Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 1 | SELinux Common Intermediate Language (CIL) Compiler |
| 2 | |
| 3 | INTRODUCTION |
| 4 | |
| 5 | The SELinux CIL Compiler is a compiler that converts the CIL language as |
| 6 | described on the CIL design wiki into a kernel binary policy file. |
| 7 | Please see the CIL Design Wiki at: |
| 8 | http://github.com/SELinuxProject/cil/wiki/ |
| 9 | for more information about the goals and features on the CIL language. |
| 10 | |
| 11 | DEPENDENCIES |
| 12 | |
| 13 | gcc >= 4.5.1 |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 14 | libsepol >= 2.4 |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 15 | |
| 16 | |
| 17 | BUILD STEPS |
| 18 | |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 19 | Run "make" with one of the following targets: |
| 20 | |
| 21 | make |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 22 | Build the CIL compiler (secilc). |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 23 | |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 24 | make test |
| 25 | Pass a sample policy to test with the compiler. |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 26 | |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 27 | make install |
| 28 | Install the secilc compiler and man page to disk. |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 29 | |
| 30 | make clean |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 31 | Remove temporary build files. |
| 32 | |
| 33 | make man |
| 34 | Build the secilc man page. |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 35 | |
| 36 | make bare |
Yuli Khodorkovskiy | 36f62b7 | 2015-03-31 10:17:01 -0400 | [diff] [blame] | 37 | Remove temporary build files and compile binaries. |
Steve Lawrence | bb0f8be | 2014-08-26 08:02:58 -0400 | [diff] [blame] | 38 | |
| 39 | |
| 40 | USAGE |
| 41 | |
| 42 | Execute 'secilc' with any number of CIL files as arguments. A binary policy and |
| 43 | file_contexts file will be created. |
| 44 | |
| 45 | Use the '--help' option for more details. |
| 46 | |
| 47 | |
| 48 | DOCUMENTATION |
| 49 | |
| 50 | There is a Docbook CIL Reference Guide in the docs directory, to build |
| 51 | this in HTML and PDF format change to the docs directory and run: |
| 52 | make html pdf |
| 53 | |
| 54 | There is also an secilc man page that can be built with: |
| 55 | make man |
| 56 | |
| 57 | The documents will be located in the docs/html, docs/pdf and docs/man8 |
| 58 | directories. |
| 59 | |
| 60 | To build the html and manpage the xmlto package is required. |
| 61 | To build the pdf document the xmlto and dblatex packages are required. |
| 62 | |
| 63 | |
| 64 | KNOWN ISSUES |
| 65 | |
| 66 | - Blocks inside of macros causes undefined behavior |
| 67 | |
| 68 | - Policy must be well formed. For example, invalid usage of |
| 69 | sensitivities/categories/levels may create an unloaded binary |
| 70 | |
| 71 | - Recursive limits are not handled |