr_1; 36 37 # test for attr declared in module, added to in base optional 38 attribute g_m1_attr_2; 39 40 #add type to base role test 41 role g_b_role_2 types g_m1_type_1; 42 role g_b_role_3; 43 role g_b_role_3 types g_m1_type_2; 44 45 #add type to base optional role test 46 role o1_b_role_2; 47 role o1_b_role_2 types g_m1_type_1; 48 49 #optional base role w/ adds in 2 modules 50 role o4_b_role_1; 51 role o4_b_role_1 types g_m1_type_2; 52 53 # attr a added to in base optional, declared/added to in module, added to in other module 54 attribute g_m1_attr_3; 55 type g_m1_type_6, g_m1_attr_3; 56 57 # attr a added to in base optional, declared/added in module , added to in other module optional 58 attribute g_m1_attr_4; 59 type g_m1_type_7, g_m1_attr_4; 60 61 # alias tests 62 typealias g_b_type_3 alias g_m_alias_1; 63 64 # single boolean in module 65 bool g_m1_bool_1 true; 66 if (g_m1_bool_1) { 67 allow g_m1_type_1 g_m1_type_2 : lnk_file append; 68 } 69 70 71 optional { 72 require { 73 type optional_type; 74 attribute g_b_attr_4; 75 attribute o1_b_attr_2; 76 class lnk_file { ioctl }; 77 } 78 79 type tag_o1_m1; 80 81 attribute o1_m1_attr_1; 82 type o1_m1_type_2, o1_m1_attr_1; 83 84 type o1_m1_type_1; 85 role o1_m1_role_1; 86 role o1_m1_role_1 types o1_m1_type_1; 87 88 type o1_m1_type_3; 89 typeattribute o1_m1_type_3 g_b_attr_4; 90 91 type o1_m1_type_5; 92 typeattribute o1_m1_type_5 o1_b_attr_2; 93 94 bool o1_m1_bool_1 false; 95 if (o1_m1_bool_1) { 96 allow o1_m1_type_2 o1_m1_type_1 : lnk_file ioctl; 97 } 98 99 } 100 101 optional { 102 require { 103 type optional_type; 104 #role g_b_role_4; // This causes a bug where the role scope doesn't get copied into base 105 } 106 107 type tag_o2_m1; 108 109 role g_b_role_4; 110 role g_b_role_4 types g_m1_type_2; 111 } 112 113 optional { 114 require { 115 attribute g_b_attr_6; 116 } 117 118 type tag_o3_m1; 119 120 type o3_m1_type_1; 121 role o3_b_role_1; 122 role o3_b_role_1 types o3_m1_type_1; 123 124 type o3_m1_type_2, g_b_attr_6; 125 126 attribute o3_m1_attr_1; 127 128 # attr a added to in base optional, declared/added in module optional, added to in other module 129 attribute o3_m1_attr_2; 130 type o3_m1_type_3, o3_m1_attr_2; 131 132 } 133 134 optional { 135 require { 136 type enable_optional; 137 } 138 type tag_o4_m1; 139 140 attribute o4_m1_attr_1; 141 type o4_m1_type_1; 142 typeattribute o4_m1_type_1 o4_m1_attr_1; 143 144 145 } 146
