• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1CIL (Common Intermediate Language)
2===============
3## Table of Contents
4
5* [Introduction](cil_introduction.md#Introduction)
6  * [Design Philosophy](cil_introduction.md#design-philosophy)
7  * [Goals and Primary Features](cil_introduction.md#goals-and-primary-features)
8  * [Design Overview](cil_introduction.md#design-overview)
9
10* [CIL Information](cil_reference_guide.md#cil-information)
11  * [Declarations](cil_reference_guide.md#declarations)
12  * [Definitions](cil_reference_guide.md#definitions)
13  * [Symbol Character Set](cil_reference_guide.md#symbol-character-set)
14  * [String Character Set](cil_reference_guide.md#string-character-set)
15  * [Comments](cil_reference_guide.md#comments)
16  * [Namespaces](cil_reference_guide.md#namespaces)
17  * [Global Namespace](cil_reference_guide.md#global-namespace)
18  * [Expressions](cil_reference_guide.md#expressions)
19  * [Name String](cil_reference_guide.md#name-string)
20  * [self](cil_reference_guide.md#self)
21  * [Example CIL Policy](../test/policy.cil)
22
23* [Access Vector Rules](cil_access_vector_rules.md#access-vector-rules)
24  * [allow](cil_access_vector_rules.md#allow)
25  * [auditallow](cil_access_vector_rules.md#auditallow)
26  * [dontaudit](cil_access_vector_rules.md#dontaudit)
27  * [neverallow](cil_access_vector_rules.md#neverallow)
28  * [allowx](cil_access_vector_rules.md#allowx)
29  * [auditallowx](cil_access_vector_rules.md#auditallowx)
30  * [dontauditx](cil_access_vector_rules.md#dontauditx)
31  * [neverallowx](cil_access_vector_rules.md#neverallowx)
32
33* [Call / Macro Statements](cil_call_macro_statements.md#call--macro-statements)
34  * [call](cil_call_macro_statements.md#call)
35  * [macro](cil_call_macro_statements.md#macro)
36
37* [Class and Permission Statements](cil_class_and_permission_statements.md#class-and-permission-statements)
38  * [common](cil_class_and_permission_statements.md#common)
39  * [classcommon](cil_class_and_permission_statements.md#classcommon)
40  * [class](cil_class_and_permission_statements.md#class)
41  * [classorder](cil_class_and_permission_statements.md#classorder)
42  * [classpermission](cil_class_and_permission_statements.md#classpermission)
43  * [classpermissionset](cil_class_and_permission_statements.md#classpermissionset)
44  * [classmap](cil_class_and_permission_statements.md#classmap)
45  * [classmapping](cil_class_and_permission_statements.md#classmapping)
46  * [permissionx](cil_class_and_permission_statements.md#permissionx)
47
48* [Conditional Statements](cil_conditional_statements.md#conditional-statements)
49  * [boolean](cil_conditional_statements.md#boolean)
50  * [booleanif](cil_conditional_statements.md#booleanif)
51  * [tunable](cil_conditional_statements.md#tunable)
52  * [tunableif](cil_conditional_statements.md#tunableif)
53
54* [Constraint Statements](cil_constraint_statements.md#constraint-statements)
55  * [constrain](cil_constraint_statements.md#constrain)
56  * [validatetrans](cil_constraint_statements.md#validatetrans)
57  * [mlsconstrain](cil_constraint_statements.md#mlsconstrain)
58  * [mlsvalidatetrans](cil_constraint_statements.md#mlsvalidatetrans)
59
60* [Container Statements](cil_container_statements.md#container-statements)
61  * [block](cil_container_statements.md#block)
62  * [blockabstract](cil_container_statements.md#blockabstract)
63  * [blockinherit](cil_container_statements.md#blockinherit)
64  * [optional](cil_container_statements.md#optional)
65  * [in](cil_container_statements.md#in)
66
67* [Context Statement](cil_context_statement.md#context-statement)
68  * [context](cil_context_statement.md#context)
69
70* [Default Object Statements](cil_default_object_statements.md#default-object-statements)
71  * [defaultuser](cil_default_object_statements.md#defaultuser)
72  * [defaultrole](cil_default_object_statements.md#defaultrole)
73  * [defaulttype](cil_default_object_statements.md#defaulttype)
74  * [defaultrange](cil_default_object_statements.md#defaultrange)
75
76* [File Labeling Statements](cil_file_labeling_statements.md#file-labeling-statements)
77  * [filecon](cil_file_labeling_statements.md#filecon)
78  * [fsuse](cil_file_labeling_statements.md#fsuse)
79  * [genfscon](cil_file_labeling_statements.md#genfscon)
80
81* [Multi-Level Security Labeling Statements](cil_mls_labeling_statements.md#multi-level-security-labeling-statements)
82  * [sensitivity](cil_mls_labeling_statements.md#sensitivity)
83  * [sensitivityalias](cil_mls_labeling_statements.md#sensitivityalias)
84  * [sensitivityaliasactual](cil_mls_labeling_statements.md#sensitivityaliasactual)
85  * [sensitivityorder](cil_mls_labeling_statements.md#sensitivityorder)
86  * [category](cil_mls_labeling_statements.md#category)
87  * [categoryalias](cil_mls_labeling_statements.md#categoryalias)
88  * [categoryaliasactual](cil_mls_labeling_statements.md#categoryaliasactual)
89  * [categoryorder](cil_mls_labeling_statements.md#categoryorder)
90  * [categoryset](cil_mls_labeling_statements.md#categoryset)
91  * [sensitivitycategory](cil_mls_labeling_statements.md#sensitivitycategory)
92  * [level](cil_mls_labeling_statements.md#level)
93  * [levelrange](cil_mls_labeling_statements.md#levelrange)
94  * [rangetransition](cil_mls_labeling_statements.md#rangetransition)
95  * [mlsconstrain](cil_mls_labeling_statements.md#mlsconstrain)
96  * [mlsvalidatetrans](cil_mls_labeling_statements.md#mlsvalidatetrans)
97
98* [Network Labeling Statements](cil_network_labeling_statements.md#network-labeling-statements)
99  * [ipaddr](cil_network_labeling_statements.md#ipaddr)
100  * [netifcon](cil_network_labeling_statements.md#netifcon)
101  * [nodecon](cil_network_labeling_statements.md#nodecon)
102  * [portcon](cil_network_labeling_statements.md#portcon)
103
104* [Policy Configuration Statements](cil_policy_config_statements.md#policy-configuration-statements)
105  * [mls](cil_policy_config_statements.md#mls)
106  * [handleunknown](cil_policy_config_statements.md#handleunknown)
107  * [policycap](cil_policy_config_statements.md#policycap)
108
109* [Role Statements](cil_role_statements.md#role-statements)
110  * [role](cil_role_statements.md#role)
111  * [roletype](cil_role_statements.md#roletype)
112  * [roleattribute](cil_role_statements.md#roleattribute)
113  * [roleattributeset](cil_role_statements.md#roleattributeset)
114  * [roleallow](cil_role_statements.md#roleallow)
115  * [roletransition](cil_role_statements.md#roletransition)
116  * [rolebounds](cil_role_statements.md#rolebounds)
117
118* [SID Statements](cil_sid_statements.md#sid-statements)
119  * [sid](cil_sid_statements.md#sid)
120  * [sidorder](cil_sid_statements.md#sidorder)
121  * [sidcontext](cil_sid_statements.md#sidcontext)
122
123* [Type Statements](cil_type_statements.md#type-statements)
124  * [type](cil_type_statements.md#type)
125  * [typealias](cil_type_statements.md#typealias)
126  * [typealiasactual](cil_type_statements.md#typealiasactual)
127  * [typeattribute](cil_type_statements.md#typeattribute)
128  * [typeattributeset](cil_type_statements.md#typeattributeset)
129  * [expandtypeattribute](cil_type_statements.md#expandtypeattribute)
130  * [typebounds](cil_type_statements.md#typebounds)
131  * [typechange](cil_type_statements.md#typechange)
132  * [typemember](cil_type_statements.md#typemember)
133  * [typetransition](cil_type_statements.md#typetransition)
134  * [typepermissive](cil_type_statements.md#typepermissive)
135
136* [User Statements](cil_user_statements.md#user-statements)
137  * [user](cil_user_statements.md#user)
138  * [userrole](cil_user_statements.md#userrole)
139  * [userattribute](cil_user_statements.md#userattribute)
140  * [userattributeset](cil_user_statements.md#userattributeset)
141  * [userlevel](cil_user_statements.md#userlevel)
142  * [userrange](cil_user_statements.md#userrange)
143  * [userbounds](cil_user_statements.md#userbounds)
144  * [userprefix](cil_user_statements.md#userprefix)
145  * [selinuxuser](cil_user_statements.md#selinuxuser)
146  * [selinuxuserdefault](cil_user_statements.md#selinuxuserdefault)
147
148* [Infiniband Statements](cil_infiniband_statements.md#infiniband-statements)
149  * [ibpkeycon](cil_infiniband_statements.md#ibpkeycon)
150  * [ibendportcon](cil_infiniband_statements.md#ibendportcon)
151
152* [Xen Statements](cil_xen_statements.md#xen-statements)
153  * [iomemcon](cil_xen_statements.md#iomemcon)
154  * [ioportcon](cil_xen_statements.md#ioportcon)
155  * [pcidevicecon](cil_xen_statements.md#pcidevicecon)
156  * [pirqcon](cil_xen_statements.md#pirqcon)
157  * [devicetreecon](cil_xen_statements.md#devicetreecon)
158
159* [Example Policy](../test/policy.cil#example-policy)
160