diff options
| author | Michal Marek <mmarek@suse.cz> | 2015-01-15 10:39:22 +0100 |
|---|---|---|
| committer | Michal Marek <mmarek@suse.cz> | 2015-04-07 21:27:45 +0200 |
| commit | f02dee2d148ba854464e7dbf09f1241ee159173a (patch) | |
| tree | 6fa1335874239c16a9cce8afe256d52d861ce753 /security/tomoyo/Makefile | |
| parent | bf7a9ab43c2f692bce4ee3ed1456f42c77eb1346 (diff) | |
tomoyo: Do not generate empty policy files
The Makefile automatically generates the tomoyo policy files, which are
not removed by make clean (because they could have been provided by the
user). Instead of generating the missing files, use /dev/null if a
given file is not provided. Store the default exception_policy in
exception_policy.conf.default.
Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Diffstat (limited to 'security/tomoyo/Makefile')
| -rw-r--r-- | security/tomoyo/Makefile | 30 |
1 files changed, 2 insertions, 28 deletions
diff --git a/security/tomoyo/Makefile b/security/tomoyo/Makefile index ecdefb583fcf..65dbcb2fd850 100644 --- a/security/tomoyo/Makefile +++ b/security/tomoyo/Makefile @@ -1,41 +1,15 @@ obj-y = audit.o common.o condition.o domain.o environ.o file.o gc.o group.o load_policy.o memory.o mount.o network.o realpath.o securityfs_if.o tomoyo.o util.o -$(obj)/policy/profile.conf: - @mkdir -p $(obj)/policy/ - @echo Creating an empty policy/profile.conf - @touch $@ - -$(obj)/policy/exception_policy.conf: - @mkdir -p $(obj)/policy/ - @echo Creating a default policy/exception_policy.conf - @echo initialize_domain /sbin/modprobe from any >> $@ - @echo initialize_domain /sbin/hotplug from any >> $@ - -$(obj)/policy/domain_policy.conf: - @mkdir -p $(obj)/policy/ - @echo Creating an empty policy/domain_policy.conf - @touch $@ - -$(obj)/policy/manager.conf: - @mkdir -p $(obj)/policy/ - @echo Creating an empty policy/manager.conf - @touch $@ - -$(obj)/policy/stat.conf: - @mkdir -p $(obj)/policy/ - @echo Creating an empty policy/stat.conf - @touch $@ - targets += builtin-policy.h define do_policy echo "static char tomoyo_builtin_$(1)[] __initdata ="; \ -$(objtree)/scripts/basic/bin2c <$(obj)/policy/$(1).conf; \ +$(objtree)/scripts/basic/bin2c <$(firstword $(wildcard $(obj)/policy/$(1).conf $(srctree)/$(src)/policy/$(1).conf.default) /dev/null); \ echo ";" endef quiet_cmd_policy = POLICY $@ cmd_policy = ($(call do_policy,profile); $(call do_policy,exception_policy); $(call do_policy,domain_policy); $(call do_policy,manager); $(call do_policy,stat)) >$@ -$(obj)/builtin-policy.h: $(obj)/policy/profile.conf $(obj)/policy/exception_policy.conf $(obj)/policy/domain_policy.conf $(obj)/policy/manager.conf $(obj)/policy/stat.conf FORCE +$(obj)/builtin-policy.h: $(wildcard $(obj)/policy/*.conf $(src)/policy/*.conf.default) FORCE $(call if_changed,policy) $(obj)/common.o: $(obj)/builtin-policy.h |