checkpolicy: allow compiling for target

checkpolicy is currently a host-only package, however it is a
dependency of audit2allow. This patch allows for checkpolicy to be
compiled for the target.

Signed-off-by: Adam Duskett <Adamduskett@outlook.com>
Reviewed-by: Matt Weber <matthew.weber@rockwellcollins.com>
[Thomas:
 - remove LIBSELINUX_INSTALL_STAGING = YES, doing it in
   checkpolicy.mk is wrong, and libselinux is already installed to
   staging
 - add "select BR2_PACKAGE_LIBSELINUX" in Config.in, and propagate the
   necessary dependencies
 - add host-flex in dependencies, since it is also needed (in addition
   to target flex).]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
This commit is contained in:
Adam Duskett 2017-02-02 17:45:03 -05:00 committed by Thomas Petazzoni
parent 86dcd0e6fe
commit b06110621d
3 changed files with 43 additions and 0 deletions

View File

@ -1738,6 +1738,7 @@ menu "Real-Time"
endmenu
menu "Security"
source "package/checkpolicy/Config.in"
source "package/policycoreutils/Config.in"
source "package/sepolgen/Config.in"
source "package/setools/Config.in"

View File

@ -0,0 +1,21 @@
config BR2_PACKAGE_CHECKPOLICY
bool "checkpolicy"
select BR2_PACKAGE_LIBSELINUX
select BR2_PACKAGE_FLEX
depends on BR2_TOOLCHAIN_HAS_THREADS # libselinux
depends on !BR2_STATIC_LIBS # libselinux
depends on BR2_TOOLCHAIN_USES_GLIBC # libselinux
depends on !BR2_arc # libselinux
help
checkpolicy is the SELinux policy compiler. It uses libsepol
to generate the binary policy. checkpolicy uses the static
libsepol since it deals with low level details of the policy
that have not been encapsulated/abstracted by a proper
shared library interface.
http://selinuxproject.org/page/Main_Page
comment "checkpolicy needs a glibc toolchain w/ threads, dynamic library"
depends on !BR2_arc
depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || \
!BR2_TOOLCHAIN_USES_GLIBC

View File

@ -9,6 +9,26 @@ CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux
CHECKPOLICY_LICENSE = GPL-2.0
CHECKPOLICY_LICENSE_FILES = COPYING
CHECKPOLICY_DEPENDENCIES = libselinux flex host-flex host-bison
TARGET_CHECKPOLICY_MAKE_OPTS = $(TARGET_CONFIGURE_OPTS) \
LEX="$(HOST_DIR)/usr/bin/flex" \
YACC="$(HOST_DIR)/usr/bin/bison -y"
# DESTDIR is used at build time to find libselinux
define CHECKPOLICY_BUILD_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) $(TARGET_CHECKPOLICY_MAKE_OPTS) DESTDIR=$(STAGING_DIR)
endef
define CHECKPOLICY_STAGING_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) $(TARGET_CHECKPOLICY_MAKE_OPTS) DESTDIR=$(STAGING_DIR) install
endef
define CHECKPOLICY_INSTALL_TARGET_CMDS
$(TARGET_MAKE_ENV) $(MAKE) -C $(@D) $(TARGET_CHECKPOLICY_MAKE_OPTS) DESTDIR=$(TARGET_DIR) install
endef
HOST_CHECKPOLICY_DEPENDENCIES = host-libselinux host-flex host-bison
HOST_CHECKPOLICY_MAKE_OPTS = $(HOST_CONFIGURE_OPTS) \
@ -24,4 +44,5 @@ define HOST_CHECKPOLICY_INSTALL_CMDS
$(HOST_MAKE_ENV) $(MAKE) -C $(@D) $(HOST_CHECKPOLICY_MAKE_OPTS) DESTDIR=$(HOST_DIR) install
endef
$(eval $(generic-package))
$(eval $(host-generic-package))