@@ -126,6 +126,7 @@ tokens = (
'GEN_REQ',
'TEMPLATE',
'GEN_CONTEXT',
+ 'GEN_TUNABLE',
# m4
'IFELSE',
'IFDEF',
@@ -192,6 +193,7 @@ reserved = {
'gen_require' : 'GEN_REQ',
'template' : 'TEMPLATE',
'gen_context' : 'GEN_CONTEXT',
+ 'gen_tunable' : 'GEN_TUNABLE',
# M4
'ifelse' : 'IFELSE',
'ifndef' : 'IFNDEF',
@@ -518,6 +520,7 @@ def p_policy_stmt(p):
| range_transition_def
| role_transition_def
| bool
+ | gen_tunable
| define
| initial_sid
| genfscon
@@ -844,6 +847,17 @@ def p_bool(p):
b.state = False
p[0] = b
+def p_gen_tunable(p):
+ '''gen_tunable : GEN_TUNABLE OPAREN TICK IDENTIFIER SQUOTE COMMA TRUE CPAREN
+ | GEN_TUNABLE OPAREN TICK IDENTIFIER SQUOTE COMMA FALSE CPAREN'''
+ b = refpolicy.Bool()
+ b.name = p[4]
+ if p[7] == "true":
+ b.state = True
+ else:
+ b.state = False
+ p[0] = b
+
def p_conditional(p):
''' conditional : IF OPAREN cond_expr CPAREN OBRACE interface_stmts CBRACE
| IF OPAREN cond_expr CPAREN OBRACE interface_stmts CBRACE ELSE OBRACE interface_stmts CBRACE
Currently sepolgen-ifgen parses a gen_tunable statement as interface and reports in verbose mode: Missing interface definition for gen_tunable Add grammar for gen_tunable statements in the refparser Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com> --- v4: no changes v3: no changes python/sepolgen/src/sepolgen/refparser.py | 14 ++++++++++++++ 1 file changed, 14 insertions(+)