Codebase list secilc / ea1e093
New upstream version 3.1 Laurent Bigonville 3 years ago
6 changed file(s) with 142 addition(s) and 6 deletion(s). Raw diff Collapse all Expand all
+2
-0
.gitignore less more
66 docs/html
77 docs/pdf
88 docs/tmp
9 opt-actual.bin
10 opt-actual.cil
+9
-0
Makefile less more
1212 SECILC_MANPAGE = secilc.8
1313 SECIL2CONF_MANPAGE = secil2conf.8
1414 XMLTO = xmlto
15 DIFF = diff
16
17 CHECKPOLICY = checkpolicy
18 POL_VERS = $(shell $(CHECKPOLICY) -V | cut -f 1 -d ' ')
1519
1620 CFLAGS ?= -Wall -Wshadow -Wextra -Wundef -Wmissing-format-attribute -Wcast-align -Wstrict-prototypes -Wpointer-arith -Wunused
1721
2529
2630 test: $(SECILC)
2731 ./$(SECILC) test/policy.cil
32 ./$(SECILC) -c $(POL_VERS) -O -M 1 -f /dev/null -o opt-actual.bin test/opt-input.cil
33 $(CHECKPOLICY) -b -C -M -o opt-actual.cil opt-actual.bin >/dev/null
34 $(DIFF) test/opt-expected.cil opt-actual.cil
2835
2936 $(SECIL2CONF): $(SECIL2CONF_OBJS)
3037 $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LDLIBS)
5764 rm -f file_contexts
5865 rm -f $(SECILC_MANPAGE)
5966 rm -f $(SECIL2CONF_MANPAGE)
67 rm -f opt-actual.cil
68 rm -f opt-actual.bin
6069 $(MAKE) -C docs clean
6170
6271 relabel:
+1
-1
VERSION less more
0 3.0
0 3.1
+5
-5
docs/Makefile less more
0 CWD ?= $(shell pwd)
1 HTMLDIR ?= $(CWD)/html
2 PDFDIR ?= $(CWD)/pdf
3 TMPDIR ?= $(CWD)/tmp
4 TESTDIR ?= $(CWD)/../test
0 CWD = $(shell pwd)
1 HTMLDIR = $(CWD)/html
2 PDFDIR = $(CWD)/pdf
3 TMPDIR = $(CWD)/tmp
4 TESTDIR = $(CWD)/../test
55
66 # All the markdown files that make up the guide:
77 FILE_LIST ?= cil_introduction.md \
+60
-0
test/opt-expected.cil less more
0 (handleunknown deny)
1 (class cl01 (p01a p01b p11a p11b))
2 (classorder (cl01))
3 (sid kernel)
4 (sidorder (kernel))
5 (mls true)
6 (sensitivity s01)
7 (sensitivityorder (s01))
8 (category c01)
9 (categoryorder (c01))
10 (sensitivitycategory s01 (c01))
11 (typeattribute at01)
12 (typeattribute at02)
13 (boolean b01 false)
14 (type tp01)
15 (type tp02)
16 (type tp04)
17 (type tpr1)
18 (type tpr2)
19 (type tpr3)
20 (type tpr4)
21 (type tpr5)
22 (typeattributeset at01 (tp01))
23 (typeattributeset at02 (tp01 tp02))
24 (allow at02 tpr1 (cl01 (p01a p01b p11a)))
25 (allow at02 tpr3 (cl01 (p01a p01b p11a)))
26 (allow tp01 at01 (cl01 (p11b)))
27 (allow tp01 self (cl01 (p01a p01b p11a)))
28 (allow tp01 tpr1 (cl01 (p11b)))
29 (dontaudit at02 tpr2 (cl01 (p01a p01b p11a)))
30 (dontaudit at02 tpr4 (cl01 (p01a p01b p11a)))
31 (dontaudit tp01 tpr2 (cl01 (p11b)))
32 (booleanif b01
33 (true
34 (allow tp01 tpr3 (cl01 (p11b)))
35 (allow tp01 tpr5 (cl01 (p01a p01b p11a p11b)))
36 (allow tp02 tpr5 (cl01 (p01a p11a)))
37 (dontaudit tp01 tpr4 (cl01 (p11b)))
38 )
39 (false
40 (allow at02 tpr5 (cl01 (p01a p01b p11a)))
41 )
42 )
43 (role object_r)
44 (role rl01)
45 (roletype rl01 tp01)
46 (roletype object_r tp01)
47 (roletype object_r tp02)
48 (roletype object_r tp04)
49 (roletype object_r tpr1)
50 (roletype object_r tpr2)
51 (roletype object_r tpr3)
52 (roletype object_r tpr4)
53 (roletype object_r tpr5)
54 (user us01)
55 (userrole us01 object_r)
56 (userrole us01 rl01)
57 (userlevel us01 (s01))
58 (userrange us01 ((s01) (s01)))
59 (sidcontext kernel (us01 rl01 tp01 ((s01) (s01))))
+65
-0
test/opt-input.cil less more
0 (handleunknown deny)
1 (class cl01 (p01a p01b p11a p11b))
2 (classorder (cl01))
3 (sid kernel)
4 (sidorder (kernel))
5 (mls true)
6 (sensitivity s01)
7 (sensitivityorder (s01))
8 (category c01)
9 (categoryorder (c01))
10 (sensitivitycategory s01 (c01))
11 (typeattribute at01)
12 (typeattribute at02)
13 (boolean b01 false)
14 (type tp01)
15 (type tp02)
16 (type tp04)
17 (type tpr1)
18 (type tpr2)
19 (type tpr3)
20 (type tpr4)
21 (type tpr5)
22 (typeattributeset at01 (tp01))
23 (typeattributeset at02 (tp01 tp02))
24 (allow at02 tpr1 (cl01 (p11a p01a p01b)))
25 (allow at02 tpr3 (cl01 (p11a p01a p01b)))
26 (allow tp01 at01 (cl01 (p11b)))
27 (allow tp01 self (cl01 (p11a p01a)))
28 (allow tp01 tp01 (cl01 (p01b)))
29 (allow tp01 tpr1 (cl01 (p11a p11b p01a p01b)))
30 (allow tp02 tpr1 (cl01 (p11a p01a)))
31 (dontaudit at02 tpr2 (cl01 (p11a p01a p01b)))
32 (dontaudit at02 tpr4 (cl01 (p11a p01a p01b)))
33 (dontaudit tp01 tpr2 (cl01 (p11a p11b p01a p01b)))
34 (dontaudit tp02 tpr2 (cl01 (p11a p01a)))
35 (booleanif (b01)
36 (true
37 (allow tp01 tpr3 (cl01 (p11a p11b p01a p01b)))
38 (allow tp01 tpr5 (cl01 (p11a p11b p01a p01b)))
39 (allow tp02 tpr3 (cl01 (p11a p01a)))
40 (allow tp02 tpr5 (cl01 (p11a p01a)))
41 (dontaudit tp01 tpr4 (cl01 (p11a p11b p01a p01b)))
42 (dontaudit tp02 tpr4 (cl01 (p11a p01a)))
43 )
44 (false
45 (allow at02 tpr5 (cl01 (p11a p01a p01b)))
46 )
47 )
48 (role object_r)
49 (role rl01)
50 (roletype rl01 tp01)
51 (roletype object_r tp01)
52 (roletype object_r tp02)
53 (roletype object_r tp04)
54 (roletype object_r tpr1)
55 (roletype object_r tpr2)
56 (roletype object_r tpr3)
57 (roletype object_r tpr4)
58 (roletype object_r tpr5)
59 (user us01)
60 (userrole us01 object_r)
61 (userrole us01 rl01)
62 (userlevel us01 (s01))
63 (userrange us01 ((s01) (s01)))
64 (sidcontext kernel (us01 rl01 tp01 ((s01) (s01))))