Macro help

All of lore.kernel.org
 help / color / mirror / Atom feed

* Macro help
@ 2015-10-28 22:24 Dan
  2015-10-29  0:02 ` Steve Lawrence
  0 siblings, 1 reply; 3+ messages in thread
From: Dan @ 2015-10-28 22:24 UTC (permalink / raw)
  To: selinux

Hello everyone I have hit another bump with the cil macros. I am trying
to make a macro that covers the domain_type and domain_type_entry file
interfaces equivalent in Cil with macros that will confine a simple
shell script( and if anyone has any input to what I can do better or if
I am going about this in the wrong way please say so), but it says it
doesn't understand my "call usersubject_domain_type" line and won't
build for some reason. Here is what I have so far. Any help is much
appreciated, thanks.

(macro usersubject_domain_type ((type ARG1)) (type ARG2))
        (typeattributeset domain ARG2)
        (typeattributeset exec_type ARG1)
        (typeattributeset corenet_unlabeled_type ARG2)
        (typeattributeset entry_type ARG1)
        (typeattributeset file_type ARG1)
        (typeattributeset non_security_file_type ARG1)
        (typeattributeset non_auth_file_type ARG1)

(call usersubject_domain_type (myshell_exec_t myshell_t))

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Macro help
  2015-10-28 22:24 Macro help Dan
@ 2015-10-29  0:02 ` Steve Lawrence
  2015-10-29  2:20   ` Dan
  0 siblings, 1 reply; 3+ messages in thread
From: Steve Lawrence @ 2015-10-29  0:02 UTC (permalink / raw)
  To: Dan, selinux

On 10/28/2015 06:24 PM, Dan wrote:
> Hello everyone I have hit another bump with the cil macros. I am trying
> to make a macro that covers the domain_type and domain_type_entry file
> interfaces equivalent in Cil with macros that will confine a simple
> shell script( and if anyone has any input to what I can do better or if
> I am going about this in the wrong way please say so), but it says it
> doesn't understand my "call usersubject_domain_type" line and won't
> build for some reason. Here is what I have so far. Any help is much
> appreciated, thanks.
> 
> 
> (macro usersubject_domain_type ((type ARG1)) (type ARG2))
>         (typeattributeset domain ARG2)
>         (typeattributeset exec_type ARG1)
>         (typeattributeset corenet_unlabeled_type ARG2)
>         (typeattributeset entry_type ARG1)
>         (typeattributeset file_type ARG1)
>         (typeattributeset non_security_file_type ARG1)
>         (typeattributeset non_auth_file_type ARG1)
> 
> 
> (call usersubject_domain_type (myshell_exec_t myshell_t))

The parenthesis aren't quite correct in the macro parameter list. You're
closing the parameter list too early, so the macro defines only a single
parameter, ARG1, and the body of the macro only contains the definition
of a type called ARG2. Re-indenting what you have shows it more clearly:

  (macro usersubject_domain_type ((type ARG1))
    (type ARG2))

  (typeattributeset domain ARG2)
  (typeattributeset exec_type ARG1)
  (typeattributeset corenet_unlabeled_type ARG2)
  (typeattributeset entry_type ARG1)
  (typeattributeset file_type ARG1)
  (typeattributeset non_security_file_type ARG1)
  (typeattributeset non_auth_file_type ARG1)

  (call usersubject_domain_type (myshell_exec_t myshell_t))

So it's probably complaining that the macro requires one argument, but
you're passing in two. To fix this, you just need to move a parenthesis
around, e.g.:

  (macro usersubject_domain_type ((type ARG1) (type ARG2))
    (typeattributeset domain ARG2)
    (typeattributeset exec_type ARG1)
    (typeattributeset corenet_unlabeled_type ARG2)
    (typeattributeset entry_type ARG1)
    (typeattributeset file_type ARG1)
    (typeattributeset non_security_file_type ARG1)
    (typeattributeset non_auth_file_type ARG1)) ;notice the extra paren
here closing the maro

  (call usersubject_domain_type (myshell_exec_t myshell_t))

- Steve

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Macro help
  2015-10-29  0:02 ` Steve Lawrence
@ 2015-10-29  2:20   ` Dan
  0 siblings, 0 replies; 3+ messages in thread
From: Dan @ 2015-10-29  2:20 UTC (permalink / raw)
  To: Steve Lawrence, selinux

Yeah you were right, I can't believe I missed that simple mistake
because I had another macro that had the parenthesis correct to look at
but must have missed it. Thanks a lot man.

On 10/28/2015 08:02 PM, Steve Lawrence wrote:
> On 10/28/2015 06:24 PM, Dan wrote:
>> Hello everyone I have hit another bump with the cil macros. I am trying
>> to make a macro that covers the domain_type and domain_type_entry file
>> interfaces equivalent in Cil with macros that will confine a simple
>> shell script( and if anyone has any input to what I can do better or if
>> I am going about this in the wrong way please say so), but it says it
>> doesn't understand my "call usersubject_domain_type" line and won't
>> build for some reason. Here is what I have so far. Any help is much
>> appreciated, thanks.
>>
>>
>> (macro usersubject_domain_type ((type ARG1)) (type ARG2))
>>         (typeattributeset domain ARG2)
>>         (typeattributeset exec_type ARG1)
>>         (typeattributeset corenet_unlabeled_type ARG2)
>>         (typeattributeset entry_type ARG1)
>>         (typeattributeset file_type ARG1)
>>         (typeattributeset non_security_file_type ARG1)
>>         (typeattributeset non_auth_file_type ARG1)
>>
>>
>> (call usersubject_domain_type (myshell_exec_t myshell_t))
> 
> The parenthesis aren't quite correct in the macro parameter list. You're
> closing the parameter list too early, so the macro defines only a single
> parameter, ARG1, and the body of the macro only contains the definition
> of a type called ARG2. Re-indenting what you have shows it more clearly:
> 
>   (macro usersubject_domain_type ((type ARG1))
>     (type ARG2))
> 
>   (typeattributeset domain ARG2)
>   (typeattributeset exec_type ARG1)
>   (typeattributeset corenet_unlabeled_type ARG2)
>   (typeattributeset entry_type ARG1)
>   (typeattributeset file_type ARG1)
>   (typeattributeset non_security_file_type ARG1)
>   (typeattributeset non_auth_file_type ARG1)
> 
>   (call usersubject_domain_type (myshell_exec_t myshell_t))
> 
> So it's probably complaining that the macro requires one argument, but
> you're passing in two. To fix this, you just need to move a parenthesis
> around, e.g.:
> 
>   (macro usersubject_domain_type ((type ARG1) (type ARG2))
>     (typeattributeset domain ARG2)
>     (typeattributeset exec_type ARG1)
>     (typeattributeset corenet_unlabeled_type ARG2)
>     (typeattributeset entry_type ARG1)
>     (typeattributeset file_type ARG1)
>     (typeattributeset non_security_file_type ARG1)
>     (typeattributeset non_auth_file_type ARG1)) ;notice the extra paren
> here closing the maro
> 
>   (call usersubject_domain_type (myshell_exec_t myshell_t))
> 
> - Steve
> 

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2015-10-29  2:20 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-10-28 22:24 Macro help Dan
2015-10-29  0:02 ` Steve Lawrence
2015-10-29  2:20   ` Dan

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.