This tool is only used in security/selinux/Makefile.
Move it to security/selinux/ so that 'make clean' can clean it up.
Please note 'make clean' does not clean scripts/ because tools under
scripts/ are often used for external module builds. Obviously, genheaders
is not the case here.
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
# yard. Stale files stay in this file for a while (for some release cycles?),
# then will be really dead and removed from the code base entirely.
+# moved to security/selinux/genheaders
+rm -f scripts/selinux/genheaders/genheaders
+
rm -f *.spec
rm -f lib/test_fortify.log
# SPDX-License-Identifier: GPL-2.0-only
-subdir-y := mdp genheaders
+subdir-y := mdp
+++ /dev/null
-# SPDX-License-Identifier: GPL-2.0-only
-genheaders
+++ /dev/null
-# SPDX-License-Identifier: GPL-2.0
-hostprogs-always-y += genheaders
-HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include
+++ /dev/null
-// SPDX-License-Identifier: GPL-2.0
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <string.h>
-#include <errno.h>
-#include <ctype.h>
-
-struct security_class_mapping {
- const char *name;
- const char *perms[sizeof(unsigned) * 8 + 1];
-};
-
-#include "classmap.h"
-#include "initial_sid_to_string.h"
-
-const char *progname;
-
-static void usage(void)
-{
- printf("usage: %s flask.h av_permissions.h\n", progname);
- exit(1);
-}
-
-static char *stoupperx(const char *s)
-{
- char *s2 = strdup(s);
- char *p;
-
- if (!s2) {
- fprintf(stderr, "%s: out of memory\n", progname);
- exit(3);
- }
-
- for (p = s2; *p; p++)
- *p = toupper(*p);
- return s2;
-}
-
-int main(int argc, char *argv[])
-{
- int i, j;
- int isids_len;
- FILE *fout;
-
- progname = argv[0];
-
- if (argc < 3)
- usage();
-
- fout = fopen(argv[1], "w");
- if (!fout) {
- fprintf(stderr, "Could not open %s for writing: %s\n",
- argv[1], strerror(errno));
- exit(2);
- }
-
- fprintf(fout, "/* This file is automatically generated. Do not edit. */\n");
- fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n");
-
- for (i = 0; secclass_map[i].name; i++) {
- char *name = stoupperx(secclass_map[i].name);
-
- fprintf(fout, "#define SECCLASS_%-39s %2d\n", name, i+1);
- free(name);
- }
-
- fprintf(fout, "\n");
-
- isids_len = sizeof(initial_sid_to_string) / sizeof(char *);
- for (i = 1; i < isids_len; i++) {
- const char *s = initial_sid_to_string[i];
- if (s) {
- char *sidname = stoupperx(s);
-
- fprintf(fout, "#define SECINITSID_%-39s %2d\n", sidname, i);
- free(sidname);
- }
- }
- fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1);
- fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n");
- fprintf(fout, "{\n");
- fprintf(fout, "\tbool sock = false;\n\n");
- fprintf(fout, "\tswitch (kern_tclass) {\n");
- for (i = 0; secclass_map[i].name; i++) {
- static char s[] = "SOCKET";
- int len, l;
- char *name = stoupperx(secclass_map[i].name);
-
- len = strlen(name);
- l = sizeof(s) - 1;
- if (len >= l && memcmp(name + len - l, s, l) == 0)
- fprintf(fout, "\tcase SECCLASS_%s:\n", name);
- free(name);
- }
- fprintf(fout, "\t\tsock = true;\n");
- fprintf(fout, "\t\tbreak;\n");
- fprintf(fout, "\tdefault:\n");
- fprintf(fout, "\t\tbreak;\n");
- fprintf(fout, "\t}\n\n");
- fprintf(fout, "\treturn sock;\n");
- fprintf(fout, "}\n");
-
- fprintf(fout, "\n#endif\n");
-
- if (fclose(fout) != 0) {
- fprintf(stderr, "Could not successfully close %s: %s\n",
- argv[1], strerror(errno));
- exit(4);
- }
-
- fout = fopen(argv[2], "w");
- if (!fout) {
- fprintf(stderr, "Could not open %s for writing: %s\n",
- argv[2], strerror(errno));
- exit(5);
- }
-
- fprintf(fout, "/* This file is automatically generated. Do not edit. */\n");
- fprintf(fout, "#ifndef _SELINUX_AV_PERMISSIONS_H_\n#define _SELINUX_AV_PERMISSIONS_H_\n\n");
-
- for (i = 0; secclass_map[i].name; i++) {
- const struct security_class_mapping *map = &secclass_map[i];
- int len;
- char *name = stoupperx(map->name);
-
- len = strlen(name);
- for (j = 0; map->perms[j]; j++) {
- char *permname;
-
- if (j >= 32) {
- fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n",
- map->name, map->perms[j]);
- exit(5);
- }
- permname = stoupperx(map->perms[j]);
- fprintf(fout, "#define %s__%-*s 0x%08xU\n", name,
- 39-len, permname, 1U<<j);
- free(permname);
- }
- free(name);
- }
-
- fprintf(fout, "\n#endif\n");
-
- if (fclose(fout) != 0) {
- fprintf(stderr, "Could not successfully close %s: %s\n",
- argv[2], strerror(errno));
- exit(6);
- }
-
- exit(0);
-}
# SPDX-License-Identifier: GPL-2.0-only
av_permissions.h
flask.h
+/genheaders
# see the note above, replace the $targets and 'flask.h' rule with the lines
# below:
# targets += $(genhdrs)
-# $(addprefix $(obj)/,$(genhdrs)) &: scripts/selinux/...
+# $(addprefix $(obj)/,$(genhdrs)) &: $(obj)/genheaders FORCE
targets += flask.h
-$(obj)/flask.h: scripts/selinux/genheaders/genheaders FORCE
+$(obj)/flask.h: $(obj)/genheaders FORCE
$(call if_changed,genhdrs)
+
+hostprogs := genheaders
+HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include
--- /dev/null
+// SPDX-License-Identifier: GPL-2.0
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <string.h>
+#include <errno.h>
+#include <ctype.h>
+
+struct security_class_mapping {
+ const char *name;
+ const char *perms[sizeof(unsigned) * 8 + 1];
+};
+
+#include "classmap.h"
+#include "initial_sid_to_string.h"
+
+const char *progname;
+
+static void usage(void)
+{
+ printf("usage: %s flask.h av_permissions.h\n", progname);
+ exit(1);
+}
+
+static char *stoupperx(const char *s)
+{
+ char *s2 = strdup(s);
+ char *p;
+
+ if (!s2) {
+ fprintf(stderr, "%s: out of memory\n", progname);
+ exit(3);
+ }
+
+ for (p = s2; *p; p++)
+ *p = toupper(*p);
+ return s2;
+}
+
+int main(int argc, char *argv[])
+{
+ int i, j;
+ int isids_len;
+ FILE *fout;
+
+ progname = argv[0];
+
+ if (argc < 3)
+ usage();
+
+ fout = fopen(argv[1], "w");
+ if (!fout) {
+ fprintf(stderr, "Could not open %s for writing: %s\n",
+ argv[1], strerror(errno));
+ exit(2);
+ }
+
+ fprintf(fout, "/* This file is automatically generated. Do not edit. */\n");
+ fprintf(fout, "#ifndef _SELINUX_FLASK_H_\n#define _SELINUX_FLASK_H_\n\n");
+
+ for (i = 0; secclass_map[i].name; i++) {
+ char *name = stoupperx(secclass_map[i].name);
+
+ fprintf(fout, "#define SECCLASS_%-39s %2d\n", name, i+1);
+ free(name);
+ }
+
+ fprintf(fout, "\n");
+
+ isids_len = sizeof(initial_sid_to_string) / sizeof(char *);
+ for (i = 1; i < isids_len; i++) {
+ const char *s = initial_sid_to_string[i];
+ if (s) {
+ char *sidname = stoupperx(s);
+
+ fprintf(fout, "#define SECINITSID_%-39s %2d\n", sidname, i);
+ free(sidname);
+ }
+ }
+ fprintf(fout, "\n#define SECINITSID_NUM %d\n", i-1);
+ fprintf(fout, "\nstatic inline bool security_is_socket_class(u16 kern_tclass)\n");
+ fprintf(fout, "{\n");
+ fprintf(fout, "\tbool sock = false;\n\n");
+ fprintf(fout, "\tswitch (kern_tclass) {\n");
+ for (i = 0; secclass_map[i].name; i++) {
+ static char s[] = "SOCKET";
+ int len, l;
+ char *name = stoupperx(secclass_map[i].name);
+
+ len = strlen(name);
+ l = sizeof(s) - 1;
+ if (len >= l && memcmp(name + len - l, s, l) == 0)
+ fprintf(fout, "\tcase SECCLASS_%s:\n", name);
+ free(name);
+ }
+ fprintf(fout, "\t\tsock = true;\n");
+ fprintf(fout, "\t\tbreak;\n");
+ fprintf(fout, "\tdefault:\n");
+ fprintf(fout, "\t\tbreak;\n");
+ fprintf(fout, "\t}\n\n");
+ fprintf(fout, "\treturn sock;\n");
+ fprintf(fout, "}\n");
+
+ fprintf(fout, "\n#endif\n");
+
+ if (fclose(fout) != 0) {
+ fprintf(stderr, "Could not successfully close %s: %s\n",
+ argv[1], strerror(errno));
+ exit(4);
+ }
+
+ fout = fopen(argv[2], "w");
+ if (!fout) {
+ fprintf(stderr, "Could not open %s for writing: %s\n",
+ argv[2], strerror(errno));
+ exit(5);
+ }
+
+ fprintf(fout, "/* This file is automatically generated. Do not edit. */\n");
+ fprintf(fout, "#ifndef _SELINUX_AV_PERMISSIONS_H_\n#define _SELINUX_AV_PERMISSIONS_H_\n\n");
+
+ for (i = 0; secclass_map[i].name; i++) {
+ const struct security_class_mapping *map = &secclass_map[i];
+ int len;
+ char *name = stoupperx(map->name);
+
+ len = strlen(name);
+ for (j = 0; map->perms[j]; j++) {
+ char *permname;
+
+ if (j >= 32) {
+ fprintf(stderr, "Too many permissions to fit into an access vector at (%s, %s).\n",
+ map->name, map->perms[j]);
+ exit(5);
+ }
+ permname = stoupperx(map->perms[j]);
+ fprintf(fout, "#define %s__%-*s 0x%08xU\n", name,
+ 39-len, permname, 1U<<j);
+ free(permname);
+ }
+ free(name);
+ }
+
+ fprintf(fout, "\n#endif\n");
+
+ if (fclose(fout) != 0) {
+ fprintf(stderr, "Could not successfully close %s: %s\n",
+ argv[2], strerror(errno));
+ exit(6);
+ }
+
+ exit(0);
+}
projects / linux-block.git / commitdiff