Add syntax highlighting for SELinux kernel policy language
ClosedPublic
Actions

Authored by nibags on Aug 26 2018, 4:13 PM.

Details

Reviewers

dhaumann
cullmann

Group Reviewers

Framework: Syntax Highlighting

Commits

R216:ffebb14537a2: Add syntax highlighting for SELinux kernel policy language
R216:498f72d49a66: Add syntax highlighting for SELinux kernel policy language

Summary

This corresponds to the standard policy language of SELinux [1], used for example, by the SELinux Reference Policy [2] or the Android policies [3][4].

Extensions and files to highlight:

SELinux Type Enforcement (*.te)
SELinux Interface File (*.if)
M 4 Macros of Reference Policy (*.spt)
Some policy build files and policy config. files (access_vectors, mls, mcs, mls_macros, te_macros, policy_capabilities, seapp_contexts, port_contexts), and monolithic policy (policy.conf). NOTE: I added only relevant configuration files and policy building, since many have very generic names.

Also, this file contains common rules and keywords between selinux-fc.xml and selinux-cil.xml. For example, it contains the RegExp highlighting and the Permissions keywords. The idea is to avoid having repeated keywords and rules between the SELinux highlighting files.

References:
[1] SELinux Wiki. PolicyLanguage: https://selinuxproject.org/page/PolicyLanguage#Kernel_Policy_Language
[2] SELinux Reference Policy: https://github.com/SELinuxProject/refpolicy/wiki
[3] Security-Enhanced Linux in Android: https://source.android.com/security/selinux/
[4] SELinux policy configuration for AOSP: https://android.googlesource.com/platform/system/sepolicy/

Diff Detail

Repository

R216 Syntax Highlighting

Branch

add-selinux

Lint

No Linters Available

Unit

No Unit Test Coverage

Build Status

Buildable 2383
Build 2401: arc lint + arc unit

nibags created this revision.Aug 26 2018, 4:13 PM

Restricted Application added projects: Kate, Frameworks. · View Herald TranscriptAug 26 2018, 4:13 PM

Restricted Application added subscribers: kde-frameworks-devel, kwrite-devel. · View Herald Transcript

nibags requested review of this revision.Aug 26 2018, 4:13 PM

Harbormaster completed remote builds in B2264: Diff 40472.Aug 26 2018, 4:13 PM

nibags edited the summary of this revision. (Show Details)Aug 26 2018, 4:16 PM

nibags added a dependent revision: D11945: Improve highlighting of SELinux CIL policies & file contexts.Aug 26 2018, 6:11 PM

nibags edited the summary of this revision. (Show Details)

cullmann accepted this revision.Aug 26 2018, 7:26 PM

This revision is now accepted and ready to land.Aug 26 2018, 7:26 PM

Remove deprecated permissions (7 keywords)

Harbormaster completed remote builds in B2277: Diff 40492.Aug 27 2018, 9:31 AM

I'll do the commit this week, because I want to do a last test...

Update

I checked the highlight in several policies and made some changes:

I verify that SELinux does not support multi-line strings (neither line continuation escapes).
Small improvements in the detection of MLS/MCS Levels.
Added "#line" of m4 (appears in the parser and I forgot to add).

The file is OK. If there is no problem, I will do commit.

Harbormaster completed remote builds in B2383: Diff 40763.Aug 31 2018, 12:38 PM

Small correction in a comment

Harbormaster completed remote builds in B2389: Diff 40769.Aug 31 2018, 1:45 PM

acrouthamel awarded a token.Aug 31 2018, 3:24 PM

nibags closed this revision.Aug 31 2018, 4:37 PM

Revision Contents
Changeset List

		Path
A	M	autotests/folding/test.te.fold (139 lines)
A	M	autotests/html/test.te.html (146 lines)
A	M	autotests/input/test.te (139 lines)
A	M	autotests/reference/test.te.ref (139 lines)
A	M	data/syntax/selinux.xml (1623 lines)

Diff	ID	Base	Description	Created	Lint	Unit
Base			Base
Diff 1	40472	3d1b8dc		Aug 26 2018, 4:13 PM	★	★
Diff 2	40492	3d1b8dc	- Remove depreciated permissions (7 keywords)	Aug 27 2018, 9:31 AM	★	★
Diff 3	40763	3d1b8dc	- Update	Aug 31 2018, 12:38 PM	★	★
Diff 4	40769	3d1b8dc	- Small correction in a comment	Aug 31 2018, 1:45 PM	★	★

Commit	Tree	Parents	Author	Summary	Date
4351189695d8	6e331d63fd63	4fb079a34a5f	Nibaldo González	Some improvements	Aug 31 2018, 12:34 PM
4fb079a34a5f	f0eed5e3870e	6bbc471fae0f	Nibaldo González	Remove depreciated permissions	Aug 27 2018, 9:28 AM
6bbc471fae0f	f0bfe95f8fc0	3d1b8dc72191	Nibaldo González	Add syntax highlighting for SELinux kernel policy language (Show More…)	Aug 26 2018, 4:07 PM

	Status	Author	Revision
	Closed	nibags	D11945 Improve highlighting of SELinux CIL policies & file contexts
	Closed	nibags	D15089 Add syntax highlighting for SELinux kernel policy language