platform_external_selinux/secilc
Stephen Smalley cacf51cef0 libsepol, secilc: Fix build for Android
The Android build does not like the symbol versioning introduced
by commit 8147bc7; the build fails with:
host SharedLib: libsepol (out/host/linux-x86/obj/lib/libsepol.so)
prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.15-4.8//x86_64-linux/bin/ld: error: symbol cil_build_policydb has undefined version
prebuilts/gcc/linux-x86/host/x86_64-linux-glibc2.15-4.8//x86_64-linux/bin/ld: error: symbol cil_build_policydb has undefined version LIBSEPOL_1.1
clang: error: linker command failed with exit code 1 (use -v to see invocation)

Omit the versioned symbols and simply use the current interfaces
when building on Android.

Commit 36f62b7 also broke the Android build by moving secilc out of
libsepol, because the libsepol headers were not installed by the Android.mk
file.

Export the required libsepol headers for use by secilc and adjust secilc
to pick them up from the right location on Android.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-04-02 12:01:10 -04:00
..
docs libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
test libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
.gitignore libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
Android.mk libsepol, secilc: Fix build for Android 2015-04-02 12:01:10 -04:00
ChangeLog Add VERSION and (empty) ChangeLog files to secilc. 2015-03-31 12:40:24 -04:00
COPYING libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
Makefile libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
README libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
secilc.8.xml libsepol: Move secilc out of libsepol 2015-03-31 12:31:38 -04:00
secilc.c libsepol, secilc: Fix build for Android 2015-04-02 12:01:10 -04:00
VERSION Add VERSION and (empty) ChangeLog files to secilc. 2015-03-31 12:40:24 -04:00

SELinux Common Intermediate Language (CIL) Compiler

INTRODUCTION

	The SELinux CIL Compiler is a compiler that converts the CIL language as
	described on the CIL design wiki into a kernel binary policy file.
	Please see the CIL Design Wiki at:
	http://github.com/SELinuxProject/cil/wiki/
	for more information about the goals and features on the CIL language.

DEPENDENCIES

	gcc >= 4.5.1
	libsepol >= 2.4


BUILD STEPS

	Run "make" with one of the following targets:

	make
		Build the CIL compiler (secilc).

	make test
		Pass a sample policy to test with the compiler.

	make install
		Install the secilc compiler and man page to disk.

	make clean
		Remove temporary build files.

	make man
		Build the secilc man page.

	make bare
		Remove temporary build files and compile binaries.


USAGE

	Execute 'secilc' with any number of CIL files as arguments. A binary policy and
	file_contexts file will be created.

	Use the '--help' option for more details.


DOCUMENTATION

	There is a Docbook CIL Reference Guide in the docs directory, to build
	this in HTML and PDF format change to the docs directory and run:
		make html pdf

	There is also an secilc man page that can be built with:
		make man

	The documents will be located in the docs/html, docs/pdf and docs/man8
	directories.

	To build the html and manpage the xmlto package is required.
	To build the pdf document the xmlto and dblatex packages are required.


KNOWN ISSUES

	- Blocks inside of macros causes undefined behavior

	- Policy must be well formed. For example, invalid usage of
	  sensitivities/categories/levels may create an unloaded binary

	- Recursive limits are not handled