xen-devel.lists.xenproject.org archive mirror
 help / color / mirror / Atom feed
From: Daniel De Graaf <dgdegra@tycho.nsa.gov>
To: xen-devel@lists.xenproject.org
Cc: steve@zentific.com, Daniel De Graaf <dgdegra@tycho.nsa.gov>,
	cardoe@cardoe.com
Subject: [PATCH 3/5] flask/policy: Remove unused support for binary modules
Date: Mon, 23 May 2016 11:05:31 -0400	[thread overview]
Message-ID: <1464015933-26891-4-git-send-email-dgdegra@tycho.nsa.gov> (raw)
In-Reply-To: <1464015933-26891-1-git-send-email-dgdegra@tycho.nsa.gov>

Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
---
 .../policy/policy/support/loadable_module.spt      | 166 ---------------------
 tools/flask/policy/policy/support/misc_macros.spt  |   2 +
 2 files changed, 2 insertions(+), 166 deletions(-)
 delete mode 100644 tools/flask/policy/policy/support/loadable_module.spt

diff --git a/tools/flask/policy/policy/support/loadable_module.spt b/tools/flask/policy/policy/support/loadable_module.spt
deleted file mode 100644
index de48b3b..0000000
--- a/tools/flask/policy/policy/support/loadable_module.spt
+++ /dev/null
@@ -1,166 +0,0 @@
-########################################
-#
-# Macros for switching between source policy
-# and loadable policy module support
-#
-
-##############################
-#
-# For adding the module statement
-#
-define(`policy_module',`
-	ifdef(`self_contained_policy',`',`
-		module $1 $2;
-
-		require {
-			role system_r;
-			all_kernel_class_perms
-		}
-	')
-')
-
-##############################
-#
-# For use in interfaces, to optionally insert a require block
-#
-define(`gen_require',`
-	ifdef(`self_contained_policy',`',`
-		define(`in_gen_require_block')
-		require {
-			$1
-		}
-		undefine(`in_gen_require_block')
-	')
-')
-
-##############################
-#
-# In the future interfaces should be in loadable modules
-#
-# template(name,rules)
-#
-define(`template',`
-	`define(`$1',`
-##### begin $1(dollarsstar)
-		$2
-##### end $1(dollarsstar)
-	'')
-')
-
-# helper function, since m4 wont expand macros
-# if a line is a comment (#):
-define(`policy_m4_comment',`dnl
-##### $2 depth: $1
-')dnl
-
-##############################
-#
-# In the future interfaces should be in loadable modules
-#
-# interface(name,rules)
-#
-define(`interface',`
-	`define(`$1',`
-
-	define(`policy_temp',incr(policy_call_depth))
-	pushdef(`policy_call_depth',policy_temp)
-	undefine(`policy_temp')
-
-	policy_m4_comment(policy_call_depth,begin `$1'(dollarsstar))
-
-	$2
-
-	define(`policy_temp',decr(policy_call_depth))
-	pushdef(`policy_call_depth',policy_temp)
-	undefine(`policy_temp')
-
-	policy_m4_comment(policy_call_depth,end `$1'(dollarsstar))
-
-	'')
-')
-
-define(`policy_call_depth',0)
-
-##############################
-#
-# Optional policy handling
-#
-define(`optional_policy',`
-	ifdef(`self_contained_policy',`
-		ifdef(`$1',`$2',`$3')
-	',`
-		optional {
-			$2
-		ifelse(`$3',`',`',`
-		} else {
-			$3
-		')
-		}
-	')
-')
-
-##############################
-#
-# Determine if we should use the default
-# tunable value as specified by the policy
-# or if the override value should be used
-#
-define(`dflt_or_overr',`ifdef(`$1',$1,$2)')
-
-##############################
-#
-# Extract booleans out of an expression.
-# This needs to be reworked so expressions
-# with parentheses can work.
-
-define(`delcare_required_symbols',`
-ifelse(regexp($1, `\w'), -1, `', `dnl
-bool regexp($1, `\(\w+\)', `\1');
-delcare_required_symbols(regexp($1, `\w+\(.*\)', `\1'))dnl
-') dnl
-')
-
-##############################
-#
-# Tunable declaration
-#
-define(`gen_tunable',`
-	ifdef(`self_contained_policy',`
-		bool $1 dflt_or_overr(`$1'_conf,$2);
-	',`
-		# loadable module tunable
-		# declaration will go here
-		# instead of bool when
-		# loadable modules support
-		# tunables
-		bool $1 dflt_or_overr(`$1'_conf,$2);
-	')
-')
-
-##############################
-#
-# Tunable policy handling
-#
-define(`tunable_policy',`
-	ifdef(`self_contained_policy',`
-		if (`$1') {
-			$2
-		} else {
-			$3
-		}
-	',`
-		# structure for tunables
-		# will go here instead of a
-		# conditional when loadable
-		# modules support tunables
-		gen_require(`
-			delcare_required_symbols(`$1')
-		')
-
-		if (`$1') {
-			$2
-		} else {
-			$3
-		}
-	')
-')
diff --git a/tools/flask/policy/policy/support/misc_macros.spt b/tools/flask/policy/policy/support/misc_macros.spt
index 344f5c4..3116db9 100644
--- a/tools/flask/policy/policy/support/misc_macros.spt
+++ b/tools/flask/policy/policy/support/misc_macros.spt
@@ -61,6 +61,8 @@ define(`gen_all_users',`')
 #
 define(`gen_context',`$1`'ifdef(`enable_mls',`:$2')`'')
 
+define(`dflt_or_overr',`ifdef(`$1',$1,$2)')
+
 ########################################
 #
 # gen_bool(name,default_value)
-- 
2.5.5


_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel

  parent reply	other threads:[~2016-05-23 15:06 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-05-23 15:05 [PATCH 0/5] flask/policy: Updates for Xen 4.8 Daniel De Graaf
2016-05-23 15:05 ` [PATCH 1/5] flask/policy: split into modules Daniel De Graaf
2016-06-07 19:22   ` Konrad Rzeszutek Wilk
2016-06-07 19:39     ` Daniel De Graaf
2016-06-07 19:57       ` Konrad Rzeszutek Wilk
2016-05-23 15:05 ` [PATCH 2/5] flask/policy: move user definitions and constraints " Daniel De Graaf
2016-06-07 19:37   ` Konrad Rzeszutek Wilk
2016-05-23 15:05 ` Daniel De Graaf [this message]
2016-06-07 19:41   ` [PATCH 3/5] flask/policy: Remove unused support for binary modules Konrad Rzeszutek Wilk
2016-05-23 15:05 ` [PATCH 4/5] flask/policy: xenstore stubdom policy Daniel De Graaf
2016-06-07 19:44   ` Konrad Rzeszutek Wilk
2016-06-07 19:48     ` Daniel De Graaf
2016-06-07 20:02       ` Konrad Rzeszutek Wilk
2016-07-06 15:34   ` default XSM policy for PCI passthrough for unlabeled resources anshul makkar
2016-07-06 15:59     ` Daniel De Graaf
2016-07-06 16:19       ` anshul makkar
2016-07-07 15:36         ` Daniel De Graaf
2016-07-07 16:29           ` anshul makkar
2016-05-23 15:05 ` [PATCH 5/5] flask/policy: comment out unused xenstore example Daniel De Graaf
2016-06-07 19:45   ` Konrad Rzeszutek Wilk
2016-06-07 19:51     ` Daniel De Graaf
2016-06-07 20:02       ` Konrad Rzeszutek Wilk
2016-06-07 20:04         ` Daniel De Graaf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1464015933-26891-4-git-send-email-dgdegra@tycho.nsa.gov \
    --to=dgdegra@tycho.nsa.gov \
    --cc=cardoe@cardoe.com \
    --cc=steve@zentific.com \
    --cc=xen-devel@lists.xenproject.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).