On Sat, Feb 6, 2021 at 4:05 PM bauen1 <j2468h@xxxxxxxxxxxxxx> wrote: > > This is done by creating a somewhat rudimentary KDE syntax xml for > pandoc. > > The default styles provided by pandoc don't look very good and don't > highlight e.g. the strings marked as builtin. > > Signed-off-by: Jonathan Hettwer <j2468h@xxxxxxxxx> > --- > secilc/docs/Makefile | 10 +- > secilc/docs/secil.xml | 236 ++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 242 insertions(+), 4 deletions(-) > create mode 100644 secilc/docs/secil.xml > > diff --git a/secilc/docs/Makefile b/secilc/docs/Makefile > index 79a165ba..a91bcde0 100644 > --- a/secilc/docs/Makefile > +++ b/secilc/docs/Makefile > @@ -28,6 +28,8 @@ FILE_LIST ?= cil_introduction.md \ > > PANDOC_FILE_LIST = $(addprefix $(TMPDIR)/,$(FILE_LIST)) > > +PANDOC_HIGHLIGHT_STYLE="pygments" > + > PDF_OUT=CIL_Reference_Guide.pdf > HTML_OUT=CIL_Reference_Guide.html > PANDOC = pandoc > @@ -54,13 +56,13 @@ $(TMPDIR)/policy.cil: $(TESTDIR)/policy.cil > $(SED) -i '1i Example Policy\n=========\n```secil' $@ > echo '```' >> $@ > > -html: $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil > +html: $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil secil.xml > mkdir -p $(HTMLDIR) > - $(PANDOC) -t html $^ -o $(HTMLDIR)/$(HTML_OUT) > + $(PANDOC) --highlight-style=$(PANDOC_HIGHLIGHT_STYLE) --syntax-definition=secil.xml --standalone --metadata title="CIL Reference Guide" -t html $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil -o $(HTMLDIR)/$(HTML_OUT) > > -pdf: $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil > +pdf: $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil secil.xml > mkdir -p $(PDFDIR) > - $(PANDOC) --standalone --toc $^ -o $(PDFDIR)/$(PDF_OUT) > + $(PANDOC) --highlight-style=$(PANDOC_HIGHLIGHT_STYLE) --syntax-definition=secil.xml --standalone --toc $(PANDOC_FILE_LIST) $(TMPDIR)/policy.cil -o $(PDFDIR)/$(PDF_OUT) > > clean: > rm -rf $(HTMLDIR) > diff --git a/secilc/docs/secil.xml b/secilc/docs/secil.xml > new file mode 100644 > index 00000000..daa80ded > --- /dev/null > +++ b/secilc/docs/secil.xml > @@ -0,0 +1,236 @@ > +<?xml version="1.0" encoding="UTF-8"?> > +<!-- https://docs.kde.org/trunk5/en/applications/katepart/highlight.html#katehighlight-xml-format --> > +<!DOCTYPE language SYSTEM "language.dtd"> > +<language name="secil" section="Sources" extensions="*.cil" version="1" kateversion="2.4"> > + <!-- > + The keywords where extracted from libsepol/cil/src/cil.c sorted into the > + right lists and sorted alphabetically > + --> > + <list name="keywords_blockstart"> > + <item>allow</item> > + <item>allowx</item> > + <item>auditallow</item> > + <item>auditallowx</item> > + <item>block</item> > + <item>blockabstract</item> > + <item>boolean</item> > + <item>booleanif</item> > + <item>category</item> > + <item>categoryalias</item> > + <item>categoryaliasactual</item> > + <item>categoryorder</item> > + <item>categoryset</item> > + <item>class</item> > + <item>classcommon</item> > + <item>classmap</item> > + <item>classmapping</item> > + <item>classorder</item> > + <item>classpermission</item> > + <item>classpermissionset</item> > + <item>common</item> > + <item>constrain</item> > + <item>context</item> > + <item>defaultrange</item> > + <item>defaultrole</item> > + <item>defaulttype</item> > + <item>defaultuser</item> > + <item>devicetreecon</item> > + <item>dontaudit</item> > + <item>dontauditx</item> > + <item>expandtypeattribute</item> > + <item>false</item> > + <item>filecon</item> > + <item>fsuse</item> > + <item>genfscon</item> > + <item>handleunknown</item> > + <item>ibendportcon</item> > + <item>ibpkeycon</item> > + <item>ioctl</item> > + <item>iomemcon</item> > + <item>ioportcon</item> > + <item>ipaddr</item> > + <item>level</item> > + <item>levelrange</item> > + <item>mls</item> > + <item>mlsconstrain</item> > + <item>mlsvalidatetrans</item> > + <item>netifcon</item> > + <item>neverallow</item> > + <item>neverallowx</item> > + <item>nodecon</item> > + <item>optional</item> > + <item>pcidevicecon</item> > + <item>perm</item> > + <item>permissionx</item> > + <item>pirqcon</item> > + <item>policycap</item> > + <item>portcon</item> > + <item>rangetransition</item> > + <item>role</item> > + <item>roleallow</item> > + <item>roleattribute</item> > + <item>roleattributeset</item> > + <item>rolebounds</item> > + <item>roletransition</item> > + <item>roletype</item> > + <item>selinuxuser</item> > + <item>selinuxuserdefault</item> > + <item>sensitivity</item> > + <item>sensitivityalias</item> > + <item>sensitivityaliasactual</item> > + <item>sensitivitycategory</item> > + <item>sensitivityorder</item> > + <item>sid</item> > + <item>sidcontext</item> > + <item>sidorder</item> > + <item>true</item> > + <item>tunable</item> > + <item>tunableif</item> > + <item>type</item> > + <item>typealias</item> > + <item>typealiasactual</item> > + <item>typeattribute</item> > + <item>typeattributeset</item> > + <item>typebounds</item> > + <item>typechange</item> > + <item>typemember</item> > + <item>typepermissive</item> > + <item>typetransition</item> > + <item>unordered</item> > + <item>user</item> > + <item>userattribute</item> > + <item>userattributeset</item> > + <item>userbounds</item> > + <item>userlevel</item> > + <item>userprefix</item> > + <item>userrange</item> > + <item>userrole</item> > + <item>validatetrans</item> > + </list> > + > + <list name="function"> > + <item>blockinherit</item> > + <item>call</item> > + <item>in</item> > + <item>macro</item> > + </list> > + I am not sure it adds a lot to have these as separate colors. Also, when call is used as a permission, it is highlighted. It would be nice if that could be fixed. Thanks, Jim > + <list name="operators"> > + <item>and</item> > + <item>dom</item> > + <item>domby</item> > + <item>eq</item> > + <item>incomp</item> > + <item>neq</item> > + <item>not</item> > + <item>or</item> > + <item>range</item> > + <item>xor</item> > + </list> > + > + <!-- list of "magic" functions or values --> > + <list name="builtins"> > + <item>*</item> > + <item>all</item> > + <item>dccp</item> > + <item>false</item> > + <item>h1</item> > + <item>h2</item> > + <item>l1</item> > + <item>l2</item> > + <item>object_r</item> > + <item>r1</item> > + <item>r2</item> > + <item>r3</item> > + <item>sctp</item> > + <item>self</item> > + <item>t1</item> > + <item>t2</item> > + <item>t3</item> > + <item>tcp</item> > + <item>true</item> > + <item>u1</item> > + <item>u2</item> > + <item>u3</item> > + <item>udp</item> > + > + <!-- > + Excluded because they lead to a lot of false-positives > + <item>allow</item> > + <item>any</item> > + <item>char</item> > + <item>deny</item> > + <item>dir</item> > + <item>file</item> > + <item>glblub</item> > + <item>high</item> > + <item>low-high</item> > + <item>low</item> > + <item>pipe</item> > + <item>reject</item> > + <item>socket</item> > + <item>source</item> > + <item>symlink</item> > + <item>target</item> > + <item>task</item> > + <item>trans</item> > + <item>xattr</item> > + --> > + </list> > + <highlighting> > + <contexts> > + <context name="Normal" attribute="Normal" lineEndContext="#stay"> > + <DetectChar attribute="Brackets" context="BlockStart" char="("/> > + > + <DetectChar attribute="Comment" context="Comment" char=";"/> > + </context> > + <context name="BlockStart" attribute="Normal" lineEndContext="#stay"> > + <keyword attribute="Keyword" context="Block" String="keywords_blockstart"/> > + <keyword attribute="Function" context="Block" String="function"/> > + <keyword attribute="Operator" context="Block" String="operators"/> > + > + <DetectChar attribute="Comment" context="Comment" char=";"/> > + </context> > + <context name="Block" attribute="Normal" lineEndContext="#stay"> > + <keyword attribute="Builtin" context="#stay" String="builtins"/> > + > + <DetectChar attribute="Comment" context="Comment" char=";"/> > + <DetectChar attribute="String" context="String" char="""/> > + > + <DetectChar attribute="Brackets" context="BlockStart" char="("/> > + <DetectChar attribute="Brackets" context="#pop" char=")"/> > + </context> > + > + <!-- single line comment --> > + <context name="Comment" attribute="Comment" lineEndContext="#pop"></context> > + > + <!-- string / name --> > + <context name="String" attribute="String" lineEndContext="#stay"> > + <RegExpr attribute="Char" context="#stay" String="#\\."/> > + > + <!-- allow escaping " or similiar --> > + <HlCStringChar attribute="String Char" context="#stay"/> > + > + <DetectChar attribute="String" context="#pop" char="""/> > + </context> > + </contexts> > + <itemDatas> > + <itemData name="Normal" defStyleNum="dsNormal" /> > + <itemData name="Keyword" defStyleNum="dsKeyword"/> > + <itemData name="Function" defStyleNum="dsFunction"/> > + <itemData name="Operator" defStyleNum="dsOperator"/> > + <itemData name="Builtin" defStyleNum="dsBuiltIn"/> > + > + <itemData name="Comment" defStyleNum="dsComment"/> > + > + <itemData name="String" defStyleNum="dsString"/> > + <itemData name="String Char" defStyleNum="dsSpecialChar"/> > + </itemDatas> > + </highlighting> > + <general> > + <comments> > + <comment name="singleLine" start=";"/> > + </comments> > + <keywords casesensitive="1" weakDeliminator="."/> > + </general> > +</language> > -- > 2.30.0 >