SELinux Common Intermediate Language (CIL) Compiler
INTRODUCTION
The SELinux CIL Compiler is a compiler that converts the CIL language as
described on the CIL design wiki into a kernel binary policy file.
Please see the CIL Design Wiki at:
http://github.com/SELinuxProject/cil/wiki/
for more information about the goals and features on the CIL language.
DEPENDENCIES
gcc >= 4.5.1
libsepol >= 2.5
BUILD STEPS
Run "make" with one of the following targets:
make
Build the CIL compiler (secilc).
make test
Pass a sample policy to test with the compiler.
make install
Install the secilc compiler and man page to disk.
make clean
Remove temporary build files.
make man
Build the secilc man page.
make bare
Remove temporary build files and compile binaries.
USAGE
Execute 'secilc' with any number of CIL files as arguments. A binary policy and
file_contexts file will be created.
Use the '--help' option for more details.
DOCUMENTATION
There is a github markdown CIL Reference Guide in the docs directory. To
view the table of contents, see README.md in the docs directory.
To convert the github markdown content to HTML and PDF, change to the docs
directory and run:
make
The documents will be located in the docs/html and docs/pdf directories.
To build the html and pdf, the pandoc package is required.
KNOWN ISSUES
- Blocks inside of macros causes undefined behavior
- Policy must be well formed. For example, invalid usage of
sensitivities/categories/levels may create an unloaded binary
- Recursive limits are not handled
bb39dd1e81