Name		Name	Last commit message	Last commit date
parent directory ..
Makefile		Makefile
README.md		README.md
cil_access_vector_rules.md		cil_access_vector_rules.md
cil_call_macro_statements.md		cil_call_macro_statements.md
cil_class_and_permission_statements.md		cil_class_and_permission_statements.md
cil_conditional_statements.md		cil_conditional_statements.md
cil_constraint_statements.md		cil_constraint_statements.md
cil_container_statements.md		cil_container_statements.md
cil_context_statement.md		cil_context_statement.md
cil_default_object_statements.md		cil_default_object_statements.md
cil_design.dia		cil_design.dia
cil_design.jpeg		cil_design.jpeg
cil_file_labeling_statements.md		cil_file_labeling_statements.md
cil_infiniband_statements.md		cil_infiniband_statements.md
cil_introduction.md		cil_introduction.md
cil_mls_labeling_statements.md		cil_mls_labeling_statements.md
cil_network_labeling_statements.md		cil_network_labeling_statements.md
cil_policy_config_statements.md		cil_policy_config_statements.md
cil_reference_guide.md		cil_reference_guide.md
cil_role_statements.md		cil_role_statements.md
cil_sid_statements.md		cil_sid_statements.md
cil_type_statements.md		cil_type_statements.md
cil_user_statements.md		cil_user_statements.md
cil_xen_statements.md		cil_xen_statements.md

README.md

CIL (Common Intermediate Language)

Introduction
- Design Philosophy
- Goals and Primary Features
- Design Overview
CIL Information
- Declarations
- Definitions
- Symbol Character Set
- String Character Set
- Comments
- Namespaces
- Global Namespace
- Expressions
- Name String
- self
- Example CIL Policy
Access Vector Rules
- allow
- auditallow
- dontaudit
- neverallow
- allowx
- auditallowx
- dontauditx
- neverallowx
Call / Macro Statements
- call
- macro
Class and Permission Statements
- common
- classcommon
- class
- classorder
- classpermission
- classpermissionset
- classmap
- classmapping
- permissionx
Conditional Statements
- boolean
- booleanif
- tunable
- tunableif
Constraint Statements
- constrain
- validatetrans
- mlsconstrain
- mlsvalidatetrans
Container Statements
- block
- blockabstract
- blockinherit
- optional
- in
Context Statement
- context
Default Object Statements
- defaultuser
- defaultrole
- defaulttype
- defaultrange
File Labeling Statements
- filecon
- fsuse
- genfscon
Multi-Level Security Labeling Statements
- sensitivity
- sensitivityalias
- sensitivityaliasactual
- sensitivityorder
- category
- categoryalias
- categoryaliasactual
- categoryorder
- categoryset
- sensitivitycategory
- level
- levelrange
- rangetransition
- mlsconstrain
- mlsvalidatetrans
Network Labeling Statements
- ipaddr
- netifcon
- nodecon
- portcon
Policy Configuration Statements
- mls
- handleunknown
- policycap
Role Statements
- role
- roletype
- roleattribute
- roleattributeset
- roleallow
- roletransition
- rolebounds
SID Statements
- sid
- sidorder
- sidcontext
Type Statements
- type
- typealias
- typealiasactual
- typeattribute
- typeattributeset
- typebounds
- typechange
- typemember
- typetransition
- typepermissive
User Statements
- user
- userrole
- userattribute
- userattributeset
- userlevel
- userrange
- userbounds
- userprefix
- selinuxuser
- selinuxuserdefault
Infiniband Statements
- ibpkeycon
- ibendportcon
Xen Statements
- iomemcon
- ioportcon
- pcidevicecon
- pirqcon
- devicetreecon
Example Policy

Files

docs

Directory actions

More options

Directory actions

More options

Latest commit

History

docs

Folders and files

parent directory

CIL (Common Intermediate Language)

Table of Contents