I was looking a problem Brian showed me with nested control resources not working. The framework policy
domain parent;
domain parent.c1;
domain parent.c2;
resource mqueues@parent.c1;
access parent.c2 mqueues@parent.c1 write;
has problems with finding the resource mqueues@parent.c1
The problem exists in where the resource is stored and how it should be retrieved. It looks like this problem has existed for a very long time. Probably since the changes in how the policy is structured in memory to support the GUI (changeset:1408).
Anyway, in comparing the policy above to this policy (which works) I noticed some interesting things:
domain foo;
domain bar;
resource mqueues@bar;
access foo mqueues@bar write;
In this second case everything works as expected.
But when digging in, it looks strange. It looks like the resource mqueues@bar is stored at the top level. But the resource mqueues@parent.c1 is being stored as a child of c1 and then the lookup doesn't find it. It seems like this case should be stored as mqueues@c1 as a child of parent.
Problems appear to exist in the functions Policy.GetComponent? (), ControlResource? constructor, possibly in PolicyParser?.ComponentName? ().
I have created test case 100 which duplicates the problem and note that test case 82 is as case with control resources (not nested) which works ok.
