1 ccsecurity-objs := permission.o gc.o memory.o 1 ccsecurity-objs := permission.o gc.o memory.o policy_io.o realpath.o 2 2 3 ifeq ($(VERSION)$(PATCHLEVEL),24) 3 ifeq ($(VERSION)$(PATCHLEVEL),24) 4 4 5 ifdef CONFIG_CCSECURITY 5 ifdef CONFIG_CCSECURITY 6 O_TARGET := ccsecurity.o 6 O_TARGET := ccsecurity.o 7 ifdef CONFIG_CCSECURITY_LKM 7 ifdef CONFIG_CCSECURITY_LKM 8 all_targets: load_policy.o 8 all_targets: load_policy.o 9 obj-m := ccsecurity.o 9 obj-m := ccsecurity.o 10 obj-y := $(ccsecurity-objs) 10 obj-y := $(ccsecurity-objs) 11 else 11 else 12 all_targets: ccsecurity.o 12 all_targets: ccsecurity.o 13 obj-y := load_policy.o $(ccsecurity-objs) 13 obj-y := load_policy.o $(ccsecurity-objs) 14 endif 14 endif 15 export-objs := load_policy.o 15 export-objs := load_policy.o 16 endif 16 endif 17 include $(TOPDIR)/Rules.make 17 include $(TOPDIR)/Rules.make 18 18 19 policy/profile.conf: 19 policy/profile.conf: 20 @mkdir -p policy/ 20 @mkdir -p policy/ 21 @echo Creating an empty policy/profile 21 @echo Creating an empty policy/profile.conf 22 @touch $@ 22 @touch $@ 23 23 24 policy/exception_policy.conf: 24 policy/exception_policy.conf: 25 @mkdir -p policy/ 25 @mkdir -p policy/ 26 @echo Creating a default policy/except 26 @echo Creating a default policy/exception_policy.conf 27 @echo initialize_domain /sbin/modprobe 27 @echo initialize_domain /sbin/modprobe from any >> $@ 28 @echo initialize_domain /sbin/hotplug 28 @echo initialize_domain /sbin/hotplug from any >> $@ 29 29 30 policy/domain_policy.conf: 30 policy/domain_policy.conf: 31 @mkdir -p policy/ 31 @mkdir -p policy/ 32 @echo Creating an empty policy/domain_ 32 @echo Creating an empty policy/domain_policy.conf 33 @touch $@ 33 @touch $@ 34 34 35 policy/manager.conf: 35 policy/manager.conf: 36 @mkdir -p policy/ 36 @mkdir -p policy/ 37 @echo Creating an empty policy/manager 37 @echo Creating an empty policy/manager.conf 38 @touch $@ 38 @touch $@ 39 39 40 policy/stat.conf: 40 policy/stat.conf: 41 @mkdir -p policy/ 41 @mkdir -p policy/ 42 @echo Creating an empty policy/stat.co 42 @echo Creating an empty policy/stat.conf 43 @touch $@ 43 @touch $@ 44 44 45 builtin-policy.h: policy/profile.conf policy/e 45 builtin-policy.h: policy/profile.conf policy/exception_policy.conf policy/domain_policy.conf policy/manager.conf policy/stat.conf 46 @echo Generating built-in policy for T 46 @echo Generating built-in policy for TOMOYO 1.8.x. 47 @echo "static char ccs_builtin_profile 47 @echo "static char ccs_builtin_profile[] __initdata =" > $@.tmp 48 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 48 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < policy/profile.conf >> $@.tmp 49 @echo "\"\";" >> $@.tmp 49 @echo "\"\";" >> $@.tmp 50 @echo "static char ccs_builtin_excepti 50 @echo "static char ccs_builtin_exception_policy[] __initdata =" >> $@.tmp 51 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 51 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < policy/exception_policy.conf >> $@.tmp 52 @echo "\"\";" >> $@.tmp 52 @echo "\"\";" >> $@.tmp 53 @echo "static char ccs_builtin_domain_ 53 @echo "static char ccs_builtin_domain_policy[] __initdata =" >> $@.tmp 54 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 54 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < policy/domain_policy.conf >> $@.tmp 55 @echo "\"\";" >> $@.tmp 55 @echo "\"\";" >> $@.tmp 56 @echo "static char ccs_builtin_manager 56 @echo "static char ccs_builtin_manager[] __initdata =" >> $@.tmp 57 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 57 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < policy/manager.conf >> $@.tmp 58 @echo "\"\";" >> $@.tmp 58 @echo "\"\";" >> $@.tmp 59 @echo "static char ccs_builtin_stat[] 59 @echo "static char ccs_builtin_stat[] __initdata =" >> $@.tmp 60 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 60 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < policy/stat.conf >> $@.tmp 61 @echo "\"\";" >> $@.tmp 61 @echo "\"\";" >> $@.tmp 62 @mv $@.tmp $@ 62 @mv $@.tmp $@ 63 63 64 policy_io.o: builtin-policy.h 64 policy_io.o: builtin-policy.h 65 65 66 else 66 else 67 67 68 obj-y += load_policy.o 68 obj-y += load_policy.o 69 ifdef CONFIG_CCSECURITY_LKM 69 ifdef CONFIG_CCSECURITY_LKM 70 obj-m += ccsecurity.o 70 obj-m += ccsecurity.o 71 else 71 else 72 obj-y += ccsecurity.o 72 obj-y += ccsecurity.o 73 endif 73 endif 74 74 75 $(obj)/policy/profile.conf: 75 $(obj)/policy/profile.conf: 76 @mkdir -p $(obj)/policy/ 76 @mkdir -p $(obj)/policy/ 77 @echo Creating an empty policy/profile 77 @echo Creating an empty policy/profile.conf 78 @touch $@ 78 @touch $@ 79 79 80 $(obj)/policy/exception_policy.conf: 80 $(obj)/policy/exception_policy.conf: 81 @mkdir -p $(obj)/policy/ 81 @mkdir -p $(obj)/policy/ 82 @echo Creating a default policy/except 82 @echo Creating a default policy/exception_policy.conf 83 @echo initialize_domain /sbin/modprobe 83 @echo initialize_domain /sbin/modprobe from any >> $@ 84 @echo initialize_domain /sbin/hotplug 84 @echo initialize_domain /sbin/hotplug from any >> $@ 85 85 86 $(obj)/policy/domain_policy.conf: 86 $(obj)/policy/domain_policy.conf: 87 @mkdir -p $(obj)/policy/ 87 @mkdir -p $(obj)/policy/ 88 @echo Creating an empty policy/domain_ 88 @echo Creating an empty policy/domain_policy.conf 89 @touch $@ 89 @touch $@ 90 90 91 $(obj)/policy/manager.conf: 91 $(obj)/policy/manager.conf: 92 @mkdir -p $(obj)/policy/ 92 @mkdir -p $(obj)/policy/ 93 @echo Creating an empty policy/manager 93 @echo Creating an empty policy/manager.conf 94 @touch $@ 94 @touch $@ 95 95 96 $(obj)/policy/stat.conf: 96 $(obj)/policy/stat.conf: 97 @mkdir -p $(obj)/policy/ 97 @mkdir -p $(obj)/policy/ 98 @echo Creating an empty policy/stat.co 98 @echo Creating an empty policy/stat.conf 99 @touch $@ 99 @touch $@ 100 100 101 $(obj)/builtin-policy.h: $(obj)/policy/profile 101 $(obj)/builtin-policy.h: $(obj)/policy/profile.conf $(obj)/policy/exception_policy.conf $(obj)/policy/domain_policy.conf $(obj)/policy/manager.conf $(obj)/policy/stat.conf 102 @echo Generating built-in policy for T 102 @echo Generating built-in policy for TOMOYO 1.8.x. 103 @echo "static char ccs_builtin_profile 103 @echo "static char ccs_builtin_profile[] __initdata =" > $@.tmp 104 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 104 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/profile.conf >> $@.tmp 105 @echo "\"\";" >> $@.tmp 105 @echo "\"\";" >> $@.tmp 106 @echo "static char ccs_builtin_excepti 106 @echo "static char ccs_builtin_exception_policy[] __initdata =" >> $@.tmp 107 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 107 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/exception_policy.conf >> $@.tmp 108 @echo "\"\";" >> $@.tmp 108 @echo "\"\";" >> $@.tmp 109 @echo "static char ccs_builtin_domain_ 109 @echo "static char ccs_builtin_domain_policy[] __initdata =" >> $@.tmp 110 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 110 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/domain_policy.conf >> $@.tmp 111 @echo "\"\";" >> $@.tmp 111 @echo "\"\";" >> $@.tmp 112 @echo "static char ccs_builtin_manager 112 @echo "static char ccs_builtin_manager[] __initdata =" >> $@.tmp 113 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 113 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/manager.conf >> $@.tmp 114 @echo "\"\";" >> $@.tmp 114 @echo "\"\";" >> $@.tmp 115 @echo "static char ccs_builtin_stat[] 115 @echo "static char ccs_builtin_stat[] __initdata =" >> $@.tmp 116 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' 116 @sed -e 's/\\/\\\\/g' -e 's/\"/\\"/g' -e 's/\(.*\)/"\1\\n"/' < $(obj)/policy/stat.conf >> $@.tmp 117 @echo "\"\";" >> $@.tmp 117 @echo "\"\";" >> $@.tmp 118 @mv $@.tmp $@ 118 @mv $@.tmp $@ 119 119 120 $(obj)/policy_io.o: $(obj)/builtin-policy.h 120 $(obj)/policy_io.o: $(obj)/builtin-policy.h 121 121 122 $(obj)/check_security_file_ioctl_compat.h: $(s !! 122 $(obj)/check_security_file_ioctl_compat.h: 123 @echo Checking whether security_file_i 123 @echo Checking whether security_file_ioctl_compat is defined in include/linux/security.h or not. 124 @grep -q security_file_ioctl_compat $( 124 @grep -q security_file_ioctl_compat $(srctree)/include/linux/security.h && echo "#define HAVE_SECURITY_FILE_IOCTL_COMPAT" > $@.tmp || echo "" > $@.tmp 125 @mv $@.tmp $@ 125 @mv $@.tmp $@ 126 126 127 $(obj)/load_policy.o: $(obj)/check_security_fi !! 127 $(obj)/lsm2ccsecurity.o: $(obj)/check_security_file_ioctl_compat.h 128 128 129 endif 129 endif
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.