]> xenbits.xensource.com Git - xen.git/commitdiff
projects / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f06c84e)
xen: flask: Restrict generated header to xen + tools
authorIan Campbell <ian.campbell@citrix.com>
Wed, 20 May 2015 14:38:57 +0000 (15:38 +0100)
committerIan Campbell <ian.campbell@citrix.com>
Thu, 21 May 2015 14:25:41 +0000 (15:25 +0100)
This isn't strictly necessary but since it is going to be exposed via
tools/include in a later patch this will help prevent accidental
leakage beyond the tools.

Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
Acked-by: Wei Liu <wei.liu2@citrix.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
xen/xsm/flask/policy/mkflask.sh patch | blob | blame | history

diff --git a/xen/xsm/flask/policy/mkflask.sh b/xen/xsm/flask/policy/mkflask.sh
index 9e240209d1bd3ec60b32b4a831564f6f6ee5cba6..989a323b8048f6b777e5a6a9de3ad065f941eaa2 100644 (file)
--- a/xen/xsm/flask/policy/mkflask.sh
+++ b/xen/xsm/flask/policy/mkflask.sh
@@ -28,6 +28,7 @@ BEGIN {
 
                printf("#ifndef _SELINUX_FLASK_H_\n") > outfile;
                printf("#define _SELINUX_FLASK_H_\n") > outfile;
+               printf("\n#if defined(__XEN__) || defined(__XEN_TOOLS__)\n") > outfile;
                printf("\n/*\n * Security object class definitions\n */\n") > outfile;
                printf("/* This file is automatically generated.  Do not edit. */\n") > debugfile;
                printf("/*\n * Security object class definitions\n */\n") > debugfile;
@@ -91,6 +92,7 @@ END   {
                for (i = 0; i < 34; i++) 
                        printf(" ") > outfile; 
                printf("%d\n", sid_value) > outfile; 
+               printf("\n#endif /* __XEN__ || __XEN_TOOLS__ */\n") > outfile;
                printf("\n#endif\n") > outfile;
                printf("};\n\n") > debugfile2;
        }'
Xen (staging and unstable) mirror