selinux-policy/refpolicy/policy/support/loadable_module.spt

141 lines
2.3 KiB
Cheetah
Raw Normal View History

########################################
#
# Macros for switching between source policy
# and loadable policy module support
#
##############################
#
# For adding the module statement
#
define(`policy_module',`
ifdef(`monolithic_policy',`',`
module $1 $2;
')
require { all_kernel_class_perms }
')
##############################
#
# For use in interfaces, to optionally insert a require block
#
define(`gen_require',`
ifdef(`monolithic_policy',`',`
require {
$1
}
')
')
2005-06-08 13:11:47 +00:00
##############################
#
# In the future interfaces should be in loadable modules
2005-06-08 13:11:47 +00:00
#
# template(name,rules)
2005-06-08 13:11:47 +00:00
#
define(`template',`
`define(`$1',`
##### begin $1(dollarsstar)
2005-06-08 13:11:47 +00:00
$2
##### end $1(dollarsstar)
'')
2005-06-08 13:11:47 +00:00
')
# helper function, since m4 wont expand macros
# if a line is a comment (#):
define(`policy_m4_comment',`dnl
##### $2 depth: $1
')dnl
##############################
#
# In the future interfaces should be in loadable modules
#
# interface(name,rules)
#
define(`interface',`
`define(`$1',`
define(`policy_temp',incr(policy_call_depth))
pushdef(`policy_call_depth',policy_temp)
undefine(`policy_temp')
policy_m4_comment(policy_call_depth,begin `$1'(dollarsstar))
$2
define(`policy_temp',decr(policy_call_depth))
pushdef(`policy_call_depth',policy_temp)
undefine(`policy_temp')
policy_m4_comment(policy_call_depth,end `$1'(dollarsstar))
'')
')
define(`policy_call_depth',0)
##############################
#
# Optional policy handling
#
define(`optional_policy',`
ifdef(`monolithic_policy',`
2005-07-05 20:54:12 +00:00
ifdef(`$1',`$2',`$3')
',`
optional {
$2
ifelse(`$3',`',`',`
} else {
$3
')
}
')
')
2005-06-07 22:26:39 +00:00
##############################
#
# Determine if we should use the default
# tunable value as specified by the policy
# or if the override value should be used
#
define(`dflt_or_overr',`ifdef(`$1',$1,$2)')
2005-06-07 22:26:39 +00:00
##############################
#
# Tunable declaration
#
define(`gen_tunable',`
2005-06-07 22:26:39 +00:00
ifdef(`monolithic_policy',`
bool $1 dflt_or_overr(`$1'_conf,$2);
2005-06-07 22:26:39 +00:00
',`
# loadable module tunable
# declaration will go here
# for $1 $2
')
')
##############################
#
# Tunable policy handling
#
define(`tunable_policy',`
ifdef(`monolithic_policy',`
if (`$1') {
$2
} else {
$3
}
',`
optional {
require { `$1' }
$2
ifelse(`$3',`',`',`
} else {
$3
')
}
')
')