16cd6a6acSopenharmony_ciSELinux Common Intermediate Language (CIL) Compiler 26cd6a6acSopenharmony_ci 36cd6a6acSopenharmony_ciINTRODUCTION 46cd6a6acSopenharmony_ci 56cd6a6acSopenharmony_ci The SELinux CIL Compiler is a compiler that converts the CIL language as 66cd6a6acSopenharmony_ci described on the CIL design wiki into a kernel binary policy file. 76cd6a6acSopenharmony_ci Please see the CIL Design Wiki at: 86cd6a6acSopenharmony_ci http://github.com/SELinuxProject/cil/wiki/ 96cd6a6acSopenharmony_ci for more information about the goals and features on the CIL language. 106cd6a6acSopenharmony_ci 116cd6a6acSopenharmony_ciDEPENDENCIES 126cd6a6acSopenharmony_ci 136cd6a6acSopenharmony_ci gcc >= 4.5.1 146cd6a6acSopenharmony_ci libsepol >= 2.5 156cd6a6acSopenharmony_ci 166cd6a6acSopenharmony_ci 176cd6a6acSopenharmony_ciBUILD STEPS 186cd6a6acSopenharmony_ci 196cd6a6acSopenharmony_ci Run "make" with one of the following targets: 206cd6a6acSopenharmony_ci 216cd6a6acSopenharmony_ci make 226cd6a6acSopenharmony_ci Build the CIL compiler (secilc). 236cd6a6acSopenharmony_ci 246cd6a6acSopenharmony_ci make test 256cd6a6acSopenharmony_ci Pass a sample policy to test with the compiler. 266cd6a6acSopenharmony_ci 276cd6a6acSopenharmony_ci make install 286cd6a6acSopenharmony_ci Install the secilc compiler and man page to disk. 296cd6a6acSopenharmony_ci 306cd6a6acSopenharmony_ci make clean 316cd6a6acSopenharmony_ci Remove temporary build files. 326cd6a6acSopenharmony_ci 336cd6a6acSopenharmony_ci make man 346cd6a6acSopenharmony_ci Build the secilc man page. 356cd6a6acSopenharmony_ci 366cd6a6acSopenharmony_ci make bare 376cd6a6acSopenharmony_ci Remove temporary build files and compile binaries. 386cd6a6acSopenharmony_ci 396cd6a6acSopenharmony_ci 406cd6a6acSopenharmony_ciUSAGE 416cd6a6acSopenharmony_ci 426cd6a6acSopenharmony_ci Execute 'secilc' with any number of CIL files as arguments. A binary policy and 436cd6a6acSopenharmony_ci file_contexts file will be created. 446cd6a6acSopenharmony_ci 456cd6a6acSopenharmony_ci Use the '--help' option for more details. 466cd6a6acSopenharmony_ci 476cd6a6acSopenharmony_ci 486cd6a6acSopenharmony_ciDOCUMENTATION 496cd6a6acSopenharmony_ci 506cd6a6acSopenharmony_ci There is a github markdown CIL Reference Guide in the docs directory. To 516cd6a6acSopenharmony_ci view the table of contents, see README.md in the docs directory. 526cd6a6acSopenharmony_ci 536cd6a6acSopenharmony_ci To convert the github markdown content to HTML and PDF, change to the docs 546cd6a6acSopenharmony_ci directory and run: 556cd6a6acSopenharmony_ci make 566cd6a6acSopenharmony_ci 576cd6a6acSopenharmony_ci The documents will be located in the docs/html and docs/pdf directories. 586cd6a6acSopenharmony_ci 596cd6a6acSopenharmony_ci To build the html and pdf, the pandoc package is required. 606cd6a6acSopenharmony_ci 616cd6a6acSopenharmony_ciKNOWN ISSUES 626cd6a6acSopenharmony_ci 636cd6a6acSopenharmony_ci - Blocks inside of macros causes undefined behavior 646cd6a6acSopenharmony_ci 656cd6a6acSopenharmony_ci - Policy must be well formed. For example, invalid usage of 666cd6a6acSopenharmony_ci sensitivities/categories/levels may create an unloaded binary 676cd6a6acSopenharmony_ci 686cd6a6acSopenharmony_ci - Recursive limits are not handled 69