ia64/xen-unstable

view tools/security/Makefile @ 9832:ad30019015a2

This patch adds support in the hypervisor for the policy name attribute
introduced into security policies. It also fixes a minor problem related
to handling unsupported boot policies.

Signed-off by: Reiner Sailer <sailer@us.ibm.com>
author smh22@firebug.cl.cam.ac.uk
date Mon Apr 24 10:51:50 2006 +0100 (2006-04-24)
parents b454a09cddb1
children 8f02d7cb222a
line source
1 XEN_ROOT = ../..
2 include $(XEN_ROOT)/tools/Rules.mk
4 CFLAGS += -Werror
5 CFLAGS += -fno-strict-aliasing
6 CFLAGS += -I.
8 CPPFLAGS += -MMD -MF .$*.d
9 PROG_DEPS = .*.d
11 XML2VERSION = $(shell xml2-config --version )
12 CFLAGS += $(shell xml2-config --cflags )
13 CFLAGS += $(shell if [[ $(XML2VERSION) < 2.6.20 ]]; then echo ""; else echo "-DVALIDATE_SCHEMA"; fi )
14 LDFLAGS += $(shell xml2-config --libs ) # if this does not work, try -L/usr/lib -lxml2 -lz -lpthread -lm
16 ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_NULL_POLICY)
17 POLICY=null
18 endif
19 ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_POLICY)
20 POLICY=chwall
21 endif
22 ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_SIMPLE_TYPE_ENFORCEMENT_POLICY)
23 POLICY=ste
24 endif
25 ifeq ($(ACM_DEFAULT_SECURITY_POLICY),ACM_CHINESE_WALL_AND_SIMPLE_TYPE_ENFORCEMENT_POLICY)
26 POLICY=chwall_ste
27 endif
29 SRCS_TOOL = secpol_tool.c
30 OBJS_TOOL := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_TOOL)))
31 SRCS_XML2BIN = secpol_xml2bin.c secpol_xml2bin.h
32 OBJS_XML2BIN := $(patsubst %.c,%.o,$(filter %.c,$(SRCS_XML2BIN)))
34 ACM_INST_TOOLS = xensec_tool xensec_xml2bin xensec_gen
35 ACM_OBJS = $(OBJS_TOOL) $(OBJS_XML2BIN) $(OBJS_GETD)
36 ACM_SCRIPTS = python/xensec_tools/acm_getlabel python/xensec_tools/acm_getdecision
38 ACM_CONFIG_DIR = /etc/xen/acm-security
39 ACM_POLICY_DIR = $(ACM_CONFIG_DIR)/policies
40 ACM_SCRIPT_DIR = $(ACM_CONFIG_DIR)/scripts
42 ACM_INST_HTML = python/xensec_gen/index.html
43 ACM_INST_CGI = python/xensec_gen/cgi-bin/policy.cgi
44 ACM_SECGEN_HTMLDIR= /var/lib/xensec_gen
45 ACM_SECGEN_CGIDIR = $(ACM_SECGEN_HTMLDIR)/cgi-bin
47 ACM_SCHEMA = security_policy.xsd
48 ACM_EXAMPLES = chwall ste chwall_ste
49 ACM_POLICY_SUFFIX = security_policy.xml
51 ifeq ($(ACM_SECURITY),y)
52 .PHONY: all
53 all: build
55 .PHONY: install
56 install: all $(ACM_CONFIG_FILE)
57 $(INSTALL_DIR) -p $(DESTDIR)/usr/sbin
58 $(INSTALL_PROG) -p $(ACM_INST_TOOLS) $(DESTDIR)/usr/sbin
59 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_CONFIG_DIR)
60 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)
61 $(INSTALL_DATA) -p policies/$(ACM_SCHEMA) $(DESTDIR)$(ACM_POLICY_DIR)
62 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example
63 for i in $(ACM_EXAMPLES); do \
64 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
65 $(INSTALL_DATA) -p policies/example/$$i/client_v1-$(ACM_POLICY_SUFFIX) $(DESTDIR)$(ACM_POLICY_DIR)/example/$$i; \
66 done
67 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SCRIPT_DIR)
68 $(INSTALL_PROG) -p $(ACM_SCRIPTS) $(DESTDIR)$(ACM_SCRIPT_DIR)
69 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SECGEN_HTMLDIR)
70 $(INSTALL_DATA) -p $(ACM_INST_HTML) $(DESTDIR)$(ACM_SECGEN_HTMLDIR)
71 $(INSTALL_DIR) -p $(DESTDIR)$(ACM_SECGEN_CGIDIR)
72 $(INSTALL_PROG) -p $(ACM_INST_CGI) $(DESTDIR)$(ACM_SECGEN_CGIDIR)
73 ifndef XEN_PYTHON_NATIVE_INSTALL
74 python python/setup.py install --home="$(DESTDIR)/usr"
75 else
76 python python/setup.py install --root="$(DESTDIR)"
77 endif
78 else
79 .PHONY: all
80 all:
82 .PHONY: install
83 install:
84 endif
86 .PHONY: build
87 build: mk-symlinks $(ACM_INST_TOOLS) $(ACM_NOINST_TOOLS)
88 python python/setup.py build
89 chmod 700 $(ACM_SCRIPTS)
91 xensec_tool: $(OBJS_TOOL)
92 $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
94 xensec_xml2bin: $(OBJS_XML2BIN)
95 $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^
97 xensec_gen: xensec_gen.py
98 cp -f $^ $@
100 .PHONY: clean
101 clean:
102 $(RM) $(ACM_INST_TOOLS) $(ACM_NOINST_TOOLS)
103 $(RM) $(ACM_OBJS)
104 $(RM) $(PROG_DEPS)
105 $(RM) -r xen
106 $(RM) -r build
108 .PHONY: mrproper
109 mrproper: clean
111 -include $(PROG_DEPS)