16cd6a6acSopenharmony_ci;; Minimum stuff
26cd6a6acSopenharmony_ci(class CLASS (PERM))
36cd6a6acSopenharmony_ci(classorder (CLASS))
46cd6a6acSopenharmony_ci(sid SID)
56cd6a6acSopenharmony_ci(sidorder (SID))
66cd6a6acSopenharmony_ci(user USER)
76cd6a6acSopenharmony_ci(role ROLE)
86cd6a6acSopenharmony_ci(type TYPE)
96cd6a6acSopenharmony_ci(category CAT)
106cd6a6acSopenharmony_ci(categoryorder (CAT))
116cd6a6acSopenharmony_ci(sensitivity SENS)
126cd6a6acSopenharmony_ci(sensitivityorder (SENS))
136cd6a6acSopenharmony_ci(sensitivitycategory SENS (CAT))
146cd6a6acSopenharmony_ci(allow TYPE self (CLASS (PERM)))
156cd6a6acSopenharmony_ci(roletype ROLE TYPE)
166cd6a6acSopenharmony_ci(userrole USER ROLE)
176cd6a6acSopenharmony_ci(userlevel USER (SENS))
186cd6a6acSopenharmony_ci(userrange USER ((SENS)(SENS (CAT))))
196cd6a6acSopenharmony_ci(sidcontext SID (USER ROLE TYPE ((SENS)(SENS))))
206cd6a6acSopenharmony_ci;; Extra stuff
216cd6a6acSopenharmony_ci(common COMMON (PERM1 PERM2 PERM3 PERM4))
226cd6a6acSopenharmony_ci(classcommon CLASS COMMON)
236cd6a6acSopenharmony_ci
246cd6a6acSopenharmony_ci
256cd6a6acSopenharmony_ci;; Check global resolution
266cd6a6acSopenharmony_ci(type t0)
276cd6a6acSopenharmony_ci(allow t0 self (CLASS (PERM1)))
286cd6a6acSopenharmony_ci(allow .t0 self (CLASS (PERM2)))
296cd6a6acSopenharmony_ci
306cd6a6acSopenharmony_ci
316cd6a6acSopenharmony_ci;; Check block and sub-block resolution
326cd6a6acSopenharmony_ci(block b1a
336cd6a6acSopenharmony_ci  (type t1a)
346cd6a6acSopenharmony_ci  (allow t1a self (CLASS (PERM)))
356cd6a6acSopenharmony_ci  (allow b1b.t1b self (CLASS (PERM)))
366cd6a6acSopenharmony_ci  (block b1b
376cd6a6acSopenharmony_ci    (type t1b)
386cd6a6acSopenharmony_ci    (allow t1a self (CLASS (PERM1)))
396cd6a6acSopenharmony_ci    (allow t1b self (CLASS (PERM1)))
406cd6a6acSopenharmony_ci    (allow .b1a.t1a self (CLASS (PERM2)))
416cd6a6acSopenharmony_ci    (allow .b1a.b1b.t1b self (CLASS (PERM2)))
426cd6a6acSopenharmony_ci  )
436cd6a6acSopenharmony_ci)
446cd6a6acSopenharmony_ci(allow b1a.t1a self (CLASS (PERM3)))
456cd6a6acSopenharmony_ci(allow b1a.b1b.t1b self (CLASS (PERM3)))
466cd6a6acSopenharmony_ci(allow .b1a.t1a self (CLASS (PERM4)))
476cd6a6acSopenharmony_ci(allow .b1a.b1b.t1b self (CLASS (PERM4)))
486cd6a6acSopenharmony_ci
496cd6a6acSopenharmony_ci
506cd6a6acSopenharmony_ci;; Check macro arg resolution
516cd6a6acSopenharmony_ci(type t2)
526cd6a6acSopenharmony_ci(macro m2 ((type t))
536cd6a6acSopenharmony_ci  (allow t self (CLASS (PERM)))
546cd6a6acSopenharmony_ci)
556cd6a6acSopenharmony_ci(call m2 (t2))
566cd6a6acSopenharmony_ci
576cd6a6acSopenharmony_ci
586cd6a6acSopenharmony_ci;; Check resolution for a macro with a parent decl
596cd6a6acSopenharmony_ci(block b3
606cd6a6acSopenharmony_ci  (type t3)
616cd6a6acSopenharmony_ci  (macro m3 ()
626cd6a6acSopenharmony_ci    (allow t3 self (CLASS (PERM)))
636cd6a6acSopenharmony_ci  )
646cd6a6acSopenharmony_ci)
656cd6a6acSopenharmony_ci(call b3.m3)
666cd6a6acSopenharmony_ci
676cd6a6acSopenharmony_ci
686cd6a6acSopenharmony_ci;; Check resolution for a macro with a caller decl
696cd6a6acSopenharmony_ci(block b4
706cd6a6acSopenharmony_ci  (block b4a
716cd6a6acSopenharmony_ci    (macro m4 ()
726cd6a6acSopenharmony_ci      (allow t4 self (CLASS (PERM)))
736cd6a6acSopenharmony_ci    )
746cd6a6acSopenharmony_ci  )
756cd6a6acSopenharmony_ci  (block b4b
766cd6a6acSopenharmony_ci    (type t4)
776cd6a6acSopenharmony_ci    (call .b4.b4a.m4)
786cd6a6acSopenharmony_ci  )
796cd6a6acSopenharmony_ci)
806cd6a6acSopenharmony_ci
816cd6a6acSopenharmony_ci
826cd6a6acSopenharmony_ci;; Check resolution for blockinherits with type in inheriting block
836cd6a6acSopenharmony_ci(block b5a
846cd6a6acSopenharmony_ci  (type t5a)
856cd6a6acSopenharmony_ci  (block b5b
866cd6a6acSopenharmony_ci    (allow t5a self (CLASS (PERM1)))
876cd6a6acSopenharmony_ci  )
886cd6a6acSopenharmony_ci)
896cd6a6acSopenharmony_ci
906cd6a6acSopenharmony_ci(block b5c
916cd6a6acSopenharmony_ci  (type t5a)
926cd6a6acSopenharmony_ci  (blockinherit b5a.b5b)
936cd6a6acSopenharmony_ci  (allow t5a self (CLASS (PERM2)))
946cd6a6acSopenharmony_ci)
956cd6a6acSopenharmony_ci
966cd6a6acSopenharmony_ci;; Check resolution for blockinherits with no type in inheriting block
976cd6a6acSopenharmony_ci(block b6a
986cd6a6acSopenharmony_ci  (type t6a)
996cd6a6acSopenharmony_ci  (block b6b
1006cd6a6acSopenharmony_ci    (allow t6a self (CLASS (PERM1)))
1016cd6a6acSopenharmony_ci  )
1026cd6a6acSopenharmony_ci)
1036cd6a6acSopenharmony_ci
1046cd6a6acSopenharmony_ci(block b6c
1056cd6a6acSopenharmony_ci  (blockinherit b6a.b6b) ;; This does not cause an error.
1066cd6a6acSopenharmony_ci  ;;(allow t6a self (CLASS (PERM2))) ;; This causes an error
1076cd6a6acSopenharmony_ci)
1086cd6a6acSopenharmony_ci
1096cd6a6acSopenharmony_ci
1106cd6a6acSopenharmony_ci;; Check for proper resolution of t
1116cd6a6acSopenharmony_ci(block b7
1126cd6a6acSopenharmony_ci  (type t)
1136cd6a6acSopenharmony_ci  (macro m7 ((type t))
1146cd6a6acSopenharmony_ci    (allow t self (CLASS (PERM)))
1156cd6a6acSopenharmony_ci  )
1166cd6a6acSopenharmony_ci  (allow t self (CLASS (PERM1)))
1176cd6a6acSopenharmony_ci  (block b7a
1186cd6a6acSopenharmony_ci    (type t)
1196cd6a6acSopenharmony_ci    (allow t self (CLASS (PERM2)))
1206cd6a6acSopenharmony_ci    (block b7b
1216cd6a6acSopenharmony_ci      (type t)
1226cd6a6acSopenharmony_ci      (allow t self (CLASS (PERM3)))
1236cd6a6acSopenharmony_ci      (call m7 (t))
1246cd6a6acSopenharmony_ci    )
1256cd6a6acSopenharmony_ci  )
1266cd6a6acSopenharmony_ci)
1276cd6a6acSopenharmony_ci
1286cd6a6acSopenharmony_ci
1296cd6a6acSopenharmony_ci;; Check that improper name causes an error
1306cd6a6acSopenharmony_ci(block b8
1316cd6a6acSopenharmony_ci  (optional o8a
1326cd6a6acSopenharmony_ci    (type t8a)
1336cd6a6acSopenharmony_ci  )
1346cd6a6acSopenharmony_ci  (in o8a
1356cd6a6acSopenharmony_ci    (allow t8a self (CLASS (PERM1)))
1366cd6a6acSopenharmony_ci  )
1376cd6a6acSopenharmony_ci  ;;(allow o8a.t8a self (CLASS (PERM))) ;; Bad name
1386cd6a6acSopenharmony_ci  (macro m8 ((type t))
1396cd6a6acSopenharmony_ci    (allow t self (CLASS (PERM1)))
1406cd6a6acSopenharmony_ci  )
1416cd6a6acSopenharmony_ci  ;;(allow m8.t self (CLASS (PERM))) ;; Bad name
1426cd6a6acSopenharmony_ci)
1436cd6a6acSopenharmony_ci
1446cd6a6acSopenharmony_ci
1456cd6a6acSopenharmony_ci;;
1466cd6a6acSopenharmony_ci;; Expected:
1476cd6a6acSopenharmony_ci;;
1486cd6a6acSopenharmony_ci;; Types:
1496cd6a6acSopenharmony_ci;;   t0
1506cd6a6acSopenharmony_ci;;   b1a.t1a, b1a.b1b.t1b
1516cd6a6acSopenharmony_ci;;   t2
1526cd6a6acSopenharmony_ci;;   b3.t3
1536cd6a6acSopenharmony_ci;;   b4.b4b.t4
1546cd6a6acSopenharmony_ci;;   b5a.t5a, b5c.t5a
1556cd6a6acSopenharmony_ci;;   b6a.t6a
1566cd6a6acSopenharmony_ci;;   b7.t, b7.b7a.t, b7.b7a.b7b.t
1576cd6a6acSopenharmony_ci;;   b8.t8a
1586cd6a6acSopenharmony_ci;;
1596cd6a6acSopenharmony_ci;; Allow rules:
1606cd6a6acSopenharmony_ci;;   allow t0 t0 : CLASS { PERM1 PERM2 };
1616cd6a6acSopenharmony_ci;;   allow b1a.b1b.t1b b1a.b1b.t1b : CLASS { PERM PERM1 PERM2 PERM3 PERM4 };
1626cd6a6acSopenharmony_ci;;   allow b1a.t1a b1a.t1a : CLASS { PERM PERM1 PERM2 PERM3 PERM4 };
1636cd6a6acSopenharmony_ci;;   allow t2 t2 : CLASS { PERM };
1646cd6a6acSopenharmony_ci;;   allow b3.t3 b3.t3 : CLASS { PERM };
1656cd6a6acSopenharmony_ci;;   allow b4.b4b.t4 b4.b4b.t4 : CLASS { PERM };
1666cd6a6acSopenharmony_ci;;   allow b5a.t5a b5a.t5a : CLASS { PERM1 };
1676cd6a6acSopenharmony_ci;;   allow b5c.t5a b5c.t5a : CLASS { PERM1 PERM2 };
1686cd6a6acSopenharmony_ci;;   allow b6a.t6a b6a.t6a : CLASS { PERM1 };
1696cd6a6acSopenharmony_ci;;   allow b7.b7a.b7b.t b7.b7a.b7b.t : CLASS { PERM PERM3 };
1706cd6a6acSopenharmony_ci;;   allow b7.b7a.t b7.b7a.t : CLASS { PERM2 };
1716cd6a6acSopenharmony_ci;;   allow b7.t b7.t : CLASS { PERM1 };
1726cd6a6acSopenharmony_ci;;   allow b8.t8a b8.t8a : CLASS { PERM1 };
173