From: James Carter <jwcart2@tycho.nsa.gov>
To: Steve Lawrence <slawrence@tresys.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
Dominick Grift <dominick.grift@gmail.com>
Cc: SELinux List <selinux@tycho.nsa.gov>
Subject: Re: [RFC] Source Policy, CIL, and High Level Languages
Date: Tue, 22 Jul 2014 10:47:04 -0400 [thread overview]
Message-ID: <53CE7968.4000608@tycho.nsa.gov> (raw)
In-Reply-To: <53C81CDC.8080803@tresys.com>
On 07/17/2014 02:58 PM, Steve Lawrence wrote:
> On 07/17/2014 02:02 PM, Stephen Smalley wrote:
>> On 07/17/2014 09:49 AM, Steve Lawrence wrote:
>>> On 07/16/2014 03:00 PM, Stephen Smalley wrote:
>>>> On 07/16/2014 11:53 AM, Dominick Grift wrote:
>>>>> On Wed, 2014-07-16 at 11:11 -0400, Steve Lawrence wrote:
>>>>> <snip>
>
>> Any chance of getting a hll compiler for refpolicy source modules, i.e.
>> in .if/.te/.fc form?
>
> That's in the plan. Jim has a tool that will compile .if/.te/.fc to CIL,
> but the current HLL infrastructure may need some changes before that can
> be supported. I think the main problem is that Jim's tool needs
> knowledge of all modules to be able to convert them to CIL, but the
> current HLL infrastructure compiles each module separately. We have
> various ideas on how we can update the HLL infrastructure to support
> this, but we've primarily been focused on getting the core CIL/HLL
> functionality complete and upstreamed before focusing on the more
> complicated HLL patterns.
My tool currently does need to have knowledge of all modules, but I think that I
can get it to work with the information in /usr/share/selinux/devel/include. At
least as long as the module is not doing anything crazy with m4.
--
James Carter <jwcart2@tycho.nsa.gov>
National Security Agency
next prev parent reply other threads:[~2014-07-22 14:47 UTC|newest]
Thread overview: 85+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-09 19:21 [RFC] Source Policy, CIL, and High Level Languages Steve Lawrence
2014-07-10 6:51 ` Dominick Grift
2014-07-10 12:19 ` Steve Lawrence
2014-07-10 12:35 ` Stephen Smalley
2014-07-10 12:52 ` Dominick Grift
2014-07-10 13:09 ` Dominick Grift
2014-07-10 13:12 ` Stephen Smalley
2014-07-10 13:26 ` Dominick Grift
2014-07-10 13:38 ` Stephen Smalley
2014-07-10 13:45 ` Dominick Grift
2014-07-11 15:02 ` Steve Lawrence
2014-07-15 20:11 ` Steve Lawrence
2014-07-10 15:02 ` Stephen Smalley
2014-07-11 17:20 ` Steve Lawrence
2014-07-14 16:48 ` Stephen Smalley
2014-07-14 16:53 ` Stephen Smalley
2014-07-14 17:08 ` Stephen Smalley
2014-07-14 17:12 ` Steve Lawrence
2014-07-14 17:49 ` Stephen Smalley
2014-07-15 19:56 ` Steve Lawrence
2014-07-16 14:16 ` Stephen Smalley
2014-07-16 14:21 ` Stephen Smalley
2014-07-16 14:26 ` Stephen Smalley
2014-07-16 14:33 ` Stephen Smalley
2014-07-16 15:11 ` Steve Lawrence
2014-07-16 15:53 ` Dominick Grift
2014-07-16 15:58 ` Dominick Grift
2014-07-16 19:00 ` Stephen Smalley
2014-07-17 13:49 ` Steve Lawrence
2014-07-17 14:02 ` Stephen Smalley
2014-07-17 18:02 ` Stephen Smalley
2014-07-17 18:58 ` Steve Lawrence
2014-07-17 19:10 ` Stephen Smalley
2014-07-17 19:48 ` Stephen Smalley
2014-07-17 20:04 ` Steve Lawrence
2014-07-17 20:37 ` Stephen Smalley
2014-07-17 20:50 ` Daniel J Walsh
2014-07-17 20:52 ` Daniel J Walsh
2014-07-23 19:24 ` Stephen Smalley
2014-07-24 12:48 ` Daniel J Walsh
2014-07-18 12:59 ` Steve Lawrence
2014-07-18 14:30 ` Stephen Smalley
2014-07-18 15:57 ` Steve Lawrence
2014-07-22 15:05 ` James Carter
2014-07-18 14:13 ` Christopher J. PeBenito
2014-07-17 19:51 ` Steve Lawrence
2014-07-22 14:47 ` James Carter [this message]
2014-07-16 15:43 ` Steve Lawrence
2014-07-14 17:33 ` Dominick Grift
2014-07-18 16:00 ` Steve Lawrence
2014-07-18 18:10 ` Stephen Smalley
2014-07-21 14:34 ` Steve Lawrence
2014-07-21 14:51 ` Stephen Smalley
2014-07-21 17:50 ` Steve Lawrence
2014-08-01 14:51 ` Steve Lawrence
2014-08-01 17:46 ` Stephen Smalley
2014-08-04 14:07 ` Steve Lawrence
2014-08-18 22:37 ` Steve Lawrence
2014-07-10 13:52 ` Stephen Smalley
2014-07-10 14:06 ` Dominick Grift
2014-07-10 14:09 ` Steve Lawrence
2014-07-10 14:58 ` James Carter
2014-07-10 13:59 ` Stephen Smalley
2014-07-10 14:53 ` Steve Lawrence
2014-07-10 14:11 ` Stephen Smalley
2014-07-10 14:13 ` Stephen Smalley
2014-07-10 14:17 ` Steve Lawrence
2014-07-10 14:20 ` Stephen Smalley
2014-07-10 14:23 ` Dominick Grift
2014-07-10 14:25 ` Stephen Smalley
2014-07-10 14:34 ` Stephen Smalley
2014-07-10 14:50 ` Dominick Grift
2014-07-10 14:43 ` Dominick Grift
2014-07-10 14:30 ` Stephen Smalley
2014-07-10 14:50 ` Stephen Smalley
2014-07-10 15:05 ` Steve Lawrence
2014-07-10 15:08 ` Stephen Smalley
2014-07-10 16:04 ` Steve Lawrence
-- strict thread matches above, loose matches on Subject: below --
2014-04-29 14:59 Steve Lawrence
2014-05-01 12:38 ` Dominick Grift
2014-05-01 12:57 ` Steve Lawrence
2014-05-01 13:24 ` Dominick Grift
2014-05-01 13:27 ` Dominick Grift
2014-05-01 13:31 ` Dominick Grift
2014-05-01 14:01 ` Steve Lawrence
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=53CE7968.4000608@tycho.nsa.gov \
--to=jwcart2@tycho.nsa.gov \
--cc=dominick.grift@gmail.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
--cc=slawrence@tresys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.