selinux-policy/refpolicy/policy/support/loadable_module.spt

########################################
#
# Macros for switching between source policy
# and loadable policy module support
#

##############################
#
# For adding the module statement
#
define(`policy_module',`
	ifdef(`monolithic_policy',`',`
		module $1 $2;

		require { all_kernel_class_perms }
	')
')

##############################
#
# For use in interfaces, to optionally insert a require block
#
define(`gen_require',`
	ifdef(`monolithic_policy',`',`
		require {
			$1
		}
	')
')

##############################
#
# In the future interfaces should be in loadable modules
#
# template(name,rules)
#
define(`template',`
	`define(`$1',`
##### begin $1(dollarsstar)
		$2
##### end $1(dollarsstar)
	'')
')

# helper function, since m4 wont expand macros
# if a line is a comment (#):
define(`policy_m4_comment',`dnl
##### $2 depth: $1
')dnl

##############################
#
# In the future interfaces should be in loadable modules
#
# interface(name,rules)
#
define(`interface',`
	`define(`$1',`

	define(`policy_temp',incr(policy_call_depth))
	pushdef(`policy_call_depth',policy_temp)
	undefine(`policy_temp')

	policy_m4_comment(policy_call_depth,begin `$1'(dollarsstar))

	$2

	define(`policy_temp',decr(policy_call_depth))
	pushdef(`policy_call_depth',policy_temp)
	undefine(`policy_temp')

	policy_m4_comment(policy_call_depth,end `$1'(dollarsstar))

	'')
')

define(`policy_call_depth',0)

##############################
#
# Optional policy handling
#
define(`optional_policy',`
	ifdef(`monolithic_policy',`
		ifdef(`$1',`$2',`$3')
	',`
		optional {
			$2
		ifelse(`$3',`',`',`
		} else {
			$3
		')
		}
	')
')

##############################
#
# Determine if we should use the default
# tunable value as specified by the policy
# or if the override value should be used
#
define(`dflt_or_overr',`ifdef(`$1',$1,$2)')

##############################
#
# Tunable declaration
#
# cjp: modular policy commented out
# until loadable modules support tunables.
define(`gen_tunable',`
#	ifdef(`monolithic_policy',`
		bool $1 dflt_or_overr(`$1'_conf,$2);
#	',`
#		# loadable module tunable
#		# declaration will go here
#		# for $1 $2
#	')
')

##############################
#
# Tunable policy handling
#
# cjp: modular policy commented out
# until loadable modules support tunables.
define(`tunable_policy',`
#	ifdef(`monolithic_policy',`
		if (`$1') {
			$2
		} else {
			$3
		}
#	',`
#		optional {
#			require { `$1' }
#			$2
#		ifelse(`$3',`',`',`
#		} else {
#			$3
#		')
#		}
#	')
')
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			`########################################`
			`#`
			`# Macros for switching between source policy`
			`# and loadable policy module support`
			`#`

			`##############################`
			`#`
			`# For adding the module statement`
			`#`
			define(`policy_module',`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			ifdef(`monolithic_policy',`',`
			`module $1 $2;`
complete infrastructure support for building modules 2005-08-22 17:07:17 +00:00
move require to right position, for modular policy 2005-08-22 20:18:42 +00:00			`require { all_kernel_class_perms }`
			`')`
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			`')`

			`##############################`
			`#`
rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00			`# For use in interfaces, to optionally insert a require block`
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			`#`
rename requires_block_tempalte to gen_require 2005-06-13 20:47:04 +00:00			define(`gen_require',`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			ifdef(`monolithic_policy',`',`
			`require {`
			`$1`
			`}`
			`')`
			`')`
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00
add interface macro 2005-06-08 13:11:47 +00:00			`##############################`
			`#`
move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00			`# In the future interfaces should be in loadable modules`
add interface macro 2005-06-08 13:11:47 +00:00			`#`
move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00			`# template(name,rules)`
add interface macro 2005-06-08 13:11:47 +00:00			`#`
move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00			define(`template',`
			`define(`$1',`
fix comments for templates to have same number of # as interfaces 2005-07-12 20:33:42 +00:00			`##### begin $1(dollarsstar)`
add interface macro 2005-06-08 13:11:47 +00:00			`$2`
fix comments for templates to have same number of # as interfaces 2005-07-12 20:33:42 +00:00			`##### end $1(dollarsstar)`
move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00			`'')`
add interface macro 2005-06-08 13:11:47 +00:00			`')`

move all interfaces over to the interface macro. add traceback debugging info 2005-06-22 19:21:31 +00:00			`# helper function, since m4 wont expand macros`
			`# if a line is a comment (#):`
			define(`policy_m4_comment',`dnl
			`##### $2 depth: $1`
			`')dnl`

			`##############################`
			`#`
			`# In the future interfaces should be in loadable modules`
			`#`
			`# interface(name,rules)`
			`#`
			define(`interface',`
			`define(`$1',`

			define(`policy_temp',incr(policy_call_depth))
			pushdef(`policy_call_depth',policy_temp)
			undefine(`policy_temp')

			policy_m4_comment(policy_call_depth,begin `$1'(dollarsstar))

			`$2`

			define(`policy_temp',decr(policy_call_depth))
			pushdef(`policy_call_depth',policy_temp)
			undefine(`policy_temp')

			policy_m4_comment(policy_call_depth,end `$1'(dollarsstar))

			`'')`
			`')`

			define(`policy_call_depth',0)

start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			`##############################`
			`#`
			`# Optional policy handling`
			`#`
			define(`optional_policy',`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			ifdef(`monolithic_policy',`
fix quoting problem 2005-07-05 20:54:12 +00:00			ifdef(`$1',`$2',`$3')
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			',`
			`optional {`
			`$2`
initial support for compiling loadable modules 2005-08-18 21:27:20 +00:00			ifelse(`$3',`',`',`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			`} else {`
			`$3`
initial support for compiling loadable modules 2005-08-18 21:27:20 +00:00			`')`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			`}`
			`')`
			`')`
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00
more tunable work 2005-06-07 22:26:39 +00:00			`##############################`
			`#`
			`# Determine if we should use the default`
			`# tunable value as specified by the policy`
			`# or if the override value should be used`
			`#`
a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00			define(`dflt_or_overr',`ifdef(`$1',$1,$2)')
more tunable work 2005-06-07 22:26:39 +00:00
			`##############################`
			`#`
			`# Tunable declaration`
			`#`
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			`# cjp: modular policy commented out`
			`# until loadable modules support tunables.`
a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00			define(`gen_tunable',`
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			# ifdef(`monolithic_policy',`
a few missed renames, and start fixing up tunables 2005-06-13 20:27:32 +00:00			bool $1 dflt_or_overr(`$1'_conf,$2);
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			# ',`
			`# # loadable module tunable`
			`# # declaration will go here`
			`# # for $1 $2`
			`# ')`
more tunable work 2005-06-07 22:26:39 +00:00			`')`

start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			`##############################`
			`#`
			`# Tunable policy handling`
			`#`
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			`# cjp: modular policy commented out`
			`# until loadable modules support tunables.`
start breaking up support_macros into macros dir 2005-06-02 14:31:31 +00:00			define(`tunable_policy',`
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			# ifdef(`monolithic_policy',`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			if (`$1') {
			`$2`
			`} else {`
			`$3`
			`}`
do bools until loadable modules support tunables 2005-08-24 18:30:47 +00:00			# ',`
			`# optional {`
			# require { `$1' }
			`# $2`
			# ifelse(`$3',`',`',`
			`# } else {`
			`# $3`
			`# ')`
			`# }`
			`# ')`
start switching over to new tunable infrastructure 2005-06-07 18:45:47 +00:00			`')`