1module linker_test_1 1.0;
2
3require {
4	class file { read write };
5	class lnk_file append;
6	role g_b_role_2;
7	attribute g_b_attr_3;
8	attribute g_b_attr_5;
9	attribute o4_b_attr_1;
10	type g_b_type_3;
11}
12
13type tag_g_m1;
14
15#test for type in module and attr in module, added to in module
16attribute g_m1_attr_1;
17type g_m1_type_1, g_m1_attr_1;
18type g_m1_type_2;
19typeattribute g_m1_type_2 g_m1_attr_1;
20
21#add role in module test
22role g_m1_role_1;
23role g_m1_role_1 types g_m1_type_1;
24
25# test for attr declared in base, added to in module
26type g_m1_type_3;
27typeattribute g_m1_type_3 g_b_attr_3;
28
29# test for attr declared in base, added to in 2 modules
30type g_m1_type_4;
31typeattribute g_m1_type_4 g_b_attr_5;
32
33# test for attr declared in base optional, added to in module
34type g_m1_type_5;
35typeattribute g_m1_type_5 o4_b_attr_1;
36
37# test for attr declared in module, added to in base optional
38attribute g_m1_attr_2;
39
40#add type to base role test
41role g_b_role_2 types g_m1_type_1;
42role g_b_role_3;
43role g_b_role_3 types g_m1_type_2;
44
45#add type to base optional role test
46role o1_b_role_2;
47role o1_b_role_2 types g_m1_type_1;
48
49#optional base role w/ adds in 2 modules
50role o4_b_role_1;
51role o4_b_role_1 types g_m1_type_2;
52
53# attr a added to in base optional, declared/added to in module, added to in other module
54attribute g_m1_attr_3;
55type g_m1_type_6, g_m1_attr_3;
56
57# attr a added to in base optional, declared/added in module , added to in other module optional
58attribute g_m1_attr_4;
59type g_m1_type_7, g_m1_attr_4;
60
61# alias tests
62typealias g_b_type_3 alias g_m_alias_1;
63
64# single boolean in module
65bool g_m1_bool_1 true;
66if (g_m1_bool_1) {
67	allow g_m1_type_1 g_m1_type_2 : lnk_file append;
68}
69
70
71optional {
72	require {
73		type optional_type;
74		attribute g_b_attr_4;
75		attribute o1_b_attr_2;
76		class lnk_file { ioctl };
77	}
78
79	type tag_o1_m1;
80
81	attribute o1_m1_attr_1;
82	type o1_m1_type_2, o1_m1_attr_1;
83
84	type o1_m1_type_1;
85	role o1_m1_role_1;
86	role o1_m1_role_1 types o1_m1_type_1;
87
88	type o1_m1_type_3;
89	typeattribute o1_m1_type_3 g_b_attr_4;
90
91	type o1_m1_type_5;
92	typeattribute o1_m1_type_5 o1_b_attr_2;
93
94	bool o1_m1_bool_1 false;
95	if (o1_m1_bool_1) {
96		allow o1_m1_type_2 o1_m1_type_1 : lnk_file ioctl;
97	}
98
99}
100
101optional {
102	require {
103		type optional_type;
104		#role g_b_role_4; // This causes a bug where the role scope doesn't get copied into base
105	}
106
107	type tag_o2_m1;
108
109	role g_b_role_4;
110	role g_b_role_4 types g_m1_type_2;
111}
112
113optional {
114	require {
115		attribute g_b_attr_6;
116	}
117
118	type tag_o3_m1;
119
120	type o3_m1_type_1;
121	role o3_b_role_1;
122        role o3_b_role_1 types o3_m1_type_1;
123
124	type o3_m1_type_2, g_b_attr_6;
125
126	attribute o3_m1_attr_1;
127
128	# attr a added to in base optional, declared/added in module optional, added to in other module
129	attribute o3_m1_attr_2;
130	type o3_m1_type_3, o3_m1_attr_2;
131
132}
133
134optional {
135	require {
136		type enable_optional;
137	}
138	type tag_o4_m1;
139
140	attribute o4_m1_attr_1;
141	type o4_m1_type_1;
142	typeattribute o4_m1_type_1 o4_m1_attr_1;
143
144
145}
146