From f70d712e4f505f5c5b50ae17f4f023d20a667568 Mon Sep 17 00:00:00 2001
From: José Bollo <jose.bollo@iot.bzh>
Date: Wed, 24 Jan 2018 11:38:43 +0100
Subject: Integrate parts of meta-intel-iot-security
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Adds the recipes of the sub layers
 - meta-security-framework
 - meta-security-smack

Change-Id: I618608008a3b3d1d34adb6e38048110f13ac0643
Signed-off-by: José Bollo <jose.bollo@iot.bzh>
---
 .../audit/add-system-call-table-for-ARM.patch      |   46 +
 .../audit/audit/audit-for-cross-compiling.patch    | 2938 ++++++++++++++++++++
 .../audit/audit/audit-python-configure.patch       |   27 +
 .../audit/audit/audit-python.patch                 |   31 +
 .../audit/audit/audit-volatile.conf                |    1 +
 meta-security/recipes-security/audit/audit/auditd  |  153 +
 .../recipes-security/audit/audit/auditd.service    |   20 +
 .../audit/audit/disable-ldap.patch                 |   59 +
 .../audit/audit/fix-swig-host-contamination.patch  |   48 +
 .../recipes-security/audit/audit_2.3.2.bb          |  102 +
 meta-security/recipes-security/cynara/cynara.inc   |  158 ++
 ...cmake-Improves-directories-and-libsystemd.patch |  119 +
 .../cynara-db-migration-abort-on-errors.patch      |   31 +
 .../cynara/cynara/gmock-pthread-linking.patch      |   31 +
 .../recipes-security/cynara/cynara/run-ptest       |    4 +
 .../recipes-security/cynara/cynara_git.bb          |   11 +
 .../keyutils/keyutils-arm-remove-m32-m64.patch     |   19 +
 .../keyutils/keyutils_fix_library_install.patch    |   30 +
 .../keyutils/keyutils_fix_x86-64_cflags.patch      |   13 +
 .../keyutils/keyutils_fix_x86_cflags.patch         |   13 +
 .../recipes-security/keyutils/keyutils_1.5.8.bb    |   44 +
 .../libcap-ng/libcap-ng/CVE-2014-3215.patch        |   79 +
 .../libcap-ng/libcap-ng/python.patch               |   39 +
 .../recipes-security/libcap-ng/libcap-ng_0.7.3.bb  |   39 +
 .../security-manager/security-manager.inc          |   98 +
 ...0001-Smack-rules-create-two-new-functions.patch |  116 +
 ...all-implement-multiple-set-of-smack-rules.patch |   34 +
 .../Removing-tizen-platform-config.patch           |  196 ++
 .../c-11-replace-depracated-auto_ptr.patch         |   32 +
 .../security-manager/include-linux-xattr.patch     |   24 +
 .../libcap-without-pkgconfig.patch                 |   32 +
 .../removes-dependency-to-libslp-db-utils.patch    |   78 +
 ...nager-policy-reload-do-not-depend-on-GNU-.patch |   35 +
 ...ocket-manager-removes-tizen-specific-call.patch |   47 +
 .../systemd-stop-using-compat-libs.patch           |   47 +
 .../security-manager/security-manager_git.bb       |   34 +
 .../recipes-security/smack/smack-userspace_git.bb  |   27 +
 .../recipes-security/smacknet/files/smacknet       |  184 ++
 .../smacknet/files/smacknet.service                |   11 +
 .../recipes-security/smacknet/smacknet.bb          |   29 +
 40 files changed, 5079 insertions(+)
 create mode 100644 meta-security/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
 create mode 100644 meta-security/recipes-security/audit/audit/audit-for-cross-compiling.patch
 create mode 100644 meta-security/recipes-security/audit/audit/audit-python-configure.patch
 create mode 100644 meta-security/recipes-security/audit/audit/audit-python.patch
 create mode 100644 meta-security/recipes-security/audit/audit/audit-volatile.conf
 create mode 100755 meta-security/recipes-security/audit/audit/auditd
 create mode 100644 meta-security/recipes-security/audit/audit/auditd.service
 create mode 100644 meta-security/recipes-security/audit/audit/disable-ldap.patch
 create mode 100644 meta-security/recipes-security/audit/audit/fix-swig-host-contamination.patch
 create mode 100644 meta-security/recipes-security/audit/audit_2.3.2.bb
 create mode 100644 meta-security/recipes-security/cynara/cynara.inc
 create mode 100644 meta-security/recipes-security/cynara/cynara/cmake-Improves-directories-and-libsystemd.patch
 create mode 100644 meta-security/recipes-security/cynara/cynara/cynara-db-migration-abort-on-errors.patch
 create mode 100644 meta-security/recipes-security/cynara/cynara/gmock-pthread-linking.patch
 create mode 100755 meta-security/recipes-security/cynara/cynara/run-ptest
 create mode 100644 meta-security/recipes-security/cynara/cynara_git.bb
 create mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch
 create mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch
 create mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch
 create mode 100644 meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch
 create mode 100644 meta-security/recipes-security/keyutils/keyutils_1.5.8.bb
 create mode 100644 meta-security/recipes-security/libcap-ng/libcap-ng/CVE-2014-3215.patch
 create mode 100644 meta-security/recipes-security/libcap-ng/libcap-ng/python.patch
 create mode 100644 meta-security/recipes-security/libcap-ng/libcap-ng_0.7.3.bb
 create mode 100644 meta-security/recipes-security/security-manager/security-manager.inc
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/0001-Smack-rules-create-two-new-functions.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/0002-app-install-implement-multiple-set-of-smack-rules.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/Removing-tizen-platform-config.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/c-11-replace-depracated-auto_ptr.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/include-linux-xattr.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/libcap-without-pkgconfig.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/removes-dependency-to-libslp-db-utils.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/security-manager-policy-reload-do-not-depend-on-GNU-.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/socket-manager-removes-tizen-specific-call.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager/systemd-stop-using-compat-libs.patch
 create mode 100644 meta-security/recipes-security/security-manager/security-manager_git.bb
 create mode 100644 meta-security/recipes-security/smack/smack-userspace_git.bb
 create mode 100644 meta-security/recipes-security/smacknet/files/smacknet
 create mode 100644 meta-security/recipes-security/smacknet/files/smacknet.service
 create mode 100644 meta-security/recipes-security/smacknet/smacknet.bb

(limited to 'meta-security/recipes-security')

diff --git a/meta-security/recipes-security/audit/audit/add-system-call-table-for-ARM.patch b/meta-security/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
new file mode 100644
index 000000000..ad94d11bd
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/add-system-call-table-for-ARM.patch
@@ -0,0 +1,46 @@
+From 52ff74be2f01182ed9d4fcc3da059512fad63d72 Mon Sep 17 00:00:00 2001
+From: Han Chao <chan@windriver.com>
+Date: Thu, 27 Feb 2014 14:58:57 +0800
+Subject: [PATCH] add system call table for ARM.
+
+This change enable audit system call on ARM.
+Add arm System call table on machinetabs.h.
+Audit system call need enable kernel config CONFIG_AUDITSYSCALL.
+
+Signed-off-by: Han Chao <chan@windriver.com>
+---
+ lib/machinetabs.h |   11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/lib/machinetabs.h b/lib/machinetabs.h
+index ec2d033..1c2e284 100644
+--- a/lib/machinetabs.h
++++ b/lib/machinetabs.h
+@@ -1,10 +1,11 @@
+-/* This is a generated file, see Makefile.am for its inputs. */
+-static const char machine_strings[] = "i386\0i486\0i586\0i686\0ia64\0ppc\0ppc64\0s390\0s390x\0x86_64";
++/* Such is aways generated file, see Makefile.am for its inputs.
++ * But this version is not generated file, which is for ARM. */
++static const char machine_strings[] = "armeb\0armv5tejl\0armv5tel\0armv6l\0armv7l";
+ static const unsigned machine_s2i_s[] = {
+-	0,5,10,15,20,25,29,35,40,46,
++	0,6,16,25,32,
+ };
+ static const int machine_s2i_i[] = {
+-	0,0,0,0,2,4,3,6,5,1,
++	8,8,8,8,8,
+ };
+ static int machine_s2i(const char *s, int *value) {
+ 	size_t len, i;
+@@ -19,7 +20,7 @@ static int machine_s2i(const char *s, int *value) {
+ 	}
+ }
+ static const unsigned machine_i2s_direct[] = {
+-	0,46,20,29,25,40,35,
++    39,85,59,68,64,
+ };
+ static const char *machine_i2s(int v) {
+ 	return i2s_direct__(machine_strings, machine_i2s_direct, 0, 6, v);
+-- 
+1.7.9.5
+
diff --git a/meta-security/recipes-security/audit/audit/audit-for-cross-compiling.patch b/meta-security/recipes-security/audit/audit/audit-for-cross-compiling.patch
new file mode 100644
index 000000000..60a23a8a4
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/audit-for-cross-compiling.patch
@@ -0,0 +1,2938 @@
+From f73f654734c5f0d1a6568c6c8fba232b01f919f4 Mon Sep 17 00:00:00 2001
+From: Joe MacDonald <joe@deserted.net>
+Date: Wed, 23 Oct 2013 16:02:34 -0400
+Subject: [PATCH] audit: use generated headers for cross compiling
+
+In the same vein as the patch for audit 2.2.1 (commit: 6c77455b), we generate
+the headers which are inherently architecture specific but portable on a
+convenient platform and use them for all platforms.
+
+Upstream-Status: Inappropriate [cross-compile specific]
+
+Signed-off-by: Joe MacDonald <joe@deserted.net>
+---
+ auparse/Makefile.am       |  200 ---------------------------------------------
+ auparse/accesstabs.h      |    6 ++
+ auparse/captabs.h         |   14 ++++
+ auparse/clocktabs.h       |    8 ++
+ auparse/clone-flagtabs.h  |   10 +++
+ auparse/epoll_ctls.h      |    8 ++
+ auparse/famtabs.h         |   14 ++++
+ auparse/fcntl-cmdtabs.h   |   17 ++++
+ auparse/flagtabs.h        |    6 ++
+ auparse/icmptypetabs.h    |   10 +++
+ auparse/ip6optnametabs.h  |   20 +++++
+ auparse/ipccmdtabs.h      |    6 ++
+ auparse/ipctabs.h         |   11 +++
+ auparse/ipoptnametabs.h   |   17 ++++
+ auparse/mmaptabs.h        |    8 ++
+ auparse/mounttabs.h       |   10 +++
+ auparse/nfprototabs.h     |    9 ++
+ auparse/open-flagtabs.h   |    8 ++
+ auparse/persontabs.h      |   17 ++++
+ auparse/pktoptnametabs.h  |   10 +++
+ auparse/prctl_opttabs.h   |   14 ++++
+ auparse/prottabs.h        |    6 ++
+ auparse/ptracetabs.h      |   17 ++++
+ auparse/recvtabs.h        |    8 ++
+ auparse/rlimittabs.h      |   10 +++
+ auparse/schedtabs.h       |    8 ++
+ auparse/seccomptabs.h     |   11 +++
+ auparse/seektabs.h        |    8 ++
+ auparse/shm_modetabs.h    |    6 ++
+ auparse/signaltabs.h      |   14 ++++
+ auparse/sockleveltabs.h   |   12 +++
+ auparse/sockoptnametabs.h |   23 ++++++
+ auparse/socktabs.h        |   10 +++
+ auparse/socktypetabs.h    |    8 ++
+ auparse/tcpoptnametabs.h  |   12 +++
+ auparse/typetabs.h        |   35 ++++++++
+ auparse/umounttabs.h      |    6 ++
+ lib/Makefile.am           |  106 ------------------------
+ lib/aarch64_tables.h      |  125 ++++++++++++++++++++++++++++
+ lib/actiontabs.h          |   26 ++++++
+ lib/alpha_tables.h        |  196 ++++++++++++++++++++++++++++++++++++++++++++
+ lib/armeb_tables.h        |  165 +++++++++++++++++++++++++++++++++++++
+ lib/errtabs.h             |   78 ++++++++++++++++++
+ lib/fieldtabs.h           |   49 +++++++++++
+ lib/flagtabs.h            |   26 ++++++
+ lib/ftypetabs.h           |   29 +++++++
+ lib/i386_tables.h         |  163 ++++++++++++++++++++++++++++++++++++
+ lib/ia64_tables.h         |  147 +++++++++++++++++++++++++++++++++
+ lib/machinetabs.h         |   26 ++++++
+ lib/msg_typetabs.h        |  104 +++++++++++++++++++++++
+ lib/optabs.h              |   11 +++
+ lib/ppc_tables.h          |  163 ++++++++++++++++++++++++++++++++++++
+ lib/s390_tables.h         |  153 ++++++++++++++++++++++++++++++++++
+ lib/s390x_tables.h        |  144 ++++++++++++++++++++++++++++++++
+ lib/x86_64_tables.h       |  150 ++++++++++++++++++++++++++++++++++
+ 55 files changed, 2172 insertions(+), 306 deletions(-)
+ create mode 100644 auparse/accesstabs.h
+ create mode 100644 auparse/captabs.h
+ create mode 100644 auparse/clocktabs.h
+ create mode 100644 auparse/clone-flagtabs.h
+ create mode 100644 auparse/epoll_ctls.h
+ create mode 100644 auparse/famtabs.h
+ create mode 100644 auparse/fcntl-cmdtabs.h
+ create mode 100644 auparse/flagtabs.h
+ create mode 100644 auparse/icmptypetabs.h
+ create mode 100644 auparse/ip6optnametabs.h
+ create mode 100644 auparse/ipccmdtabs.h
+ create mode 100644 auparse/ipctabs.h
+ create mode 100644 auparse/ipoptnametabs.h
+ create mode 100644 auparse/mmaptabs.h
+ create mode 100644 auparse/mounttabs.h
+ create mode 100644 auparse/nfprototabs.h
+ create mode 100644 auparse/open-flagtabs.h
+ create mode 100644 auparse/persontabs.h
+ create mode 100644 auparse/pktoptnametabs.h
+ create mode 100644 auparse/prctl_opttabs.h
+ create mode 100644 auparse/prottabs.h
+ create mode 100644 auparse/ptracetabs.h
+ create mode 100644 auparse/recvtabs.h
+ create mode 100644 auparse/rlimittabs.h
+ create mode 100644 auparse/schedtabs.h
+ create mode 100644 auparse/seccomptabs.h
+ create mode 100644 auparse/seektabs.h
+ create mode 100644 auparse/shm_modetabs.h
+ create mode 100644 auparse/signaltabs.h
+ create mode 100644 auparse/sockleveltabs.h
+ create mode 100644 auparse/sockoptnametabs.h
+ create mode 100644 auparse/socktabs.h
+ create mode 100644 auparse/socktypetabs.h
+ create mode 100644 auparse/tcpoptnametabs.h
+ create mode 100644 auparse/typetabs.h
+ create mode 100644 auparse/umounttabs.h
+ create mode 100644 lib/aarch64_tables.h
+ create mode 100644 lib/actiontabs.h
+ create mode 100644 lib/alpha_tables.h
+ create mode 100644 lib/armeb_tables.h
+ create mode 100644 lib/errtabs.h
+ create mode 100644 lib/fieldtabs.h
+ create mode 100644 lib/flagtabs.h
+ create mode 100644 lib/ftypetabs.h
+ create mode 100644 lib/i386_tables.h
+ create mode 100644 lib/ia64_tables.h
+ create mode 100644 lib/machinetabs.h
+ create mode 100644 lib/msg_typetabs.h
+ create mode 100644 lib/optabs.h
+ create mode 100644 lib/ppc_tables.h
+ create mode 100644 lib/s390_tables.h
+ create mode 100644 lib/s390x_tables.h
+ create mode 100644 lib/x86_64_tables.h
+
+diff --git a/auparse/Makefile.am b/auparse/Makefile.am
+index f0ca18f..7d1527c 100644
+--- a/auparse/Makefile.am
++++ b/auparse/Makefile.am
+@@ -53,203 +53,3 @@ BUILT_SOURCES = accesstabs.h captabs.h clocktabs.h clone-flagtabs.h \
+ 	seektabs.h shm_modetabs.h signaltabs.h sockoptnametabs.h \
+ 	socktabs.h sockleveltabs.h socktypetabs.h \
+ 	tcpoptnametabs.h typetabs.h umounttabs.h
+-noinst_PROGRAMS = gen_accesstabs_h gen_captabs_h gen_clock_h \
+-	gen_clone-flagtabs_h \
+-	gen_epoll_ctls_h gen_famtabs_h \
+-	gen_fcntl-cmdtabs_h gen_flagtabs_h \
+-	gen_icmptypetabs_h gen_ipctabs_h gen_ipccmdtabs_h\
+-	gen_ipoptnametabs_h gen_ip6optnametabs_h gen_nfprototabs_h \
+-	gen_mmaptabs_h gen_mounttabs_h \
+-	gen_open-flagtabs_h gen_persontabs_h \
+-	gen_prctl_opttabs_h gen_pktoptnametabs_h gen_prottabs_h \
+-	gen_recvtabs_h gen_rlimit_h gen_ptracetabs_h \
+-	gen_schedtabs_h gen_seccomptabs_h \
+-	gen_seektabs_h gen_shm_modetabs_h gen_signals_h \
+-	gen_sockoptnametabs_h gen_socktabs_h gen_sockleveltabs_h \
+-	gen_socktypetabs_h gen_tcpoptnametabs_h gen_typetabs_h \
+-	gen_umounttabs_h
+-
+-gen_accesstabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h accesstab.h
+-gen_accesstabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="accesstab.h"'
+-accesstabs.h: gen_accesstabs_h Makefile
+-	./gen_accesstabs_h --i2s-transtab access > $@
+-
+-gen_captabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h captab.h
+-gen_captabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="captab.h"'
+-captabs.h: gen_captabs_h Makefile
+-	./gen_captabs_h --i2s cap > $@
+-
+-gen_clock_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h clocktab.h
+-gen_clock_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="clocktab.h"'
+-clocktabs.h: gen_clock_h Makefile
+-	./gen_clock_h --i2s clock > $@
+-
+-gen_clone_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
+-	clone-flagtab.h
+-gen_clone_flagtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="clone-flagtab.h"'
+-clone-flagtabs.h: gen_clone-flagtabs_h Makefile
+-	./gen_clone-flagtabs_h --i2s-transtab clone_flag > $@
+-
+-gen_epoll_ctls_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h epoll_ctl.h
+-gen_epoll_ctls_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="epoll_ctl.h"'
+-epoll_ctls.h: gen_epoll_ctls_h Makefile
+-	./gen_epoll_ctls_h --i2s epoll_ctl > $@
+-
+-gen_famtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h famtab.h
+-gen_famtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="famtab.h"'
+-famtabs.h: gen_famtabs_h Makefile
+-	./gen_famtabs_h --i2s fam > $@
+-
+-gen_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h flagtab.h
+-# ../auparse/ is used to avoid using ../lib/flagtab.h
+-gen_flagtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="../auparse/flagtab.h"'
+-flagtabs.h: gen_flagtabs_h Makefile
+-	./gen_flagtabs_h --i2s-transtab flag > $@
+-
+-gen_fcntl_cmdtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
+-	fcntl-cmdtab.h
+-gen_fcntl_cmdtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="fcntl-cmdtab.h"'
+-fcntl-cmdtabs.h: gen_fcntl-cmdtabs_h Makefile
+-	./gen_fcntl-cmdtabs_h --i2s fcntl > $@
+-
+-gen_icmptypetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h icmptypetab.h
+-gen_icmptypetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="icmptypetab.h"'
+-icmptypetabs.h: gen_icmptypetabs_h Makefile
+-	./gen_icmptypetabs_h --i2s icmptype > $@
+-
+-gen_ipctabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipctab.h
+-gen_ipctabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ipctab.h"'
+-ipctabs.h: gen_ipctabs_h Makefile
+-	./gen_ipctabs_h --i2s ipc > $@
+-
+-gen_ipccmdtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipccmdtab.h
+-gen_ipccmdtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ipccmdtab.h"'
+-ipccmdtabs.h: gen_ipccmdtabs_h Makefile
+-	./gen_ipccmdtabs_h --i2s-transtab ipccmd > $@
+-
+-gen_ipoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ipoptnametab.h
+-gen_ipoptnametabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ipoptnametab.h"'
+-ipoptnametabs.h: gen_ipoptnametabs_h Makefile
+-	./gen_ipoptnametabs_h --i2s ipoptname > $@
+-
+-gen_ip6optnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ip6optnametab.h
+-gen_ip6optnametabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ip6optnametab.h"'
+-ip6optnametabs.h: gen_ip6optnametabs_h Makefile
+-	./gen_ip6optnametabs_h --i2s ip6optname > $@
+-
+-gen_mmaptabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h mmaptab.h
+-gen_mmaptabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="mmaptab.h"'
+-mmaptabs.h: gen_mmaptabs_h Makefile
+-	./gen_mmaptabs_h --i2s-transtab mmap > $@
+-
+-gen_mounttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h mounttab.h
+-gen_mounttabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="mounttab.h"'
+-mounttabs.h: gen_mounttabs_h Makefile
+-	./gen_mounttabs_h --i2s-transtab mount > $@
+-
+-gen_nfprototabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h nfprototab.h
+-gen_nfprototabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="nfprototab.h"'
+-nfprototabs.h: gen_nfprototabs_h Makefile
+-	./gen_nfprototabs_h --i2s nfproto > $@
+-
+-gen_open_flagtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h \
+-	open-flagtab.h
+-gen_open_flagtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="open-flagtab.h"'
+-open-flagtabs.h: gen_open-flagtabs_h Makefile
+-	./gen_open-flagtabs_h --i2s-transtab open_flag > $@
+-
+-gen_persontabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h persontab.h
+-gen_persontabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="persontab.h"'
+-persontabs.h: gen_persontabs_h Makefile
+-	./gen_persontabs_h --i2s person > $@
+-
+-gen_ptracetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h ptracetab.h
+-gen_ptracetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ptracetab.h"'
+-ptracetabs.h: gen_ptracetabs_h Makefile
+-	./gen_ptracetabs_h --i2s ptrace > $@
+-
+-gen_prctl_opttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h prctl-opt-tab.h
+-gen_prctl_opttabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="prctl-opt-tab.h"'
+-prctl_opttabs.h: gen_prctl_opttabs_h Makefile
+-	./gen_prctl_opttabs_h --i2s prctl_opt > $@
+-
+-gen_pktoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h pktoptnametab.h
+-gen_pktoptnametabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="pktoptnametab.h"'
+-pktoptnametabs.h: gen_pktoptnametabs_h Makefile
+-	./gen_pktoptnametabs_h --i2s pktoptname > $@
+-
+-gen_prottabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h prottab.h
+-gen_prottabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="prottab.h"'
+-prottabs.h: gen_prottabs_h Makefile
+-	./gen_prottabs_h --i2s-transtab prot > $@
+-
+-gen_recvtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h recvtab.h
+-gen_recvtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="recvtab.h"'
+-recvtabs.h: gen_recvtabs_h Makefile
+-	./gen_recvtabs_h --i2s-transtab recv > $@
+-
+-gen_rlimit_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h rlimittab.h
+-gen_rlimit_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="rlimittab.h"'
+-rlimittabs.h: gen_rlimit_h Makefile
+-	./gen_rlimit_h --i2s rlimit > $@
+-
+-gen_schedtabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h schedtab.h
+-gen_schedtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="schedtab.h"'
+-schedtabs.h: gen_schedtabs_h Makefile
+-	./gen_schedtabs_h --i2s sched > $@
+-
+-gen_seccomptabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h seccomptab.h
+-gen_seccomptabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="seccomptab.h"'
+-seccomptabs.h: gen_seccomptabs_h Makefile
+-	./gen_seccomptabs_h --i2s seccomp > $@
+-
+-gen_seektabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h seektab.h
+-gen_seektabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="seektab.h"'
+-seektabs.h: gen_seektabs_h Makefile
+-	./gen_seektabs_h --i2s seek > $@
+-
+-gen_shm_modetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h shm_modetab.h
+-gen_shm_modetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="shm_modetab.h"'
+-shm_modetabs.h: gen_shm_modetabs_h Makefile
+-	./gen_shm_modetabs_h --i2s-transtab shm_mode > $@
+-
+-gen_signals_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h signaltab.h
+-gen_signals_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="signaltab.h"'
+-signaltabs.h: gen_signals_h Makefile
+-	./gen_signals_h --i2s signal > $@
+-
+-gen_sockleveltabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h sockleveltab.h
+-gen_sockleveltabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="sockleveltab.h"'
+-sockleveltabs.h: gen_sockleveltabs_h Makefile
+-	./gen_sockleveltabs_h --i2s socklevel > $@
+-
+-gen_sockoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h sockoptnametab.h
+-gen_sockoptnametabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="sockoptnametab.h"'
+-sockoptnametabs.h: gen_sockoptnametabs_h Makefile
+-	./gen_sockoptnametabs_h --i2s sockoptname > $@
+-
+-gen_socktabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h socktab.h
+-gen_socktabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="socktab.h"'
+-socktabs.h: gen_socktabs_h Makefile
+-	./gen_socktabs_h --i2s sock > $@
+-
+-gen_socktypetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h socktypetab.h
+-gen_socktypetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="socktypetab.h"'
+-socktypetabs.h: gen_socktypetabs_h Makefile
+-	./gen_socktypetabs_h --i2s sock_type > $@
+-
+-gen_tcpoptnametabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h tcpoptnametab.h
+-gen_tcpoptnametabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="tcpoptnametab.h"'
+-tcpoptnametabs.h: gen_tcpoptnametabs_h Makefile
+-	./gen_tcpoptnametabs_h --i2s tcpoptname > $@
+-
+-gen_typetabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h typetab.h
+-gen_typetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="typetab.h"'
+-typetabs.h: gen_typetabs_h Makefile
+-	./gen_typetabs_h --s2i type > $@
+-
+-gen_umounttabs_h_SOURCES = ../lib/gen_tables.c ../lib/gen_tables.h umounttab.h
+-gen_umounttabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="umounttab.h"'
+-umounttabs.h: gen_umounttabs_h Makefile
+-	./gen_umounttabs_h --i2s-transtab umount > $@
+-
+diff --git a/auparse/accesstabs.h b/auparse/accesstabs.h
+new file mode 100644
+index 0000000..867d99c
+--- /dev/null
++++ b/auparse/accesstabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char access_strings[] = "R_OK\0W_OK\0X_OK";
++static const struct transtab access_table[] = {
++	{1,10},{2,5},{4,0},
++};
++#define ACCESS_NUM_ENTRIES (sizeof(access_table) / sizeof(*access_table))
+diff --git a/auparse/captabs.h b/auparse/captabs.h
+new file mode 100644
+index 0000000..9267466
+--- /dev/null
++++ b/auparse/captabs.h
+@@ -0,0 +1,14 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char cap_strings[] = "audit_control\0audit_write\0block_suspend\0chown\0compromise_kernel\0dac_override\0dac_read_search\0fowner\0fsetid\0ipc_lock\0"
++	"ipc_owner\0kill\0lease\0linux_immutable\0mac_admin\0mac_override\0mknod\0net_admin\0net_bind_service\0net_broadcast\0"
++	"net_raw\0setfcap\0setgid\0setpcap\0setuid\0sys_admin\0sys_boot\0sys_chroot\0sys_module\0sys_nice\0"
++	"sys_pacct\0sys_ptrace\0sys_rawio\0sys_resource\0sys_time\0sys_tty_config\0syslog\0wake_alarm";
++static const unsigned cap_i2s_direct[] = {
++	40,64,77,93,100,126,239,254,246,137,
++	192,209,182,223,107,116,291,332,280,321,
++	311,261,271,302,342,355,364,176,131,14,
++	0,231,163,153,379,386,26,46,
++};
++static const char *cap_i2s(int v) {
++	return i2s_direct__(cap_strings, cap_i2s_direct, 0, 37, v);
++}
+diff --git a/auparse/clocktabs.h b/auparse/clocktabs.h
+new file mode 100644
+index 0000000..03f9f09
+--- /dev/null
++++ b/auparse/clocktabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char clock_strings[] = "CLOCK_BOOTTIME\0CLOCK_BOOTTIME_ALARM\0CLOCK_MONOTONIC\0CLOCK_MONOTONIC_COARSE\0CLOCK_MONOTONIC_RAW\0CLOCK_PROCESS_CPUTIME_ID\0CLOCK_REALTIME\0CLOCK_REALTIME_ALARM\0CLOCK_REALTIME_COARSE\0CLOCK_THREAD_CPUTIME_ID";
++static const unsigned clock_i2s_direct[] = {
++	120,36,95,178,75,156,52,0,135,15,
++};
++static const char *clock_i2s(int v) {
++	return i2s_direct__(clock_strings, clock_i2s_direct, 0, 9, v);
++}
+diff --git a/auparse/clone-flagtabs.h b/auparse/clone-flagtabs.h
+new file mode 100644
+index 0000000..b8f815d
+--- /dev/null
++++ b/auparse/clone-flagtabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char clone_flag_strings[] = "CLONE_CHILD_CLEARTID\0CLONE_CHILD_SETTID\0CLONE_DETACHED\0CLONE_FILES\0CLONE_FS\0CLONE_IO\0CLONE_NEWIPC\0CLONE_NEWNET\0CLONE_NEWNS\0CLONE_NEWPID\0"
++	"CLONE_NEWUSER\0CLONE_NEWUTS\0CLONE_PARENT\0CLONE_PARENT_SETTID\0CLONE_PTRACE\0CLONE_SETTLS\0CLONE_SIGHAND\0CLONE_STOPPED\0CLONE_SYSVSEM\0CLONE_THREAD\0"
++	"CLONE_UNTRACED\0CLONE_VFORK\0CLONE_VM";
++static const struct transtab clone_flag_table[] = {
++	{256,304},{512,67},{1024,55},{2048,222},{8192,196},{16384,292},{32768,163},{65536,264},{131072,111},{262144,250},
++	{524288,209},{1048576,176},{2097152,0},{4194304,40},{8388608,277},{16777216,21},{33554432,236},{67108864,150},{134217728,85},{268435456,136},
++	{536870912,123},{1073741824,98},{-2147483648,76},
++};
++#define CLONE_FLAG_NUM_ENTRIES (sizeof(clone_flag_table) / sizeof(*clone_flag_table))
+diff --git a/auparse/epoll_ctls.h b/auparse/epoll_ctls.h
+new file mode 100644
+index 0000000..2787c18
+--- /dev/null
++++ b/auparse/epoll_ctls.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char epoll_ctl_strings[] = "EPOLL_CTL_ADD\0EPOLL_CTL_DEL\0EPOLL_CTL_MOD";
++static const unsigned epoll_ctl_i2s_direct[] = {
++	0,14,28,
++};
++static const char *epoll_ctl_i2s(int v) {
++	return i2s_direct__(epoll_ctl_strings, epoll_ctl_i2s_direct, 1, 3, v);
++}
+diff --git a/auparse/famtabs.h b/auparse/famtabs.h
+new file mode 100644
+index 0000000..cae396b
+--- /dev/null
++++ b/auparse/famtabs.h
+@@ -0,0 +1,14 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char fam_strings[] = "alg\0appletalk\0ash\0atmpvc\0atmsvc\0ax25\0bluetooth\0bridge\0caif\0can\0"
++	"decnet\0econet\0ieee802154\0inet\0inet6\0ipx\0irda\0isdn\0iucv\0key\0"
++	"llc\0local\0netbeui\0netlink\0netrom\0nfc\0packet\0phonet\0pppox\0rds\0"
++	"rose\0rxrpc\0security\0sna\0tipc\0vsock\0wanpipe\0x25";
++static const unsigned fam_i2s_direct[] = {
++	126,88,32,99,4,148,47,18,226,93,
++	183,63,132,194,118,140,159,14,70,25,
++	179,203,103,173,218,122,-1u,-1u,59,207,
++	37,113,188,108,166,77,54,0,155,212,
++};
++static const char *fam_i2s(int v) {
++	return i2s_direct__(fam_strings, fam_i2s_direct, 1, 40, v);
++}
+diff --git a/auparse/fcntl-cmdtabs.h b/auparse/fcntl-cmdtabs.h
+new file mode 100644
+index 0000000..18c6cc7
+--- /dev/null
++++ b/auparse/fcntl-cmdtabs.h
+@@ -0,0 +1,17 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char fcntl_strings[] = "F_CANCELLK\0F_DUPFD\0F_DUPFD_CLOEXEC\0F_GETFD\0F_GETFL\0F_GETLEASE\0F_GETLK\0F_GETLK64\0F_GETOWN\0F_GETOWNER_UIDS\0"
++	"F_GETOWN_EX\0F_GETPIPE_SZ\0F_GETSIG\0F_NOTIFY\0F_SETFD\0F_SETFL\0F_SETLEASE\0F_SETLK\0F_SETLK64\0F_SETLKW\0"
++	"F_SETLKW64\0F_SETOWN\0F_SETOWN_EX\0F_SETPIPE_SZ\0F_SETSIG";
++static const int fcntl_i2s_i[] = {
++	0,1,2,3,4,5,6,7,8,9,
++	10,11,12,13,14,15,16,17,1024,1025,
++	1026,1029,1030,1031,1032,
++};
++static const unsigned fcntl_i2s_s[] = {
++	11,35,148,43,156,62,175,193,213,80,
++	247,130,70,183,202,222,105,89,164,51,
++	139,0,19,234,117,
++};
++static const char *fcntl_i2s(int v) {
++	return i2s_bsearch__(fcntl_strings, fcntl_i2s_i, fcntl_i2s_s, 25, v);
++}
+diff --git a/auparse/flagtabs.h b/auparse/flagtabs.h
+new file mode 100644
+index 0000000..5f57e14
+--- /dev/null
++++ b/auparse/flagtabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char flag_strings[] = "access\0atomic\0continue\0create\0directory\0follow\0noalt\0open\0parent";
++static const struct transtab flag_table[] = {
++	{1,40},{2,30},{4,14},{16,58},{32,47},{64,7},{256,53},{512,23},{1024,0},
++};
++#define FLAG_NUM_ENTRIES (sizeof(flag_table) / sizeof(*flag_table))
+diff --git a/auparse/icmptypetabs.h b/auparse/icmptypetabs.h
+new file mode 100644
+index 0000000..49b44bf
+--- /dev/null
++++ b/auparse/icmptypetabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char icmptype_strings[] = "address-mask-reply\0address-mask-request\0destination-unreachable\0echo\0echo-reply\0info-reply\0info-request\0parameter-problem\0redirect\0source-quench\0"
++	"time-exceeded\0timestamp-reply\0timestamp-request";
++static const unsigned icmptype_i2s_direct[] = {
++	69,-1u,-1u,40,131,122,-1u,-1u,64,-1u,
++	-1u,145,104,175,159,91,80,19,0,
++};
++static const char *icmptype_i2s(int v) {
++	return i2s_direct__(icmptype_strings, icmptype_i2s_direct, 0, 18, v);
++}
+diff --git a/auparse/ip6optnametabs.h b/auparse/ip6optnametabs.h
+new file mode 100644
+index 0000000..4af11c2
+--- /dev/null
++++ b/auparse/ip6optnametabs.h
+@@ -0,0 +1,20 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ip6optname_strings[] = "IP6T_SO_GET_REVISION_MATCH\0IP6T_SO_GET_REVISION_TARGET\0IP6T_SO_ORIGINAL_DST\0IP6T_SO_SET_ADD_COUNTERS\0IP6T_SO_SET_REPLACE\0IPV6_2292DSTOPTS\0IPV6_2292HOPLIMIT\0IPV6_2292HOPOPTS\0IPV6_2292PKTINFO\0IPV6_2292PKTOPTIONS\0"
++	"IPV6_2292RTHDR\0IPV6_ADDRFORM\0IPV6_ADDR_PREFERENCES\0IPV6_ADD_MEMBERSHIP\0IPV6_AUTHHDR\0IPV6_CHECKSUM\0IPV6_DONTFRAG\0IPV6_DROP_MEMBERSHIP\0IPV6_DSTOPTS\0IPV6_FLOWINFO\0"
++	"IPV6_FLOWINFO_SEND\0IPV6_FLOWLABEL_MGR\0IPV6_HOPLIMIT\0IPV6_HOPOPTS\0IPV6_IPSEC_POLICY\0IPV6_JOIN_ANYCAST\0IPV6_LEAVE_ANYCAST\0IPV6_MINHOPCOUNT\0IPV6_MTU\0IPV6_MTU_DISCOVER\0"
++	"IPV6_MULTICAST_HOPS\0IPV6_MULTICAST_IF\0IPV6_MULTICAST_LOOP\0IPV6_NEXTHOP\0IPV6_ORIGDSTADDR\0IPV6_PATHMTU\0IPV6_PKTINFO\0IPV6_RECVDSTOPTS\0IPV6_RECVERR\0IPV6_RECVHOPLIMIT\0"
++	"IPV6_RECVHOPOPTS\0IPV6_RECVPATHMTU\0IPV6_RECVPKTINFO\0IPV6_RECVRTHDR\0IPV6_RECVTCLASS\0IPV6_ROUTER_ALERT\0IPV6_RTHDR\0IPV6_RTHDRDSTOPTS\0IPV6_TCLASS\0IPV6_TRANSPARENT\0"
++	"IPV6_UNICAST_HOPS\0IPV6_UNICAST_IF\0IPV6_USE_MIN_MTU\0IPV6_V6ONLY\0IPV6_XFRM_POLICY";
++static const unsigned ip6optname_i2s_direct[] = {
++	225,173,156,121,210,190,294,138,592,281,
++	356,-1u,-1u,-1u,-1u,854,554,534,572,261,
++	322,778,516,507,665,905,453,471,-1u,-1u,
++	-1u,389,370,435,917,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,730,635,
++	678,408,696,422,807,747,796,648,343,713,
++	622,308,888,101,76,762,825,0,27,-1u,
++	-1u,239,490,605,837,872,-1u,-1u,-1u,55,
++};
++static const char *ip6optname_i2s(int v) {
++	return i2s_direct__(ip6optname_strings, ip6optname_i2s_direct, 1, 80, v);
++}
+diff --git a/auparse/ipccmdtabs.h b/auparse/ipccmdtabs.h
+new file mode 100644
+index 0000000..ff43dbb
+--- /dev/null
++++ b/auparse/ipccmdtabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ipccmd_strings[] = "IPC_CREAT\0IPC_EXCL\0IPC_NOWAIT";
++static const struct transtab ipccmd_table[] = {
++	{512,0},{1024,10},{2048,19},
++};
++#define IPCCMD_NUM_ENTRIES (sizeof(ipccmd_table) / sizeof(*ipccmd_table))
+diff --git a/auparse/ipctabs.h b/auparse/ipctabs.h
+new file mode 100644
+index 0000000..4bf3bcd
+--- /dev/null
++++ b/auparse/ipctabs.h
+@@ -0,0 +1,11 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ipc_strings[] = "msgctl\0msgget\0msgrcv\0msgsnd\0semctl\0semget\0semop\0semtimedop\0shmat\0shmctl\0"
++	"shmdt\0shmget";
++static const unsigned ipc_i2s_direct[] = {
++	42,35,28,48,-1u,-1u,-1u,-1u,-1u,-1u,
++	21,14,7,0,-1u,-1u,-1u,-1u,-1u,-1u,
++	59,72,78,65,
++};
++static const char *ipc_i2s(int v) {
++	return i2s_direct__(ipc_strings, ipc_i2s_direct, 1, 24, v);
++}
+diff --git a/auparse/ipoptnametabs.h b/auparse/ipoptnametabs.h
+new file mode 100644
+index 0000000..fb0b8b7
+--- /dev/null
++++ b/auparse/ipoptnametabs.h
+@@ -0,0 +1,17 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ipoptname_strings[] = "IPT_SO_GET_REVISION_TARGET\0IPT_SO_SET_ADD_COUNTERS\0IPT_SO_SET_REPLACE\0IP_ADD_MEMBERSHIP\0IP_ADD_SOURCE_MEMBERSHIP\0IP_BLOCK_SOURCE\0IP_DROP_MEMBERSHIP\0IP_DROP_SOURCE_MEMBERSHIP\0IP_FREEBIND\0IP_HDRINCL\0"
++	"IP_IPSEC_POLICY\0IP_MINTTL\0IP_MSFILTER\0IP_MTU\0IP_MTU_DISCOVER\0IP_MULTICAST_ALL\0IP_MULTICAST_IF\0IP_MULTICAST_LOOP\0IP_MULTICAST_TTL\0IP_NODEFRAG\0"
++	"IP_OPTIONS\0IP_ORIGDSTADDR\0IP_PASSSEC\0IP_PKTINFO\0IP_PKTOPTIONS\0IP_RECVERR\0IP_RECVOPTS\0IP_RECVTTL\0IP_RETOPTS\0IP_ROUTER_ALERT\0"
++	"IP_TOS\0IP_TRANSPARENT\0IP_TTL\0IP_UNBLOCK_SOURCE\0IP_UNICAST_IF\0IP_XFRM_POLICY";
++static const unsigned ipoptname_i2s_direct[] = {
++	461,483,186,338,445,411,434,375,386,242,
++	400,423,-1u,235,174,197,522,364,468,349,
++	213,326,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,275,309,291,70,129,490,113,88,148,
++	223,-1u,-1u,-1u,-1u,-1u,-1u,-1u,258,508,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,51,27,0,
++};
++static const char *ipoptname_i2s(int v) {
++	return i2s_direct__(ipoptname_strings, ipoptname_i2s_direct, 1, 66, v);
++}
+diff --git a/auparse/mmaptabs.h b/auparse/mmaptabs.h
+new file mode 100644
+index 0000000..386833c
+--- /dev/null
++++ b/auparse/mmaptabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char mmap_strings[] = "MAP_32BIT\0MAP_ANONYMOUS\0MAP_DENYWRITE\0MAP_EXECUTABLE\0MAP_FIXED\0MAP_GROWSDOWN\0MAP_HUGETLB\0MAP_LOCKED\0MAP_NONBLOCK\0MAP_NORESERVE\0"
++	"MAP_POPULATE\0MAP_PRIVATE\0MAP_SHARED\0MAP_STACK";
++static const struct transtab mmap_table[] = {
++	{1,152},{2,140},{16,53},{32,10},{64,0},{256,63},{2048,24},{4096,38},{8192,89},{16384,113},
++	{32768,127},{65536,100},{131072,163},{262144,77},
++};
++#define MMAP_NUM_ENTRIES (sizeof(mmap_table) / sizeof(*mmap_table))
+diff --git a/auparse/mounttabs.h b/auparse/mounttabs.h
+new file mode 100644
+index 0000000..ca66885
+--- /dev/null
++++ b/auparse/mounttabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char mount_strings[] = "MS_ACTIVE\0MS_BIND\0MS_BORN\0MS_DIRSYNC\0MS_I_VERSION\0MS_KERNMOUNT\0MS_MANDLOCK\0MS_MOVE\0MS_NOATIME\0MS_NODEV\0"
++	"MS_NODIRATIME\0MS_NOEXEC\0MS_NOSEC\0MS_NOSUID\0MS_NOUSER\0MS_POSIXACL\0MS_PRIVATE\0MS_RDONLY\0MS_REC\0MS_RELATIME\0"
++	"MS_REMOUNT\0MS_SHARED\0MS_SILENT\0MS_SLAVE\0MS_SNAP_STABLE\0MS_STRICTATIME\0MS_SYNCHRONOUS\0MS_UNBINDABLE";
++static const struct transtab mount_table[] = {
++	{1,179},{2,136},{4,94},{8,117},{16,278},{32,208},{64,63},{128,26},{1024,83},{2048,103},
++	{4096,10},{8192,75},{16384,189},{32768,229},{65536,156},{131072,293},{262144,168},{524288,239},{1048576,219},{2097152,196},
++	{4194304,50},{8388608,37},{16777216,263},{134217728,248},{268435456,127},{536870912,18},{1073741824,0},{-2147483648,146},
++};
++#define MOUNT_NUM_ENTRIES (sizeof(mount_table) / sizeof(*mount_table))
+diff --git a/auparse/nfprototabs.h b/auparse/nfprototabs.h
+new file mode 100644
+index 0000000..9bb2723
+--- /dev/null
++++ b/auparse/nfprototabs.h
+@@ -0,0 +1,9 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char nfproto_strings[] = "arp\0bridge\0decnet\0ipv4\0ipv6\0unspecified";
++static const unsigned nfproto_i2s_direct[] = {
++	28,-1u,18,0,-1u,-1u,-1u,4,-1u,-1u,
++	23,-1u,11,
++};
++static const char *nfproto_i2s(int v) {
++	return i2s_direct__(nfproto_strings, nfproto_i2s_direct, 0, 12, v);
++}
+diff --git a/auparse/open-flagtabs.h b/auparse/open-flagtabs.h
+new file mode 100644
+index 0000000..5e3c3eb
+--- /dev/null
++++ b/auparse/open-flagtabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char open_flag_strings[] = "O_APPEND\0O_ASYNC\0O_CLOEXEC\0O_CREAT\0O_DIRECT\0O_DIRECTORY\0O_DSYNC\0O_EXCL\0O_NOATIME\0O_NOCTTY\0"
++	"O_NOFOLLOW\0O_NONBLOCK\0O_PATH\0O_RDWR\0O_TRUNC\0O_WRONLY\0__O_SYNC";
++static const struct transtab open_flag_table[] = {
++	{1,134},{2,119},{64,27},{128,64},{256,81},{512,126},{1024,0},{2048,101},{4096,56},{8192,9},
++	{16384,35},{65536,44},{131072,90},{262144,71},{524288,17},{1048576,143},{2097152,112},
++};
++#define OPEN_FLAG_NUM_ENTRIES (sizeof(open_flag_table) / sizeof(*open_flag_table))
+diff --git a/auparse/persontabs.h b/auparse/persontabs.h
+new file mode 100644
+index 0000000..d099839
+--- /dev/null
++++ b/auparse/persontabs.h
+@@ -0,0 +1,17 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char person_strings[] = "PER_BSD\0PER_HPUX\0PER_IRIX32\0PER_IRIX64\0PER_IRIXN32\0PER_ISCR4\0PER_LINUX\0PER_LINUX32\0PER_LINUX32_3GB\0PER_LINUX_32BIT\0"
++	"PER_OSF4\0PER_OSR5\0PER_RISCOS\0PER_SCOSVR3\0PER_SOLARIS\0PER_SUNOS\0PER_SVR3\0PER_SVR4\0PER_UW7\0PER_WYSEV386\0"
++	"PER_XENIX";
++static const int person_i2s_i[] = {
++	0,6,8,12,15,16,8388608,67108869,67108870,67108873,
++	67108874,67108875,67108877,68157441,68157454,83886082,83886084,83886087,100663299,117440515,
++	134217736,
++};
++static const unsigned person_i2s_s[] = {
++	61,0,71,133,115,8,99,51,168,17,
++	39,28,156,187,196,178,204,217,124,144,
++	83,
++};
++static const char *person_i2s(int v) {
++	return i2s_bsearch__(person_strings, person_i2s_i, person_i2s_s, 21, v);
++}
+diff --git a/auparse/pktoptnametabs.h b/auparse/pktoptnametabs.h
+new file mode 100644
+index 0000000..4613372
+--- /dev/null
++++ b/auparse/pktoptnametabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char pktoptname_strings[] = "PACKET_ADD_MEMBERSHIP\0PACKET_AUXDATA\0PACKET_COPY_THRESH\0PACKET_DROP_MEMBERSHIP\0PACKET_FANOUT\0PACKET_HDRLEN\0PACKET_LOSS\0PACKET_ORIGDEV\0PACKET_RECV_OUTPUT\0PACKET_RESERVE\0"
++	"PACKET_RX_RING\0PACKET_STATISTICS\0PACKET_TIMESTAMP\0PACKET_TX_HAS_OFF\0PACKET_TX_RING\0PACKET_TX_TIMESTAMP\0PACKET_VERSION\0PACKET_VNET_HDR";
++static const unsigned pktoptname_i2s_direct[] = {
++	0,56,134,-1u,168,183,37,22,119,271,
++	93,153,236,107,286,251,201,79,218,
++};
++static const char *pktoptname_i2s(int v) {
++	return i2s_direct__(pktoptname_strings, pktoptname_i2s_direct, 1, 19, v);
++}
+diff --git a/auparse/prctl_opttabs.h b/auparse/prctl_opttabs.h
+new file mode 100644
+index 0000000..03707a8
+--- /dev/null
++++ b/auparse/prctl_opttabs.h
+@@ -0,0 +1,14 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char prctl_opt_strings[] = "PR_CAPBSET_DROP\0PR_CAPBSET_READ\0PR_GET_CHILD_SUBREAPER\0PR_GET_DUMPABLE\0PR_GET_ENDIAN\0PR_GET_FPEMU\0PR_GET_FPEXC\0PR_GET_KEEPCAPS\0PR_GET_NAME\0PR_GET_NO_NEW_PRIVS\0"
++	"PR_GET_PDEATHSIG\0PR_GET_SECCOMP\0PR_GET_SECUREBITS\0PR_GET_TID_ADDRESS\0PR_GET_TIMERSLACK\0PR_GET_TIMING\0PR_GET_TSC\0PR_GET_UNALIGN\0PR_MCE_KILL\0PR_MCE_KILL_GET\0"
++	"PR_SET_CHILD_SUBREAPER\0PR_SET_DUMPABLE\0PR_SET_ENDIAN\0PR_SET_FPEMU\0PR_SET_FPEXC\0PR_SET_KEEPCAPS\0PR_SET_MM\0PR_SET_NAME\0PR_SET_NO_NEW_PRIVS\0PR_SET_PDEATHSIG\0"
++	"PR_SET_SECCOMP\0PR_SET_SECUREBITS\0PR_SET_TIMERSLACK\0PR_SET_TIMING\0PR_SET_TSC\0PR_SET_UNALIGN\0PR_TASK_PERF_EVENTS_DISABLE\0PR_TASK_PERF_EVENTS_ENABLE";
++static const unsigned prctl_opt_i2s_direct[] = {
++	451,159,55,337,271,544,111,393,85,367,
++	98,380,246,519,419,127,-1u,-1u,71,353,
++	176,468,16,0,260,533,191,483,501,228,
++	559,587,286,298,409,314,32,431,139,209,
++};
++static const char *prctl_opt_i2s(int v) {
++	return i2s_direct__(prctl_opt_strings, prctl_opt_i2s_direct, 1, 40, v);
++}
+diff --git a/auparse/prottabs.h b/auparse/prottabs.h
+new file mode 100644
+index 0000000..1727f43
+--- /dev/null
++++ b/auparse/prottabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char prot_strings[] = "PROT_EXEC\0PROT_READ\0PROT_SEM\0PROT_WRITE";
++static const struct transtab prot_table[] = {
++	{1,10},{2,29},{4,0},{8,20},
++};
++#define PROT_NUM_ENTRIES (sizeof(prot_table) / sizeof(*prot_table))
+diff --git a/auparse/ptracetabs.h b/auparse/ptracetabs.h
+new file mode 100644
+index 0000000..6bbfc9b
+--- /dev/null
++++ b/auparse/ptracetabs.h
+@@ -0,0 +1,17 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ptrace_strings[] = "PTRACE_ATTACH\0PTRACE_CONT\0PTRACE_DETACH\0PTRACE_GETEVENTMSG\0PTRACE_GETFPREGS\0PTRACE_GETFPXREGS\0PTRACE_GETREGS\0PTRACE_GETREGSET\0PTRACE_GETSIGINFO\0PTRACE_INTERRUPT\0"
++	"PTRACE_KILL\0PTRACE_LISTEN\0PTRACE_PEEKDATA\0PTRACE_PEEKTEXT\0PTRACE_PEEKUSER\0PTRACE_POKEDATA\0PTRACE_POKETEXT\0PTRACE_POKEUSER\0PTRACE_SEIZE\0PTRACE_SETFPREGS\0"
++	"PTRACE_SETFPXREGS\0PTRACE_SETOPTIONS\0PTRACE_SETREGS\0PTRACE_SETREGSET\0PTRACE_SETSIGINFO\0PTRACE_SINGLESTEP\0PTRACE_SYSCALL\0PTRACE_TRACEME";
++static const int ptrace_i2s_i[] = {
++	0,1,2,3,4,5,6,7,8,9,
++	12,13,14,15,16,17,18,19,24,16896,
++	16897,16898,16899,16900,16901,16902,16903,16904,
++};
++static const unsigned ptrace_i2s_s[] = {
++	432,203,187,219,251,235,267,14,161,399,
++	94,349,59,296,0,26,76,313,417,331,
++	40,126,381,109,364,283,144,173,
++};
++static const char *ptrace_i2s(int v) {
++	return i2s_bsearch__(ptrace_strings, ptrace_i2s_i, ptrace_i2s_s, 28, v);
++}
+diff --git a/auparse/recvtabs.h b/auparse/recvtabs.h
+new file mode 100644
+index 0000000..9cab5a3
+--- /dev/null
++++ b/auparse/recvtabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char recv_strings[] = "MSG_CMSG_CLOEXEC\0MSG_CONFIRM\0MSG_CTRUNC\0MSG_DONTROUTE\0MSG_DONTWAIT\0MSG_EOR\0MSG_ERRQUEUE\0MSG_FASTOPEN\0MSG_FIN\0MSG_MORE\0"
++	"MSG_NOSIGNAL\0MSG_OOB\0MSG_PEEK\0MSG_PROXY\0MSG_RST\0MSG_SENDPAGE_NOTLAST\0MSG_SYN\0MSG_TRUNC\0MSG_WAITALL\0MSG_WAITFORONE";
++static const struct transtab recv_table[] = {
++	{1,131},{2,139},{4,40},{8,29},{16,148},{32,195},{64,54},{128,67},{256,205},{512,101},
++	{1024,187},{2048,17},{4096,158},{8192,75},{16384,118},{32768,109},{65536,217},{131072,166},{536870912,88},{1073741824,0},
++};
++#define RECV_NUM_ENTRIES (sizeof(recv_table) / sizeof(*recv_table))
+diff --git a/auparse/rlimittabs.h b/auparse/rlimittabs.h
+new file mode 100644
+index 0000000..364ad69
+--- /dev/null
++++ b/auparse/rlimittabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char rlimit_strings[] = "RLIMIT_AS\0RLIMIT_CORE\0RLIMIT_CPU\0RLIMIT_DATA\0RLIMIT_FSIZE\0RLIMIT_LOCKS\0RLIMIT_MEMLOCK\0RLIMIT_MSGQUEUE\0RLIMIT_NICE\0RLIMIT_NOFILE\0"
++	"RLIMIT_NPROC\0RLIMIT_RSS\0RLIMIT_RTPRIO\0RLIMIT_RTTIME\0RLIMIT_SIGPENDING\0RLIMIT_STACK";
++static const unsigned rlimit_i2s_direct[] = {
++	22,45,33,198,10,141,128,114,71,0,
++	58,180,86,102,152,166,
++};
++static const char *rlimit_i2s(int v) {
++	return i2s_direct__(rlimit_strings, rlimit_i2s_direct, 0, 15, v);
++}
+diff --git a/auparse/schedtabs.h b/auparse/schedtabs.h
+new file mode 100644
+index 0000000..875317f
+--- /dev/null
++++ b/auparse/schedtabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char sched_strings[] = "SCHED_BATCH\0SCHED_FIFO\0SCHED_IDLE\0SCHED_OTHER\0SCHED_RR";
++static const unsigned sched_i2s_direct[] = {
++	34,12,46,0,-1u,23,
++};
++static const char *sched_i2s(int v) {
++	return i2s_direct__(sched_strings, sched_i2s_direct, 0, 5, v);
++}
+diff --git a/auparse/seccomptabs.h b/auparse/seccomptabs.h
+new file mode 100644
+index 0000000..5c6c911
+--- /dev/null
++++ b/auparse/seccomptabs.h
+@@ -0,0 +1,11 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char seccomp_strings[] = "allow\0errno\0kill\0trace\0trap";
++static const int seccomp_i2s_i[] = {
++	0,196608,327680,2146435072,2147418112,
++};
++static const unsigned seccomp_i2s_s[] = {
++	12,23,6,17,0,
++};
++static const char *seccomp_i2s(int v) {
++	return i2s_bsearch__(seccomp_strings, seccomp_i2s_i, seccomp_i2s_s, 5, v);
++}
+diff --git a/auparse/seektabs.h b/auparse/seektabs.h
+new file mode 100644
+index 0000000..0d0f542
+--- /dev/null
++++ b/auparse/seektabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char seek_strings[] = "SEEK_CUR\0SEEK_DATA\0SEEK_END\0SEEK_HOLE\0SEEK_SET";
++static const unsigned seek_i2s_direct[] = {
++	38,0,19,9,28,
++};
++static const char *seek_i2s(int v) {
++	return i2s_direct__(seek_strings, seek_i2s_direct, 0, 4, v);
++}
+diff --git a/auparse/shm_modetabs.h b/auparse/shm_modetabs.h
+new file mode 100644
+index 0000000..ddd414d
+--- /dev/null
++++ b/auparse/shm_modetabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char shm_mode_strings[] = "SHM_DEST\0SHM_HUGETLB\0SHM_LOCKED\0SHM_NORESERVE";
++static const struct transtab shm_mode_table[] = {
++	{512,0},{1024,21},{2048,9},{4096,32},
++};
++#define SHM_MODE_NUM_ENTRIES (sizeof(shm_mode_table) / sizeof(*shm_mode_table))
+diff --git a/auparse/signaltabs.h b/auparse/signaltabs.h
+new file mode 100644
+index 0000000..91ce38e
+--- /dev/null
++++ b/auparse/signaltabs.h
+@@ -0,0 +1,14 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char signal_strings[] = "IGPWR\0SIG0\0SIGABRT\0SIGALRM\0SIGBUS\0SIGCHLD\0SIGCONT\0SIGFPE\0SIGHUP\0SIGILL\0"
++	"SIGINT\0SIGIO\0SIGKILL\0SIGPIPE\0SIGPROF\0SIGQUIT\0SIGSEGV\0SIGSTKFLT\0SIGSTOP\0SIGSYS\0"
++	"SIGTERM\0SIGTRAP\0SIGTSTP\0SIGTTIN\0SIGTTOU\0SIGURG\0SIGUSR1\0SIGUSR2\0SIGVTALRM\0SIGWINCH\0"
++	"SIGXCPU\0SIGXFSZ";
++static const unsigned signal_i2s_direct[] = {
++	6,57,71,108,64,157,11,27,50,84,
++	196,116,204,92,19,149,124,34,42,134,
++	165,173,181,189,231,239,212,100,222,78,
++	0,142,
++};
++static const char *signal_i2s(int v) {
++	return i2s_direct__(signal_strings, signal_i2s_direct, 0, 31, v);
++}
+diff --git a/auparse/sockleveltabs.h b/auparse/sockleveltabs.h
+new file mode 100644
+index 0000000..4473d8c
+--- /dev/null
++++ b/auparse/sockleveltabs.h
+@@ -0,0 +1,12 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char socklevel_strings[] = "SOL_AAL\0SOL_ALG\0SOL_ATALK\0SOL_ATM\0SOL_AX25\0SOL_BLUETOOTH\0SOL_CAIF\0SOL_DCCP\0SOL_DECNET\0SOL_IPX\0"
++	"SOL_IRDA\0SOL_IUCV\0SOL_LLC\0SOL_NETBEUI\0SOL_NETLINK\0SOL_NETROM\0SOL_PACKET\0SOL_PNPIPE\0SOL_PPPOL2TP\0SOL_RAW\0"
++	"SOL_RDS\0SOL_ROSE\0SOL_RXRPC\0SOL_TIPC";
++static const unsigned socklevel_i2s_direct[] = {
++	190,86,34,16,144,206,75,-1u,155,26,
++	0,94,120,112,66,132,225,215,177,43,
++	166,198,103,57,8,
++};
++static const char *socklevel_i2s(int v) {
++	return i2s_direct__(socklevel_strings, socklevel_i2s_direct, 255, 279, v);
++}
+diff --git a/auparse/sockoptnametabs.h b/auparse/sockoptnametabs.h
+new file mode 100644
+index 0000000..831a030
+--- /dev/null
++++ b/auparse/sockoptnametabs.h
+@@ -0,0 +1,23 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char sockoptname_strings[] = "SO_ACCEPTCONN\0SO_ATTACH_FILTER\0SO_BINDTODEVICE\0SO_BROADCAST\0SO_BSDCOMPAT\0SO_DEBUG\0SO_DETACH_FILTER\0SO_DOMAIN\0SO_DONTROUTE\0SO_ERROR\0"
++	"SO_KEEPALIVE\0SO_LINGER\0SO_LOCK_FILTER\0SO_MARK\0SO_NOFCS\0SO_NO_CHECK\0SO_OOBINLINE\0SO_PASSCRED\0SO_PASSCRED\0SO_PASSSEC\0"
++	"SO_PEEK_OFF\0SO_PEERCRED\0SO_PEERCRED\0SO_PEERNAME\0SO_PEERSEC\0SO_PRIORITY\0SO_PROTOCOL\0SO_RCVBUF\0SO_RCVBUFFORCE\0SO_RCVLOWAT\0"
++	"SO_RCVLOWAT\0SO_RCVTIMEO\0SO_RCVTIMEO\0SO_REUSEADDR\0SO_REUSEPORT\0SO_RXQ_OVFL\0SO_SECURITY_AUTHENTICATION\0SO_SECURITY_ENCRYPTION_NETWORK\0SO_SECURITY_ENCRYPTION_TRANSPORT\0SO_SNDBUF\0"
++	"SO_SNDBUFFORCE\0SO_SNDLOWAT\0SO_SNDLOWAT\0SO_SNDTIMEO\0SO_SNDTIMEO\0SO_TIMESTAMP\0SO_TIMESTAMPING\0SO_TIMESTAMPNS\0SO_TYPE\0SO_WIFI_STATUS";
++static const int sockoptname_i2s_i[] = {
++	1,2,3,4,5,6,7,8,9,10,
++	11,12,13,14,15,16,17,18,19,20,
++	21,22,23,24,25,26,27,28,29,30,
++	31,32,33,34,35,36,37,38,39,40,
++	41,42,43,44,116,117,118,119,120,121,
++};
++static const unsigned sockoptname_i2s_s[] = {
++	73,402,648,122,109,47,531,329,131,198,
++	186,305,144,60,415,211,258,354,556,378,
++	580,440,498,467,31,14,82,282,604,0,
++	294,541,339,235,633,169,617,317,99,428,
++	656,246,177,154,366,568,390,592,223,270,
++};
++static const char *sockoptname_i2s(int v) {
++	return i2s_bsearch__(sockoptname_strings, sockoptname_i2s_i, sockoptname_i2s_s, 50, v);
++}
+diff --git a/auparse/socktabs.h b/auparse/socktabs.h
+new file mode 100644
+index 0000000..66a8235
+--- /dev/null
++++ b/auparse/socktabs.h
+@@ -0,0 +1,10 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char sock_strings[] = "accept\0accept4\0bind\0connect\0getpeername\0getsockname\0getsockopt\0listen\0recv\0recvfrom\0"
++	"recvmmsg\0recvmsg\0send\0sendmmsg\0sendmsg\0sendto\0setsockopt\0shutdown\0socket\0socketpair";
++static const unsigned sock_i2s_direct[] = {
++	150,15,20,63,0,40,28,157,101,70,
++	123,75,141,130,52,115,93,7,84,106,
++};
++static const char *sock_i2s(int v) {
++	return i2s_direct__(sock_strings, sock_i2s_direct, 1, 20, v);
++}
+diff --git a/auparse/socktypetabs.h b/auparse/socktypetabs.h
+new file mode 100644
+index 0000000..05e8d36
+--- /dev/null
++++ b/auparse/socktypetabs.h
+@@ -0,0 +1,8 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char sock_type_strings[] = "SOCK_DCCP\0SOCK_DGRAM\0SOCK_PACKET\0SOCK_RAW\0SOCK_RDM\0SOCK_SEQPACKET\0SOCK_STREAM";
++static const unsigned sock_type_i2s_direct[] = {
++	66,10,33,42,51,0,-1u,-1u,-1u,21,
++};
++static const char *sock_type_i2s(int v) {
++	return i2s_direct__(sock_type_strings, sock_type_i2s_direct, 1, 10, v);
++}
+diff --git a/auparse/tcpoptnametabs.h b/auparse/tcpoptnametabs.h
+new file mode 100644
+index 0000000..061db3f
+--- /dev/null
++++ b/auparse/tcpoptnametabs.h
+@@ -0,0 +1,12 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char tcpoptname_strings[] = "TCP_CONGESTION\0TCP_COOKIE_TRANSACTIONS\0TCP_CORK\0TCP_DEFER_ACCEPT\0TCP_FASTOPEN\0TCP_INFO\0TCP_KEEPCNT\0TCP_KEEPIDLE\0TCP_KEEPINTVL\0TCP_LINGER2\0"
++	"TCP_MAXSEG\0TCP_MD5SIG\0TCP_NODELAY\0TCP_QUEUE_SEQ\0TCP_QUICKACK\0TCP_REPAIR\0TCP_REPAIR_OPTIONS\0TCP_REPAIR_QUEUE\0TCP_SYNCNT\0TCP_THIN_DUPACK\0"
++	"TCP_THIN_LINEAR_TIMEOUTS\0TCP_TIMESTAMP\0TCP_USER_TIMEOUT\0TCP_WINDOW_CLAMP";
++static const unsigned tcpoptname_i2s_direct[] = {
++	160,138,39,99,112,87,246,126,48,329,
++	78,186,0,149,15,273,257,312,199,229,
++	172,210,65,298,
++};
++static const char *tcpoptname_i2s(int v) {
++	return i2s_direct__(tcpoptname_strings, tcpoptname_i2s_direct, 1, 24, v);
++}
+diff --git a/auparse/typetabs.h b/auparse/typetabs.h
+new file mode 100644
+index 0000000..a99d398
+--- /dev/null
++++ b/auparse/typetabs.h
+@@ -0,0 +1,35 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char type_strings[] = "a0\0a1\0a2\0a3\0acct\0addr\0arch\0auid\0cap_fi\0cap_fp\0"
++	"cap_pe\0cap_pi\0cap_pp\0capability\0cgroup\0cmd\0code\0comm\0cwd\0data\0"
++	"device\0dir\0egid\0euid\0exe\0exit\0family\0fe\0fi\0file\0"
++	"flags\0fp\0fsgid\0fsuid\0gid\0icmptype\0id\0igid\0inode_gid\0inode_uid\0"
++	"iuid\0key\0list\0mode\0name\0new-disk\0new-fs\0new-rng\0new_gid\0new_pe\0"
++	"new_pi\0new_pp\0oauid\0obj_gid\0obj_uid\0ocomm\0oflag\0ogid\0old-disk\0old-fs\0"
++	"old-rng\0old_pe\0old_pi\0old_pp\0old_prom\0ouid\0path\0per\0perm\0perm_mask\0"
++	"prom\0proto\0res\0result\0saddr\0sauid\0ses\0sgid\0sig\0sigev_signo\0"
++	"suid\0syscall\0uid\0vm\0watch";
++static const unsigned type_s2i_s[] = {
++	0,3,6,9,12,17,22,27,32,39,
++	46,53,60,67,78,85,89,94,99,103,
++	108,115,119,124,129,133,138,145,148,151,
++	156,162,165,171,177,181,190,193,198,208,
++	218,223,227,232,237,242,251,258,266,274,
++	281,288,295,301,309,317,323,329,334,343,
++	350,358,365,372,379,388,393,398,402,407,
++	417,422,428,432,439,445,451,455,460,464,
++	476,481,489,493,496,
++};
++static const int type_s2i_i[] = {
++	14,15,16,17,6,26,4,1,22,22,
++	22,22,22,12,6,6,28,6,6,20,
++	6,6,2,1,6,5,23,22,22,6,
++	30,22,2,1,2,24,1,2,2,1,
++	1,6,19,8,6,6,6,6,2,22,
++	22,22,1,2,1,6,29,2,6,6,
++	6,22,22,22,11,1,6,27,7,7,
++	11,25,13,13,9,1,21,2,18,18,
++	1,3,1,6,6,
++};
++static int type_s2i(const char *s, int *value) {
++	return s2i__(type_strings, type_s2i_s, type_s2i_i, 85, s, value);
++}
+diff --git a/auparse/umounttabs.h b/auparse/umounttabs.h
+new file mode 100644
+index 0000000..e98118f
+--- /dev/null
++++ b/auparse/umounttabs.h
+@@ -0,0 +1,6 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char umount_strings[] = "MNT_DETACH\0MNT_EXPIRE\0MNT_FORCE\0UMOUNT_NOFOLLOW\0UMOUNT_UNUSED";
++static const struct transtab umount_table[] = {
++	{1,22},{2,0},{4,11},{8,32},{-2147483647,48},
++};
++#define UMOUNT_NUM_ENTRIES (sizeof(umount_table) / sizeof(*umount_table))
+diff --git a/lib/Makefile.am b/lib/Makefile.am
+index 5e9f966..5a7d12b 100644
+--- a/lib/Makefile.am
++++ b/lib/Makefile.am
+@@ -50,109 +50,3 @@ endif
+ if USE_AARCH64
+ BUILT_SOURCES += aarch64_tables.h
+ endif
+-noinst_PROGRAMS = gen_actiontabs_h gen_errtabs_h gen_fieldtabs_h \
+-	gen_flagtabs_h gen_ftypetabs_h gen_i386_tables_h \
+-	gen_ia64_tables_h gen_machinetabs_h gen_msg_typetabs_h \
+-	gen_optabs_h gen_ppc_tables_h gen_s390_tables_h \
+-	gen_s390x_tables_h gen_x86_64_tables_h
+-if USE_ALPHA
+-noinst_PROGRAMS += gen_alpha_tables_h
+-endif
+-if USE_ARMEB
+-noinst_PROGRAMS += gen_armeb_tables_h
+-endif
+-if USE_AARCH64
+-noinst_PROGRAMS += gen_aarch64_tables_h
+-endif
+-gen_actiontabs_h_SOURCES = gen_tables.c gen_tables.h actiontab.h
+-gen_actiontabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="actiontab.h"'
+-actiontabs.h: gen_actiontabs_h Makefile
+-	./gen_actiontabs_h --lowercase --i2s --s2i action > $@
+-
+-if USE_ALPHA
+-gen_alpha_tables_h_SOURCES = gen_tables.c gen_tables.h alpha_table.h
+-gen_alpha_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="alpha_table.h"'
+-alpha_tables.h: gen_alpha_tables_h Makefile
+-	./gen_alpha_tables_h --lowercase --i2s --s2i alpha_syscall > $@
+-endif
+-
+-if USE_ARMEB
+-gen_armeb_tables_h_SOURCES = gen_tables.c gen_tables.h armeb_table.h
+-gen_armeb_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="armeb_table.h"'
+-armeb_tables.h: gen_armeb_tables_h Makefile
+-	./gen_armeb_tables_h --lowercase --i2s --s2i armeb_syscall > $@
+-endif
+-
+-if USE_AARCH64
+-gen_aarch64_tables_h_SOURCES = gen_tables.c gen_tables.h aarch64_table.h
+-gen_aarch64_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="aarch64_table.h"'
+-aarch64_tables.h: gen_aarch64_tables_h Makefile
+-	./gen_aarch64_tables_h --lowercase --i2s --s2i aarch64_syscall > $@
+-endif
+-
+-gen_errtabs_h_SOURCES = gen_tables.c gen_tables.h errtab.h
+-gen_errtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="errtab.h"'
+-errtabs.h: gen_errtabs_h Makefile
+-	./gen_errtabs_h --duplicate-ints --uppercase --i2s --s2i err > $@
+-
+-gen_fieldtabs_h_SOURCES = gen_tables.c gen_tables.h fieldtab.h
+-gen_fieldtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="fieldtab.h"'
+-fieldtabs.h: gen_fieldtabs_h Makefile
+-	./gen_fieldtabs_h --duplicate-ints --lowercase --i2s --s2i field > $@
+-
+-gen_flagtabs_h_SOURCES = gen_tables.c gen_tables.h flagtab.h
+-gen_flagtabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="flagtab.h"'
+-flagtabs.h: gen_flagtabs_h Makefile
+-	./gen_flagtabs_h --lowercase --i2s --s2i flag > $@
+-
+-gen_ftypetabs_h_SOURCES = gen_tables.c gen_tables.h ftypetab.h
+-gen_ftypetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ftypetab.h"'
+-ftypetabs.h: gen_ftypetabs_h Makefile
+-	./gen_ftypetabs_h --lowercase --i2s --s2i ftype > $@
+-
+-gen_i386_tables_h_SOURCES = gen_tables.c gen_tables.h i386_table.h
+-gen_i386_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="i386_table.h"'
+-i386_tables.h: gen_i386_tables_h Makefile
+-	./gen_i386_tables_h --duplicate-ints --lowercase --i2s --s2i \
+-		i386_syscall > $@
+-
+-gen_ia64_tables_h_SOURCES = gen_tables.c gen_tables.h ia64_table.h
+-gen_ia64_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ia64_table.h"'
+-ia64_tables.h: gen_ia64_tables_h Makefile
+-	./gen_ia64_tables_h --lowercase --i2s --s2i ia64_syscall > $@
+-
+-gen_machinetabs_h_SOURCES = gen_tables.c gen_tables.h machinetab.h
+-gen_machinetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="machinetab.h"'
+-machinetabs.h: gen_machinetabs_h Makefile
+-	./gen_machinetabs_h --duplicate-ints --lowercase --i2s --s2i machine \
+-		> $@
+-
+-gen_msg_typetabs_h_SOURCES = gen_tables.c gen_tables.h msg_typetab.h
+-gen_msg_typetabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="msg_typetab.h"'
+-msg_typetabs.h: gen_msg_typetabs_h Makefile
+-	./gen_msg_typetabs_h --uppercase --i2s --s2i msg_type > $@
+-
+-gen_optabs_h_SOURCES = gen_tables.c gen_tables.h optab.h
+-gen_optabs_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="optab.h"'
+-optabs.h: gen_optabs_h Makefile
+-	./gen_optabs_h --i2s op > $@
+-
+-gen_ppc_tables_h_SOURCES = gen_tables.c gen_tables.h ppc_table.h
+-gen_ppc_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="ppc_table.h"'
+-ppc_tables.h: gen_ppc_tables_h Makefile
+-	./gen_ppc_tables_h --lowercase --i2s --s2i ppc_syscall > $@
+-
+-gen_s390_tables_h_SOURCES = gen_tables.c gen_tables.h s390_table.h
+-gen_s390_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="s390_table.h"'
+-s390_tables.h: gen_s390_tables_h Makefile
+-	./gen_s390_tables_h --lowercase --i2s --s2i s390_syscall > $@
+-
+-gen_s390x_tables_h_SOURCES = gen_tables.c gen_tables.h s390x_table.h
+-gen_s390x_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="s390x_table.h"'
+-s390x_tables.h: gen_s390x_tables_h Makefile
+-	./gen_s390x_tables_h --lowercase --i2s --s2i s390x_syscall > $@
+-
+-gen_x86_64_tables_h_SOURCES = gen_tables.c gen_tables.h x86_64_table.h
+-gen_x86_64_tables_h_CFLAGS = $(AM_CFLAGS) '-DTABLE_H="x86_64_table.h"'
+-x86_64_tables.h: gen_x86_64_tables_h Makefile
+-	./gen_x86_64_tables_h --lowercase --i2s --s2i x86_64_syscall > $@
+diff --git a/lib/aarch64_tables.h b/lib/aarch64_tables.h
+new file mode 100644
+index 0000000..571d6ee
+--- /dev/null
++++ b/lib/aarch64_tables.h
+@@ -0,0 +1,125 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char aarch64_syscall_strings[] = "accept\0accept4\0acct\0add_key\0adjtimex\0bind\0brk\0capget\0capset\0chdir\0"
++	"chroot\0clock_adjtime\0clock_getres\0clock_gettime\0clock_nanosleep\0clock_settime\0clone\0close\0connect\0delete_module\0"
++	"dup\0dup3\0epoll_create1\0epoll_ctl\0epoll_pwait\0eventfd2\0execve\0exit\0exit_group\0faccessat\0"
++	"fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0fchownat\0fdatasync\0fgetxattr\0"
++	"finit_module\0flistxattr\0flock\0fremovexattr\0fsetxattr\0fsync\0futex\0get_mempolicy\0get_robust_list\0getcpu\0"
++	"getcwd\0getdents64\0getegid\0geteuid\0getgid\0getgroups\0getitimer\0getpeername\0getpgid\0getpid\0"
++	"getppid\0getpriority\0getresgid\0getresuid\0getrlimit\0getrusage\0getsid\0getsockname\0getsockopt\0gettid\0"
++	"gettimeofday\0getuid\0getxattr\0init_module\0inotify_add_watch\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0"
++	"io_setup\0io_submit\0ioctl\0ioprio_get\0ioprio_set\0kcmp\0kexec_load\0keyctl\0kill\0lgetxattr\0"
++	"linkat\0listen\0listxattr\0llistxattr\0lookup_dcookie\0lremovexattr\0lsetxattr\0madvise\0mbind\0migrate_pages\0"
++	"mincore\0mkdirat\0mknodat\0mlock\0mlockall\0mount\0move_pages\0mprotect\0mq_getsetattr\0mq_notify\0"
++	"mq_open\0mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msgctl\0msgget\0msgrcv\0msgsnd\0msync\0"
++	"munlock\0munlockall\0munmap\0name_to_handle_at\0nanosleep\0nfsservctl\0open_by_handle_at\0openat\0perf_event_open\0personality\0"
++	"pipe2\0pivot_root\0ppoll\0prctl\0pread64\0preadv\0prlimit64\0process_vm_readv\0process_vm_writev\0pselect6\0"
++	"ptrace\0pwrite64\0pwritev\0quotactl\0read\0readahead\0readlinkat\0readv\0reboot\0recvfrom\0"
++	"recvmmsg\0recvmsg\0remap_file_pages\0removexattr\0renameat\0request_key\0restart_syscall\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0"
++	"rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0"
++	"sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0sched_yield\0semctl\0semget\0semop\0semtimedop\0sendmmsg\0"
++	"sendmsg\0sendto\0set_mempolicy\0set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsuid\0setgid\0setgroups\0"
++	"sethostname\0setitimer\0setns\0setpgid\0setpriority\0setregid\0setresgid\0setresuid\0setreuid\0setrlimit\0"
++	"setsid\0setsockopt\0settimeofday\0setuid\0setxattr\0shmat\0shmctl\0shmdt\0shmget\0shutdown\0"
++	"sigaltstack\0signalfd4\0socket\0socketpair\0splice\0swapoff\0swapon\0symlinkat\0sync\0sync_file_range\0"
++	"syncfs\0sysinfo\0syslog\0tee\0tgkill\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0"
++	"timerfd_create\0timerfd_gettime\0timerfd_settime\0times\0tkill\0umask\0umount2\0uname\0unlinkat\0unshare\0"
++	"utimensat\0vhangup\0vmsplice\0wait4\0waitid\0write\0writev";
++static const unsigned aarch64_syscall_s2i_s[] = {
++	0,7,15,20,28,37,42,46,53,60,
++	66,73,87,100,114,130,144,150,156,164,
++	178,182,187,201,211,223,232,239,244,255,
++	265,275,289,303,310,317,326,333,342,352,
++	362,375,386,392,405,415,421,427,441,457,
++	464,471,482,490,498,505,515,525,537,545,
++	552,560,572,582,592,602,612,619,631,642,
++	649,662,669,678,690,708,722,739,749,760,
++	773,782,792,798,809,820,825,836,843,848,
++	858,865,872,882,893,908,921,931,939,945,
++	959,967,975,983,989,998,1004,1015,1024,1038,
++	1048,1056,1072,1085,1095,1102,1109,1116,1123,1130,
++	1136,1144,1155,1162,1180,1190,1201,1219,1226,1242,
++	1254,1260,1271,1277,1283,1291,1298,1308,1325,1343,
++	1352,1359,1368,1376,1385,1390,1400,1411,1417,1424,
++	1433,1442,1450,1467,1479,1488,1500,1516,1529,1543,
++	1558,1574,1587,1601,1617,1635,1658,1681,1699,1714,
++	1733,1755,1773,1788,1807,1819,1826,1833,1839,1850,
++	1859,1867,1874,1888,1904,1920,1934,1943,1952,1959,
++	1969,1981,1991,1997,2005,2017,2026,2036,2046,2055,
++	2065,2072,2083,2096,2103,2112,2118,2125,2131,2138,
++	2147,2159,2169,2176,2187,2194,2202,2209,2219,2224,
++	2240,2247,2255,2262,2266,2273,2286,2299,2316,2330,
++	2344,2359,2375,2391,2397,2403,2409,2417,2423,2432,
++	2440,2450,2458,2467,2473,2480,2486,
++};
++static const int aarch64_syscall_s2i_i[] = {
++	202,242,89,217,171,200,214,90,91,49,
++	51,266,114,113,115,112,220,57,203,106,
++	23,24,20,21,22,19,221,93,94,48,
++	47,262,263,50,52,53,55,54,83,10,
++	273,13,32,16,7,82,98,236,100,168,
++	17,61,177,175,176,158,102,205,155,172,
++	173,141,150,148,163,165,156,204,209,178,
++	169,174,8,105,27,26,28,3,1,4,
++	0,2,29,31,30,272,104,219,129,9,
++	37,201,11,12,18,15,6,233,235,238,
++	232,34,33,228,230,40,239,226,185,184,
++	180,183,182,181,216,187,186,188,189,227,
++	229,231,215,264,101,42,265,56,241,92,
++	59,41,73,167,67,69,261,270,271,72,
++	117,68,70,60,63,213,78,65,142,207,
++	243,212,234,14,38,218,128,134,136,135,
++	138,139,133,137,240,125,126,123,121,120,
++	127,122,118,119,124,191,190,193,192,269,
++	211,206,237,99,96,162,152,151,144,159,
++	161,103,268,154,140,143,149,147,145,164,
++	157,208,170,146,5,196,195,197,194,210,
++	132,74,198,199,76,225,224,36,81,84,
++	267,179,116,77,131,107,111,109,108,110,
++	85,87,86,153,130,166,39,160,35,97,
++	88,58,75,260,95,64,66,
++};
++static int aarch64_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(aarch64_syscall_strings, aarch64_syscall_s2i_s, aarch64_syscall_s2i_i, 247, copy, value);
++	}
++}
++static const unsigned aarch64_syscall_i2s_direct[] = {
++	773,749,782,739,760,2103,921,405,669,848,
++	352,872,882,375,1467,908,392,464,893,223,
++	187,201,211,178,182,-1u,708,690,722,792,
++	809,798,386,975,967,2423,2209,858,1479,2409,
++	998,1260,1190,-1u,-1u,-1u,-1u,265,255,60,
++	303,66,310,317,333,326,1219,150,2450,1254,
++	1376,471,-1u,1385,2480,1411,2486,1283,1359,1291,
++	1368,-1u,1343,1271,2159,2458,2187,2262,1400,-1u,
++	-1u,2219,415,342,2224,2344,2375,2359,2440,15,
++	46,53,1242,239,244,2473,1904,2432,421,1888,
++	441,1180,515,1981,825,678,164,2273,2316,2299,
++	2330,2286,130,100,87,114,2255,1352,1773,1788,
++	1714,1699,1755,1681,1807,1635,1658,1733,1500,843,
++	2397,2266,2147,1587,1516,1543,1529,1601,1558,1574,
++	2005,560,1417,2017,1952,2046,2096,2036,582,2026,
++	572,1943,1934,2391,1997,537,612,2065,505,1959,
++	2417,1969,1920,592,2055,602,2403,1277,457,649,
++	2083,28,545,552,662,490,498,482,642,2247,
++	1048,1085,1072,1056,1038,1024,1109,1102,1116,1123,
++	1826,1819,1839,1833,2131,2118,2112,2125,2169,2176,
++	37,865,0,156,619,525,1867,1424,2072,631,
++	2138,1859,1442,1390,42,1155,1095,20,1488,836,
++	144,232,-1u,-1u,2202,2194,1015,1130,983,1136,
++	989,1144,959,931,1450,939,427,1874,945,1004,
++	1617,1226,7,1433,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	2467,1298,275,289,1162,1201,73,2240,1991,1850,
++	1308,1325,820,362,
++};
++static const char *aarch64_syscall_i2s(int v) {
++	return i2s_direct__(aarch64_syscall_strings, aarch64_syscall_i2s_direct, 0, 273, v);
++}
+diff --git a/lib/actiontabs.h b/lib/actiontabs.h
+new file mode 100644
+index 0000000..a7a9e62
+--- /dev/null
++++ b/lib/actiontabs.h
+@@ -0,0 +1,26 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char action_strings[] = "always\0never\0possible";
++static const unsigned action_s2i_s[] = {
++	0,7,13,
++};
++static const int action_s2i_i[] = {
++	2,0,1,
++};
++static int action_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(action_strings, action_s2i_s, action_s2i_i, 3, copy, value);
++	}
++}
++static const unsigned action_i2s_direct[] = {
++	7,13,0,
++};
++static const char *action_i2s(int v) {
++	return i2s_direct__(action_strings, action_i2s_direct, 0, 2, v);
++}
+diff --git a/lib/alpha_tables.h b/lib/alpha_tables.h
+new file mode 100644
+index 0000000..b57e54c
+--- /dev/null
++++ b/lib/alpha_tables.h
+@@ -0,0 +1,196 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char alpha_syscall_strings[] = "_sysctl\0accept\0accept4\0access\0acct\0add_key\0adjtimex\0afs_syscall\0bdflush\0bind\0"
++	"brk\0capget\0capset\0chdir\0chmod\0chown\0chroot\0clock_adjtime\0clone\0close\0"
++	"connect\0create_module\0delete_module\0dipc\0dup\0dup2\0dup3\0epoll_create\0epoll_create1\0epoll_ctl\0"
++	"epoll_pwait\0epoll_wait\0eventfd\0eventfd2\0exec_with_loader\0execve\0exit\0exit_group\0faccessat\0fadvise64\0"
++	"fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0fchownat\0fcntl\0fdatasync\0"
++	"fgetxattr\0flistxattr\0flock\0fork\0fremovexattr\0fsetxattr\0fstat\0fstat64\0fstatat64\0fstatfs\0"
++	"fsync\0ftruncate\0futex\0futimesat\0get_kernel_syms\0get_mempolicy\0get_robust_list\0getcpu\0getcwd\0getdents\0"
++	"getdents64\0getdtablesize\0getgroups\0gethostname\0getitimer\0getpagesize\0getpeername\0getpgid\0getpgrp\0getpriority\0"
++	"getresgid\0getresuid\0getrlimit\0getrusage\0getsid\0getsockname\0getsockopt\0gettid\0gettimeofday\0getxattr\0"
++	"getxgid\0getxpid\0getxuid\0init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0"
++	"io_getevents\0io_setup\0io_submit\0ioctl\0ioprio_get\0ioprio_set\0kexec_load\0keyctl\0kill\0lchown\0"
++	"lgetxattr\0link\0linkat\0listen\0listxattr\0llistxattr\0lookup_dcookie\0lremovexattr\0lseek\0lsetxattr\0"
++	"lstat\0lstat64\0madvise\0mbind\0migrate_pages\0mincore\0mkdir\0mkdirat\0mknod\0mknodat\0"
++	"mlock\0mlockall\0mmap\0mount\0move_pages\0mprotect\0mq_getsetattr\0mq_notify\0mq_open\0mq_timedreceive\0"
++	"mq_timedsend\0mq_unlink\0mremap\0msgctl\0msgget\0msgrcv\0msgsnd\0msync\0munlock\0munlockall\0"
++	"munmap\0name_to_handle_at\0nanosleep\0nfsservctl\0old_adjtimex\0oldumount\0open\0open_by_handle_at\0openat\0osf_adjtime\0"
++	"osf_afs_syscall\0osf_alt_plock\0osf_alt_setsid\0osf_alt_sigpending\0osf_asynch_daemon\0osf_audcntl\0osf_audgen\0osf_chflags\0osf_execve\0osf_exportfs\0"
++	"osf_fchflags\0osf_fdatasync\0osf_fpathconf\0osf_fstatfs\0osf_fuser\0osf_getaddressconf\0osf_getdirentries\0osf_getdomainname\0osf_getfh\0osf_getfsstat\0"
++	"osf_gethostid\0osf_getitimer\0osf_getlogin\0osf_getmnt\0osf_getrusage\0osf_getsysinfo\0osf_gettimeofday\0osf_kloadcall\0osf_kmodcall\0osf_memcntl\0"
++	"osf_mincore\0osf_mount\0osf_mremap\0osf_msfs_syscall\0osf_msleep\0osf_mvalid\0osf_mwakeup\0osf_naccept\0osf_nfssvc\0osf_ngetpeername\0"
++	"osf_ngetsockname\0osf_nrecvfrom\0osf_nrecvmsg\0osf_nsendmsg\0osf_ntp_adjtime\0osf_ntp_gettime\0osf_old_creat\0osf_old_fstat\0osf_old_getpgrp\0osf_old_killpg\0"
++	"osf_old_lstat\0osf_old_open\0osf_old_sigaction\0osf_old_sigblock\0osf_old_sigreturn\0osf_old_sigsetmask\0osf_old_sigvec\0osf_old_stat\0osf_old_vadvise\0osf_old_vtrace\0"
++	"osf_old_wait\0osf_oldquota\0osf_pathconf\0osf_pid_block\0osf_pid_unblock\0osf_plock\0osf_priocntlset\0osf_profil\0osf_proplist_syscall\0osf_reboot\0"
++	"osf_revoke\0osf_sbrk\0osf_security\0osf_select\0osf_set_program_attributes\0osf_set_speculative\0osf_sethostid\0osf_setitimer\0osf_setlogin\0osf_setsysinfo\0"
++	"osf_settimeofday\0osf_shmat\0osf_signal\0osf_sigprocmask\0osf_sigsendset\0osf_sigstack\0osf_sigwaitprim\0osf_sstk\0osf_statfs\0osf_subsys_info\0"
++	"osf_swapctl\0osf_swapon\0osf_syscall\0osf_sysinfo\0osf_table\0osf_uadmin\0osf_usleep_thread\0osf_uswitch\0osf_utc_adjtime\0osf_utc_gettime\0"
++	"osf_utimes\0osf_utsname\0osf_wait4\0osf_waitid\0pciconfig_iobase\0pciconfig_read\0pciconfig_write\0perf_event_open\0personality\0pipe\0"
++	"pipe2\0pivot_root\0poll\0ppoll\0prctl\0pread\0preadv\0prlimit64\0process_vm_readv\0process_vm_writev\0"
++	"pselect6\0ptrace\0pwrite\0pwritev\0query_module\0quotactl\0read\0readahead\0readlink\0readlinkat\0"
++	"readv\0reboot\0recv\0recvfrom\0recvmmsg\0recvmsg\0remap_file_pages\0removexattr\0rename\0renameat\0"
++	"request_key\0restart_syscall\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0"
++	"rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0"
++	"sched_yield\0select\0semctl\0semget\0semop\0send\0sendfile\0sendmmsg\0sendmsg\0sendto\0"
++	"set_mempolicy\0set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsuid\0setgid\0setgroups\0sethae\0sethostname\0"
++	"setitimer\0setns\0setpgid\0setpgrp\0setpriority\0setregid\0setresgid\0setresuid\0setreuid\0setrlimit\0"
++	"setsid\0setsockopt\0settimeofday\0setuid\0setxattr\0shmctl\0shmdt\0shmget\0shutdown\0sigaction\0"
++	"sigaltstack\0signalfd\0signalfd4\0sigpending\0sigreturn\0sigsuspend\0socket\0socketpair\0splice\0stat\0"
++	"stat64\0statfs\0swapoff\0swapon\0symlink\0symlinkat\0sync\0sync_file_range\0syncfs\0sysfs\0"
++	"sysinfo\0syslog\0tee\0tgkill\0timerfd\0timerfd_create\0timerfd_gettime\0timerfd_settime\0times\0tkill\0"
++	"truncate\0tuxcall\0umask\0umount\0uname\0unlink\0unlinkat\0unshare\0uselib\0ustat\0"
++	"utimensat\0utimes\0vfork\0vhangup\0vmsplice\0vserver\0wait4\0waitid\0write\0writev";
++static const unsigned alpha_syscall_s2i_s[] = {
++	0,8,15,23,30,35,43,52,64,72,
++	77,81,88,95,101,107,113,120,134,140,
++	146,154,168,182,187,191,196,201,214,228,
++	238,250,261,269,278,295,302,307,318,328,
++	338,348,362,376,383,390,399,406,415,421,
++	431,441,452,458,463,476,486,492,500,510,
++	518,524,534,540,550,566,580,596,603,610,
++	619,630,644,654,666,676,688,700,708,716,
++	728,738,748,758,768,775,787,798,805,818,
++	827,835,843,851,863,881,894,908,925,935,
++	946,959,968,978,984,995,1006,1017,1024,1029,
++	1036,1046,1051,1058,1065,1075,1086,1101,1114,1120,
++	1130,1136,1144,1152,1158,1172,1180,1186,1194,1200,
++	1208,1214,1223,1228,1234,1245,1254,1268,1278,1286,
++	1302,1315,1325,1332,1339,1346,1353,1360,1366,1374,
++	1385,1392,1410,1420,1431,1444,1454,1459,1477,1484,
++	1496,1512,1526,1541,1560,1578,1590,1601,1613,1624,
++	1637,1650,1664,1678,1690,1700,1719,1737,1755,1765,
++	1779,1793,1807,1820,1831,1845,1860,1877,1891,1904,
++	1916,1928,1938,1949,1966,1977,1988,2000,2012,2023,
++	2040,2057,2071,2084,2097,2113,2129,2143,2157,2173,
++	2188,2202,2215,2233,2250,2268,2287,2302,2315,2331,
++	2346,2359,2372,2385,2399,2415,2425,2441,2452,2473,
++	2484,2495,2504,2517,2528,2555,2575,2589,2603,2616,
++	2631,2648,2658,2669,2685,2700,2713,2729,2738,2749,
++	2765,2777,2788,2800,2812,2822,2833,2851,2863,2879,
++	2895,2906,2918,2928,2939,2956,2971,2987,3003,3015,
++	3020,3026,3037,3042,3048,3054,3060,3067,3077,3094,
++	3112,3121,3128,3135,3143,3156,3165,3170,3180,3189,
++	3200,3206,3213,3218,3227,3236,3244,3261,3273,3280,
++	3289,3301,3317,3323,3336,3350,3365,3381,3394,3408,
++	3424,3442,3465,3488,3506,3521,3540,3562,3580,3595,
++	3614,3626,3633,3640,3647,3653,3658,3667,3676,3684,
++	3691,3705,3721,3737,3751,3760,3769,3776,3786,3793,
++	3805,3815,3821,3829,3837,3849,3858,3868,3878,3887,
++	3897,3904,3915,3928,3935,3944,3951,3957,3964,3973,
++	3983,3995,4004,4014,4025,4035,4046,4053,4064,4071,
++	4076,4083,4090,4098,4105,4113,4123,4128,4144,4151,
++	4157,4165,4172,4176,4183,4191,4206,4222,4238,4244,
++	4250,4259,4267,4273,4280,4286,4293,4302,4310,4317,
++	4323,4333,4340,4346,4354,4363,4371,4377,4384,4390,
++};
++static const int alpha_syscall_s2i_i[] = {
++	319,99,502,33,51,439,366,338,300,104,
++	17,368,369,12,15,16,61,499,312,6,
++	98,306,308,373,41,90,487,407,486,408,
++	474,409,478,485,25,59,1,405,462,413,
++	480,494,495,13,124,461,123,453,92,447,
++	387,390,131,2,393,384,91,427,455,329,
++	95,130,394,454,309,430,467,473,367,305,
++	377,89,79,87,361,64,141,233,63,100,
++	372,344,144,364,234,150,118,378,359,385,
++	47,20,24,307,445,444,489,446,402,399,
++	400,398,401,54,443,442,448,441,37,208,
++	386,9,458,106,388,389,406,392,19,383,
++	68,426,75,429,449,375,136,451,14,452,
++	314,316,71,302,472,74,437,436,432,435,
++	434,433,341,200,201,202,203,217,315,317,
++	73,497,340,342,303,321,45,498,450,140,
++	258,181,188,187,163,252,253,34,11,169,
++	35,261,248,161,243,214,159,165,164,18,
++	142,86,49,184,117,256,116,223,77,260,
++	78,21,65,240,215,213,216,30,158,31,
++	32,29,27,28,245,246,8,62,81,146,
++	40,5,46,109,139,110,108,38,72,115,
++	84,149,247,153,154,107,237,44,244,55,
++	56,69,222,93,43,239,143,83,50,257,
++	122,209,218,48,238,112,157,70,160,255,
++	259,199,0,241,85,242,251,250,220,219,
++	138,207,7,236,376,345,346,493,324,42,
++	488,374,94,464,348,349,490,496,504,505,
++	463,26,350,491,347,148,3,379,58,460,
++	120,311,102,125,479,113,410,391,128,457,
++	440,412,137,352,354,353,356,351,357,355,
++	492,335,336,396,331,333,337,395,330,332,
++	334,358,204,205,206,101,370,503,114,133,
++	431,466,411,166,326,325,132,80,301,88,
++	362,501,39,82,96,127,371,343,126,145,
++	147,105,360,23,382,210,211,212,134,156,
++	235,476,484,52,103,111,97,135,468,67,
++	425,328,304,322,57,459,36,469,500,254,
++	318,310,470,424,477,481,483,482,323,381,
++	129,397,60,22,339,10,456,465,313,327,
++	475,363,66,76,471,428,365,438,4,121,
++};
++static int alpha_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(alpha_syscall_strings, alpha_syscall_s2i_s, alpha_syscall_s2i_i, 410, copy, value);
++	}
++}
++static const unsigned alpha_syscall_i2s_direct[] = {
++	2788,302,458,3165,4384,2202,140,2918,2129,1046,
++	4286,1613,95,376,1194,101,107,77,1765,1114,
++	835,1928,4273,3928,843,278,3121,2071,2084,2057,
++	2000,2023,2040,23,1601,1637,4123,1024,2302,3821,
++	2188,187,3015,2528,2441,1454,2215,827,2669,1807,
++	2603,30,4014,-1u,978,2473,2484,4105,3180,295,
++	4267,113,2143,708,676,1938,4340,4071,1130,2495,
++	2729,1223,2315,1385,1245,1144,4346,1891,1916,644,
++	3776,2157,3829,2589,2346,2812,1793,654,3793,630,
++	191,486,415,2517,3037,518,3837,4046,146,8,
++	716,3653,3213,4025,72,3904,1058,2415,2287,2233,
++	2268,4035,2700,3236,3676,2331,1860,1831,787,-1u,
++	3200,4390,2631,399,383,3218,3878,3849,3273,4250,
++	524,452,3769,3684,3964,4053,1180,3317,2895,2250,
++	1484,688,1779,2575,748,3887,2173,3897,3156,2359,
++	775,-1u,-1u,2385,2399,-1u,3973,2713,2012,1719,
++	2738,1678,-1u,1560,1755,1737,3737,-1u,-1u,1624,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,1512,-1u,-1u,1820,-1u,-1u,1541,1526,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,2777,
++	1332,1339,1346,1353,3633,3640,3647,2906,1029,2648,
++	3944,3951,3957,1977,1700,1966,1988,1360,2658,2879,
++	2863,-1u,2504,1877,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,700,768,3983,2928,2425,2685,2555,
++	1949,2800,2822,1690,2452,2097,2113,2372,1664,-1u,
++	2851,2833,1578,1590,4151,2749,1845,2616,1496,2765,
++	1904,1650,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,-1u,
++	64,3786,1228,1431,4090,610,154,851,168,550,
++	4165,3206,134,4310,1208,1366,1214,1374,4157,0,
++	-1u,1444,4098,4238,3003,3760,3751,4317,4083,510,
++	3580,3506,3595,3521,3614,3442,3465,3540,52,4280,
++	1410,1325,1420,3868,738,2956,2971,3143,3048,3054,
++	3128,3381,3323,3350,3336,3408,3365,3394,3626,805,
++	3915,666,3805,4333,758,4371,43,603,81,88,
++	3658,3858,728,182,3026,1172,2939,619,798,3170,
++	-1u,4244,3935,1120,476,818,1036,431,1065,1075,
++	441,3261,1101,463,534,3562,3488,4259,959,935,
++	946,968,925,-1u,-1u,307,1086,201,228,250,
++	3244,3721,3301,328,-1u,-1u,-1u,-1u,-1u,-1u,
++	-1u,-1u,-1u,-1u,4176,4076,1136,492,4363,1152,
++	566,3691,1278,1315,1302,1286,1268,1254,4377,35,
++	3289,1017,995,984,881,863,908,421,1006,1158,
++	1477,1186,1200,406,540,500,4293,3280,1051,4113,
++	3189,390,318,3112,3042,4302,3705,580,4064,4128,
++	4172,4354,1234,596,238,4323,3995,4183,261,3227,
++	338,4191,4222,4206,4004,269,214,196,3020,894,
++	3060,3135,3424,2987,348,362,3067,1392,1459,120,
++	4144,3815,15,3667,3077,3094,
++};
++static const char *alpha_syscall_i2s(int v) {
++	return i2s_direct__(alpha_syscall_strings, alpha_syscall_i2s_direct, 0, 505, v);
++}
+diff --git a/lib/armeb_tables.h b/lib/armeb_tables.h
+new file mode 100644
+index 0000000..dd2bf5f
+--- /dev/null
++++ b/lib/armeb_tables.h
+@@ -0,0 +1,165 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char armeb_syscall_strings[] = "accept\0accept4\0access\0acct\0add_key\0adjtimex\0alarm\0bdflush\0bind\0brk\0"
++	"capget\0capset\0chdir\0chmod\0chown\0chown32\0chroot\0clock_adjtime\0clock_getres\0clock_gettime\0"
++	"clock_nanosleep\0clock_settime\0clone\0close\0connect\0creat\0delete_module\0dup\0dup2\0dup3\0"
++	"epoll_create\0epoll_create1\0epoll_ctl\0epoll_wait\0eventfd\0eventfd2\0execve\0exit\0exit_group\0faccessat\0"
++	"fadvise64_64\0fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0fchown32\0fchownat\0"
++	"fcntl\0fcntl64\0fdatasync\0fgetxattr\0finit_module\0flistxattr\0flock\0fork\0fremovexattr\0fsetxattr\0"
++	"fstat\0fstat64\0fstatat64\0fstatfs\0fstatfs64\0fsync\0ftruncate\0ftruncate64\0futex\0futimesat\0"
++	"get_mempolicy\0get_robust_list\0getcpu\0getcwd\0getdents\0getdents64\0getegid\0getegid32\0geteuid\0geteuid32\0"
++	"getgid\0getgid32\0getgroups\0getgroups32\0getitimer\0getpeername\0getpgid\0getpgrp\0getpid\0getppid\0"
++	"getpriority\0getresgid\0getresgid32\0getresuid\0getresuid32\0getrlimit\0getrusage\0getsid\0getsockname\0getsockopt\0"
++	"gettid\0gettimeofday\0getuid\0getuid32\0getxattr\0init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0"
++	"io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0ioctl\0ioprio_get\0ioprio_set\0ipc\0kcmp\0"
++	"kexec_load\0keyctl\0kill\0lchown\0lchown32\0lgetxattr\0link\0linkat\0listen\0listxattr\0"
++	"llistxattr\0llseek\0lookup_dcookie\0lremovexattr\0lseek\0lsetxattr\0lstat\0lstat64\0madvise\0mbind\0"
++	"mincore\0mkdir\0mkdirat\0mknod\0mknodat\0mlock\0mlockall\0mmap\0mmap2\0mount\0"
++	"move_pages\0mprotect\0mq_getsetattr\0mq_notify\0mq_open\0mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msgctl\0"
++	"msgget\0msgrcv\0msgsnd\0msync\0munlock\0munlockall\0munmap\0name_to_handle_at\0nanosleep\0newselect\0"
++	"nfsservctl\0nice\0open\0open_by_handle_at\0openat\0pause\0pciconfig_iobase\0pciconfig_read\0pciconfig_write\0perf_event_open\0"
++	"personality\0pipe\0pipe2\0pivot_root\0poll\0prctl\0pread64\0preadv\0prlimit64\0process_vm_readv\0"
++	"process_vm_writev\0ptrace\0pwrite64\0pwritev\0quotactl\0read\0readahead\0readdir\0readlink\0readlinkat\0"
++	"readv\0reboot\0recv\0recvfrom\0recvmmsg\0recvmsg\0remap_file_pages\0removexattr\0rename\0renameat\0"
++	"request_key\0restart_syscall\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0"
++	"rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0"
++	"sched_yield\0select\0semctl\0semget\0semop\0semtimedop\0send\0sendfile\0sendfile64\0sendmmsg\0"
++	"sendmsg\0sendto\0set_mempolicy\0set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsgid32\0setfsuid\0setfsuid32\0"
++	"setgid\0setgid32\0setgroups\0setgroups32\0sethostname\0setitimer\0setns\0setpgid\0setpriority\0setregid\0"
++	"setregid32\0setresgid\0setresgid32\0setresuid\0setresuid32\0setreuid\0setreuid32\0setrlimit\0setsid\0setsockopt\0"
++	"settimeofday\0setuid\0setuid32\0setxattr\0shmat\0shmctl\0shmdt\0shmget\0shutdown\0sigaction\0"
++	"sigaltstack\0signalfd\0signalfd4\0sigpending\0sigprocmask\0sigreturn\0sigsuspend\0socket\0socketcall\0socketpair\0"
++	"splice\0stat\0stat64\0statfs\0statfs64\0stime\0swapoff\0swapon\0symlink\0symlinkat\0"
++	"sync\0sync_file_range\0syncfs\0syscall\0sysctl\0sysfs\0sysinfo\0syslog\0tee\0tgkill\0"
++	"time\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd_create\0timerfd_gettime\0timerfd_settime\0times\0"
++	"tkill\0truncate\0truncate64\0ugetrlimit\0umask\0umount\0umount2\0uname\0unlink\0unlinkat\0"
++	"unshare\0uselib\0ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0vmsplice\0vserver\0"
++	"wait4\0waitid\0write\0writev";
++static const unsigned armeb_syscall_s2i_s[] = {
++	0,7,15,22,27,35,44,50,58,63,
++	67,74,81,87,93,99,107,114,128,141,
++	155,171,185,191,197,205,211,225,229,234,
++	239,252,266,276,287,295,304,311,316,327,
++	337,350,360,374,388,395,402,411,418,427,
++	436,442,450,460,470,483,494,500,505,518,
++	528,534,542,552,560,570,576,586,598,604,
++	614,628,644,651,658,667,678,686,696,704,
++	714,721,730,740,752,762,774,782,790,797,
++	805,817,827,839,849,861,871,881,888,900,
++	911,918,931,938,947,956,968,986,999,1013,
++	1030,1040,1051,1064,1073,1083,1089,1100,1111,1115,
++	1120,1131,1138,1143,1150,1159,1169,1174,1181,1188,
++	1198,1209,1216,1231,1244,1250,1260,1266,1274,1282,
++	1288,1296,1302,1310,1316,1324,1330,1339,1344,1350,
++	1356,1367,1376,1390,1400,1408,1424,1437,1447,1454,
++	1461,1468,1475,1482,1488,1496,1507,1514,1532,1542,
++	1552,1563,1568,1573,1591,1598,1604,1621,1636,1652,
++	1668,1680,1685,1691,1702,1707,1713,1721,1728,1738,
++	1755,1773,1780,1789,1797,1806,1811,1821,1829,1838,
++	1849,1855,1862,1867,1876,1885,1893,1910,1922,1929,
++	1938,1950,1966,1972,1985,1999,2014,2030,2043,2057,
++	2073,2091,2114,2137,2155,2170,2189,2211,2229,2244,
++	2263,2275,2282,2289,2296,2302,2313,2318,2327,2338,
++	2347,2355,2362,2376,2392,2408,2422,2431,2442,2451,
++	2462,2469,2478,2488,2500,2512,2522,2528,2536,2548,
++	2557,2568,2578,2590,2600,2612,2621,2632,2642,2649,
++	2660,2673,2680,2689,2698,2704,2711,2717,2724,2733,
++	2743,2755,2764,2774,2785,2797,2807,2818,2825,2836,
++	2847,2854,2859,2866,2873,2882,2888,2896,2903,2911,
++	2921,2926,2942,2949,2957,2964,2970,2978,2985,2989,
++	2996,3001,3014,3027,3044,3058,3072,3087,3103,3119,
++	3125,3131,3140,3151,3162,3168,3175,3183,3189,3196,
++	3205,3213,3220,3226,3232,3242,3249,3255,3263,3272,
++	3280,3286,3293,3299,
++};
++static const int armeb_syscall_s2i_i[] = {
++	285,366,33,51,309,124,27,134,282,45,
++	184,185,12,15,182,212,61,372,264,263,
++	265,262,120,6,283,8,129,41,63,358,
++	250,357,251,252,351,356,11,1,248,334,
++	270,352,367,368,133,94,333,95,207,325,
++	55,221,148,231,379,234,143,2,237,228,
++	108,197,327,100,267,118,93,194,240,326,
++	320,339,345,183,141,217,50,202,49,201,
++	47,200,80,205,105,287,132,65,20,64,
++	96,171,211,165,209,76,77,147,286,295,
++	224,78,24,199,229,128,317,316,360,318,
++	247,244,245,243,246,54,315,314,117,378,
++	347,311,37,16,198,230,9,330,284,232,
++	233,140,249,236,19,227,107,196,220,319,
++	219,39,323,14,324,150,152,90,192,21,
++	344,125,279,278,274,277,276,275,163,304,
++	303,302,301,144,151,153,91,370,162,142,
++	169,34,5,371,322,29,271,272,273,364,
++	136,42,359,218,168,172,180,361,369,376,
++	377,26,181,362,131,3,225,89,85,332,
++	145,88,291,292,365,297,253,235,38,329,
++	310,0,40,174,176,175,178,173,179,177,
++	363,159,160,242,155,157,161,241,154,156,
++	158,82,300,299,298,312,289,187,239,374,
++	296,290,321,338,256,121,139,216,138,215,
++	46,214,81,206,74,104,375,57,97,71,
++	204,170,210,164,208,70,203,75,66,294,
++	79,23,213,226,305,308,306,307,293,67,
++	186,349,355,73,126,119,72,281,102,288,
++	340,106,195,99,266,25,115,87,83,331,
++	36,341,373,113,149,135,116,103,342,268,
++	13,257,261,260,259,258,350,354,353,43,
++	238,92,193,191,60,22,52,122,10,328,
++	337,86,62,30,348,269,190,111,343,313,
++	114,280,4,146,
++};
++static int armeb_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(armeb_syscall_strings, armeb_syscall_s2i_s, armeb_syscall_s2i_i, 344, copy, value);
++	}
++}
++static const unsigned armeb_syscall_i2s_direct[] = {
++	1950,311,500,1806,3293,1568,191,-1u,205,1169,
++	3189,304,81,2996,1310,87,1143,-1u,-1u,1244,
++	790,1350,3168,2673,931,2882,1773,44,-1u,1598,
++	3226,-1u,-1u,15,1563,-1u,2921,1138,1922,1296,
++	1966,225,1680,3119,-1u,63,2462,714,-1u,696,
++	678,22,3175,-1u,1083,436,-1u,2528,-1u,-1u,
++	3162,107,3220,229,797,782,2642,2733,-1u,-1u,
++	2612,2548,2807,2774,2500,2632,861,871,918,2660,
++	730,2478,2275,2903,-1u,1829,3213,2896,1855,1821,
++	1339,1507,3131,576,395,411,805,2536,-1u,2866,
++	552,-1u,2825,2978,2512,752,2854,1260,528,-1u,
++	-1u,3255,-1u,2949,3280,2888,2970,1111,570,2797,
++	185,2408,3183,-1u,35,1367,2785,-1u,956,211,
++	-1u,1797,774,388,50,2964,1668,-1u,2442,2422,
++	1209,658,1542,494,1482,1849,3299,881,450,2957,
++	1324,1488,1330,1496,2229,2155,2244,2170,2263,2091,
++	2114,2189,1532,1447,2590,839,-1u,-1u,1702,1552,
++	2568,817,1707,2030,1972,1999,1985,2057,2014,2043,
++	1713,1780,93,651,67,74,2743,2318,-1u,-1u,
++	3249,3151,1344,3140,586,2859,1266,534,1150,938,
++	721,704,686,2621,2557,740,2488,418,2600,849,
++	2578,827,99,2680,2469,2451,2431,667,1691,1288,
++	1274,442,-1u,-1u,911,1811,2689,1250,518,947,
++	1159,460,1188,1198,483,1910,1231,505,3125,2327,
++	598,2211,2137,1064,1040,1051,1073,1030,316,1216,
++	239,266,276,1893,-1u,-1u,2392,3001,3058,3044,
++	3027,3014,171,141,128,155,2873,560,2989,3242,
++	337,1604,1621,1636,1400,1437,1424,1408,1390,1376,
++	3286,2818,58,197,1181,0,888,762,2836,2313,
++	2355,1862,1867,2724,2649,900,2347,1885,2296,2289,
++	2282,1475,1468,1461,1454,2698,2711,2717,2704,27,
++	1938,1131,2302,3272,1100,1089,986,968,1013,1282,
++	614,2362,1591,1302,1316,427,604,542,3196,1929,
++	1174,2911,1838,402,327,-1u,-1u,3205,2376,628,
++	2847,2926,2985,3263,1356,644,-1u,1120,3232,2755,
++	3072,287,350,3103,3087,2764,295,252,234,1685,
++	999,1721,1789,2073,1652,1876,7,360,374,1728,
++	1514,1573,114,2942,2338,2522,1738,1755,1115,470,
++};
++static const char *armeb_syscall_i2s(int v) {
++	return i2s_direct__(armeb_syscall_strings, armeb_syscall_i2s_direct, 0, 379, v);
++}
+diff --git a/lib/errtabs.h b/lib/errtabs.h
+new file mode 100644
+index 0000000..53deac2
+--- /dev/null
++++ b/lib/errtabs.h
+@@ -0,0 +1,78 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char err_strings[] = "E2BIG\0EACCES\0EADDRINUSE\0EADDRNOTAVAIL\0EADV\0EAFNOSUPPORT\0EAGAIN\0EALREADY\0EBADE\0EBADF\0"
++	"EBADFD\0EBADMSG\0EBADR\0EBADRQC\0EBADSLT\0EBFONT\0EBUSY\0ECANCELED\0ECHILD\0ECHRNG\0"
++	"ECOMM\0ECONNABORTED\0ECONNREFUSED\0ECONNRESET\0EDEADLK\0EDEADLOCK\0EDESTADDRREQ\0EDOM\0EDOTDOT\0EDQUOT\0"
++	"EEXIST\0EFAULT\0EFBIG\0EHOSTDOWN\0EHOSTUNREACH\0EIDRM\0EILSEQ\0EINPROGRESS\0EINTR\0EINVAL\0"
++	"EIO\0EISCONN\0EISDIR\0EISNAM\0EKEYEXPIRED\0EKEYREJECTED\0EKEYREVOKED\0EL2HLT\0EL2NSYNC\0EL3HLT\0"
++	"EL3RST\0ELIBACC\0ELIBBAD\0ELIBEXEC\0ELIBMAX\0ELIBSCN\0ELNRNG\0ELOOP\0EMEDIUMTYPE\0EMFILE\0"
++	"EMLINK\0EMSGSIZE\0EMULTIHOP\0ENAMETOOLONG\0ENAVAIL\0ENETDOWN\0ENETRESET\0ENETUNREACH\0ENFILE\0ENOANO\0"
++	"ENOBUFS\0ENOCSI\0ENODATA\0ENODEV\0ENOENT\0ENOEXEC\0ENOKEY\0ENOLCK\0ENOLINK\0ENOMEDIUM\0"
++	"ENOMEM\0ENOMSG\0ENONET\0ENOPKG\0ENOPROTOOPT\0ENOSPC\0ENOSR\0ENOSTR\0ENOSYS\0ENOTBLK\0"
++	"ENOTCONN\0ENOTDIR\0ENOTEMPTY\0ENOTNAM\0ENOTRECOVERABLE\0ENOTSOCK\0ENOTTY\0ENOTUNIQ\0ENXIO\0EOPNOTSUPP\0"
++	"EOVERFLOW\0EOWNERDEAD\0EPERM\0EPFNOSUPPORT\0EPIPE\0EPROTO\0EPROTONOSUPPORT\0EPROTOTYPE\0ERANGE\0EREMCHG\0"
++	"EREMOTE\0EREMOTEIO\0ERESTART\0EROFS\0ESHUTDOWN\0ESOCKTNOSUPPORT\0ESPIPE\0ESRCH\0ESRMNT\0ESTALE\0"
++	"ESTRPIPE\0ETIME\0ETIMEDOUT\0ETOOMANYREFS\0ETXTBSY\0EUCLEAN\0EUNATCH\0EUSERS\0EWOULDBLOCK\0EXDEV\0"
++	"EXFULL";
++static const unsigned err_s2i_s[] = {
++	0,6,13,24,38,43,56,63,72,78,
++	84,91,99,105,113,121,128,134,144,151,
++	158,164,177,190,201,209,219,232,237,245,
++	252,259,266,272,282,295,301,308,320,326,
++	333,337,345,352,359,371,384,396,403,412,
++	419,426,434,442,451,459,467,474,480,492,
++	499,506,515,525,538,546,555,565,577,584,
++	591,599,606,614,621,628,636,643,650,658,
++	668,675,682,689,696,708,715,721,728,735,
++	743,752,760,770,778,794,803,810,819,825,
++	836,846,857,863,876,882,889,905,916,923,
++	931,939,949,958,964,974,990,997,1003,1010,
++	1017,1026,1032,1042,1055,1063,1071,1079,1086,1098,
++	1104,
++};
++static const int err_s2i_i[] = {
++	7,13,98,99,68,97,11,114,52,9,
++	77,74,53,56,57,59,16,125,10,44,
++	70,103,111,104,35,35,89,33,73,122,
++	17,14,27,112,113,43,84,115,4,22,
++	5,106,21,120,127,129,128,51,45,46,
++	47,79,80,83,82,81,48,40,124,24,
++	31,90,72,36,119,100,102,101,23,55,
++	105,50,61,19,2,8,126,37,67,123,
++	12,42,64,65,92,28,63,60,38,15,
++	107,20,39,118,131,88,25,76,6,95,
++	75,130,1,96,32,71,93,91,34,78,
++	66,121,85,30,108,94,29,3,69,116,
++	86,62,110,109,26,117,49,87,11,18,
++	54,
++};
++static int err_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISLOWER(c) ? c - 'a' + 'A' : c;
++	}
++	copy[i] = 0;
++	return s2i__(err_strings, err_s2i_s, err_s2i_i, 131, copy, value);
++	}
++}
++static const unsigned err_i2s_direct[] = {
++	857,621,997,320,333,819,0,628,78,144,
++	56,668,6,259,735,128,252,1098,614,752,
++	345,326,577,492,803,1055,266,708,990,958,
++	499,876,232,916,201,525,643,728,760,474,
++	-1u,675,295,151,403,412,419,467,1071,599,
++	396,72,99,1104,584,105,113,-1u,121,721,
++	606,1026,715,682,689,931,650,38,1003,158,
++	882,515,237,91,836,810,84,923,426,434,
++	459,451,442,301,949,1017,1079,794,219,506,
++	905,696,889,974,825,863,43,13,24,546,
++	565,555,164,190,591,337,743,964,1042,1032,
++	177,272,282,63,308,1010,1063,770,538,352,
++	939,245,658,480,134,636,359,384,371,846,
++	778,
++};
++static const char *err_i2s(int v) {
++	return i2s_direct__(err_strings, err_i2s_direct, 1, 131, v);
++}
+diff --git a/lib/fieldtabs.h b/lib/fieldtabs.h
+new file mode 100644
+index 0000000..fb50e08
+--- /dev/null
++++ b/lib/fieldtabs.h
+@@ -0,0 +1,49 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char field_strings[] = "a0\0a1\0a2\0a3\0arch\0auid\0devmajor\0devminor\0dir\0egid\0"
++	"euid\0exit\0field_compare\0filetype\0fsgid\0fsuid\0gid\0inode\0key\0loginuid\0"
++	"msgtype\0obj_gid\0obj_lev_high\0obj_lev_low\0obj_role\0obj_type\0obj_uid\0obj_user\0path\0perm\0"
++	"pers\0pid\0ppid\0sgid\0subj_clr\0subj_role\0subj_sen\0subj_type\0subj_user\0success\0"
++	"suid\0uid";
++static const unsigned field_s2i_s[] = {
++	0,3,6,9,12,17,22,31,40,44,
++	49,54,59,73,82,88,94,98,104,108,
++	117,125,133,146,158,167,176,184,193,198,
++	203,208,212,217,222,231,241,250,260,270,
++	278,283,
++};
++static const int field_s2i_i[] = {
++	200,201,202,203,11,9,100,101,107,6,
++	2,103,111,108,8,4,5,102,210,9,
++	12,110,23,22,20,21,109,19,105,106,
++	10,0,18,7,17,14,16,15,13,104,
++	3,1,
++};
++static int field_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(field_strings, field_s2i_s, field_s2i_i, 42, copy, value);
++	}
++}
++static const int field_i2s_i[] = {
++	0,1,2,3,4,5,6,7,8,9,
++	10,11,12,13,14,15,16,17,18,19,
++	20,21,22,23,100,101,102,103,104,105,
++	106,107,108,109,110,111,200,201,202,203,
++	210,
++};
++static const unsigned field_i2s_s[] = {
++	208,283,49,278,88,94,44,217,82,17,
++	203,12,117,260,231,250,241,222,212,184,
++	158,167,146,133,22,31,98,54,270,193,
++	198,40,73,176,125,59,0,3,6,9,
++	104,
++};
++static const char *field_i2s(int v) {
++	return i2s_bsearch__(field_strings, field_i2s_i, field_i2s_s, 41, v);
++}
+diff --git a/lib/flagtabs.h b/lib/flagtabs.h
+new file mode 100644
+index 0000000..e191db3
+--- /dev/null
++++ b/lib/flagtabs.h
+@@ -0,0 +1,26 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char flag_strings[] = "entry\0exclude\0exit\0task\0user";
++static const unsigned flag_s2i_s[] = {
++	0,6,14,19,24,
++};
++static const int flag_s2i_i[] = {
++	2,5,4,1,0,
++};
++static int flag_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(flag_strings, flag_s2i_s, flag_s2i_i, 5, copy, value);
++	}
++}
++static const unsigned flag_i2s_direct[] = {
++	24,19,0,-1u,14,6,
++};
++static const char *flag_i2s(int v) {
++	return i2s_direct__(flag_strings, flag_i2s_direct, 0, 5, v);
++}
+diff --git a/lib/ftypetabs.h b/lib/ftypetabs.h
+new file mode 100644
+index 0000000..04aaa46
+--- /dev/null
++++ b/lib/ftypetabs.h
+@@ -0,0 +1,29 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ftype_strings[] = "block\0character\0dir\0fifo\0file\0link\0socket";
++static const unsigned ftype_s2i_s[] = {
++	0,6,16,20,25,30,35,
++};
++static const int ftype_s2i_i[] = {
++	24576,8192,16384,4096,32768,40960,49152,
++};
++static int ftype_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(ftype_strings, ftype_s2i_s, ftype_s2i_i, 7, copy, value);
++	}
++}
++static const int ftype_i2s_i[] = {
++	4096,8192,16384,24576,32768,40960,49152,
++};
++static const unsigned ftype_i2s_s[] = {
++	20,6,16,0,25,30,35,
++};
++static const char *ftype_i2s(int v) {
++	return i2s_bsearch__(ftype_strings, ftype_i2s_i, ftype_i2s_s, 7, v);
++}
+diff --git a/lib/i386_tables.h b/lib/i386_tables.h
+new file mode 100644
+index 0000000..6703ffc
+--- /dev/null
++++ b/lib/i386_tables.h
+@@ -0,0 +1,163 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char i386_syscall_strings[] = "_llseek\0_newselect\0_sysctl\0access\0acct\0add_key\0adjtimex\0afs_syscall\0alarm\0bdflush\0"
++	"break\0brk\0capget\0capset\0chdir\0chmod\0chown\0chown32\0chroot\0clock_adjtime\0"
++	"clock_getres\0clock_gettime\0clock_nanosleep\0clock_settime\0clone\0close\0creat\0create_module\0delete_module\0dup\0"
++	"dup2\0dup3\0epoll_create\0epoll_create1\0epoll_ctl\0epoll_pwait\0epoll_wait\0eventfd\0eventfd2\0execve\0"
++	"exit\0exit_group\0faccessat\0fadvise64\0fadvise64_64\0fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0"
++	"fchmodat\0fchown\0fchown32\0fchownat\0fcntl\0fcntl64\0fdatasync\0fgetxattr\0finit_module\0flistxattr\0"
++	"flock\0fork\0fremovexattr\0fsetxattr\0fstat\0fstat64\0fstatat64\0fstatfs\0fstatfs64\0fsync\0"
++	"ftime\0ftruncate\0ftruncate64\0futex\0futimesat\0get_kernel_syms\0get_mempolicy\0get_robust_list\0get_thread_area\0getcpu\0"
++	"getcwd\0getdents\0getdents64\0getegid\0getegid32\0geteuid\0geteuid32\0getgid\0getgid32\0getgroups\0"
++	"getgroups32\0getitimer\0getpgid\0getpgrp\0getpid\0getpmsg\0getppid\0getpriority\0getresgid\0getresgid32\0"
++	"getresuid\0getresuid32\0getrlimit\0getrusage\0getsid\0gettid\0gettimeofday\0getuid\0getuid32\0getxattr\0"
++	"gtty\0idle\0init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0"
++	"io_setup\0io_submit\0ioctl\0ioperm\0iopl\0ioprio_get\0ioprio_set\0ipc\0kcmp\0keyctl\0"
++	"kill\0lchown\0lchown32\0lgetxattr\0link\0linkat\0listxattr\0llistxattr\0lock\0lookup_dcookie\0"
++	"lremovexattr\0lseek\0lsetxattr\0lstat\0lstat64\0madvise\0madvise1\0mbind\0migrate_pages\0mincore\0"
++	"mkdir\0mkdirat\0mknod\0mknodat\0mlock\0mlockall\0mmap\0mmap2\0modify_ldt\0mount\0"
++	"move_pages\0mprotect\0mpx\0mq_getsetattr\0mq_notify\0mq_open\0mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0"
++	"msync\0munlock\0munlockall\0munmap\0name_to_handle_at\0nanosleep\0nfsservctl\0nice\0oldfstat\0oldlstat\0"
++	"oldolduname\0oldstat\0olduname\0open\0open_by_handle_at\0openat\0pause\0perf_event_open\0personality\0pipe\0"
++	"pipe2\0pivot_root\0poll\0ppoll\0prctl\0pread64\0preadv\0prlimit64\0process_vm_readv\0process_vm_writev\0"
++	"prof\0profil\0pselect6\0ptrace\0putpmsg\0pwrite64\0pwritev\0query_module\0quotactl\0read\0"
++	"readahead\0readdir\0readlink\0readlinkat\0readv\0reboot\0recvmmsg\0remap_file_pages\0removexattr\0rename\0"
++	"renameat\0request_key\0restart_syscall\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0"
++	"rt_sigtimedwait\0rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0"
++	"sched_setscheduler\0sched_yield\0select\0sendfile\0sendfile64\0sendmmsg\0set_mempolicy\0set_robust_list\0set_thread_area\0set_tid_address\0"
++	"setdomainname\0setfsgid\0setfsgid32\0setfsuid\0setfsuid32\0setgid\0setgid32\0setgroups\0setgroups32\0sethostname\0"
++	"setitimer\0setns\0setpgid\0setpriority\0setregid\0setregid32\0setresgid\0setresgid32\0setresuid\0setresuid32\0"
++	"setreuid\0setreuid32\0setrlimit\0setsid\0settimeofday\0setuid\0setuid32\0setxattr\0sgetmask\0sigaction\0"
++	"sigaltstack\0signal\0signalfd\0signalfd4\0sigpending\0sigprocmask\0sigreturn\0sigsuspend\0socketcall\0splice\0"
++	"ssetmask\0stat\0stat64\0statfs\0statfs64\0stime\0stty\0swapoff\0swapon\0symlink\0"
++	"symlinkat\0sync\0sync_file_range\0syncfs\0sys_kexec_load\0sysfs\0sysinfo\0syslog\0tee\0tgkill\0"
++	"time\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd\0timerfd_gettime\0timerfd_settime\0times\0"
++	"tkill\0truncate\0truncate64\0ugetrlimit\0ulimit\0umask\0umount\0umount2\0uname\0unlink\0"
++	"unlinkat\0unshare\0uselib\0ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0vm86\0"
++	"vm86old\0vmsplice\0vserver\0wait4\0waitid\0waitpid\0write\0writev";
++static const unsigned i386_syscall_s2i_s[] = {
++	0,8,19,27,34,39,47,56,68,74,
++	82,88,92,99,106,112,118,124,132,139,
++	153,166,180,196,210,216,222,228,242,256,
++	260,265,270,283,297,307,319,330,338,347,
++	354,359,370,380,390,403,413,427,441,448,
++	455,464,471,480,489,495,503,513,523,536,
++	547,553,558,571,581,587,595,605,613,623,
++	629,635,645,657,663,673,689,703,719,735,
++	742,749,758,769,777,787,795,805,812,821,
++	831,843,853,861,869,876,884,892,904,914,
++	926,936,948,958,968,975,982,995,1002,1011,
++	1020,1025,1030,1042,1060,1073,1087,1104,1114,1125,
++	1138,1147,1157,1163,1170,1175,1186,1197,1201,1206,
++	1213,1218,1225,1234,1244,1249,1256,1266,1277,1282,
++	1297,1310,1316,1326,1332,1340,1348,1357,1363,1377,
++	1385,1391,1399,1405,1413,1419,1428,1433,1439,1450,
++	1456,1467,1476,1480,1494,1504,1512,1528,1541,1551,
++	1558,1564,1572,1583,1590,1608,1618,1629,1634,1643,
++	1652,1664,1672,1681,1686,1704,1711,1717,1733,1745,
++	1750,1756,1767,1772,1778,1784,1792,1799,1809,1826,
++	1844,1849,1856,1865,1872,1880,1889,1897,1910,1919,
++	1924,1934,1942,1951,1962,1968,1975,1984,2001,2013,
++	2020,2029,2041,2057,2063,2076,2090,2105,2121,2134,
++	2148,2164,2182,2205,2228,2246,2261,2280,2302,2320,
++	2335,2354,2366,2373,2382,2393,2402,2416,2432,2448,
++	2464,2478,2487,2498,2507,2518,2525,2534,2544,2556,
++	2568,2578,2584,2592,2604,2613,2624,2634,2646,2656,
++	2668,2677,2688,2698,2705,2718,2725,2734,2743,2752,
++	2762,2774,2781,2790,2800,2811,2823,2833,2844,2855,
++	2862,2871,2876,2883,2890,2899,2905,2910,2918,2925,
++	2933,2943,2948,2964,2971,2986,2992,3000,3007,3011,
++	3018,3023,3036,3049,3066,3080,3094,3102,3118,3134,
++	3140,3146,3155,3166,3177,3184,3190,3197,3205,3211,
++	3218,3227,3235,3242,3248,3254,3264,3271,3277,3285,
++	3290,3298,3307,3315,3321,3328,3336,3342,
++};
++static const int i386_syscall_s2i_i[] = {
++	140,142,149,33,51,286,124,137,27,134,
++	17,45,184,185,12,15,182,212,61,343,
++	266,265,267,264,120,6,8,127,129,41,
++	63,330,254,329,255,319,256,323,328,11,
++	1,252,307,250,272,324,338,339,133,94,
++	306,95,207,298,55,221,148,231,350,234,
++	143,2,237,228,108,197,300,100,269,118,
++	35,93,194,240,299,130,275,312,244,318,
++	183,141,220,50,202,49,201,47,200,80,
++	205,105,132,65,20,188,64,96,171,211,
++	165,209,76,77,147,224,78,24,199,229,
++	32,112,128,292,291,332,293,249,246,247,
++	245,248,54,101,110,290,289,117,349,288,
++	37,16,198,230,9,303,232,233,53,253,
++	236,19,227,107,196,219,219,274,294,218,
++	39,296,14,297,150,152,90,192,123,21,
++	317,125,56,282,281,277,280,279,278,163,
++	144,151,153,91,341,162,169,34,28,84,
++	59,18,109,5,342,295,29,336,136,42,
++	331,217,168,309,172,180,333,340,347,348,
++	44,98,308,26,189,181,334,167,131,3,
++	225,89,85,305,145,88,337,257,235,38,
++	302,287,0,40,174,176,175,178,173,179,
++	177,335,159,160,242,155,157,161,241,154,
++	156,158,82,187,239,345,276,311,243,258,
++	121,139,216,138,215,46,214,81,206,74,
++	104,346,57,97,71,204,170,210,164,208,
++	70,203,75,66,79,23,213,226,68,67,
++	186,48,321,327,73,126,119,72,102,313,
++	69,106,195,99,268,25,31,115,87,83,
++	304,36,314,344,283,135,116,103,315,270,
++	13,259,263,262,261,260,322,326,325,43,
++	238,92,193,191,58,60,22,52,122,10,
++	301,310,86,62,30,320,271,190,111,166,
++	113,316,273,114,284,7,4,146,
++};
++static int i386_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(i386_syscall_strings, i386_syscall_s2i_s, i386_syscall_s2i_i, 348, copy, value);
++	}
++}
++static const unsigned i386_syscall_i2s_direct[] = {
++	2041,354,553,1919,3336,1681,216,3328,222,1244,
++	3211,347,106,3018,1399,112,1218,82,1664,1310,
++	869,1450,3190,2718,995,2899,1865,68,1634,1711,
++	3248,2905,1020,27,1629,629,2943,1213,2013,1385,
++	2057,256,1745,3134,1844,88,2518,805,2774,787,
++	769,34,3197,1277,1157,489,1476,2584,3177,1652,
++	3184,132,3242,260,884,861,2698,2752,2743,2862,
++	2668,2604,2833,2800,2556,2688,948,958,982,2705,
++	821,2534,2366,2925,1643,1942,3235,2918,1968,1934,
++	1428,1583,3146,635,448,464,892,2592,1849,2883,
++	605,1163,2844,3000,2568,843,2871,1326,581,1672,
++	1170,3277,1025,3290,3315,2910,2992,1197,623,2823,
++	210,2464,3205,1439,47,1467,2811,228,1030,242,
++	673,1910,853,441,74,2986,1733,56,2498,2478,
++	0,749,8,547,1558,1962,3342,968,503,19,
++	1413,1564,1419,1572,2320,2246,2335,2261,2354,2182,
++	2205,2280,1608,1551,2646,926,3285,1897,1767,1618,
++	2624,904,1778,2121,2063,2090,2076,2148,2105,2134,
++	1784,1880,118,742,92,99,2762,2373,876,1872,
++	3271,3166,1433,3155,645,2876,1332,587,1225,1002,
++	812,795,777,2677,2613,831,2544,471,2656,936,
++	2634,914,124,2725,2525,2507,2487,1756,1377,1340,
++	758,495,-1u,-1u,975,1924,2734,1316,571,1011,
++	1234,513,1256,1266,536,2001,1297,558,3140,2382,
++	657,2302,2228,2432,719,1138,1114,1125,1147,1104,
++	380,-1u,359,1282,270,297,319,1984,2448,3023,
++	3080,3066,3049,3036,196,166,153,180,2890,613,
++	3011,3264,390,3307,1357,689,2402,1504,1541,1528,
++	1512,1494,1480,2971,3321,-1u,39,2029,1206,1186,
++	1175,1060,1042,1087,1363,1704,1391,1405,480,663,
++	595,3218,2020,1249,2933,1951,455,370,1856,1772,
++	3227,2416,703,2855,2948,3007,3298,1456,735,307,
++	3254,2781,3094,330,403,3118,3102,2790,338,283,
++	265,1750,1073,1792,1889,2164,1717,1975,413,427,
++	1799,1590,1686,139,2964,2393,2578,1809,1826,1201,
++	523,
++};
++static const char *i386_syscall_i2s(int v) {
++	return i2s_direct__(i386_syscall_strings, i386_syscall_i2s_direct, 0, 350, v);
++}
+diff --git a/lib/ia64_tables.h b/lib/ia64_tables.h
+new file mode 100644
+index 0000000..9e127a0
+--- /dev/null
++++ b/lib/ia64_tables.h
+@@ -0,0 +1,147 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ia64_syscall_strings[] = "_sysctl\0accept\0accept4\0access\0acct\0add_key\0adjtimex\0afs_syscall\0bdflush\0bind\0"
++	"brk\0capget\0capset\0chdir\0chmod\0chown\0chroot\0clock_adjtime\0clock_getres\0clock_gettime\0"
++	"clock_nanosleep\0clock_settime\0clone\0clone2\0close\0connect\0creat\0delete_module\0dup\0dup2\0"
++	"dup3\0epoll_create\0epoll_create1\0epoll_ctl\0epoll_pwait\0epoll_wait\0eventfd\0eventfd2\0execve\0exit\0"
++	"exit_group\0faccessat\0fadvise64\0fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0"
++	"fchownat\0fcntl\0fdatasync\0fgetxattr\0finit_module\0flistxattr\0flock\0fremovexattr\0fsetxattr\0fstat\0"
++	"fstatfs\0fstatfs64\0fsync\0ftruncate\0futex\0futimesat\0get_mempolicy\0get_robust_list\0getcpu\0getcwd\0"
++	"getdents\0getdents64\0getegid\0geteuid\0getgid\0getgroups\0getitimer\0getpeername\0getpgid\0getpid\0"
++	"getpmsg\0getppid\0getpriority\0getresgid\0getresuid\0getrlimit\0getrusage\0getsid\0getsockname\0getsockopt\0"
++	"gettid\0gettimeofday\0getuid\0getunwind\0getxattr\0init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0"
++	"io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0ioctl\0ioprio_get\0ioprio_set\0kexec_load\0keyctl\0"
++	"kill\0lchown\0lgetxattr\0link\0linkat\0listen\0listxattr\0llistxattr\0lookup_dcookie\0lremovexattr\0"
++	"lseek\0lsetxattr\0lstat\0madvise\0mbind\0migrate_pages\0mincore\0mkdir\0mkdirat\0mknod\0"
++	"mknodat\0mlock\0mlockall\0mmap\0mmap2\0mount\0mprotect\0mq_getsetattr\0mq_notify\0mq_open\0"
++	"mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msgctl\0msgget\0msgrcv\0msgsnd\0msync\0munlock\0"
++	"munlockall\0munmap\0name_to_handle_at\0nanosleep\0newfstatat\0nfsservctl\0ni_syscall\0open\0open_by_handle_at\0openat\0"
++	"pciconfig_read\0pciconfig_write\0perfmonctl\0personality\0pipe\0pipe2\0pivot_root\0poll\0ppoll\0prctl\0"
++	"pread64\0preadv\0prlimit64\0process_vm_readv\0process_vm_writev\0pselect\0ptrace\0putpmsg\0pwrite64\0pwritev\0"
++	"quotactl\0read\0readahead\0readlink\0readlinkat\0readv\0reboot\0recv\0recvfrom\0recvmmsg\0"
++	"recvmsg\0remap_file_pages\0removexattr\0rename\0renameat\0request_key\0restart_syscall\0rmdir\0rt_sigaction\0rt_sigpending\0"
++	"rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0"
++	"sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0sched_yield\0select\0semctl\0semget\0semop\0"
++	"semtimedop\0send\0sendfile\0sendmmsg\0sendmsg\0sendto\0set_mempolicy\0set_robust_list\0set_tid_address\0set_zone_reclaim\0"
++	"setdomainname\0setfsgid\0setfsuid\0setgid\0setgroups\0sethostname\0setitimer\0setns\0setpgid\0setpriority\0"
++	"setregid\0setresgid\0setresuid\0setreuid\0setrlimit\0setsid\0setsockopt\0settimeofday\0setuid\0setxattr\0"
++	"shmat\0shmctl\0shmdt\0shmget\0shutdown\0sigaltstack\0signalfd\0signalfd4\0socket\0socketpair\0"
++	"splice\0stat\0statfs\0statfs64\0swapoff\0swapon\0symlink\0symlinkat\0sync\0sync_file_range\0"
++	"syncfs\0sysfs\0sysinfo\0syslog\0tee\0tgkill\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0"
++	"timer_settime\0timerfd\0timerfd_create\0timerfd_gettime\0timerfd_settime\0times\0tkill\0truncate\0tux\0umask\0"
++	"umount\0uname\0unlink\0unlinkat\0unshare\0uselib\0ustat\0utimensat\0utimes\0vhangup\0"
++	"vmsplice\0vserver\0wait4\0waitid\0write\0writev";
++static const unsigned ia64_syscall_s2i_s[] = {
++	0,8,15,23,30,35,43,52,64,72,
++	77,81,88,95,101,107,113,120,134,147,
++	161,177,191,197,204,210,218,224,238,242,
++	247,252,265,279,289,301,312,320,329,336,
++	341,352,362,372,382,396,410,417,424,433,
++	440,449,455,465,475,488,499,505,518,528,
++	534,542,552,558,568,574,584,598,614,621,
++	628,637,648,656,664,671,681,691,703,711,
++	718,726,734,746,756,766,776,786,793,805,
++	816,823,836,843,853,862,874,892,905,919,
++	936,946,957,970,979,989,995,1006,1017,1028,
++	1035,1040,1047,1057,1062,1069,1076,1086,1097,1112,
++	1125,1131,1141,1147,1155,1161,1175,1183,1189,1197,
++	1203,1211,1217,1226,1231,1237,1243,1252,1266,1276,
++	1284,1300,1313,1323,1330,1337,1344,1351,1358,1364,
++	1372,1383,1390,1408,1418,1429,1440,1451,1456,1474,
++	1481,1496,1512,1523,1535,1540,1546,1557,1562,1568,
++	1574,1582,1589,1599,1616,1634,1642,1649,1657,1666,
++	1674,1683,1688,1698,1707,1718,1724,1731,1736,1745,
++	1754,1762,1779,1791,1798,1807,1819,1835,1841,1854,
++	1868,1883,1899,1912,1926,1942,1960,1983,2006,2024,
++	2039,2058,2080,2098,2113,2132,2144,2151,2158,2165,
++	2171,2182,2187,2196,2205,2213,2220,2234,2250,2266,
++	2283,2297,2306,2315,2322,2332,2344,2354,2360,2368,
++	2380,2389,2399,2409,2418,2428,2435,2446,2459,2466,
++	2475,2481,2488,2494,2501,2510,2522,2531,2541,2548,
++	2559,2566,2571,2578,2587,2595,2602,2610,2620,2625,
++	2641,2648,2654,2662,2669,2673,2680,2693,2706,2723,
++	2737,2751,2759,2774,2790,2806,2812,2818,2827,2831,
++	2837,2844,2850,2857,2866,2874,2881,2887,2897,2904,
++	2912,2921,2929,2935,2942,2948,
++};
++static const int ia64_syscall_s2i_i[] = {
++	1150,1194,1334,1049,1064,1271,1131,1141,1138,1191,
++	1060,1185,1186,1034,1038,1039,1068,1328,1255,1254,
++	1256,1253,1128,1213,1029,1192,1030,1134,1057,1070,
++	1316,1243,1315,1244,1305,1245,1309,1314,1033,1025,
++	1236,1293,1234,1303,1323,1324,1035,1099,1292,1100,
++	1284,1066,1052,1222,1335,1225,1145,1228,1219,1212,
++	1104,1257,1051,1098,1230,1285,1260,1299,1304,1184,
++	1144,1214,1063,1047,1062,1077,1119,1196,1079,1041,
++	1188,1042,1101,1075,1073,1085,1086,1082,1195,1204,
++	1105,1087,1046,1215,1220,1133,1278,1277,1318,1279,
++	1242,1239,1240,1238,1241,1065,1275,1274,1268,1273,
++	1053,1124,1221,1031,1289,1193,1223,1224,1237,1227,
++	1040,1218,1211,1209,1259,1280,1208,1055,1282,1037,
++	1283,1153,1154,1151,1172,1043,1155,1267,1266,1262,
++	1265,1264,1263,1156,1112,1109,1111,1110,1157,1158,
++	1159,1152,1326,1168,1286,1169,1024,1028,1327,1281,
++	1173,1174,1175,1140,1058,1317,1207,1090,1295,1170,
++	1148,1319,1325,1332,1333,1294,1048,1189,1149,1320,
++	1137,1026,1216,1092,1291,1146,1096,1200,1201,1322,
++	1206,1125,1226,1054,1288,1272,1246,1056,1177,1178,
++	1179,1180,1181,1182,1183,1321,1165,1166,1232,1160,
++	1162,1167,1231,1161,1163,1164,1089,1108,1106,1107,
++	1247,1198,1187,1331,1205,1199,1261,1298,1233,1276,
++	1129,1143,1142,1061,1078,1083,1118,1330,1080,1102,
++	1072,1076,1074,1071,1084,1081,1203,1088,1045,1217,
++	1114,1116,1115,1113,1202,1176,1307,1313,1190,1197,
++	1297,1210,1103,1258,1095,1094,1091,1290,1050,1300,
++	1329,1139,1127,1117,1301,1235,1248,1252,1251,1250,
++	1249,1308,1310,1312,1311,1059,1229,1097,1120,1067,
++	1044,1130,1032,1287,1296,1093,1069,1306,1036,1123,
++	1302,1269,1126,1270,1027,1147,
++};
++static int ia64_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(ia64_syscall_strings, ia64_syscall_s2i_s, ia64_syscall_s2i_i, 306, copy, value);
++	}
++}
++static const unsigned ia64_syscall_i2s_direct[] = {
++	1440,336,1683,2942,1451,204,218,1057,2850,329,
++	95,410,2897,1197,101,107,1125,711,726,1237,
++	2837,2459,836,656,1642,23,2620,552,455,1035,
++	1791,1183,1835,238,1535,2806,77,2315,664,648,
++	30,989,449,2831,113,2881,242,2409,2380,756,
++	2399,746,2389,671,2322,703,2360,2428,786,2332,
++	2418,766,776,823,2446,2144,1557,2602,1698,2874,
++	2595,2587,1724,2818,558,417,433,734,2368,2571,
++	534,816,2158,2165,2151,1337,1351,1344,1330,2494,
++	2475,2488,2481,2662,2344,681,2827,-1u,-1u,2904,
++	1040,1762,2929,2654,191,2283,2844,43,-1u,862,
++	224,-1u,-1u,1674,64,2648,1523,52,2306,2297,
++	628,499,1718,2948,1574,1657,0,1226,1383,1211,
++	1217,1243,1323,1358,1364,1372,2024,2098,2039,2113,
++	2132,1960,1983,2058,1408,1429,1568,-1u,1231,1481,
++	1496,1512,2510,1841,1854,1868,1883,1899,1912,1926,
++	621,81,88,2187,718,1649,2541,72,210,1069,
++	8,793,691,2548,2182,2213,1731,1736,2501,2435,
++	805,2205,1754,1546,1175,1147,2566,1141,528,197,
++	637,843,1688,2466,1131,518,853,1047,465,1076,
++	1086,488,1779,1112,505,2812,568,2080,2006,2250,
++	362,2673,341,1097,970,946,957,979,936,252,
++	279,301,1819,2171,2680,2737,2723,2706,2693,177,
++	147,134,161,542,2578,1155,584,2220,1276,1313,
++	1300,1284,1266,1252,1017,2921,2935,35,1807,1028,
++	1006,995,2266,892,874,919,1161,1474,1189,1203,
++	440,574,1418,2857,1798,1062,2610,1707,424,352,
++	1634,1562,2866,2559,2234,598,2625,2669,2912,372,
++	614,289,2887,2522,2751,312,2759,2790,2774,2531,
++	320,265,247,1540,905,1582,1666,1942,1745,382,
++	396,1589,1390,1456,120,2641,2354,2196,1599,1616,
++	15,475,
++};
++static const char *ia64_syscall_i2s(int v) {
++	return i2s_direct__(ia64_syscall_strings, ia64_syscall_i2s_direct, 1024, 1335, v);
++}
+diff --git a/lib/machinetabs.h b/lib/machinetabs.h
+new file mode 100644
+index 0000000..ec2d033
+--- /dev/null
++++ b/lib/machinetabs.h
+@@ -0,0 +1,26 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char machine_strings[] = "i386\0i486\0i586\0i686\0ia64\0ppc\0ppc64\0s390\0s390x\0x86_64";
++static const unsigned machine_s2i_s[] = {
++	0,5,10,15,20,25,29,35,40,46,
++};
++static const int machine_s2i_i[] = {
++	0,0,0,0,2,4,3,6,5,1,
++};
++static int machine_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(machine_strings, machine_s2i_s, machine_s2i_i, 10, copy, value);
++	}
++}
++static const unsigned machine_i2s_direct[] = {
++	0,46,20,29,25,40,35,
++};
++static const char *machine_i2s(int v) {
++	return i2s_direct__(machine_strings, machine_i2s_direct, 0, 6, v);
++}
+diff --git a/lib/msg_typetabs.h b/lib/msg_typetabs.h
+new file mode 100644
+index 0000000..770ec21
+--- /dev/null
++++ b/lib/msg_typetabs.h
+@@ -0,0 +1,104 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char msg_type_strings[] = "ADD_GROUP\0ADD_USER\0ANOM_ABEND\0ANOM_ACCESS_FS\0ANOM_ADD_ACCT\0ANOM_AMTU_FAIL\0ANOM_CRYPTO_FAIL\0ANOM_DEL_ACCT\0ANOM_EXEC\0ANOM_LINK\0"
++	"ANOM_LOGIN_ACCT\0ANOM_LOGIN_FAILURES\0ANOM_LOGIN_LOCATION\0ANOM_LOGIN_SESSIONS\0ANOM_LOGIN_TIME\0ANOM_MAX_DAC\0ANOM_MAX_MAC\0ANOM_MK_EXEC\0ANOM_MOD_ACCT\0ANOM_PROMISCUOUS\0"
++	"ANOM_RBAC_FAIL\0ANOM_RBAC_INTEGRITY_FAIL\0ANOM_ROOT_TRANS\0AVC\0AVC_PATH\0BPRM_FCAPS\0CAPSET\0CHGRP_ID\0CHUSER_ID\0CONFIG_CHANGE\0"
++	"CRED_ACQ\0CRED_DISP\0CRED_REFR\0CRYPTO_FAILURE_USER\0CRYPTO_KEY_USER\0CRYPTO_LOGIN\0CRYPTO_LOGOUT\0CRYPTO_PARAM_CHANGE_USER\0CRYPTO_REPLAY_USER\0CRYPTO_SESSION\0"
++	"CRYPTO_TEST_USER\0CWD\0DAC_CHECK\0DAEMON_ABORT\0DAEMON_ACCEPT\0DAEMON_CLOSE\0DAEMON_CONFIG\0DAEMON_END\0DAEMON_RESUME\0DAEMON_ROTATE\0"
++	"DAEMON_START\0DEL_GROUP\0DEL_USER\0DEV_ALLOC\0DEV_DEALLOC\0EOE\0EXECVE\0FD_PAIR\0FS_RELABEL\0GRP_AUTH\0"
++	"INTEGRITY_DATA\0INTEGRITY_HASH\0INTEGRITY_METADATA\0INTEGRITY_PCR\0INTEGRITY_RULE\0INTEGRITY_STATUS\0IPC\0IPC_SET_PERM\0KERNEL\0KERNEL_OTHER\0"
++	"LABEL_LEVEL_CHANGE\0LABEL_OVERRIDE\0LIST_RULES\0LOGIN\0MAC_CIPSOV4_ADD\0MAC_CIPSOV4_DEL\0MAC_CONFIG_CHANGE\0MAC_IPSEC_ADDSA\0MAC_IPSEC_ADDSPD\0MAC_IPSEC_DELSA\0"
++	"MAC_IPSEC_DELSPD\0MAC_IPSEC_EVENT\0MAC_MAP_ADD\0MAC_MAP_DEL\0MAC_POLICY_LOAD\0MAC_STATUS\0MAC_UNLBL_ALLOW\0MAC_UNLBL_STCADD\0MAC_UNLBL_STCDEL\0MMAP\0"
++	"MQ_GETSETATTR\0MQ_NOTIFY\0MQ_OPEN\0MQ_SENDRECV\0NETFILTER_CFG\0NETFILTER_PKT\0OBJ_PID\0PATH\0RESP_ACCT_LOCK\0RESP_ACCT_LOCK_TIMED\0"
++	"RESP_ACCT_REMOTE\0RESP_ACCT_UNLOCK_TIMED\0RESP_ALERT\0RESP_ANOMALY\0RESP_EXEC\0RESP_HALT\0RESP_KILL_PROC\0RESP_SEBOOL\0RESP_SINGLE\0RESP_TERM_ACCESS\0"
++	"RESP_TERM_LOCK\0ROLE_ASSIGN\0ROLE_MODIFY\0ROLE_REMOVE\0SECCOMP\0SELINUX_ERR\0SERVICE_START\0SERVICE_STOP\0SOCKADDR\0SOCKETCALL\0"
++	"SYSCALL\0SYSTEM_BOOT\0SYSTEM_RUNLEVEL\0SYSTEM_SHUTDOWN\0TEST\0TRUSTED_APP\0TTY\0TTY_GET\0TTY_SET\0USER\0"
++	"USER_ACCT\0USER_AUTH\0USER_AVC\0USER_CHAUTHTOK\0USER_CMD\0USER_END\0USER_ERR\0USER_LABELED_EXPORT\0USER_LOGIN\0USER_LOGOUT\0"
++	"USER_MAC_POLICY_LOAD\0USER_MGMT\0USER_ROLE_CHANGE\0USER_SELINUX_ERR\0USER_START\0USER_TTY\0USER_UNLABELED_EXPORT\0USYS_CONFIG\0VIRT_CONTROL\0VIRT_MACHINE_ID\0"
++	"VIRT_RESOURCE";
++static const unsigned msg_type_s2i_s[] = {
++	0,10,19,30,45,59,74,91,105,115,
++	125,141,161,181,201,217,230,243,256,270,
++	287,302,327,343,347,356,367,374,383,393,
++	407,416,426,436,456,472,485,499,524,543,
++	558,575,579,589,602,616,629,643,654,668,
++	682,695,705,714,724,736,740,747,755,766,
++	775,790,805,824,838,853,870,874,887,894,
++	907,926,941,952,958,974,990,1008,1024,1041,
++	1057,1074,1090,1102,1114,1130,1141,1157,1174,1191,
++	1196,1210,1220,1228,1240,1254,1268,1276,1281,1296,
++	1317,1334,1357,1368,1381,1391,1401,1416,1428,1440,
++	1457,1472,1484,1496,1508,1516,1528,1542,1555,1564,
++	1575,1583,1595,1611,1627,1632,1644,1648,1656,1664,
++	1669,1679,1689,1698,1713,1722,1731,1740,1760,1771,
++	1783,1804,1814,1831,1848,1859,1868,1890,1902,1915,
++	1931,
++};
++static const int msg_type_s2i_i[] = {
++	1116,1114,1701,2111,2114,2107,2110,2115,2112,1702,
++	2103,2100,2104,2102,2101,2105,2106,2113,2116,1700,
++	2108,2109,2117,1400,1402,1321,1322,1119,1125,1305,
++	1103,1104,1110,2405,2404,2402,2403,2401,2406,2407,
++	2400,1307,1118,1202,1207,1208,1203,1201,1206,1205,
++	1200,1117,1115,2307,2308,1320,1309,1317,2309,1126,
++	1800,1803,1801,1804,1805,1802,1303,1311,2000,1316,
++	2304,2303,1013,1006,1407,1408,1405,1411,1413,1412,
++	1414,1415,1409,1410,1403,1404,1406,1416,1417,1323,
++	1315,1314,1312,1313,1325,1324,1318,1302,2207,2205,
++	2204,2206,2201,2200,2210,2212,2202,2209,2211,2203,
++	2208,2301,2311,2302,1326,1401,1130,1131,1306,1304,
++	1300,1127,1129,1128,1120,1121,1319,1016,1017,1005,
++	1101,1100,1107,1108,1123,1106,1109,2305,1112,1113,
++	2310,1102,2300,1122,1105,1124,2306,1111,2500,2502,
++	2501,
++};
++static int msg_type_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISLOWER(c) ? c - 'a' + 'A' : c;
++	}
++	copy[i] = 0;
++	return s2i__(msg_type_strings, msg_type_s2i_s, msg_type_s2i_i, 151, copy, value);
++	}
++}
++static const int msg_type_i2s_i[] = {
++	1005,1006,1013,1016,1017,1100,1101,1102,1103,1104,
++	1105,1106,1107,1108,1109,1110,1111,1112,1113,1114,
++	1115,1116,1117,1118,1119,1120,1121,1122,1123,1124,
++	1125,1126,1127,1128,1129,1130,1131,1200,1201,1202,
++	1203,1205,1206,1207,1208,1300,1302,1303,1304,1305,
++	1306,1307,1309,1311,1312,1313,1314,1315,1316,1317,
++	1318,1319,1320,1321,1322,1323,1324,1325,1326,1400,
++	1401,1402,1403,1404,1405,1406,1407,1408,1409,1410,
++	1411,1412,1413,1414,1415,1416,1417,1700,1701,1702,
++	1800,1801,1802,1803,1804,1805,2000,2100,2101,2102,
++	2103,2104,2105,2106,2107,2108,2109,2110,2111,2112,
++	2113,2114,2115,2116,2117,2200,2201,2202,2203,2204,
++	2205,2206,2207,2208,2209,2210,2211,2212,2300,2301,
++	2302,2303,2304,2305,2306,2307,2308,2309,2310,2311,
++	2400,2401,2402,2403,2404,2405,2406,2407,2500,2501,
++	2502,
++};
++static const unsigned msg_type_i2s_s[] = {
++	1664,952,941,1648,1656,1679,1669,1804,407,416,
++	1848,1722,1689,1698,1731,426,1890,1760,1771,10,
++	705,0,695,579,374,1627,1632,1831,1713,1859,
++	383,766,1583,1611,1595,1528,1542,682,643,589,
++	629,668,654,602,616,1575,1276,870,1564,393,
++	1555,575,740,874,1220,1228,1210,1196,894,747,
++	1268,1644,736,356,367,1191,1254,1240,1508,343,
++	1516,347,1114,1130,990,1141,958,974,1090,1102,
++	1008,1041,1024,1057,1074,1157,1174,270,19,115,
++	775,805,853,790,824,838,887,141,201,181,
++	125,161,217,230,59,287,302,74,30,105,
++	243,45,91,256,327,1368,1357,1401,1440,1317,
++	1296,1334,1281,1457,1416,1381,1428,1391,1814,1472,
++	1496,926,907,1740,1868,714,724,755,1783,1484,
++	558,499,472,485,456,436,524,543,1902,1931,
++	1915,
++};
++static const char *msg_type_i2s(int v) {
++	return i2s_bsearch__(msg_type_strings, msg_type_i2s_i, msg_type_i2s_s, 151, v);
++}
+diff --git a/lib/optabs.h b/lib/optabs.h
+new file mode 100644
+index 0000000..d79b665
+--- /dev/null
++++ b/lib/optabs.h
+@@ -0,0 +1,11 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char op_strings[] = "!=\0&\0&=\0<\0<=\0=\0>\0>=";
++static const int op_i2s_i[] = {
++	134217728,268435456,536870912,805306368,1073741824,1207959552,1342177280,1610612736,
++};
++static const unsigned op_i2s_s[] = {
++	3,8,15,0,13,5,10,17,
++};
++static const char *op_i2s(int v) {
++	return i2s_bsearch__(op_strings, op_i2s_i, op_i2s_s, 8, v);
++}
+diff --git a/lib/ppc_tables.h b/lib/ppc_tables.h
+new file mode 100644
+index 0000000..778fae3
+--- /dev/null
++++ b/lib/ppc_tables.h
+@@ -0,0 +1,163 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char ppc_syscall_strings[] = "_llseek\0_newselect\0_sysctl\0accept\0accept4\0access\0acct\0add_key\0adjtimex\0afs_syscall\0"
++	"alarm\0bdflush\0bind\0break\0brk\0capget\0capset\0chdir\0chmod\0chown\0"
++	"chroot\0clock_adjtime\0clock_getres\0clock_gettime\0clock_nanosleep\0clock_settime\0clone\0close\0connect\0creat\0"
++	"create_module\0delete_module\0dup\0dup2\0dup3\0epoll_create\0epoll_create1\0epoll_ctl\0epoll_pwait\0epoll_wait\0"
++	"eventfd\0eventfd2\0execve\0exit\0exit_group\0faccessat\0fadvise64\0fadvise64_64\0fallocate\0fanotify_init\0"
++	"fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0fchownat\0fcntl\0fcntl64\0fdatasync\0fgetxattr\0"
++	"finit_module\0flistxattr\0flock\0fork\0fremovexattr\0fsetxattr\0fstat\0fstat64\0fstatat\0fstatfs\0"
++	"fstatfs64\0fsync\0ftime\0ftruncate\0ftruncate64\0futex\0futimesat\0get_kernel_syms\0get_robust_list\0getcpu\0"
++	"getcwd\0getdents\0getdents64\0getegid\0geteuid\0getgid\0getgroups\0getitimer\0getpeername\0getpgid\0"
++	"getpgrp\0getpid\0getpmsg\0getppid\0getpriority\0getresgid\0getresuid\0getrlimit\0getrusage\0getsid\0"
++	"getsockname\0getsockopt\0gettid\0gettimeofday\0getuid\0getxattr\0gtty\0idle\0init_module\0inotify_add_watch\0"
++	"inotify_init\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0ioctl\0ioperm\0"
++	"iopl\0ioprio_get\0ioprio_set\0ipc\0kcmp\0kexec_load\0keyctl\0kill\0lchown\0lgetxattr\0"
++	"link\0linkat\0listen\0listxattr\0llistxattr\0lock\0lookup_dcookie\0lremovexattr\0lseek\0lsetxattr\0"
++	"lstat\0lstat64\0madvise\0mincore\0mkdir\0mkdirat\0mknod\0mknodat\0mlock\0mlockall\0"
++	"mmap\0mmap2\0modify_ldt\0mount\0move_pages\0mprotect\0mpx\0mq_getsetattr\0mq_notify\0mq_open\0"
++	"mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msync\0multiplexer\0munlock\0munlockall\0munmap\0name_to_handle_at\0"
++	"nanosleep\0nfsservctl\0nice\0oldfstat\0oldlstat\0oldolduname\0oldstat\0olduname\0open\0open_by_handle_at\0"
++	"openat\0pause\0pciconfig_iobase\0pciconfig_read\0pciconfig_write\0perf_counter_open\0personality\0pipe\0pipe2\0pivot_root\0"
++	"poll\0ppoll\0prctl\0pread\0preadv\0prlimit64\0process_vm_readv\0process_vm_writev\0prof\0profil\0"
++	"pselect6\0ptrace\0putpmsg\0pwrite\0pwritev\0query_module\0quotactl\0read\0readahead\0readdir\0"
++	"readlink\0readlinkat\0readv\0reboot\0recv\0recvfrom\0recvmmsg\0recvmsg\0remap_file_pages\0removexattr\0"
++	"rename\0renameat\0request_key\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0"
++	"rt_sigtimedwait\0rt_tgsigqueueinfo\0rtas\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0"
++	"sched_setparam\0sched_setscheduler\0sched_yield\0select\0send\0sendfile\0sendfile64\0sendmmsg\0sendmsg\0sendto\0"
++	"set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsuid\0setgid\0setgroups\0sethostname\0setitimer\0setns\0"
++	"setpgid\0setpriority\0setregid\0setresgid\0setresuid\0setreuid\0setrlimit\0setsid\0setsockopt\0settimeofday\0"
++	"setuid\0setxattr\0sgetmask\0shutdown\0sigaction\0sigaltstack\0signal\0signalfd\0signalfd4\0sigpending\0"
++	"sigprocmask\0sigreturn\0sigsuspend\0socket\0socketcall\0socketpair\0splice\0spu_create\0spu_run\0ssetmask\0"
++	"stat\0stat64\0statfs\0statfs64\0stime\0stty\0subpage_prot\0swapcontext\0swapoff\0swapon\0"
++	"symlink\0symlinkat\0sync\0sync_file_range2\0syncfs\0sysfs\0sysinfo\0syslog\0tee\0tgkill\0"
++	"time\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd\0timerfd_gettime\0timerfd_settime\0times\0"
++	"tkill\0truncate\0truncate64\0tuxcall\0ugetrlimit\0ulimit\0umask\0umount\0umount2\0uname\0"
++	"unlink\0unlinkat\0unshare\0uselib\0ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0"
++	"vm86\0vmsplice\0wait4\0waitid\0waitpid\0write\0writev";
++static const unsigned ppc_syscall_s2i_s[] = {
++	0,8,19,27,34,42,49,54,62,71,
++	83,89,97,102,108,112,119,126,132,138,
++	144,151,165,178,192,208,222,228,234,242,
++	248,262,276,280,285,290,303,317,327,339,
++	350,358,367,374,379,390,400,410,423,433,
++	447,461,468,475,484,491,500,506,514,524,
++	534,547,558,564,569,582,592,598,606,614,
++	622,632,638,644,654,666,672,682,698,714,
++	721,728,737,748,756,764,771,781,791,803,
++	811,819,826,834,842,854,864,874,884,894,
++	901,913,924,931,944,951,960,965,970,982,
++	1000,1013,1027,1044,1054,1065,1078,1087,1097,1103,
++	1110,1115,1126,1137,1141,1146,1157,1164,1169,1176,
++	1186,1191,1198,1205,1215,1226,1231,1246,1259,1265,
++	1275,1281,1289,1297,1305,1311,1319,1325,1333,1339,
++	1348,1353,1359,1370,1376,1387,1396,1400,1414,1424,
++	1432,1448,1461,1471,1478,1484,1496,1504,1515,1522,
++	1540,1550,1561,1566,1575,1584,1596,1604,1613,1618,
++	1636,1643,1649,1666,1681,1697,1715,1727,1732,1738,
++	1749,1754,1760,1766,1772,1779,1789,1806,1824,1829,
++	1836,1845,1852,1860,1867,1875,1888,1897,1902,1912,
++	1920,1929,1940,1946,1953,1958,1967,1976,1984,2001,
++	2013,2020,2029,2041,2047,2060,2074,2089,2105,2118,
++	2132,2148,2166,2171,2194,2217,2235,2250,2269,2291,
++	2309,2324,2343,2355,2362,2367,2376,2387,2396,2404,
++	2411,2427,2443,2457,2466,2475,2482,2492,2504,2514,
++	2520,2528,2540,2549,2559,2569,2578,2588,2595,2606,
++	2619,2626,2635,2644,2653,2663,2675,2682,2691,2701,
++	2712,2724,2734,2745,2752,2763,2774,2781,2792,2800,
++	2809,2814,2821,2828,2837,2843,2848,2861,2873,2881,
++	2888,2896,2906,2911,2928,2935,2941,2949,2956,2960,
++	2967,2972,2985,2998,3015,3029,3043,3051,3067,3083,
++	3089,3095,3104,3115,3123,3134,3141,3147,3154,3162,
++	3168,3175,3184,3192,3199,3205,3211,3221,3228,3234,
++	3242,3247,3256,3262,3269,3277,3283,
++};
++static const int ppc_syscall_s2i_i[] = {
++	140,142,149,330,344,33,51,269,124,137,
++	27,134,327,17,45,183,184,12,15,181,
++	61,347,247,246,248,245,120,6,328,8,
++	127,129,41,63,316,236,315,237,303,238,
++	307,314,11,1,234,298,233,254,309,323,
++	324,133,94,297,95,289,55,204,148,214,
++	353,217,143,2,220,211,108,197,291,100,
++	253,118,35,93,194,221,290,130,299,302,
++	182,141,202,50,49,47,80,105,332,132,
++	65,20,187,64,96,170,165,76,77,147,
++	331,340,207,78,24,212,32,112,128,276,
++	275,318,277,231,228,229,227,230,54,101,
++	110,274,273,117,354,268,271,37,16,213,
++	9,294,329,215,216,53,235,219,19,210,
++	107,196,205,206,39,287,14,288,150,152,
++	90,192,123,21,301,125,56,267,266,262,
++	265,264,263,163,144,201,151,153,91,345,
++	162,168,34,28,84,59,18,109,5,346,
++	286,29,200,198,199,319,136,42,317,203,
++	167,281,171,179,320,325,351,352,44,98,
++	280,26,188,180,321,166,131,3,191,89,
++	85,296,145,88,336,337,343,342,239,218,
++	38,293,270,40,173,175,174,177,172,178,
++	176,322,255,159,160,223,155,157,161,222,
++	154,156,158,82,334,186,226,349,341,335,
++	300,232,121,139,138,46,81,74,104,350,
++	57,97,71,169,164,70,75,66,339,79,
++	23,209,68,338,67,185,48,305,313,73,
++	126,119,72,326,102,333,283,279,278,69,
++	106,195,99,252,25,31,310,249,115,87,
++	83,295,36,308,348,135,116,103,284,250,
++	13,240,244,243,242,241,306,312,311,43,
++	208,92,193,225,190,58,60,22,52,122,
++	10,292,282,86,62,30,304,251,189,111,
++	113,285,114,272,7,4,146,
++};
++static int ppc_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(ppc_syscall_strings, ppc_syscall_s2i_s, ppc_syscall_s2i_i, 347, copy, value);
++	}
++}
++static const unsigned ppc_syscall_i2s_direct[] = {
++	374,564,1897,3277,1613,228,3269,242,1186,3168,
++	367,126,2967,1319,132,1169,102,1596,1259,819,
++	1370,3147,2619,944,2837,1845,83,1566,1643,3205,
++	2843,960,42,1561,638,2906,1164,2013,1305,2041,
++	276,1727,3083,1824,108,2475,764,2675,756,748,
++	49,3154,1226,1097,500,1396,2520,3134,1584,3141,
++	144,3199,280,834,811,2588,2653,2635,2800,2569,
++	2540,2734,2701,2492,2578,874,884,931,2606,771,
++	2482,2355,2888,1575,1920,3192,2881,1946,1912,1348,
++	1515,3095,644,468,484,842,2528,1829,2821,614,
++	1103,2752,2949,2504,781,2809,1275,592,1604,1110,
++	3234,965,3242,3256,2873,2941,1137,632,2724,222,
++	2443,3162,1359,62,1387,2712,248,970,262,682,
++	1888,803,461,89,2935,1715,71,2466,2457,0,
++	728,8,558,1478,1940,3283,894,514,19,1333,
++	1496,1339,1504,2309,2235,2324,2250,2343,2171,2194,
++	2269,1540,1471,2559,864,1875,1749,1550,2549,854,
++	1760,2105,2047,2074,2060,2132,2089,2118,1766,1860,
++	138,721,112,119,2663,2367,826,1852,3228,3123,
++	1902,1353,3104,654,2814,1281,598,1666,1681,1649,
++	1484,737,1738,506,1289,1297,924,3089,2626,1265,
++	582,951,1176,524,1205,1215,547,2001,1246,569,
++	666,2291,2217,-1u,3115,2376,1078,1054,1065,1087,
++	1044,2427,400,379,1231,290,317,339,1984,2972,
++	3029,3015,2998,2985,208,178,165,192,2861,2960,
++	3221,2828,622,410,2166,-1u,-1u,-1u,-1u,-1u,
++	-1u,1424,1461,1448,1432,1414,1400,1146,54,2029,
++	1157,3262,1126,1115,1000,982,1027,2792,2781,1836,
++	1754,3184,2774,2956,3247,1636,1311,1325,491,672,
++	606,3175,2020,1191,2896,1929,475,390,698,2411,
++	1376,714,327,3211,2682,3043,350,2911,423,2848,
++	3067,3051,2691,358,303,285,1732,1013,1697,1772,
++	1867,2148,433,447,1779,2745,97,234,1198,27,
++	901,791,2763,2362,2404,1953,1958,2644,2595,913,
++	2396,1976,1967,34,1522,1618,151,2928,2387,2514,
++	1789,1806,534,1141,
++};
++static const char *ppc_syscall_i2s(int v) {
++	return i2s_direct__(ppc_syscall_strings, ppc_syscall_i2s_direct, 1, 354, v);
++}
+diff --git a/lib/s390_tables.h b/lib/s390_tables.h
+new file mode 100644
+index 0000000..218482e
+--- /dev/null
++++ b/lib/s390_tables.h
+@@ -0,0 +1,153 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char s390_syscall_strings[] = "_llseek\0_newselect\0_sysctl\0access\0acct\0add_key\0adjtimex\0afs_syscall\0alarm\0bdflush\0"
++	"brk\0capget\0capset\0chdir\0chmod\0chown\0chown32\0chroot\0clock_adjtime\0clock_getres\0"
++	"clock_gettime\0clock_nanosleep\0clock_settime\0clone\0close\0creat\0create_module\0delete_module\0dup\0dup2\0"
++	"dup3\0epoll_create\0epoll_create1\0epoll_ctl\0epoll_pwait\0epoll_wait\0eventfd\0eventfd2\0execve\0exit\0"
++	"exit_group\0faccessat\0fadvise64\0fadvise64_64\0fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0"
++	"fchown\0fchown32\0fchownat\0fcntl\0fcntl64\0fdatasync\0fgetxattr\0finit_module\0flistxattr\0flock\0"
++	"fork\0fremovexattr\0fsetxattr\0fstat\0fstat64\0fstatat\0fstatfs\0fstatfs64\0fsync\0ftruncate\0"
++	"ftruncate64\0futex\0futimesat\0get_kernel_syms\0get_robust_list\0getcpu\0getcwd\0getdents\0getdents64\0getegid\0"
++	"getegid32\0geteuid\0geteuid32\0getgid\0getgid32\0getgroups\0getgroups32\0getitimer\0getpgid\0getpgrp\0"
++	"getpid\0getpmsg\0getppid\0getpriority\0getresgid\0getresgid32\0getresuid\0getresuid32\0getrlimit\0getrusage\0"
++	"getsid\0gettid\0gettimeofday\0getuid\0getuid32\0getxattr\0idle\0init_module\0inotify_add_watch\0inotify_init\0"
++	"inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0ioctl\0ioperm\0ioprio_get\0"
++	"ioprio_set\0ipc\0kcmp\0kexec_load\0keyctl\0kill\0lchown\0lchown32\0lgetxattr\0link\0"
++	"linkat\0listxattr\0llistxattr\0lremovexattr\0lseek\0lsetxattr\0lstat\0lstat64\0madvise\0mincore\0"
++	"mkdir\0mkdirat\0mknod\0mknodat\0mlock\0mlockall\0mmap\0mmap2\0mount\0mprotect\0"
++	"mq_getsetattr\0mq_notify\0mq_open\0mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msync\0munlock\0munlockall\0"
++	"munmap\0name_to_handle_at\0nanosleep\0nfsservctl\0nice\0open\0open_by_handle_at\0openat\0pause\0perf_event_open\0"
++	"personality\0pipe\0pipe2\0pivot_root\0poll\0ppoll\0prctl\0pread\0preadv\0prlimit64\0"
++	"process_vm_readv\0process_vm_writev\0pselect6\0ptrace\0putpmsg\0pwrite\0pwritev\0query_module\0quotactl\0read\0"
++	"readahead\0readdir\0readlink\0readlinkat\0readv\0reboot\0remap_file_pages\0removexattr\0rename\0renameat\0"
++	"request_key\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0rt_tgsigqueueinfo\0"
++	"s390_runtime_instr\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0"
++	"sched_yield\0sendfile\0sendfile64\0set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsgid32\0setfsuid\0setfsuid32\0"
++	"setgid\0setgid32\0setgroups\0setgroups32\0sethostname\0setitimer\0setns\0setpgid\0setpriority\0setregid\0"
++	"setregid32\0setresgid\0setresgid32\0setresuid\0setresuid32\0setreuid\0setreuid32\0setrlimit\0setsid\0settimeofday\0"
++	"setuid\0setuid32\0setxattr\0sigaction\0sigaltstack\0signal\0signalfd\0signalfd4\0sigpending\0sigprocmask\0"
++	"sigreturn\0sigsuspend\0socketcall\0splice\0stat\0stat64\0statfs\0statfs64\0stime\0swapoff\0"
++	"swapon\0symlink\0symlinkat\0sync\0sync_file_range\0syncfs\0sysfs\0sysinfo\0syslog\0tee\0"
++	"tgkill\0time\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd\0timerfd_create\0timerfd_gettime\0"
++	"timerfd_settime\0times\0tkill\0truncate\0truncate64\0ugetrlimit\0umask\0umount\0umount2\0uname\0"
++	"unlink\0unlinkat\0unshare\0uselib\0ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0"
++	"vmsplice\0wait4\0waitid\0write\0writev";
++static const unsigned s390_syscall_s2i_s[] = {
++	0,8,19,27,34,39,47,56,68,74,
++	82,86,93,100,106,112,118,126,133,147,
++	160,174,190,204,210,216,222,236,250,254,
++	259,264,277,291,301,313,324,332,341,348,
++	353,364,374,384,397,407,421,435,442,449,
++	458,465,474,483,489,497,507,517,530,541,
++	547,552,565,575,581,589,597,605,615,621,
++	631,643,649,659,675,691,698,705,714,725,
++	733,743,751,761,768,777,787,799,809,817,
++	825,832,840,848,860,870,882,892,904,914,
++	924,931,938,951,958,967,976,981,993,1011,
++	1024,1038,1055,1065,1076,1089,1098,1108,1114,1121,
++	1132,1143,1147,1152,1163,1170,1175,1182,1191,1201,
++	1206,1213,1223,1234,1247,1253,1263,1269,1277,1285,
++	1293,1299,1307,1313,1321,1327,1336,1341,1347,1353,
++	1362,1376,1386,1394,1410,1423,1433,1440,1446,1454,
++	1465,1472,1490,1500,1511,1516,1521,1539,1546,1552,
++	1568,1580,1585,1591,1602,1607,1613,1619,1625,1632,
++	1642,1659,1677,1686,1693,1701,1708,1716,1729,1738,
++	1743,1753,1761,1770,1781,1787,1794,1811,1823,1830,
++	1839,1851,1857,1870,1884,1899,1915,1928,1942,1958,
++	1976,1995,2018,2041,2059,2074,2093,2115,2133,2148,
++	2167,2179,2188,2199,2215,2231,2245,2254,2265,2274,
++	2285,2292,2301,2311,2323,2335,2345,2351,2359,2371,
++	2380,2391,2401,2413,2423,2435,2444,2455,2465,2472,
++	2485,2492,2501,2510,2520,2532,2539,2548,2558,2569,
++	2581,2591,2602,2613,2620,2625,2632,2639,2648,2654,
++	2662,2669,2677,2687,2692,2708,2715,2721,2729,2736,
++	2740,2747,2752,2765,2778,2795,2809,2823,2831,2846,
++	2862,2878,2884,2890,2899,2910,2921,2927,2934,2942,
++	2948,2955,2964,2972,2979,2985,2991,3001,3008,3014,
++	3022,3031,3037,3044,3050,
++};
++static const int s390_syscall_s2i_i[] = {
++	140,142,149,33,51,278,124,137,27,134,
++	45,184,185,12,15,182,212,61,337,261,
++	260,262,259,120,6,8,127,129,41,63,
++	326,249,327,250,312,251,318,323,11,1,
++	248,300,253,264,314,332,333,133,94,299,
++	95,207,291,55,221,148,229,344,232,143,
++	2,235,226,108,197,293,100,266,118,93,
++	194,238,292,130,305,311,183,141,220,50,
++	202,49,201,47,200,80,205,105,132,65,
++	20,188,64,96,171,211,165,209,76,77,
++	147,236,78,24,199,227,112,128,285,284,
++	324,286,247,244,245,243,246,54,101,283,
++	282,117,343,277,280,37,16,198,228,9,
++	296,230,231,234,19,225,107,196,219,218,
++	39,289,14,290,150,152,90,192,21,125,
++	276,275,271,274,273,272,163,144,151,153,
++	91,335,162,169,34,5,336,288,29,331,
++	136,42,325,217,168,302,172,180,328,334,
++	340,341,301,26,189,181,329,167,131,3,
++	222,89,85,298,145,88,267,233,38,295,
++	279,40,174,176,175,178,173,179,177,330,
++	342,159,160,240,155,157,161,239,154,156,
++	158,187,223,304,252,121,139,216,138,215,
++	46,214,81,206,74,104,339,57,97,71,
++	204,170,210,164,208,70,203,75,66,79,
++	23,213,224,67,186,48,316,322,73,126,
++	119,72,102,306,106,195,99,265,25,115,
++	87,83,297,36,307,338,135,116,103,308,
++	241,13,254,258,257,256,255,317,319,321,
++	320,43,237,92,193,191,60,22,52,122,
++	10,294,303,86,62,30,315,313,190,111,
++	309,114,281,4,146,
++};
++static int s390_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(s390_syscall_strings, s390_syscall_s2i_s, s390_syscall_s2i_i, 315, copy, value);
++	}
++}
++static const unsigned s390_syscall_i2s_direct[] = {
++	348,547,1738,3044,1516,210,-1u,216,1201,2948,
++	341,100,2747,1307,106,1175,-1u,-1u,1247,825,
++	1347,2927,2485,951,2648,1686,68,-1u,1546,2985,
++	-1u,-1u,27,1511,-1u,2687,1170,1823,1293,1851,
++	250,1580,2878,-1u,82,2285,761,2532,743,725,
++	34,2934,-1u,1108,483,-1u,2351,-1u,-1u,2921,
++	126,2979,254,840,817,2465,2510,-1u,-1u,2435,
++	2371,2591,2558,2323,2455,904,914,938,2472,777,
++	2301,-1u,2669,-1u,1761,2972,2662,1787,1753,1336,
++	1465,2890,621,442,458,848,2359,-1u,2632,597,
++	1114,2602,2729,2335,799,2620,1263,575,-1u,-1u,
++	3014,976,-1u,3031,2654,2721,1143,615,2581,204,
++	2231,2942,-1u,47,1353,2569,222,981,236,659,
++	1729,809,435,74,2715,1568,56,2265,2245,0,
++	705,8,541,1440,1781,3050,924,497,19,1321,
++	1446,1327,1454,2133,2059,2148,2074,2167,1995,2018,
++	2093,1490,1433,2413,882,-1u,1716,1602,1500,2391,
++	860,1613,1915,1857,1884,1870,1942,1899,1928,1619,
++	1701,112,698,86,93,2520,2179,832,1693,3008,
++	2910,1341,2899,631,2625,1269,581,1182,958,768,
++	751,733,2444,2380,787,2311,465,2423,892,2401,
++	870,118,2492,2292,2274,2254,1591,1285,1277,714,
++	489,1743,2188,2501,1253,565,967,1191,507,1213,
++	1223,530,1811,1234,552,931,2884,643,2115,2041,
++	2740,-1u,1089,1065,1076,1098,1055,353,264,291,
++	313,2215,374,2752,2809,2795,2778,2765,190,160,
++	147,174,-1u,384,2639,605,1794,-1u,-1u,-1u,
++	1386,1423,1410,1394,1376,1362,1152,39,1839,1163,
++	3037,1132,1121,1011,993,1038,-1u,1539,1299,1313,
++	474,649,589,2955,1830,1206,2677,1770,449,364,
++	1677,1607,2964,2199,675,2613,2692,2736,3022,-1u,
++	691,301,3001,397,2991,2539,2823,324,2831,2862,
++	2846,2548,332,1024,1585,259,277,1625,1708,1958,
++	1552,407,421,1632,1472,1521,133,2708,2345,1642,
++	1659,1976,1147,517,
++};
++static const char *s390_syscall_i2s(int v) {
++	return i2s_direct__(s390_syscall_strings, s390_syscall_i2s_direct, 1, 344, v);
++}
+diff --git a/lib/s390x_tables.h b/lib/s390x_tables.h
+new file mode 100644
+index 0000000..36099fc
+--- /dev/null
++++ b/lib/s390x_tables.h
+@@ -0,0 +1,144 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char s390x_syscall_strings[] = "_sysctl\0access\0acct\0add_key\0adjtimex\0afs_syscall\0alarm\0bdflush\0brk\0capget\0"
++	"capset\0chdir\0chmod\0chown\0chroot\0clock_adjtime\0clock_getres\0clock_gettime\0clock_nanosleep\0clock_settime\0"
++	"clone\0close\0creat\0create_module\0delete_module\0dup\0dup2\0dup3\0epoll_create\0epoll_create1\0"
++	"epoll_ctl\0epoll_pwait\0epoll_wait\0eventfd\0eventfd2\0execve\0exit\0exit_group\0faccessat\0fadvise64\0"
++	"fallocate\0fanotify_init\0fanotify_mark\0fchdir\0fchmod\0fchmodat\0fchown\0fchownat\0fcntl\0fdatasync\0"
++	"fgetxattr\0finit_module\0flistxattr\0flock\0fork\0fremovexattr\0fsetxattr\0fstat\0fstatfs\0fstatfs64\0"
++	"fsync\0ftruncate\0futex\0futimesat\0get_kernel_syms\0get_robust_list\0getcpu\0getcwd\0getdents\0getegid\0"
++	"geteuid\0getgid\0getgroups\0getitimer\0getpgid\0getpgrp\0getpid\0getpmsg\0getppid\0getpriority\0"
++	"getresgid\0getresuid\0getrlimit\0getrusage\0getsid\0gettid\0gettimeofday\0getuid\0getxattr\0idle\0"
++	"init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0"
++	"ioctl\0ioprio_get\0ioprio_set\0ipc\0kcmp\0kexec_load\0keyctl\0kill\0lchown\0lgetxattr\0"
++	"link\0linkat\0listxattr\0llistxattr\0lremovexattr\0lseek\0lsetxattr\0lstat\0madvise\0mincore\0"
++	"mkdir\0mkdirat\0mknod\0mknodat\0mlock\0mlockall\0mmap\0mount\0mprotect\0mq_getsetattr\0"
++	"mq_notify\0mq_open\0mq_timedreceive\0mq_timedsend\0mq_unlink\0mremap\0msync\0munlock\0munlockall\0munmap\0"
++	"name_to_handle_at\0nanosleep\0newfstatat\0nfsservctl\0nice\0open\0open_by_handle_at\0openat\0pause\0perf_event_open\0"
++	"personality\0pipe\0pipe2\0pivot_root\0poll\0ppoll\0prctl\0pread\0preadv\0prlimit64\0"
++	"process_vm_readv\0process_vm_writev\0pselect6\0ptrace\0putpmsg\0pwrite\0pwritev\0query_module\0quotactl\0read\0"
++	"readahead\0readdir\0readlink\0readlinkat\0readv\0reboot\0remap_file_pages\0removexattr\0rename\0renameat\0"
++	"request_key\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0rt_sigsuspend\0rt_sigtimedwait\0rt_tgsigqueueinfo\0"
++	"s390_runtime_instr\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0sched_setparam\0sched_setscheduler\0"
++	"sched_yield\0select\0sendfile\0set_robust_list\0set_tid_address\0setdomainname\0setfsgid\0setfsuid\0setgid\0setgroups\0"
++	"sethostname\0setitimer\0setns\0setpgid\0setpriority\0setregid\0setresgid\0setresuid\0setreuid\0setrlimit\0"
++	"setsid\0settimeofday\0setuid\0setxattr\0sigaction\0sigaltstack\0signal\0signalfd\0signalfd4\0sigpending\0"
++	"sigprocmask\0sigreturn\0sigsuspend\0socketcall\0splice\0stat\0statfs\0statfs64\0swapoff\0swapon\0"
++	"symlink\0symlinkat\0sync\0sync_file_range\0syncfs\0sysfs\0sysinfo\0syslog\0tee\0tgkill\0"
++	"timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd\0timerfd_create\0timerfd_gettime\0timerfd_settime\0times\0"
++	"tkill\0truncate\0umask\0umount\0umount2\0uname\0unlink\0unlinkat\0unshare\0uselib\0"
++	"ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0vmsplice\0wait4\0waitid\0write\0"
++	"writev";
++static const unsigned s390x_syscall_s2i_s[] = {
++	0,8,15,20,28,37,49,55,63,67,
++	74,81,87,93,99,106,120,133,147,163,
++	177,183,189,195,209,223,227,232,237,250,
++	264,274,286,297,305,314,321,326,337,347,
++	357,367,381,395,402,409,418,425,434,440,
++	450,460,473,484,490,495,508,518,524,532,
++	542,548,558,564,574,590,606,613,620,629,
++	637,645,652,662,672,680,688,695,703,711,
++	723,733,743,753,763,770,777,790,797,806,
++	811,823,841,854,868,885,895,906,919,928,
++	938,944,955,966,970,975,986,993,998,1005,
++	1015,1020,1027,1037,1048,1061,1067,1077,1083,1091,
++	1099,1105,1113,1119,1127,1133,1142,1147,1153,1162,
++	1176,1186,1194,1210,1223,1233,1240,1246,1254,1265,
++	1272,1290,1300,1311,1322,1327,1332,1350,1357,1363,
++	1379,1391,1396,1402,1413,1418,1424,1430,1436,1443,
++	1453,1470,1488,1497,1504,1512,1519,1527,1540,1549,
++	1554,1564,1572,1581,1592,1598,1605,1622,1634,1641,
++	1650,1662,1668,1681,1695,1710,1726,1739,1753,1769,
++	1787,1806,1829,1852,1870,1885,1904,1926,1944,1959,
++	1978,1990,1997,2006,2022,2038,2052,2061,2070,2077,
++	2087,2099,2109,2115,2123,2135,2144,2154,2164,2173,
++	2183,2190,2203,2210,2219,2229,2241,2248,2257,2267,
++	2278,2290,2300,2311,2322,2329,2334,2341,2350,2358,
++	2365,2373,2383,2388,2404,2411,2417,2425,2432,2436,
++	2443,2456,2469,2486,2500,2514,2522,2537,2553,2569,
++	2575,2581,2590,2596,2603,2611,2617,2624,2633,2641,
++	2648,2654,2660,2670,2677,2683,2691,2700,2706,2713,
++	2719,
++};
++static const int s390x_syscall_s2i_i[] = {
++	149,33,51,278,124,137,27,134,45,184,
++	185,12,15,212,61,337,261,260,262,259,
++	120,6,8,127,129,41,63,326,249,327,
++	250,312,251,318,323,11,1,248,300,253,
++	314,332,333,133,94,299,207,291,55,148,
++	229,344,232,143,2,235,226,108,100,266,
++	118,93,238,292,130,305,311,183,141,202,
++	201,200,205,105,132,65,20,188,64,96,
++	211,209,191,77,147,236,78,199,227,112,
++	128,285,284,324,286,247,244,245,243,246,
++	54,283,282,117,343,277,280,37,198,228,
++	9,296,230,231,234,19,225,107,219,218,
++	39,289,14,290,150,152,90,21,125,276,
++	275,271,274,273,272,163,144,151,153,91,
++	335,162,293,169,34,5,336,288,29,331,
++	136,42,325,217,168,302,172,180,328,334,
++	340,341,301,26,189,181,329,167,131,3,
++	222,89,85,298,145,88,267,233,38,295,
++	279,40,174,176,175,178,173,179,177,330,
++	342,159,160,240,155,157,161,239,154,156,
++	158,142,187,304,252,121,216,215,214,206,
++	74,104,339,57,97,204,210,208,203,75,
++	66,79,213,224,67,186,48,316,322,73,
++	126,119,72,102,306,106,99,265,115,87,
++	83,297,36,307,338,135,116,103,308,241,
++	254,258,257,256,255,317,319,321,320,43,
++	237,92,60,22,52,122,10,294,303,86,
++	62,30,315,313,190,111,309,114,281,4,
++	146,
++};
++static int s390x_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(s390x_syscall_strings, s390x_syscall_s2i_s, s390x_syscall_s2i_i, 281, copy, value);
++	}
++}
++static const unsigned s390x_syscall_i2s_direct[] = {
++	321,490,1549,2713,1327,183,-1u,189,1015,2617,
++	314,81,-1u,1113,87,-1u,-1u,-1u,1061,688,
++	1147,2596,-1u,-1u,-1u,1497,49,-1u,1357,2654,
++	-1u,-1u,8,1322,-1u,2383,993,1634,1099,1662,
++	223,1391,2569,-1u,63,-1u,-1u,2241,-1u,-1u,
++	15,2603,-1u,938,434,-1u,2115,-1u,-1u,2590,
++	99,2648,227,703,680,2183,2219,-1u,-1u,-1u,
++	-1u,2300,2267,2087,2173,-1u,753,777,2190,-1u,
++	-1u,-1u,2365,-1u,1572,2641,2358,1598,1564,1142,
++	1265,2581,548,402,-1u,711,2123,-1u,2334,524,
++	-1u,2311,2425,2099,662,2329,1077,518,-1u,-1u,
++	2683,806,-1u,2700,2350,2417,966,542,2290,177,
++	2038,2611,-1u,28,1153,2278,195,811,209,574,
++	1540,672,395,55,2411,1379,37,-1u,-1u,-1u,
++	620,1990,484,1240,1592,2719,763,440,0,1127,
++	1246,1133,1254,1944,1870,1959,1885,1978,1806,1829,
++	1904,1290,1233,-1u,-1u,-1u,1527,1413,1311,-1u,
++	-1u,1424,1726,1668,1695,1681,1753,1710,1739,1430,
++	1512,-1u,613,67,74,2229,1997,695,1504,2677,
++	743,-1u,-1u,-1u,-1u,-1u,-1u,998,790,645,
++	637,629,2164,2135,652,2077,418,2154,733,2144,
++	723,93,2203,2070,2061,2052,1402,1091,1083,-1u,
++	-1u,1554,-1u,2210,1067,508,797,1005,450,1027,
++	1037,473,1622,1048,495,770,2575,558,1926,1852,
++	2436,-1u,919,895,906,928,885,326,237,264,
++	286,2022,347,2443,2500,2486,2469,2456,163,133,
++	120,147,-1u,-1u,2341,532,1605,-1u,-1u,-1u,
++	1186,1223,1210,1194,1176,1162,975,20,1650,986,
++	2706,955,944,841,823,868,-1u,1350,1105,1119,
++	425,564,1300,2624,1641,1020,2373,1581,409,337,
++	1488,1418,2633,2006,590,2322,2388,2432,2691,-1u,
++	606,274,2670,357,2660,2248,2514,297,2522,2553,
++	2537,2257,305,854,1396,232,250,1436,1519,1769,
++	1363,367,381,1443,1272,1332,106,2404,2109,1453,
++	1470,1787,970,460,
++};
++static const char *s390x_syscall_i2s(int v) {
++	return i2s_direct__(s390x_syscall_strings, s390x_syscall_i2s_direct, 1, 344, v);
++}
+diff --git a/lib/x86_64_tables.h b/lib/x86_64_tables.h
+new file mode 100644
+index 0000000..d2a5673
+--- /dev/null
++++ b/lib/x86_64_tables.h
+@@ -0,0 +1,150 @@
++/* This is a generated file, see Makefile.am for its inputs. */
++static const char x86_64_syscall_strings[] = "_sysctl\0accept\0accept4\0access\0acct\0add_key\0adjtimex\0afs_syscall\0alarm\0arch_prctl\0"
++	"bind\0brk\0capget\0capset\0chdir\0chmod\0chown\0chroot\0clock_adjtime\0clock_getres\0"
++	"clock_gettime\0clock_nanosleep\0clock_settime\0clone\0close\0connect\0creat\0create_module\0delete_module\0dup\0"
++	"dup2\0dup3\0epoll_create\0epoll_create1\0epoll_ctl\0epoll_ctl_old\0epoll_pwait\0epoll_wait\0epoll_wait_old\0eventfd\0"
++	"eventfd2\0execve\0exit\0exit_group\0faccessat\0fadvise64\0fallocate\0fanotify_init\0fanotify_mark\0fchdir\0"
++	"fchmod\0fchmodat\0fchown\0fchownat\0fcntl\0fdatasync\0fgetxattr\0finit_module\0flistxattr\0flock\0"
++	"fork\0fremovexattr\0fsetxattr\0fstat\0fstatfs\0fsync\0ftruncate\0futex\0futimesat\0get_kernel_syms\0"
++	"get_mempolicy\0get_robust_list\0get_thread_area\0getcpu\0getcwd\0getdents\0getdents64\0getegid\0geteuid\0getgid\0"
++	"getgroups\0getitimer\0getpeername\0getpgid\0getpgrp\0getpid\0getpmsg\0getppid\0getpriority\0getresgid\0"
++	"getresuid\0getrlimit\0getrusage\0getsid\0getsockname\0getsockopt\0gettid\0gettimeofday\0getuid\0getxattr\0"
++	"init_module\0inotify_add_watch\0inotify_init\0inotify_init1\0inotify_rm_watch\0io_cancel\0io_destroy\0io_getevents\0io_setup\0io_submit\0"
++	"ioctl\0ioperm\0iopl\0ioprio_get\0ioprio_set\0kcmp\0kexec_load\0keyctl\0kill\0lchown\0"
++	"lgetxattr\0link\0linkat\0listen\0listxattr\0llistxattr\0lookup_dcookie\0lremovexattr\0lseek\0lsetxattr\0"
++	"lstat\0madvise\0mbind\0migrate_pages\0mincore\0mkdir\0mkdirat\0mknod\0mknodat\0mlock\0"
++	"mlockall\0mmap\0modify_ldt\0mount\0move_pages\0mprotect\0mq_getsetattr\0mq_notify\0mq_open\0mq_timedreceive\0"
++	"mq_timedsend\0mq_unlink\0mremap\0msgctl\0msgget\0msgrcv\0msgsnd\0msync\0munlock\0munlockall\0"
++	"munmap\0name_to_handle_at\0nanosleep\0newfstatat\0nfsservctl\0open\0open_by_handle_at\0openat\0pause\0perf_event_open\0"
++	"personality\0pipe\0pipe2\0pivot_root\0poll\0ppoll\0prctl\0pread\0preadv\0prlimit64\0"
++	"process_vm_readv\0process_vm_writev\0pselect6\0ptrace\0putpmsg\0pwrite\0pwritev\0query_module\0quotactl\0read\0"
++	"readahead\0readlink\0readlinkat\0readv\0reboot\0recvfrom\0recvmmsg\0recvmsg\0remap_file_pages\0removexattr\0"
++	"rename\0renameat\0request_key\0restart_syscall\0rmdir\0rt_sigaction\0rt_sigpending\0rt_sigprocmask\0rt_sigqueueinfo\0rt_sigreturn\0"
++	"rt_sigsuspend\0rt_sigtimedwait\0rt_tgsigqueueinfo\0sched_get_priority_max\0sched_get_priority_min\0sched_getaffinity\0sched_getparam\0sched_getscheduler\0sched_rr_get_interval\0sched_setaffinity\0"
++	"sched_setparam\0sched_setscheduler\0sched_yield\0security\0select\0semctl\0semget\0semop\0semtimedop\0sendfile\0"
++	"sendmmsg\0sendmsg\0sendto\0set_mempolicy\0set_robust_list\0set_thread_area\0set_tid_address\0setdomainname\0setfsgid\0setfsuid\0"
++	"setgid\0setgroups\0sethostname\0setitimer\0setns\0setpgid\0setpriority\0setregid\0setresgid\0setresuid\0"
++	"setreuid\0setrlimit\0setsid\0setsockopt\0settimeofday\0setuid\0setxattr\0shmat\0shmctl\0shmdt\0"
++	"shmget\0shutdown\0sigaltstack\0signalfd\0signalfd4\0socket\0socketpair\0splice\0stat\0statfs\0"
++	"swapoff\0swapon\0symlink\0symlinkat\0sync\0sync_file_range\0syncfs\0sysfs\0sysinfo\0syslog\0"
++	"tee\0tgkill\0time\0timer_create\0timer_delete\0timer_getoverrun\0timer_gettime\0timer_settime\0timerfd\0timerfd_gettime\0"
++	"timerfd_settime\0times\0tkill\0truncate\0tuxcall\0umask\0umount2\0uname\0unlink\0unlinkat\0"
++	"unshare\0uselib\0ustat\0utime\0utimensat\0utimes\0vfork\0vhangup\0vmsplice\0vserver\0"
++	"wait4\0waitid\0write\0writev";
++static const unsigned x86_64_syscall_s2i_s[] = {
++	0,8,15,23,30,35,43,52,64,70,
++	81,86,90,97,104,110,116,122,129,143,
++	156,170,186,200,206,212,220,226,240,254,
++	258,263,268,281,295,305,319,331,342,357,
++	365,374,381,386,397,407,417,427,441,455,
++	462,469,478,485,494,500,510,520,533,544,
++	550,555,568,578,584,592,598,608,614,624,
++	640,654,670,686,693,700,709,720,728,736,
++	743,753,763,775,783,791,798,806,814,826,
++	836,846,856,866,873,885,896,903,916,923,
++	932,944,962,975,989,1006,1016,1027,1040,1049,
++	1059,1065,1072,1077,1088,1099,1104,1115,1122,1127,
++	1134,1144,1149,1156,1163,1173,1184,1199,1212,1218,
++	1228,1234,1242,1248,1262,1270,1276,1284,1290,1298,
++	1304,1313,1318,1329,1335,1346,1355,1369,1379,1387,
++	1403,1416,1426,1433,1440,1447,1454,1461,1467,1475,
++	1486,1493,1511,1521,1532,1543,1548,1566,1573,1579,
++	1595,1607,1612,1618,1629,1634,1640,1646,1652,1659,
++	1669,1686,1704,1713,1720,1728,1735,1743,1756,1765,
++	1770,1780,1789,1800,1806,1813,1822,1831,1839,1856,
++	1868,1875,1884,1896,1912,1918,1931,1945,1960,1976,
++	1989,2003,2019,2037,2060,2083,2101,2116,2135,2157,
++	2175,2190,2209,2221,2230,2237,2244,2251,2257,2268,
++	2277,2286,2294,2301,2315,2331,2347,2363,2377,2386,
++	2395,2402,2412,2424,2434,2440,2448,2460,2469,2479,
++	2489,2498,2508,2515,2526,2539,2546,2555,2561,2568,
++	2574,2581,2590,2602,2611,2621,2628,2639,2646,2651,
++	2658,2666,2673,2681,2691,2696,2712,2719,2725,2733,
++	2740,2744,2751,2756,2769,2782,2799,2813,2827,2835,
++	2851,2867,2873,2879,2888,2896,2902,2910,2916,2923,
++	2932,2940,2947,2953,2959,2969,2976,2982,2990,2999,
++	3007,3013,3020,3026,
++};
++static const int x86_64_syscall_s2i_i[] = {
++	156,43,288,21,163,248,159,183,37,158,
++	49,12,125,126,80,90,92,161,305,229,
++	228,230,227,56,3,42,85,174,176,32,
++	33,292,213,291,233,214,281,232,215,284,
++	290,59,60,231,269,221,285,300,301,81,
++	91,268,93,260,72,75,193,313,196,73,
++	57,199,190,5,138,74,77,202,261,177,
++	239,274,211,309,79,78,217,108,107,104,
++	115,36,52,121,111,39,181,110,140,120,
++	118,97,98,124,51,55,186,96,102,191,
++	175,254,253,294,255,210,207,208,206,209,
++	16,173,172,252,251,312,246,250,62,94,
++	192,86,265,50,194,195,212,198,8,189,
++	6,28,237,256,27,83,258,133,259,149,
++	151,9,154,165,279,10,245,244,240,243,
++	242,241,25,71,68,70,69,26,150,152,
++	11,303,35,262,180,2,304,257,34,298,
++	135,22,293,155,7,271,157,17,295,302,
++	310,311,270,101,182,18,296,178,179,0,
++	187,89,267,19,169,45,299,47,216,197,
++	82,264,249,219,84,13,127,14,129,15,
++	130,128,297,146,147,204,143,145,148,203,
++	142,144,24,185,23,66,64,65,220,40,
++	307,46,44,238,273,205,218,171,123,122,
++	106,116,170,38,308,109,141,114,119,117,
++	113,160,112,54,164,105,188,30,31,67,
++	29,48,131,282,289,41,53,275,4,137,
++	168,167,88,266,162,277,306,139,99,103,
++	276,234,201,222,226,225,224,223,283,287,
++	286,100,200,76,184,95,166,63,87,263,
++	272,134,136,132,280,235,58,153,278,236,
++	61,247,1,20,
++};
++static int x86_64_syscall_s2i(const char *s, int *value) {
++	size_t len, i;
++	len = strlen(s);
++	{ char copy[len + 1];
++	for (i = 0; i < len; i++) {
++		char c = s[i];
++		copy[i] = GT_ISUPPER(c) ? c - 'A' + 'a' : c;
++	}
++	copy[i] = 0;
++	return s2i__(x86_64_syscall_strings, x86_64_syscall_s2i_s, x86_64_syscall_s2i_i, 314, copy, value);
++	}
++}
++static const unsigned x86_64_syscall_i2s_direct[] = {
++	1765,3020,1543,206,2646,578,1228,1629,1212,1313,
++	1346,1486,86,1918,1945,1976,1059,1646,1728,1800,
++	3026,23,1607,2230,2209,1426,1461,1262,1234,2574,
++	2555,2561,254,258,1573,1511,753,64,2424,791,
++	2268,2621,212,8,2294,1813,2286,1831,2581,81,
++	1156,873,763,2628,2515,885,200,550,2976,374,
++	381,3007,1122,2910,2244,2251,2237,2568,1440,1454,
++	1447,1433,494,544,592,500,2879,598,700,693,
++	104,455,1868,1270,1912,220,1144,2916,2673,1780,
++	110,462,116,478,1127,2896,903,846,856,2725,
++	2867,1713,916,2733,736,2539,2395,728,720,2440,
++	806,783,2508,2489,2460,743,2402,2479,836,2469,
++	826,775,2386,2377,866,90,97,1931,2003,1960,
++	1989,2590,2953,1284,2940,1595,2947,2651,584,2719,
++	814,2448,2175,2101,2190,2116,2037,2060,2135,1298,
++	1467,1304,1475,2982,1318,1618,0,1640,70,43,
++	2498,122,2691,30,2526,1329,2902,2666,2658,1806,
++	2412,2363,1072,1065,226,932,240,624,1743,1756,
++	1532,798,1720,52,2888,2221,896,1770,2546,1218,
++	568,923,1134,510,1163,1173,533,1856,1199,555,
++	2873,2751,608,2157,2083,2331,1040,1016,1027,1049,
++	1006,670,1184,268,305,342,1839,709,2347,1896,
++	2257,407,2756,2813,2799,2782,2769,186,156,143,
++	170,386,331,295,2744,2969,2999,1242,2301,640,
++	1379,1416,1403,1387,1369,1355,1104,3013,35,1884,
++	1115,1088,1077,962,944,989,1248,1566,1276,1290,
++	485,614,1521,2923,1875,1149,2681,1789,469,397,
++	1704,1634,2932,2315,654,2639,2740,2696,2990,1335,
++	2959,319,2602,2827,357,417,2851,2835,15,2611,
++	365,281,263,1612,975,1652,1735,2019,1579,1822,
++	427,441,1659,1493,1548,129,2712,2277,2434,686,
++	1669,1686,1099,520,
++};
++static const char *x86_64_syscall_i2s(int v) {
++	return i2s_direct__(x86_64_syscall_strings, x86_64_syscall_i2s_direct, 0, 313, v);
++}
+-- 
+1.7.9.5
+
diff --git a/meta-security/recipes-security/audit/audit/audit-python-configure.patch b/meta-security/recipes-security/audit/audit/audit-python-configure.patch
new file mode 100644
index 000000000..f90e21330
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/audit-python-configure.patch
@@ -0,0 +1,27 @@
+From cace630b0eb42418dea4f3d98c69d0d777bfc1be Mon Sep 17 00:00:00 2001
+From: Xin Ouyang <Xin.Ouyang@windriver.com>
+Date: Wed, 20 Jun 2012 16:34:19 +0800
+Subject: [PATCH] audit: python cross-compile
+
+Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
+---
+ configure.ac |    3 ++-
+ 1 files changed, 2 insertions(+), 1 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 3db7d45..9a07db6 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -90,7 +90,8 @@ if test x$use_python = xno ; then
+ else
+ AC_MSG_RESULT(testing)
+ AM_PATH_PYTHON
+-if test -f /usr/include/python${am_cv_python_version}/Python.h ; then
++PY_PREFIX=`$PYTHON -c 'import sys ; print sys.prefix'`
++if test -f $PY_PREFIX/include/python${am_cv_python_version}/Python.h ; then
+ 	python_found="yes"
+ 	AC_MSG_NOTICE(Python bindings will be built)
+ else
+-- 
+1.7.7
+
diff --git a/meta-security/recipes-security/audit/audit/audit-python.patch b/meta-security/recipes-security/audit/audit/audit-python.patch
new file mode 100644
index 000000000..78fce0199
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/audit-python.patch
@@ -0,0 +1,31 @@
+Remove hard coded python include directory
+
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+
+diff -ur audit-2.1.3.orig/bindings/python/Makefile.am audit-2.1.3/bindings/python/Makefile.am
+--- audit-2.1.3.orig/bindings/python/Makefile.am	2011-08-15 12:31:01.000000000 -0500
++++ audit-2.1.3/bindings/python/Makefile.am	2012-01-30 12:19:54.533959225 -0600
+@@ -25,7 +25,9 @@
+ 
+ pyexec_LTLIBRARIES = auparse.la
+ 
++PYINC ?= /usr/include/python$(PYTHON_VERSION)
++
+ auparse_la_SOURCES = auparse_python.c
+-auparse_la_CPPFLAGS = -I$(top_srcdir)/auparse $(AM_CPPFLAGS) -I/usr/include/python$(PYTHON_VERSION) -fno-strict-aliasing
++auparse_la_CPPFLAGS = -I$(top_srcdir)/auparse $(AM_CPPFLAGS) -I$(PYINC) -fno-strict-aliasing
+ auparse_la_LDFLAGS = -module -avoid-version -Wl,-z,relro
+ auparse_la_LIBADD = ../../auparse/libauparse.la ../../lib/libaudit.la
+diff -ur audit-2.1.3.orig/swig/Makefile.am audit-2.1.3/swig/Makefile.am
+--- audit-2.1.3.orig/swig/Makefile.am	2011-08-15 12:31:03.000000000 -0500
++++ audit-2.1.3/swig/Makefile.am	2012-01-30 12:28:09.574834697 -0600
+@@ -23,7 +23,8 @@
+ CONFIG_CLEAN_FILES = *.loT *.rej *.orig
+ AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing
+ PYLIBVER ?= python$(PYTHON_VERSION)
+-INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I/usr/include/$(PYLIBVER)
++PYINC ?= /usr/include/$(PYLIBVER)
++INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I$(PYINC)
+ LIBS = $(top_builddir)/lib/libaudit.la
+ pyexec_PYTHON = audit.py
+ pyexec_LTLIBRARIES = _audit.la
diff --git a/meta-security/recipes-security/audit/audit/audit-volatile.conf b/meta-security/recipes-security/audit/audit/audit-volatile.conf
new file mode 100644
index 000000000..9cbe1547a
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/audit-volatile.conf
@@ -0,0 +1 @@
+d  /var/log/audit 0750 root root -
diff --git a/meta-security/recipes-security/audit/audit/auditd b/meta-security/recipes-security/audit/audit/auditd
new file mode 100755
index 000000000..fcd96c9df
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/auditd
@@ -0,0 +1,153 @@
+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          auditd
+# Required-Start:    $local_fs
+# Required-Stop:     $local_fs
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Audit Daemon
+# Description:       Collects audit information from Linux 2.6 Kernels.
+### END INIT INFO
+
+# Author: Philipp Matthias Hahn <pmhahn@debian.org>
+# Based on Debians /etc/init.d/skeleton and Auditds init.d/auditd.init
+
+# June, 2012: Adopted for yocto <amy.fong@windriver.com>
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+DESC="audit daemon"
+NAME=auditd
+DAEMON=/sbin/auditd
+PIDFILE=/var/run/"$NAME".pid
+SCRIPTNAME=/etc/init.d/"$NAME"
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/"$NAME" ] && . /etc/default/"$NAME"
+
+. /etc/default/rcS
+
+. /etc/init.d/functions                                                
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+	# Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" --test > /dev/null \
+		|| return 1
+	start-stop-daemon -S --quiet --pidfile "$PIDFILE" --exec "$DAEMON" -- \
+		$EXTRAOPTIONS \
+		|| return 2
+	if [ -f /etc/audit/audit.rules ]
+	then
+		/sbin/auditctl -R /etc/audit/audit.rules >/dev/null
+	fi
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon -K --quiet --pidfile "$PIDFILE" --name "$NAME"
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+	# Many daemons don't delete their pidfiles when they exit.
+	rm -f "$PIDFILE"
+	rm -f /var/run/audit_events
+	# Remove watches so shutdown works cleanly
+	case "$AUDITD_CLEAN_STOP" in
+		no|NO) ;;
+		*) /sbin/auditctl -D >/dev/null ;;
+	esac
+	return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+	start-stop-daemon -K --signal HUP --quiet --pidfile $PIDFILE --name $NAME
+	return 0
+}
+
+if [ ! -e /var/log/audit ]; then
+	mkdir -p /var/log/audit
+	[ -x /sbin/restorecon ] && /sbin/restorecon -F /var/log/audit
+fi
+
+case "$1" in
+  start)
+	[ "$VERBOSE" != no ] && echo "Starting $DESC" "$NAME"
+	do_start
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && echo 0 ;;
+		2) [ "$VERBOSE" != no ] && echo 1 ;;
+	esac
+	;;
+  stop)
+	[ "$VERBOSE" != no ] && echo "Stopping $DESC" "$NAME"
+	do_stop
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && echo 0 ;;
+		2) [ "$VERBOSE" != no ] && echo 1 ;;
+	esac
+	;;
+  reload|force-reload)
+	echo "Reloading $DESC" "$NAME"
+	do_reload
+	echo $?
+	;;
+  restart)
+	echo "Restarting $DESC" "$NAME"
+	do_stop
+	case "$?" in
+	  0|1)
+		do_start
+		case "$?" in
+			0) echo 0 ;;
+			1) echo 1 ;; # Old process is still running
+			*) echo 1 ;; # Failed to start
+		esac
+		;;
+	  *)
+		# Failed to stop
+		echo 1
+		;;
+	esac
+	;;
+  rotate)
+	echo "Rotating $DESC logs" "$NAME"
+	start-stop-daemon -K --signal USR1 --quiet --pidfile "$PIDFILE" --name "$NAME"
+	echo $?
+	;;
+  status)
+	pidofproc "$DAEMON" >/dev/null
+	status=$?
+	if [ $status -eq 0 ]; then
+		echo "$NAME is running."
+	else
+		echo "$NAME is not running."
+	fi
+	exit $status
+	;;
+  *)
+	echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload|rotate|status}" >&2
+	exit 3
+	;;
+esac
+
+:
diff --git a/meta-security/recipes-security/audit/audit/auditd.service b/meta-security/recipes-security/audit/audit/auditd.service
new file mode 100644
index 000000000..ebc079897
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/auditd.service
@@ -0,0 +1,20 @@
+[Unit]
+Description=Security Auditing Service
+DefaultDependencies=no
+After=local-fs.target
+Conflicts=shutdown.target
+Before=sysinit.target shutdown.target
+After=systemd-tmpfiles-setup.service
+
+[Service]
+ExecStart=/sbin/auditd -n
+## To use augenrules, copy this file to /etc/systemd/system/auditd.service
+## and uncomment the next line and delete/comment out the auditctl line.
+## Then copy existing rules to /etc/audit/rules.d/
+## Not doing this last step can cause loss of existing rules
+#ExecStartPost=-/sbin/augenrules --load
+ExecStartPost=-/sbin/auditctl -R /etc/audit/audit.rules
+ExecReload=/bin/kill -HUP $MAINPID
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-security/recipes-security/audit/audit/disable-ldap.patch b/meta-security/recipes-security/audit/audit/disable-ldap.patch
new file mode 100644
index 000000000..1d683c29e
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/disable-ldap.patch
@@ -0,0 +1,59 @@
+Disable LDAP support
+
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+
+Disable LDAP support
+
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+
+Index: audit-2.3.2/audisp/plugins/Makefile.am
+===================================================================
+--- audit-2.3.2.orig/audisp/plugins/Makefile.am
++++ audit-2.3.2/audisp/plugins/Makefile.am
+@@ -22,8 +22,10 @@
+ 
+ CONFIG_CLEAN_FILES = *.loT *.rej *.orig
+ 
+-SUBDIRS = builtins zos-remote remote
+-#SUBDIRS = builtins zos-remote
++SUBDIRS = builtins remote
++if HAVE_LDAP
++SUBDIRS += zos-remote
++endif
+ if HAVE_PRELUDE
+ SUBDIRS += prelude
+ endif
+Index: audit-2.3.2/configure.ac
+===================================================================
+--- audit-2.3.2.orig/configure.ac
++++ audit-2.3.2/configure.ac
+@@ -241,6 +241,12 @@ else
+ fi
+ AM_CONDITIONAL(HAVE_PRELUDE, test x$have_prelude = xyes)
+ 
++AC_ARG_WITH(ldap,
++AS_HELP_STRING([--with-ldap],[enable zos-remote plugin, which requires ldap]),
++use_ldap=$withval,
++use_ldap=no)
++AM_CONDITIONAL(HAVE_LDAP, test x$have_ldap = xyes)
++
+ AC_MSG_CHECKING(whether to use libwrap)
+ AC_ARG_WITH(libwrap,
+ [  --with-libwrap[=PATH]   Compile in libwrap (tcp_wrappers) support.],
+Index: audit-2.3.2/docs/Makefile.am
+===================================================================
+--- audit-2.3.2.orig/docs/Makefile.am
++++ audit-2.3.2/docs/Makefile.am
+@@ -53,7 +53,9 @@ ausearch_add_expression.3 ausearch_add_t
+ ausearch_clear.3 \
+ ausearch_next_event.3 ausearch_set_stop.3 \
+ autrace.8 get_auditfail_action.3 set_aumessage_mode.3 \
+-audispd.8 audispd.conf.5 audispd-zos-remote.8 libaudit.conf.5 \
+-augenrules.8 \
+-zos-remote.conf.5 
++audispd.8 audispd.conf.5 libaudit.conf.5 \
++augenrules.8
+ 
++if HAVE_LDAP
++man_MANS += audispd-zos-remote.8 zos-remote.conf.5 
++endif
diff --git a/meta-security/recipes-security/audit/audit/fix-swig-host-contamination.patch b/meta-security/recipes-security/audit/audit/fix-swig-host-contamination.patch
new file mode 100644
index 000000000..16bb173ad
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit/fix-swig-host-contamination.patch
@@ -0,0 +1,48 @@
+audit: Fixed swig host contamination issue
+
+The audit build uses swig to generate a python wrapper.
+Unfortunately, the swig info file references host include
+directories.  Some of these were previously noticed and
+eliminated, but the one fixed here was not.
+
+Upstream Status:  pending
+
+Signed-off-by: Anders Hedlund <anders.hedlund@windriver.com>
+Signed-off-by: Joe Slater <jslater@windriver.com>
+
+Index: audit-2.2.1/swig/Makefile.am
+===================================================================
+--- audit-2.2.1.orig/swig/Makefile.am
++++ audit-2.2.1/swig/Makefile.am
+@@ -25,6 +25,7 @@ AM_CFLAGS = -fPIC -DPIC -fno-strict-alia
+ PYLIBVER ?= python$(PYTHON_VERSION)
+ PYINC ?= /usr/include/$(PYLIBVER)
+ INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib -I$(PYINC)
++STDINC ?= /usr/include
+ LIBS = $(top_builddir)/lib/libaudit.la
+ pyexec_PYTHON = audit.py
+ pyexec_LTLIBRARIES = _audit.la
+@@ -34,7 +35,7 @@ _audit_la_HEADERS: $(top_builddir)/confi
+ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudit.la
+ nodist__audit_la_SOURCES  = audit_wrap.c
+ audit.py audit_wrap.c: ${srcdir}/auditswig.i 
+-	swig -o audit_wrap.c -python ${INCLUDES} ${srcdir}/auditswig.i 
++	swig -o audit_wrap.c -python ${INCLUDES} -I$(STDINC) ${srcdir}/auditswig.i
+ 
+ CLEANFILES = audit.py* audit_wrap.c *~
+ 
+Index: audit-2.2.1/swig/auditswig.i
+===================================================================
+--- audit-2.2.1.orig/swig/auditswig.i
++++ audit-2.2.1/swig/auditswig.i
+@@ -37,8 +37,8 @@ signed
+ #define __attribute(X) /*nothing*/
+ typedef unsigned __u32;
+ typedef unsigned uid_t;
+-%include "/usr/include/linux/audit.h"
++%include "linux/audit.h"
+ #define __extension__ /*nothing*/
+-%include "/usr/include/stdint.h"
++%include "stdint.h"
+ %include "../lib/libaudit.h"
+ 
diff --git a/meta-security/recipes-security/audit/audit_2.3.2.bb b/meta-security/recipes-security/audit/audit_2.3.2.bb
new file mode 100644
index 000000000..1d7ea0f0a
--- /dev/null
+++ b/meta-security/recipes-security/audit/audit_2.3.2.bb
@@ -0,0 +1,102 @@
+SUMMARY = "User space tools for kernel auditing"
+DESCRIPTION = "The audit package contains the user space utilities for \
+storing and searching the audit records generated by the audit subsystem \
+in the Linux kernel."
+HOMEPAGE = "http://people.redhat.com/sgrubb/audit/"
+SECTION = "base"
+PR = "r8"
+LICENSE = "GPLv2+ & LGPLv2+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
+
+SRC_URI = "http://people.redhat.com/sgrubb/audit/audit-${PV}.tar.gz \
+	   file://disable-ldap.patch \
+	   file://audit-python.patch \
+	   file://audit-python-configure.patch \
+	   file://audit-for-cross-compiling.patch \
+	   file://auditd \
+	   file://fix-swig-host-contamination.patch \
+	   file://auditd.service \
+	   file://audit-volatile.conf \
+"
+SRC_URI_append_arm = "file://add-system-call-table-for-ARM.patch"
+
+inherit autotools pythonnative update-rc.d systemd
+
+UPDATERCPN = "auditd"
+INITSCRIPT_NAME = "auditd"
+INITSCRIPT_PARAMS = "defaults"
+
+SYSTEMD_SERVICE_${PN} = "auditd.service"
+
+SRC_URI[md5sum] = "4e8d065b5cc16b77b9b61e93a9ed160e"
+SRC_URI[sha256sum] = "8872e0b5392888789061db8034164305ef0e1b34543e1e7004d275f039081d29"
+
+DEPENDS += "python tcp-wrappers libcap-ng linux-libc-headers (>= 2.6.30)"
+
+EXTRA_OECONF += "--without-prelude \
+	--with-libwrap \
+	--enable-gssapi-krb5=no \
+	--without-ldap \
+	--with-libcap-ng=yes \
+	--with-python=yes \
+	--libdir=${base_libdir} \
+	--sbindir=${base_sbindir} \
+	"
+EXTRA_OECONF_append_arm = " --with-armeb=yes"
+
+EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' \
+	PYINC='${STAGING_INCDIR}/$(PYLIBVER)' \
+	pyexecdir=${libdir}/python${PYTHON_BASEVERSION}/site-packages \
+	STDINC='${STAGING_INCDIR}' \
+	"
+
+SUMMARY_audispd-plugins = "Plugins for the audit event dispatcher"
+DESCRIPTION_audispd-plugins = "The audispd-plugins package provides plugins for the real-time \
+interface to the audit system, audispd. These plugins can do things \
+like relay events to remote machines or analyze events for suspicious \
+behavior."
+
+PACKAGES =+ "audispd-plugins"
+PACKAGES += "auditd ${PN}-python"
+
+FILES_${PN} = "${sysconfdir}/libaudit.conf ${base_libdir}/libaudit.so.1* ${base_libdir}/libauparse.so.*"
+FILES_auditd += "${bindir}/* ${base_sbindir}/* ${sysconfdir}/*"
+FILES_audispd-plugins += "${sysconfdir}/audisp/audisp-remote.conf \
+	${sysconfdir}/audisp/plugins.d/au-remote.conf \
+	${sbindir}/audisp-remote ${localstatedir}/spool/audit \
+	"
+FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
+FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
+FILES_${PN}-dev += "${base_libdir}/*.so ${base_libdir}/*.la"
+
+CONFFILES_auditd += "${sysconfdir}/audit/audit.rules"
+RDEPENDS_auditd += "bash"
+
+do_install_append() {
+	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a
+	rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la
+
+	# reuse auditd config
+	[ ! -e ${D}/etc/default ] && mkdir ${D}/etc/default
+	mv ${D}/etc/sysconfig/auditd ${D}/etc/default
+	rmdir ${D}/etc/sysconfig/
+
+	# replace init.d
+	install -D -m 0755 ${S}/../auditd ${D}/etc/init.d/auditd
+	rm -rf ${D}/etc/rc.d
+
+	if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then
+		install -d ${D}${sysconfdir}/tmpfiles.d/
+		install -m 0644 ${WORKDIR}/audit-volatile.conf ${D}${sysconfdir}/tmpfiles.d/
+	fi
+	
+	# install systemd unit files
+	install -d ${D}${systemd_unitdir}/system
+	install -m 0644 ${WORKDIR}/auditd.service ${D}${systemd_unitdir}/system
+
+	chmod 750 ${D}/etc/audit ${D}/etc/audit/rules.d
+	chmod 640 ${D}/etc/audit/auditd.conf ${D}/etc/audit/rules.d/audit.rules
+
+	# Based on the audit.spec "Copy default rules into place on new installation"
+	cp ${D}/etc/audit/rules.d/audit.rules ${D}/etc/audit/audit.rules
+}
diff --git a/meta-security/recipes-security/cynara/cynara.inc b/meta-security/recipes-security/cynara/cynara.inc
new file mode 100644
index 000000000..0e823edcc
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara.inc
@@ -0,0 +1,158 @@
+DESCRIPTION = "Cynara service with client libraries"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327;beginline=3"
+
+DEPENDS = " \
+dbus \
+glib-2.0 \
+systemd \
+zip \
+"
+
+# For testing:
+# DEPENDS += "gmock"
+
+PACKAGECONFIG ??= ""
+# Use debug mode to increase logging. Beware, also compiles with less optimization
+# and thus has to disable FORTIFY_SOURCE below.
+PACKAGECONFIG[debug] = "-DCMAKE_BUILD_TYPE=DEBUG,-DCMAKE_BUILD_TYPE=RELEASE,libunwind elfutils"
+
+inherit cmake
+
+CXXFLAGS_append = " \
+-DCYNARA_STATE_PATH=\\\\\"${localstatedir}/cynara/\\\\\" \
+-DCYNARA_LIB_PATH=\\\\\"${prefix}/lib/cynara/\\\\\" \
+-DCYNARA_TESTS_DIR=\\\\\"${prefix}/share/cynara/tests/\\\\\" \
+-DCYNARA_CONFIGURATION_DIR=\\\\\"${sysconfdir}/cynara/\\\\\" \
+${@bb.utils.contains('PACKAGECONFIG', 'debug', '-Wp,-U_FORTIFY_SOURCE', '', d)} \
+"
+
+EXTRA_OECMAKE += " \
+-DCMAKE_VERBOSE_MAKEFILE=ON \
+-DBUILD_WITH_SYSTEMD=ON \
+-DSYSTEMD_UNIT_DIR=${systemd_unitdir}/system \
+-DSOCKET_DIR=/run/cynara \
+"
+
+# Explicitly package empty directory. Otherwise Cynara prints warnings
+# at runtime:
+# cyad[198]: Couldn't scan for plugins in </usr/lib/cynara/plugin/service/> : <No such file or directory>
+FILES_${PN}_append = " \
+${libdir}/cynara/plugin/service \
+${libdir}/cynara/plugin/client \
+"
+
+# Testing depends on gmock and gtest. They can be found in meta-oe
+# and are not necessarily available, so this feature is off by default.
+# If gmock from meta-oe is used, then a workaround is needed to avoid
+# a link error (libgmock.a calls pthread functions without libpthread
+# being listed in the .pc file).
+PACKAGECONFIG[tests] = "-DBUILD_TESTS:BOOL=ON,-DBUILD_TESTS:BOOL=OFF,gmock gtest,"
+SRC_URI_append = "${@bb.utils.contains('PACKAGECONFIG', 'tests', ' file://gmock-pthread-linking.patch file://run-ptest', '', d)}"
+
+# Will be empty if no tests were built.
+inherit ptest
+FILES_${PN}-ptest += "${bindir}/cynara-tests ${bindir}/cynara-db-migration-tests ${datadir}/cynara/tests"
+do_install_ptest () {
+    if ${@bb.utils.contains('PACKAGECONFIG', 'tests', 'true', 'false', d)}; then
+        mkdir -p ${D}/${datadir}/cynara/tests
+        cp -r ${S}/test/db/* ${D}/${datadir}/cynara/tests
+    fi
+}
+
+do_compile_prepend () {
+    # en_US.UTF8 is not available, causing cynara-tests parser.getKeyAndValue to fail.
+    # Submitted upstream: https://github.com/Samsung/cynara/issues/10
+    sed -i -e 's/std::locale("en_US.UTF8")/std::locale::classic()/g' ${S}/test/credsCommons/parser/Parser.cpp
+}
+
+inherit useradd
+USERADD_PACKAGES = "${PN}"
+GROUPADD_PARAM_${PN} = "-r cynara"
+USERADD_PARAM_${PN} = "\
+--system --home ${localstatedir}/lib/empty \
+--no-create-home --shell /bin/false \
+--gid cynara cynara \
+"
+
+# Causes deadlock during booting, see workaround in postinst below.
+#inherit systemd
+#SYSTEMD_SERVICE_${PN} = "cynara.service"
+
+do_install_append () {
+   chmod a+rx ${D}/${sbindir}/cynara-db-migration
+
+   install -d ${D}${sysconfdir}/cynara/
+   install -m 644 ${S}/conf/creds.conf ${D}/${sysconfdir}/cynara/creds.conf
+
+   # No need to create empty directories except for those which
+   # Cynara expects to find.
+   # install -d ${D}${localstatedir}/cynara/
+   # install -d ${D}${prefix}/share/cynara/tests/empty_db
+   install -d ${D}${libdir}/cynara/plugin/client
+   install -d ${D}${libdir}/cynara/plugin/service
+
+   # install db* ${D}${prefix}/share/cynara/tests/
+
+   install -d ${D}${systemd_unitdir}/system/sockets.target.wants
+   ln -s ../cynara.socket ${D}${systemd_unitdir}/system/sockets.target.wants/cynara.socket
+   ln -s ../cynara-admin.socket ${D}${systemd_unitdir}/system/sockets.target.wants/cynara-admin.socket
+   ln -s ../cynara-agent.socket ${D}${systemd_unitdir}/system/sockets.target.wants/cynara-agent.socket
+}
+
+FILES_${PN} += "${systemd_unitdir}/system"
+
+# Cynara itself has no dependency on Smack. Only its installation
+# is Smack-aware in the sense that it sets Smack labels. Do not
+# depend on smack userspace unless we really need Smack labels.
+#
+# The Tizen .spec file calls cynara-db-migration in a %pre section.
+# That only works when cynara-db-migration is packaged separately
+# (overly complex) and does not seem necessary: perhaps there is a
+# time window where cynara might already get activated before
+# the postinst completes, but that is a general problem. It gets
+# avoided entirely when calling this script while building the
+# rootfs.
+RDEPENDS_${PN}_append_with-lsm-smack = " smack-userspace"
+DEPENDS_append_with-lsm-smack = " smack-userspace-native"
+CHSMACK_with-lsm-smack = "chsmack"
+CHSMACK = "true"
+pkg_postinst_${PN} () {
+   # Fail on error.
+   set -e
+
+   # It would be nice to run the code below while building an image,
+   # but currently the calls to cynara-db-chsgen (a binary) in
+   # cynara-db-migration (a script) prevent that. Rely instead
+   # on OE's support for running failed postinst scripts at first boot.
+   if [ x"$D" != "x" ]; then
+      exit 1
+   fi
+
+   mkdir -p $D${sysconfdir}/cynara
+   ${CHSMACK} -a System $D${sysconfdir}/cynara
+
+   # Strip git patch level information, the version comparison code
+   # in cynara-db-migration only expect major.minor.patch version numbers.
+   VERSION=${@bb.data.getVar('PV',d,1).split('+git')[0]}
+   if [ -d $D${localstatedir}/cynara ] ; then
+      # upgrade
+      echo "NOTE: updating cynara DB to version $VERSION"
+      $D${sbindir}/cynara-db-migration upgrade -f 0.0.0 -t $VERSION
+   else
+      # install
+      echo "NOTE: creating cynara DB for version $VERSION"
+      mkdir -p $D${localstatedir}/cynara
+      ${CHSMACK} -a System $D${localstatedir}/cynara
+      $D${sbindir}/cynara-db-migration install -t $VERSION
+   fi
+
+   # Workaround for systemd.bbclass issue: it would call
+   # "systemctl start" without "--no-block", but because
+   # the service is not ready to run at the time when
+   # this scripts gets executed by run-postinsts.service,
+   # booting deadlocks.
+   echo "NOTE: enabling and starting cynara service"
+   systemctl enable cynara
+   systemctl start --no-block cynara
+}
diff --git a/meta-security/recipes-security/cynara/cynara/cmake-Improves-directories-and-libsystemd.patch b/meta-security/recipes-security/cynara/cynara/cmake-Improves-directories-and-libsystemd.patch
new file mode 100644
index 000000000..7ad94ed40
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara/cmake-Improves-directories-and-libsystemd.patch
@@ -0,0 +1,119 @@
+From 9d1ba2f7c5d72436b17d0f3982a00380c72a58f8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Mon, 4 Jul 2016 13:54:59 +0200
+Subject: [PATCH] cmake: Improves directories and libsystemd
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The previous implementation was not fully compliant with
+standards. It was missing some of the predefined variable
+DATAROOTDIR, it was missing specificity of
+CMAKE_INSTALL_FULL_SYSCONFDIR. It also was not compatible
+with yocto build system bitbake.
+
+The library systemd is changing. The previous previous
+pkg-config files 'libsystemd-daemon' and 'libsystemd-journal'
+are now deprecated in favour of 'libsystemd'.
+
+Upstream-status: Submitted [https://github.com/Samsung/cynara/pull/16]
+
+Signed-off-by: José Bollo <jose.bollo@iot.bzh>
+---
+ CMakeLists.txt | 46 ++++++++++++++++++++--------------------------
+ 1 file changed, 20 insertions(+), 26 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index b0ee75f..6a439e2 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -43,66 +43,60 @@ ENDIF (NOT BUILD_COMMONS AND NOT BUILD_SERVICE AND NOT BUILD_DBUS)
+ 
+ ########################## search for packages ################################
+ 
+-#1st case. User choose to build with systemd.
+-IF (DEFINED BUILD_WITH_SYSTEMD AND BUILD_WITH_SYSTEMD)
+-    PKG_CHECK_MODULES(SYSTEMD_DEP
+-        REQUIRED
+-        libsystemd-daemon
+-        libsystemd-journal
+-        )
+-ENDIF (DEFINED BUILD_WITH_SYSTEMD AND BUILD_WITH_SYSTEMD)
++#Search the new libsystemd package
++PKG_CHECK_MODULES(SYSTEMD_DEP QUIET libsystemd)
+ 
+-#2nd case. User choose not to build with systemd. Noting to do in this case.
+-#IF (DEFINED BUILD_WITH_SYSTEMD AND NOT BUILD_WITH_SYSTEMD)
+-#ENDIF (DEFINED BUILD_WITH_SYSTEMD AND NOT BUILD_WITH_SYSTEMD)
+-
+-#3rd case. User did not choose. If we can we will use systemd.
+-IF (NOT DEFINED BUILD_WITH_SYSTEMD)
++#Fallback ot the oldest libsystemd packages
++IF(NOT SYSTEMD_DEP_FOUND)
+     PKG_CHECK_MODULES(SYSTEMD_DEP
+         QUIET
+         libsystemd-daemon
+         libsystemd-journal
+         )
+-
+-    IF (SYSTEMD_DEP_FOUND)
+-        SET(BUILD_WITH_SYSTEMD ON)
+-    ENDIF (SYSTEMD_DEP_FOUND)
+-ENDIF (NOT DEFINED BUILD_WITH_SYSTEMD)
++ENDIF(NOT SYSTEMD_DEP_FOUND)
++
++#Enforce and check
++IF(SYSTEMD_DEP_FOUND)
++    #Enforce use of systemd if present
++    SET(BUILD_WITH_SYSTEMD ON)
++ELSEIF(BUILD_WITH_SYSTEMD)
++    MESSAGE(FATAL_ERROR "Can't find libsystemd")
++ENDIF()
+ 
+ ########################  directory configuration  ############################
+ 
+ SET(LIB_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}"
++    "${CMAKE_INSTALL_FULL_LIBDIR}"
+     CACHE PATH
+     "Object code libraries directory")
+ 
+ SET(BIN_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_BINDIR}"
++    "${CMAKE_INSTALL_FULL_BINDIR}"
+     CACHE PATH
+     "User executables directory")
+ 
+ SET(SBIN_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_SBINDIR}"
++    "${CMAKE_INSTALL_FULL_SBINDIR}"
+     CACHE PATH
+     "System admin executables directory")
+ 
+ SET(SYS_CONFIG_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_SYSCONFDIR}"
++    "${CMAKE_INSTALL_FULL_SYSCONFDIR}"
+     CACHE PATH
+     "Read-only single-machine data directory")
+ 
+ SET(INCLUDE_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_INCLUDEDIR}"
++    "${CMAKE_INSTALL_FULL_INCLUDEDIR}"
+     CACHE PATH
+     "Header files directory")
+ 
+ SET(LOCAL_STATE_DIR
+-    "${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LOCALSTATEDIR}"
++    "${CMAKE_INSTALL_FULL_LOCALSTATEDIR}"
+     CACHE PATH
+     "Modifiable single-machine data directory")
+ 
+ SET(DATA_ROOT_DIR
+-    "${CMAKE_INSTALL_PREFIX}/share"
++    "${CMAKE_INSTALL_FULL_DATAROOTDIR}"
+     CACHE PATH
+     "Read-only architecture-independent data root directory")
+ 
+-- 
+2.5.5
+
diff --git a/meta-security/recipes-security/cynara/cynara/cynara-db-migration-abort-on-errors.patch b/meta-security/recipes-security/cynara/cynara/cynara-db-migration-abort-on-errors.patch
new file mode 100644
index 000000000..cbf372ad9
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara/cynara-db-migration-abort-on-errors.patch
@@ -0,0 +1,31 @@
+From 297774fa4d01156c0327d6e6380a7ecae30bf875 Mon Sep 17 00:00:00 2001
+From: Patrick Ohly <patrick.ohly@intel.com>
+Date: Mon, 23 Mar 2015 15:01:39 -0700
+Subject: [PATCH 1/2] cynara-db-migration.in: abort on errors
+
+"set -e" enables error checking for all commands invoked by the script.
+Previously, errors were silently ignored.
+
+Upstream-status: Submitted [https://github.com/Samsung/cynara/pull/8]
+
+Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
+---
+ migration/cynara-db-migration | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/migration/cynara-db-migration.in b/migration/cynara-db-migration.in
+index ff9bd61..f6e7f94 100644
+--- a/migration/cynara-db-migration.in
++++ b/migration/cynara-db-migration.in
+@@ -19,6 +19,8 @@
+ # @brief       Migration tool for Cynara's database
+ #
+ 
++set -e
++
+ ##### Constants (these must not be modified by shell)
+ 
+ STATE_PATH='@LOCAL_STATE_DIR@/@PROJECT_NAME@'
+-- 
+1.8.4.5
+
diff --git a/meta-security/recipes-security/cynara/cynara/gmock-pthread-linking.patch b/meta-security/recipes-security/cynara/cynara/gmock-pthread-linking.patch
new file mode 100644
index 000000000..1a204eb14
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara/gmock-pthread-linking.patch
@@ -0,0 +1,31 @@
+From 80cc04091410d6a322fee1a2922fdf867395f00a Mon Sep 17 00:00:00 2001
+From: Patrick Ohly <patrick.ohly@intel.com>
+Date: Fri, 29 May 2015 10:21:57 +0200
+Subject: [PATCH] work around gmock pthread dependency
+
+In meta-oe, gmock's .pc file does not declare that users of
+gmock must link against pthread. Let's work around that
+here by always linking tests against libpthread.
+
+Upstream-status: Inappropriate [embedded specific]
+
+Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
+---
+ test/CMakeLists.txt | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt
+index 25a70db..f490a24 100644
+--- a/test/CMakeLists.txt
++++ b/test/CMakeLists.txt
+@@ -138,6 +138,7 @@ ADD_EXECUTABLE(${TARGET_CYNARA_TESTS}
+ TARGET_LINK_LIBRARIES(${TARGET_CYNARA_TESTS}
+     ${PKGS_LDFLAGS}
+     ${PKGS_LIBRARIES}
++    pthread
+     crypt
+ )
+ INSTALL(TARGETS ${TARGET_CYNARA_TESTS} DESTINATION ${BIN_INSTALL_DIR})
+-- 
+2.1.4
+
diff --git a/meta-security/recipes-security/cynara/cynara/run-ptest b/meta-security/recipes-security/cynara/cynara/run-ptest
new file mode 100755
index 000000000..f8dd5d8b4
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara/run-ptest
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+cynara-tests | sed -e 's/^\[ *OK *\] \(\S*\)$/PASS: \1/' -e 's/^\[ *FAILED *\] \(\S*\)$/FAIL: \1/'
+sh /usr/bin/cynara-db-migration-tests | sed -e 's/^Test .*(\([^)]*\)).*passed.*/PASS: \1/' -e 's/^Test .*(\([^)]*\)).*failed.*/FAIL: \1/'
diff --git a/meta-security/recipes-security/cynara/cynara_git.bb b/meta-security/recipes-security/cynara/cynara_git.bb
new file mode 100644
index 000000000..6e387d41e
--- /dev/null
+++ b/meta-security/recipes-security/cynara/cynara_git.bb
@@ -0,0 +1,11 @@
+require cynara.inc
+
+PV = "0.11.0+git${SRCPV}"
+SRCREV = "973765e329f8a84c1549cb2b0c65ccb1cce3c2d3"
+SRC_URI = "git://github.com/Samsung/cynara.git"
+S = "${WORKDIR}/git"
+
+SRC_URI += " \
+file://cynara-db-migration-abort-on-errors.patch \
+file://cmake-Improves-directories-and-libsystemd.patch \
+"
diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch
new file mode 100644
index 000000000..a049fd23f
--- /dev/null
+++ b/meta-security/recipes-security/keyutils/keyutils/keyutils-arm-remove-m32-m64.patch
@@ -0,0 +1,19 @@
+Index: keyutils-1.5.5/Makefile
+===================================================================
+--- keyutils-1.5.5.orig/Makefile	2011-12-20 11:05:10.000000000 +0200
++++ keyutils-1.5.5/Makefile	2011-12-20 11:06:27.000000000 +0200
+@@ -58,12 +58,12 @@
+ LNS		:= ln -sf
+ 
+ ifeq ($(BUILDFOR),32-bit)
+-CFLAGS		+= -m32
++#CFLAGS		+= -m32
+ LIBDIR		:= /usr/lib
+ USRLIBDIR	:= /usr/lib
+ else
+ ifeq ($(BUILDFOR),64-bit)
+-CFLAGS		+= -m64
++#CFLAGS		+= -m64
+ LIBDIR		:= /usr/lib
+ USRLIBDIR	:= /usr/lib
+ endif
diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch
new file mode 100644
index 000000000..adf064304
--- /dev/null
+++ b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_library_install.patch
@@ -0,0 +1,30 @@
+Index: keyutils-1.5.5/Makefile
+===================================================================
+--- keyutils-1.5.5.orig/Makefile	2011-11-30 17:27:43.000000000 +0200
++++ keyutils-1.5.5/Makefile	2011-12-21 16:05:53.000000000 +0200
+@@ -59,13 +59,13 @@
+ 
+ ifeq ($(BUILDFOR),32-bit)
+ CFLAGS		+= -m32
+-LIBDIR		:= /lib
++LIBDIR		:= /usr/lib
+ USRLIBDIR	:= /usr/lib
+ else
+ ifeq ($(BUILDFOR),64-bit)
+ CFLAGS		+= -m64
+-LIBDIR		:= /lib64
+-USRLIBDIR	:= /usr/lib64
++LIBDIR		:= /usr/lib
++USRLIBDIR	:= /usr/lib
+ endif
+ endif
+ 
+@@ -152,7 +152,7 @@
+ 	$(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME)
+ 	$(LNS) $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME)
+ 	mkdir -p $(DESTDIR)$(USRLIBDIR)
+-	$(LNS) $(LIBDIR)/$(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
++	$(LNS) $(SONAME) $(DESTDIR)$(USRLIBDIR)/$(DEVELLIB)
+ 	$(INSTALL) -D keyctl $(DESTDIR)$(BINDIR)/keyctl
+ 	$(INSTALL) -D request-key $(DESTDIR)$(SBINDIR)/request-key
+ 	$(INSTALL) -D request-key-debug.sh $(DESTDIR)$(SHAREDIR)/request-key-debug.sh
diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch
new file mode 100644
index 000000000..8dd224505
--- /dev/null
+++ b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86-64_cflags.patch
@@ -0,0 +1,13 @@
+Index: git/Makefile
+===================================================================
+--- git.orig/Makefile	2012-11-16 15:40:05.258723425 +0200
++++ git/Makefile	2012-11-16 15:41:08.978725491 +0200
+@@ -53,7 +53,7 @@
+ ###############################################################################
+ LIBDIR		:= $(shell ldd /usr/bin/make | grep '\(/libc\)' | sed -e 's!.*\(/.*\)/libc[.].*!\1!')
+ USRLIBDIR	:= $(patsubst /lib/%,/usr/lib/%,$(LIBDIR))
+-BUILDFOR	:= $(shell file /usr/bin/make | sed -e 's!.*ELF \(32\|64\)-bit.*!\1!')-bit
++BUILDFOR	:= 64-bit
+ 
+ LNS		:= ln -sf
+ 
diff --git a/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch
new file mode 100644
index 000000000..573c429b8
--- /dev/null
+++ b/meta-security/recipes-security/keyutils/keyutils/keyutils_fix_x86_cflags.patch
@@ -0,0 +1,13 @@
+Index: git/Makefile
+===================================================================
+--- git.orig/Makefile	2012-11-16 15:40:05.258723425 +0200
++++ git/Makefile	2012-11-16 15:41:08.978725491 +0200
+@@ -53,7 +53,7 @@
+ ###############################################################################
+ LIBDIR		:= $(shell ldd /usr/bin/make | grep '\(/libc\)' | sed -e 's!.*\(/.*\)/libc[.].*!\1!')
+ USRLIBDIR	:= $(patsubst /lib/%,/usr/lib/%,$(LIBDIR))
+-BUILDFOR	:= $(shell file /usr/bin/make | sed -e 's!.*ELF \(32\|64\)-bit.*!\1!')-bit
++BUILDFOR	:= 32-bit
+ 
+ LNS		:= ln -sf
+ 
diff --git a/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb b/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb
new file mode 100644
index 000000000..46b2b622a
--- /dev/null
+++ b/meta-security/recipes-security/keyutils/keyutils_1.5.8.bb
@@ -0,0 +1,44 @@
+SUMMARY = "Linux Key Management Utilities"
+DESCRIPTION = "Keyutils is a set of utilities for managing the key retention \
+facility in the kernel, which can be used by filesystems, block devices and \
+more to gain and retain the authorization and encryption keys required to \
+perform secure operations."
+SECTION = "base"
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://LICENCE.GPL;md5=5f6e72824f5da505c1f4a7197f004b45"
+
+PR = "r1"
+
+SRCREV = "dd64114721edca5808872190e7e2e927ee2e994c"
+
+SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/keyutils.git;protocol=git \
+          file://keyutils_fix_library_install.patch \
+          "
+SRC_URI_append_arm = " file://keyutils-arm-remove-m32-m64.patch"
+SRC_URI_append_x86 = " file://keyutils_fix_x86_cflags.patch"
+SRC_URI_append_x86-64 = " file://keyutils_fix_x86-64_cflags.patch"
+
+S = "${WORKDIR}/git"
+
+INSTALL_FLAGS = " \
+BINDIR=${bindir} \
+SBINDIR=${sbindir} \
+INCLUDEDIR=${includedir} \
+ETCDIR=${sysconfdir} \
+LIBDIR=${libdir} \
+USRLIBDIR=${libdir} \
+SHAREDIR=${datadir} \
+MAN1=${mandir}/man1 \
+MAN3=${mandir}/man3 \
+MAN5=${mandir}/man5 \
+MAN8=${mandir}/man8 \
+DESTDIR=${D}"
+
+do_install() {
+    cd ${S} && oe_runmake ${INSTALL_FLAGS} install
+
+    # Debugging script of unknown value, not packaged.
+    rm -f "${D}${datadir}/request-key-debug.sh"
+}
+
+BBCLASSEXTEND = "native"
diff --git a/meta-security/recipes-security/libcap-ng/libcap-ng/CVE-2014-3215.patch b/meta-security/recipes-security/libcap-ng/libcap-ng/CVE-2014-3215.patch
new file mode 100644
index 000000000..d7a868d2c
--- /dev/null
+++ b/meta-security/recipes-security/libcap-ng/libcap-ng/CVE-2014-3215.patch
@@ -0,0 +1,79 @@
+Upstream-Status: Pending
+
+diff --git a/docs/capng_lock.3 b/docs/capng_lock.3
+index 7683119..a070c1e 100644
+--- a/docs/capng_lock.3
++++ b/docs/capng_lock.3
+@@ -8,12 +8,13 @@ int capng_lock(void);
+ 
+ .SH "DESCRIPTION"
+ 
+-capng_lock will take steps to prevent children of the current process to regain full privileges if the uid is 0. This should be called while possessing the CAP_SETPCAP capability in the kernel. This function will do the following if permitted by the kernel: Set the NOROOT option on for PR_SET_SECUREBITS, set the NOROOT_LOCKED option to on for PR_SET_SECUREBITS, set the PR_NO_SETUID_FIXUP option on for PR_SET_SECUREBITS, and set the PR_NO_SETUID_FIXUP_LOCKED option on for PR_SET_SECUREBITS.
++capng_lock will take steps to prevent children of the current process from gaining privileges by executing setuid programs.  This should be called while possessing the CAP_SETPCAP capability in the kernel.
+ 
++This function will do the following if permitted by the kernel:  If the kernel supports PR_SET_NO_NEW_PRIVS, it will use it.  Otherwise it will set the NOROOT option on for PR_SET_SECUREBITS, set the NOROOT_LOCKED option to on for PR_SET_SECUREBITS, set the PR_NO_SETUID_FIXUP option on for PR_SET_SECUREBITS, and set the PR_NO_SETUID_FIXUP_LOCKED option on for PR_SET_SECUREBITS.  If both fail, it will return an error.
+ 
+ .SH "RETURN VALUE"
+ 
+-This returns 0 on success and a negative number on failure. -1 means a failure setting any of the PR_SET_SECUREBITS options.
++This returns 0 on success and a negative number on failure. -1 means a failure to use PR_SET_NO_NEW_PRIVS and a failure setting any of the PR_SET_SECUREBITS options.
+ 
+ .SH "SEE ALSO"
+ 
+diff --git a/src/cap-ng.c b/src/cap-ng.c
+index bd105ba..422f2bc 100644
+--- a/src/cap-ng.c
++++ b/src/cap-ng.c
+@@ -45,6 +45,7 @@
+  * 2.6.24 kernel	XATTR_NAME_CAPS
+  * 2.6.25 kernel	PR_CAPBSET_DROP, CAPABILITY_VERSION_2
+  * 2.6.26 kernel	PR_SET_SECUREBITS, SECURE_*_LOCKED, VERSION_3
++ * 3.5    kernel	PR_SET_NO_NEW_PRIVS
+  */
+ 
+ /* External syscall prototypes */
+@@ -122,6 +123,14 @@ extern int capget(cap_user_header_t header, const cap_user_data_t data);
+ #define SECURE_NO_SETUID_FIXUP_LOCKED   3  /* make bit-2 immutable */
+ #endif
+ 
++/* prctl values that we use */
++#ifndef PR_SET_SECUREBITS
++#define PR_SET_SECUREBITS		28
++#endif
++#ifndef PR_SET_NO_NEW_PRIVS
++#define PR_SET_NO_NEW_PRIVS		38
++#endif
++
+ // States: new, allocated, initted, updated, applied
+ typedef enum { CAPNG_NEW, CAPNG_ERROR, CAPNG_ALLOCATED, CAPNG_INIT,
+ 	CAPNG_UPDATED, CAPNG_APPLIED } capng_states_t;
+@@ -663,15 +672,22 @@ int capng_change_id(int uid, int gid, capng_flags_t flag)
+ 
+ int capng_lock(void)
+ {
+-#ifdef PR_SET_SECUREBITS
+-	int rc = prctl(PR_SET_SECUREBITS,
+-			1 << SECURE_NOROOT |
+-			1 << SECURE_NOROOT_LOCKED |
+-			1 << SECURE_NO_SETUID_FIXUP |
+-			1 << SECURE_NO_SETUID_FIXUP_LOCKED, 0, 0, 0);
++	int rc;
++
++	// On Linux 3.5 and up, we can directly prevent ourselves and
++	// our descendents from gaining privileges.
++	if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) == 0)
++		return 0;
++
++	// This kernel is too old or otherwise doesn't support
++	// PR_SET_NO_NEW_PRIVS.  Fall back to using securebits.
++	rc = prctl(PR_SET_SECUREBITS,
++		   1 << SECURE_NOROOT |
++		   1 << SECURE_NOROOT_LOCKED |
++		   1 << SECURE_NO_SETUID_FIXUP |
++		   1 << SECURE_NO_SETUID_FIXUP_LOCKED, 0, 0, 0);
+ 	if (rc)
+ 		return -1;
+-#endif
+ 
+ 	return 0;
+ }
diff --git a/meta-security/recipes-security/libcap-ng/libcap-ng/python.patch b/meta-security/recipes-security/libcap-ng/libcap-ng/python.patch
new file mode 100644
index 000000000..d82ceb454
--- /dev/null
+++ b/meta-security/recipes-security/libcap-ng/libcap-ng/python.patch
@@ -0,0 +1,39 @@
+configure.ac - Avoid an incorrect check for python.
+Makefile.am - avoid hard coded host include paths.
+
+Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
+
+--- libcap-ng-0.6.5/configure.ac.orig	2012-01-17 13:59:03.645898989 -0600
++++ libcap-ng-0.6.5/configure.ac	2012-01-17 13:59:46.353959252 -0600
+@@ -120,17 +120,8 @@
+ else
+ AC_MSG_RESULT(testing)
+ AM_PATH_PYTHON
+-if test -f /usr/include/python${am_cv_python_version}/Python.h ; then
+-	python_found="yes"
+-	AC_MSG_NOTICE(Python bindings will be built)
+-else
+-	python_found="no"
+-	if test x$use_python = xyes ; then
+-		AC_MSG_ERROR([Python explicitly required and python headers found])
+-	else
+-		AC_MSG_WARN("Python headers not found - python bindings will not be made")
+-	fi
+-fi
++python_found="yes"
++AC_MSG_NOTICE(Python bindings will be built)
+ fi
+ AM_CONDITIONAL(HAVE_PYTHON, test ${python_found} = "yes")
+ 
+--- libcap-ng-0.6.5/bindings/python/Makefile.am.orig	2010-11-03 12:31:59.000000000 -0500
++++ libcap-ng-0.6.5/bindings/python/Makefile.am	2012-01-17 14:05:50.199834467 -0600
+@@ -24,7 +24,8 @@
+ CONFIG_CLEAN_FILES = *.loT *.rej *.orig
+ AM_CFLAGS = -fPIC -DPIC
+ PYLIBVER ?= python$(PYTHON_VERSION)
+-INCLUDES = -I. -I$(top_builddir) -I/usr/include/$(PYLIBVER)
++PYINC ?= /usr/include/$(PYLIBVER)
++INCLUDES = -I. -I$(top_builddir) -I$(PYINC)
+ LIBS = $(top_builddir)/src/libcap-ng.la
+ pyexec_PYTHON = capng.py
+ pyexec_LTLIBRARIES = _capng.la
diff --git a/meta-security/recipes-security/libcap-ng/libcap-ng_0.7.3.bb b/meta-security/recipes-security/libcap-ng/libcap-ng_0.7.3.bb
new file mode 100644
index 000000000..e729518e9
--- /dev/null
+++ b/meta-security/recipes-security/libcap-ng/libcap-ng_0.7.3.bb
@@ -0,0 +1,39 @@
+SUMMARY = "An alternate posix capabilities library"
+DESCRIPTION = "The libcap-ng library is intended to make programming \
+with POSIX capabilities much easier than the traditional libcap library."
+HOMEPAGE = "http://freecode.com/projects/libcap-ng"
+SECTION = "base"
+LICENSE = "GPLv2+ & LGPLv2.1+"
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f \
+		    file://COPYING.LIB;md5=e3eda01d9815f8d24aae2dbd89b68b06"
+
+SRC_URI = "http://people.redhat.com/sgrubb/libcap-ng/libcap-ng-${PV}.tar.gz \
+           file://python.patch \
+           file://CVE-2014-3215.patch \
+          "
+
+inherit lib_package autotools pythonnative
+
+SRC_URI[md5sum] = "610afb774f80a8032b711281df126283"
+SRC_URI[sha256sum] = "5ca441c8d3a1e4cfe8a8151907977662679457311ccaa7eaac91447c33a35bb1"
+
+DEPENDS += "swig-native python"
+
+EXTRA_OEMAKE += "PYLIBVER='python${PYTHON_BASEVERSION}' PYINC='${STAGING_INCDIR}/${PYLIBVER}'"
+
+PACKAGES += "${PN}-python"
+
+FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/*/.debug"
+FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}"
+
+BBCLASSEXTEND = "native"
+
+do_install_append() {
+	# Moving libcap-ng to base_libdir
+	if [ ! ${D}${libdir} -ef ${D}${base_libdir} ]; then
+		mkdir -p ${D}/${base_libdir}/
+		mv -f ${D}${libdir}/libcap-ng.so.* ${D}${base_libdir}/
+		relpath=${@os.path.relpath("${base_libdir}", "${libdir}")}
+		ln -sf ${relpath}/libcap-ng.so.0.0.0 ${D}${libdir}/libcap-ng.so
+	fi
+}
diff --git a/meta-security/recipes-security/security-manager/security-manager.inc b/meta-security/recipes-security/security-manager/security-manager.inc
new file mode 100644
index 000000000..ee749a8fb
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager.inc
@@ -0,0 +1,98 @@
+DESCRIPTION = "Security manager and utilities"
+LICENSE = "Apache-2.0"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327;beginline=3"
+
+inherit cmake
+
+# Out-of-tree build is broken ("sqlite3 .security-manager.db <db.sql" where db.sql is in $S/db).
+B = "${S}"
+
+DEPENDS = " \
+attr \
+boost \
+cynara \
+icu \
+libcap \
+smack \
+sqlite3 \
+sqlite3-native \
+systemd \
+"
+
+PACKAGECONFIG ??= ""
+PACKAGECONFIG[debug] = "-DCMAKE_BUILD_TYPE=DEBUG,-DCMAKE_BUILD_TYPE=RELEASE"
+
+TZ_SYS_DB = "/var/db/security-manager"
+
+EXTRA_OECMAKE = " \
+-DCMAKE_VERBOSE_MAKEFILE=ON \
+-DVERSION=${PV} \
+-DSYSTEMD_INSTALL_DIR=${systemd_unitdir}/system \
+-DBIN_INSTALL_DIR=${bindir} \
+-DDB_INSTALL_DIR=${TZ_SYS_DB} \
+-DLIB_INSTALL_DIR=${libdir} \
+-DSHARE_INSTALL_PREFIX=${datadir} \
+-DINCLUDE_INSTALL_DIR=${includedir} \
+"
+
+inherit systemd
+SYSTEMD_SERVICE_${PN} = "security-manager.service"
+
+inherit distro_features_check
+REQUIRED_DISTRO_FEATURES += "smack"
+
+# The upstream source code contains the Tizen-specific policy configuration files.
+# To replace them, create a security-manager.bbappend and set the following variable to a
+# space-separated list of policy file names (not URIs!), for example:
+# SECURITY_MANAGER_POLICY = "privilege-group.list usertype-system.profile"
+#
+# Leave it empty to use the upstream Tizen policy.
+SECURITY_MANAGER_POLICY ?= ""
+SRC_URI_append = " ${@' '.join(['file://' + x for x in d.getVar('SECURITY_MANAGER_POLICY', True).split()])}"
+python do_patch_append () {
+    import os
+    import shutil
+    import glob
+    files = d.getVar('SECURITY_MANAGER_POLICY', True).split()
+    if files:
+        s = d.getVar('S', True)
+        workdir = d.getVar('WORKDIR', True)
+        for pattern in ['*.profile', '*.list']:
+            for old_file in glob.glob(s + '/policy/' + pattern):
+                os.unlink(old_file)
+        for file in files:
+            shutil.copy(file, s + '/policy')
+}
+
+do_install_append () {
+   install -d ${D}/${systemd_unitdir}/system/multi-user.target.wants
+   ln -s ../security-manager.service ${D}/${systemd_unitdir}/system/multi-user.target.wants/security-manager.service
+   install -d ${D}/${systemd_unitdir}/system/sockets.target.wants
+   ln -s ../security-manager.socket ${D}/${systemd_unitdir}/system/sockets.target.wants/security-manager.socket
+}
+
+RDEPENDS_${PN} += "smack"
+pkg_postinst_${PN} () {
+   set -e
+   chsmack -a System $D${TZ_SYS_DB}/.security-manager.db
+   chsmack -a System $D${TZ_SYS_DB}/.security-manager.db-journal
+}
+
+FILES_${PN} += " \
+${systemd_unitdir} \
+${TZ_SYS_DB} \
+"
+
+PACKAGES =+ "${PN}-policy"
+FILES_${PN}-policy = " \
+   ${datadir}/${PN} \
+   ${bindir}/security-manager-policy-reload \
+"
+RDEPENDS_${PN}-policy += "sqlite3 cynara"
+pkg_postinst_${PN}-policy () {
+   if [ x"$D" = "x" ] && ${bindir}/security-manager-policy-reload; then
+       exit 0
+   else
+       exit 1
+   fi
+}
diff --git a/meta-security/recipes-security/security-manager/security-manager/0001-Smack-rules-create-two-new-functions.patch b/meta-security/recipes-security/security-manager/security-manager/0001-Smack-rules-create-two-new-functions.patch
new file mode 100644
index 000000000..b0e11afe4
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/0001-Smack-rules-create-two-new-functions.patch
@@ -0,0 +1,116 @@
+From d130a7384428a96f31ad5950ffbffadc0aa29a15 Mon Sep 17 00:00:00 2001
+From: Alejandro Joya <alejandro.joya.cruz@intel.com>
+Date: Wed, 4 Nov 2015 19:01:35 -0600
+Subject: [PATCH 1/2] Smack-rules: create two new functions
+
+It let to smack-rules to create multiple set of rules
+related with the privileges.
+
+It runs from the same bases than for a static set of rules on the
+template, but let you add 1 or many templates for different cases.
+
+Signed-off-by: Alejandro Joya <alejandro.joya.cruz@intel.com>
+---
+ src/common/include/smack-rules.h | 15 ++++++++++++++
+ src/common/smack-rules.cpp       | 44 ++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 59 insertions(+)
+
+diff --git a/src/common/include/smack-rules.h b/src/common/include/smack-rules.h
+index 91446a7..f9fa438 100644
+--- a/src/common/include/smack-rules.h
++++ b/src/common/include/smack-rules.h
+@@ -47,6 +47,8 @@ public:
+     void addFromTemplate(const std::vector<std::string> &templateRules,
+         const std::string &appId, const std::string &pkgId);
+     void addFromTemplateFile(const std::string &appId, const std::string &pkgId);
++    void addFromTemplateFile(const std::string &appId, const std::string &pkgId,
++	const std::string &path);
+ 
+     void apply() const;
+     void clear() const;
+@@ -75,6 +77,19 @@ public:
+     static void installApplicationRules(const std::string &appId, const std::string &pkgId,
+         const std::vector<std::string> &pkgContents);
+     /**
++     * Install privileges-specific smack rules.
++     *
++     * Function creates smack rules using predefined template. Rules are applied
++     * to the kernel and saved on persistent storage so they are loaded on system boot.
++     *
++     * @param[in] appId - application id that is beeing installed
++     * @param[in] pkgId - package id that the application is in
++     * @param[in] pkgContents - a list of all applications in the package
++     * @param[in] privileges - a list of all prvileges 
++     */
++    static void installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
++        const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges);
++    /**
+      * Uninstall package-specific smack rules.
+      *
+      * Function loads package-specific smack rules, revokes them from the kernel
+diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
+index 3629e0f..d834e42 100644
+--- a/src/common/smack-rules.cpp
++++ b/src/common/smack-rules.cpp
+@@ -135,6 +135,29 @@ void SmackRules::saveToFile(const std::string &path) const
+     }
+ }
+ 
++void SmackRules::addFromTemplateFile(const std::string &appId,
++        const std::string &pkgId, const std::string &path)
++{
++    std::vector<std::string> templateRules;
++    std::string line;
++    std::ifstream templateRulesFile(path);
++
++    if (!templateRulesFile.is_open()) {
++        LogError("Cannot open rules template file: " << path);
++        ThrowMsg(SmackException::FileError, "Cannot open rules template file: " << path);
++    }
++
++    while (std::getline(templateRulesFile, line)) {
++        templateRules.push_back(line);
++    }
++
++    if (templateRulesFile.bad()) {
++        LogError("Error reading template file: " << APP_RULES_TEMPLATE_FILE_PATH);
++        ThrowMsg(SmackException::FileError, "Error reading template file: " << APP_RULES_TEMPLATE_FILE_PATH);
++    }
++
++    addFromTemplate(templateRules, appId, pkgId);
++}
+ 
+ void SmackRules::addFromTemplateFile(const std::string &appId,
+         const std::string &pkgId)
+@@ -223,7 +246,28 @@ std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
+     std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" +  appId).c_str()));
+     return path;
+ }
++void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
++        const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
++{
++    SmackRules smackRules;
++    std::string appPath = getApplicationRulesFilePath(appId);
++    smackRules.loadFromFile(appPath);
++    struct stat buffer;
++    for (auto privilege : privileges) {
++        if (privilege.empty())
++            continue;
++        std::string fprivilege ( privilege + "-template.smack");
++        std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
++        if( stat(path.c_str(), &buffer) == 0) 
++            smackRules.addFromTemplateFile(appId, pkgId, path);
++    }
++
++    if (smack_smackfs_path() != NULL)
++        smackRules.apply();
+ 
++    smackRules.saveToFile(appPath);
++    updatePackageRules(pkgId, pkgContents);
++}
+ void SmackRules::installApplicationRules(const std::string &appId, const std::string &pkgId,
+         const std::vector<std::string> &pkgContents)
+ {
+-- 
+2.1.0
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/0002-app-install-implement-multiple-set-of-smack-rules.patch b/meta-security/recipes-security/security-manager/security-manager/0002-app-install-implement-multiple-set-of-smack-rules.patch
new file mode 100644
index 000000000..d60096a15
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/0002-app-install-implement-multiple-set-of-smack-rules.patch
@@ -0,0 +1,34 @@
+From 19688cbe2ca10921a499f3fa265928dca54cf98d Mon Sep 17 00:00:00 2001
+From: Alejandro Joya <alejandro.joya.cruz@intel.com>
+Date: Wed, 4 Nov 2015 19:06:23 -0600
+Subject: [PATCH 2/2] app-install: implement multiple set of smack-rules
+
+If it's need it could create load multiple set of smack rules
+related with the privileges.
+It wouldn't affect the case that only the default set of rules is need it.
+
+Signed-off-by: Alejandro Joya <alejandro.joya.cruz@intel.com>
+---
+ src/common/service_impl.cpp | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
+index 7fd621c..ae305d3 100644
+--- a/src/common/service_impl.cpp
++++ b/src/common/service_impl.cpp
+@@ -338,6 +338,12 @@ int appInstall(const app_inst_req &req, uid_t uid)
+         LogDebug("Adding Smack rules for new appId: " << req.appId << " with pkgId: "
+                 << req.pkgId << ". Applications in package: " << pkgContents.size());
+         SmackRules::installApplicationRules(req.appId, req.pkgId, pkgContents);
++	/*Setup for privileges custom rules*/
++	 LogDebug("Adding Smack rules for new appId: " << req.appId << " with pkgId: "
++                << req.pkgId << ". Applications in package: " << pkgContents.size()
++		<< " and Privileges");
++	SmackRules::installApplicationPrivilegesRules(req.appId, req.pkgId,
++	    pkgContents,req.privileges);
+     } catch (const SmackException::Base &e) {
+         LogError("Error while applying Smack policy for application: " << e.DumpToString());
+         return SECURITY_MANAGER_API_ERROR_SETTING_FILE_LABEL_FAILED;
+-- 
+2.1.0
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/Removing-tizen-platform-config.patch b/meta-security/recipes-security/security-manager/security-manager/Removing-tizen-platform-config.patch
new file mode 100644
index 000000000..4baea6572
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/Removing-tizen-platform-config.patch
@@ -0,0 +1,196 @@
+From 72e66d0e42f3bb6efd689ce33b1df407d94b3c60 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Mon, 16 Nov 2015 14:26:25 +0100
+Subject: [PATCH] Removing tizen-platform-config
+
+Change-Id: Ic832a2b75229517b09faba969c27fb1a4b490121
+---
+ policy/security-manager-policy-reload |  2 +-
+ src/common/file-lock.cpp              |  4 +---
+ src/common/include/file-lock.h        |  1 -
+ src/common/include/privilege_db.h     |  3 +--
+ src/common/service_impl.cpp           | 39 +++++++++++------------------------
+ src/common/smack-rules.cpp            | 12 ++++-------
+ 6 files changed, 19 insertions(+), 42 deletions(-)
+
+diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload
+index 6f211c6..ed8047a 100755
+--- a/policy/security-manager-policy-reload
++++ b/policy/security-manager-policy-reload
+@@ -2,7 +2,7 @@
+ 
+ POLICY_PATH=/usr/share/security-manager/policy
+ PRIVILEGE_GROUP_MAPPING=$POLICY_PATH/privilege-group.list
+-DB_FILE=`tzplatform-get TZ_SYS_DB | cut -d= -f2`/.security-manager.db
++DB_FILE=/usr/dbspace/.security-manager.db
+ 
+ # Create default buckets
+ while read bucket default_policy
+diff --git a/src/common/file-lock.cpp b/src/common/file-lock.cpp
+index 6f3996c..1dada17 100644
+--- a/src/common/file-lock.cpp
++++ b/src/common/file-lock.cpp
+@@ -30,9 +30,7 @@
+ 
+ namespace SecurityManager {
+ 
+-char const * const SERVICE_LOCK_FILE = tzplatform_mkpath3(TZ_SYS_RUN,
+-                                                         "lock",
+-                                                         "security-manager.lock");
++char const * const SERVICE_LOCK_FILE = "/var/run/lock/security-manager.lock";
+ 
+ FileLocker::FileLocker(const std::string &lockFile, bool blocking)
+ {
+diff --git a/src/common/include/file-lock.h b/src/common/include/file-lock.h
+index 604b019..21a86a0 100644
+--- a/src/common/include/file-lock.h
++++ b/src/common/include/file-lock.h
+@@ -29,7 +29,6 @@
+ 
+ #include <dpl/exception.h>
+ #include <dpl/noncopyable.h>
+-#include <tzplatform_config.h>
+ 
+ namespace SecurityManager {
+ 
+diff --git a/src/common/include/privilege_db.h b/src/common/include/privilege_db.h
+index 4d73d90..03c6680 100644
+--- a/src/common/include/privilege_db.h
++++ b/src/common/include/privilege_db.h
+@@ -34,14 +34,13 @@
+ #include <string>
+ 
+ #include <dpl/db/sql_connection.h>
+-#include <tzplatform_config.h>
+ 
+ #ifndef PRIVILEGE_DB_H_
+ #define PRIVILEGE_DB_H_
+ 
+ namespace SecurityManager {
+ 
+-const char *const PRIVILEGE_DB_PATH = tzplatform_mkpath(TZ_SYS_DB, ".security-manager.db");
++const char *const PRIVILEGE_DB_PATH = "/usr/dbspace/.security-manager.db";
+ 
+ enum class QueryType {
+     EGetPkgPrivileges,
+diff --git a/src/common/service_impl.cpp b/src/common/service_impl.cpp
+index ae305d3..65cc8b5 100644
+--- a/src/common/service_impl.cpp
++++ b/src/common/service_impl.cpp
+@@ -32,7 +32,6 @@
+ #include <algorithm>
+ 
+ #include <dpl/log/log.h>
+-#include <tzplatform_config.h>
+ 
+ #include "protocols.h"
+ #include "privilege_db.h"
+@@ -131,7 +130,13 @@ static inline int validatePolicy(policy_entry &policyEntry, std::string uidStr,
+ 
+ static uid_t getGlobalUserId(void)
+ {
+-    static uid_t globaluid = tzplatform_getuid(TZ_SYS_GLOBALAPP_USER);
++    static uid_t globaluid = 0;
++    if (!globaluid) {
++        struct passwd pw, *p;
++        char buf[4096];
++        int rc = getpwnam_r("userapp", &pw, buf, sizeof buf, &p);
++        globaluid = (rc || p == NULL) ? 555 : p->pw_uid;
++    }
+     return globaluid;
+ }
+ 
+@@ -161,37 +166,17 @@ static inline bool isSubDir(const char *parent, const char *subdir)
+ 
+ static bool getUserAppDir(const uid_t &uid, std::string &userAppDir)
+ {
+-    struct tzplatform_context *tz_ctx = nullptr;
+-
+-    if (tzplatform_context_create(&tz_ctx))
+-            return false;
+-
+-    if (tzplatform_context_set_user(tz_ctx, uid)) {
+-        tzplatform_context_destroy(tz_ctx);
+-        tz_ctx = nullptr;
++    struct passwd pw, *p;
++    char buf[4096];
++    int rc = getpwuid_r(uid, &pw, buf, sizeof buf, &p);
++    if (rc || p == NULL)
+         return false;
+-    }
+-
+-    enum tzplatform_variable id =
+-            (uid == getGlobalUserId()) ? TZ_SYS_RW_APP : TZ_USER_APP;
+-    const char *appDir = tzplatform_context_getenv(tz_ctx, id);
+-    if (!appDir) {
+-        tzplatform_context_destroy(tz_ctx);
+-        tz_ctx = nullptr;
+-        return false;
+-    }
+-
+-    userAppDir = appDir;
+-
+-    tzplatform_context_destroy(tz_ctx);
+-    tz_ctx = nullptr;
+-
++    userAppDir = p->pw_dir;
+     return true;
+ }
+ 
+ static inline bool installRequestAuthCheck(const app_inst_req &req, uid_t uid, bool &isCorrectPath, std::string &appPath)
+ {
+-    std::string userHome;
+     std::string userAppDir;
+     std::stringstream correctPath;
+ 
+diff --git a/src/common/smack-rules.cpp b/src/common/smack-rules.cpp
+index d834e42..8b5728b 100644
+--- a/src/common/smack-rules.cpp
++++ b/src/common/smack-rules.cpp
+@@ -34,7 +34,6 @@
+ #include <memory>
+ 
+ #include <dpl/log/log.h>
+-#include <tzplatform_config.h>
+ 
+ #include "smack-labels.h"
+ #include "smack-rules.h"
+@@ -43,7 +42,7 @@ namespace SecurityManager {
+ 
+ const char *const SMACK_APP_LABEL_TEMPLATE     = "~APP~";
+ const char *const SMACK_PKG_LABEL_TEMPLATE     = "~PKG~";
+-const char *const APP_RULES_TEMPLATE_FILE_PATH = tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", "app-rules-template.smack");
++const char *const APP_RULES_TEMPLATE_FILE_PATH = "/usr/share/security-manager/policy/app-rules-template.smack";
+ const char *const SMACK_APP_IN_PACKAGE_PERMS   = "rwxat";
+ 
+ SmackRules::SmackRules()
+@@ -237,14 +236,12 @@ void SmackRules::generatePackageCrossDeps(const std::vector<std::string> &pkgCon
+ 
+ std::string SmackRules::getPackageRulesFilePath(const std::string &pkgId)
+ {
+-    std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("pkg_" + pkgId).c_str()));
+-    return path;
++    return "/etc/smack/accesses.d/pkg_" + pkgId;
+ }
+ 
+ std::string SmackRules::getApplicationRulesFilePath(const std::string &appId)
+ {
+-    std::string path(tzplatform_mkpath3(TZ_SYS_SMACK, "accesses.d", ("app_" +  appId).c_str()));
+-    return path;
++    return "/etc/smack/accesses.d/app_" + appId;
+ }
+ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, const std::string &pkgId,
+         const std::vector<std::string> &pkgContents, const std::vector<std::string> &privileges)
+@@ -256,8 +253,7 @@ void SmackRules::installApplicationPrivilegesRules(const std::string &appId, con
+     for (auto privilege : privileges) {
+         if (privilege.empty())
+             continue;
+-        std::string fprivilege ( privilege + "-template.smack");
+-        std::string path(tzplatform_mkpath4(TZ_SYS_SHARE, "security-manager", "policy", fprivilege.c_str()));
++        std::string path = "/usr/share/security-manager/policy/" + privilege + "-template.smack";
+         if( stat(path.c_str(), &buffer) == 0) 
+             smackRules.addFromTemplateFile(appId, pkgId, path);
+     }
+-- 
+2.1.4
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/c-11-replace-depracated-auto_ptr.patch b/meta-security/recipes-security/security-manager/security-manager/c-11-replace-depracated-auto_ptr.patch
new file mode 100644
index 000000000..c312a9e72
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/c-11-replace-depracated-auto_ptr.patch
@@ -0,0 +1,32 @@
+From 6abeec29a0e704f4bf7084b29275b99fea0a78de Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jobol@nonadev.net>
+Date: Wed, 13 Jan 2016 17:30:06 +0100
+Subject: [PATCH 2/2] c++11: replace depracated auto_ptr
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Upstream-Status: Submitted [https://review.tizen.org/gerrit/#/c/56940/]
+
+Change-Id: Id793c784c9674eef48f346226c094bdd9f7bbda8
+Signed-off-by: José Bollo <jobol@nonadev.net>
+---
+ src/dpl/core/include/dpl/binary_queue.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/dpl/core/include/dpl/binary_queue.h b/src/dpl/core/include/dpl/binary_queue.h
+index dd03f5e..185b6c7 100644
+--- a/src/dpl/core/include/dpl/binary_queue.h
++++ b/src/dpl/core/include/dpl/binary_queue.h
+@@ -33,7 +33,7 @@ namespace SecurityManager {
+  * Binary queue auto pointer
+  */
+ class BinaryQueue;
+-typedef std::auto_ptr<BinaryQueue> BinaryQueueAutoPtr;
++typedef std::unique_ptr<BinaryQueue> BinaryQueueAutoPtr;
+ 
+ /**
+  * Binary stream implemented as constant size bucket list
+-- 
+2.1.4
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/include-linux-xattr.patch b/meta-security/recipes-security/security-manager/security-manager/include-linux-xattr.patch
new file mode 100644
index 000000000..33fbc025e
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/include-linux-xattr.patch
@@ -0,0 +1,24 @@
+From: José Bollo <jose.bollo@iot.bzh>
+Date: Tue, 30 Oct 2015 14:32:03 -0100
+Subject: [PATCH] include linux xattr
+
+adds a #include <linux/xattr.h> in source.
+
+---
+ src/client/client-security-manager.cpp | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/client/client-security-manager.cpp b/src/client/client-security-manager.cpp
+index 74a6b30..641790b 100644
+--- a/src/client/client-security-manager.cpp
++++ b/src/client/client-security-manager.cpp
+@@ -34,6 +34,7 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <sys/xattr.h>
++#include <linux/xattr.h>
+ #include <sys/smack.h>
+ #include <sys/capability.h>
+ 
+-- 
+2.1.4
diff --git a/meta-security/recipes-security/security-manager/security-manager/libcap-without-pkgconfig.patch b/meta-security/recipes-security/security-manager/security-manager/libcap-without-pkgconfig.patch
new file mode 100644
index 000000000..a948343f8
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/libcap-without-pkgconfig.patch
@@ -0,0 +1,32 @@
+From: José Bollo <jose.bollo@iot.bzh>
+Date: Tue, 30 Oct 2015 14:32:03 -0100
+Subject: [PATCH] libcap without pkgconfig
+
+Handles libcap that isn't distributed for pkg-config
+
+---
+ src/client/CMakeLists.txt | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/src/client/CMakeLists.txt b/src/client/CMakeLists.txt
+index 5399a55..0250ce2 100644
+--- a/src/client/CMakeLists.txt
++++ b/src/client/CMakeLists.txt
+@@ -1,7 +1,6 @@
+ PKG_CHECK_MODULES(CLIENT_DEP
+     REQUIRED
+     libsmack
+-    libcap
+     )
+ 
+ SET(CLIENT_VERSION_MAJOR 1)
+@@ -37,6 +36,7 @@ SET_TARGET_PROPERTIES(${TARGET_CLIENT}
+ TARGET_LINK_LIBRARIES(${TARGET_CLIENT}
+     ${TARGET_COMMON}
+     ${CLIENT_DEP_LIBRARIES}
++    cap
+     )
+ 
+ INSTALL(TARGETS ${TARGET_CLIENT} DESTINATION ${LIB_INSTALL_DIR})
+-- 
+2.1.4
diff --git a/meta-security/recipes-security/security-manager/security-manager/removes-dependency-to-libslp-db-utils.patch b/meta-security/recipes-security/security-manager/security-manager/removes-dependency-to-libslp-db-utils.patch
new file mode 100644
index 000000000..f94973074
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/removes-dependency-to-libslp-db-utils.patch
@@ -0,0 +1,78 @@
+From 1e2f8f58d4320afa1d83a6f94822e53346108ee8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Mon, 16 Nov 2015 15:56:27 +0100
+Subject: [PATCH] removes dependency to libslp-db-utils
+
+Change-Id: I90471e77d20e04bae58cc42eb2639e4aef97fdec
+---
+ src/common/CMakeLists.txt         |  1 ++-
+ src/dpl/db/src/sql_connection.cpp | 17 +----------------
+ 2 files changed, 3 additions(+), 17 deletions(-)
+
+diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
+index 968c7c1..d1fe644 100644
+--- a/src/common/CMakeLists.txt
++++ b/src/common/CMakeLists.txt
+@@ -5,7 +5,8 @@ PKG_CHECK_MODULES(COMMON_DEP
+     REQUIRED
+     libsystemd
+     libsmack
+-    db-util
++    sqlite3 
++    icu-i18n
+     cynara-admin
+     cynara-client
+     )
+diff --git a/src/dpl/db/src/sql_connection.cpp b/src/dpl/db/src/sql_connection.cpp
+index fdb4fe4..1fb97be 100644
+--- a/src/dpl/db/src/sql_connection.cpp
++++ b/src/dpl/db/src/sql_connection.cpp
+@@ -26,7 +26,6 @@
+ #include <memory>
+ #include <dpl/noncopyable.h>
+ #include <dpl/assert.h>
+-#include <db-util.h>
+ #include <unistd.h>
+ #include <cstdio>
+ #include <cstdarg>
+@@ -606,16 +605,7 @@ void SqlConnection::Connect(const std::string &address,
+ 
+     // Connect to database
+     int result;
+-    if (type & Flag::UseLucene) {
+-        result = db_util_open_with_options(
+-                address.c_str(),
+-                &m_connection,
+-                flag,
+-                NULL);
+-
+-        m_usingLucene = true;
+-        LogPedantic("Lucene index enabled");
+-    } else {
++    (void)type;
+         result = sqlite3_open_v2(
+                 address.c_str(),
+                 &m_connection,
+@@ -624,7 +614,6 @@ void SqlConnection::Connect(const std::string &address,
+ 
+         m_usingLucene = false;
+         LogPedantic("Lucene index disabled");
+-    }
+ 
+     if (result == SQLITE_OK) {
+         LogPedantic("Connected to DB");
+@@ -653,11 +642,7 @@ void SqlConnection::Disconnect()
+ 
+     int result;
+ 
+-    if (m_usingLucene) {
+-        result = db_util_close(m_connection);
+-    } else {
+         result = sqlite3_close(m_connection);
+-    }
+ 
+     if (result != SQLITE_OK) {
+         const char *error = sqlite3_errmsg(m_connection);
+-- 
+2.1.4
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/security-manager-policy-reload-do-not-depend-on-GNU-.patch b/meta-security/recipes-security/security-manager/security-manager/security-manager-policy-reload-do-not-depend-on-GNU-.patch
new file mode 100644
index 000000000..ac57964ca
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/security-manager-policy-reload-do-not-depend-on-GNU-.patch
@@ -0,0 +1,35 @@
+From d2995014142306987bf86b4d508a84b9b4683c5c Mon Sep 17 00:00:00 2001
+From: Patrick Ohly <patrick.ohly@intel.com>
+Date: Wed, 19 Aug 2015 15:02:32 +0200
+Subject: [PATCH 2/2] security-manager-policy-reload: do not depend on GNU sed
+
+\U (= make replacement uppercase) is a GNU sed extension which is not
+supported by other sed implementation's (like the one from
+busybox). When using busybox, the bucket for user profiles became
+USER_TYPE_Uadmin instead USER_TYPE_ADMIN.
+
+To make SecurityManager more portable, better use tr to turn the
+bucket name into uppercase.
+
+Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
+Upstream-Status: Submitted (https://github.com/Samsung/security-manager/pull/1
+
+---
+ policy/security-manager-policy-reload | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/policy/security-manager-policy-reload b/policy/security-manager-policy-reload
+index 274c49c..6f211c6 100755
+--- a/policy/security-manager-policy-reload
++++ b/policy/security-manager-policy-reload
+@@ -33,7 +33,7 @@ END
+ find "$POLICY_PATH" -name "usertype-*.profile" |
+ while read file
+ do
+-    bucket="`echo $file | sed -r 's|.*/usertype-(.*).profile$|USER_TYPE_\U\1|'`"
++    bucket="`echo $file | sed -r 's|.*/usertype-(.*).profile$|USER_TYPE_\1|' | tr '[:lower:]' '[:upper:]'`"
+ 
+     # Re-create the bucket with empty contents
+     cyad --delete-bucket=$bucket || true
+-- 
+2.1.4
diff --git a/meta-security/recipes-security/security-manager/security-manager/socket-manager-removes-tizen-specific-call.patch b/meta-security/recipes-security/security-manager/security-manager/socket-manager-removes-tizen-specific-call.patch
new file mode 100644
index 000000000..fa4c21c7f
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/socket-manager-removes-tizen-specific-call.patch
@@ -0,0 +1,47 @@
+From 75c4852e47217ab85d6840b488ab4b3688091856 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jos=C3=A9=20Bollo?= <jose.bollo@iot.bzh>
+Date: Fri, 8 Jan 2016 16:53:46 +0100
+Subject: [PATCH 1/2] socket-manager: removes tizen specific call
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The function 'smack_fgetlabel' is specific to Tizen
+and is no more maintained upstream.
+
+Upstream-Status: Accepted [https://review.tizen.org/gerrit/#/c/56507/]
+
+Change-Id: I3802742b1758efe37b33e6d968ff727d68f2fd1f
+Signed-off-by: José Bollo <jobol@nonadev.net>
+---
+ src/server/main/socket-manager.cpp | 7 ++++---
+ 1 file changed, 4 insertions(+), 3 deletions(-)
+
+diff --git a/src/server/main/socket-manager.cpp b/src/server/main/socket-manager.cpp
+index 0366186..c5cec18 100644
+--- a/src/server/main/socket-manager.cpp
++++ b/src/server/main/socket-manager.cpp
+@@ -30,6 +30,7 @@
+ #include <sys/types.h>
+ #include <sys/socket.h>
+ #include <sys/smack.h>
++#include <linux/xattr.h>
+ #include <sys/un.h>
+ #include <sys/stat.h>
+ #include <unistd.h>
+@@ -500,9 +501,9 @@ int SocketManager::CreateDomainSocketHelp(
+     if (smack_check()) {
+         LogInfo("Set up smack label: " << desc.smackLabel);
+ 
+-        if (0 != smack_fsetlabel(sockfd, desc.smackLabel.c_str(), SMACK_LABEL_IPIN)) {
+-            LogError("Error in smack_fsetlabel");
+-            ThrowMsg(Exception::InitFailed, "Error in smack_fsetlabel");
++        if (0 != smack_set_label_for_file(sockfd, XATTR_NAME_SMACKIPIN, desc.smackLabel.c_str())) {
++            LogError("Error in smack_set_label_for_file");
++            ThrowMsg(Exception::InitFailed, "Error in smack_set_label_for_file");
+         }
+     } else {
+         LogInfo("No smack on platform. Socket won't be securied with smack label!");
+-- 
+2.1.4
+
diff --git a/meta-security/recipes-security/security-manager/security-manager/systemd-stop-using-compat-libs.patch b/meta-security/recipes-security/security-manager/security-manager/systemd-stop-using-compat-libs.patch
new file mode 100644
index 000000000..cd5c36a6a
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager/systemd-stop-using-compat-libs.patch
@@ -0,0 +1,47 @@
+From 8ec024d2adecb53029c6f1af2b95c93dfd43a7cb Mon Sep 17 00:00:00 2001
+From: Patrick Ohly <patrick.ohly@intel.com>
+Date: Tue, 24 Mar 2015 04:54:03 -0700
+Subject: [PATCH] systemd: stop using compat libs
+
+libsystemd-journal and libsystemd-daemon are considered obsolete
+in systemd since 2.09 and may not be available (not compiled
+by default).
+
+The code works fine with the current libsystemd, so just
+use that.
+
+Signed-off-by: Patrick Ohly <patrick.ohly@intel.com>
+Upstream-Status: Submitted (https://github.com/Samsung/security-manager/pull/1
+
+---
+ src/common/CMakeLists.txt | 2 +-
+ src/server/CMakeLists.txt | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/common/CMakeLists.txt b/src/common/CMakeLists.txt
+index 2da9c3e..968c7c1 100644
+--- a/src/common/CMakeLists.txt
++++ b/src/common/CMakeLists.txt
+@@ -3,7 +3,7 @@ SET(COMMON_VERSION ${COMMON_VERSION_MAJOR}.0.2)
+ 
+ PKG_CHECK_MODULES(COMMON_DEP
+     REQUIRED
+-    libsystemd-journal
++    libsystemd
+     libsmack
+     db-util
+     cynara-admin
+diff --git a/src/server/CMakeLists.txt b/src/server/CMakeLists.txt
+index 753eb96..6849d76 100644
+--- a/src/server/CMakeLists.txt
++++ b/src/server/CMakeLists.txt
+@@ -1,6 +1,6 @@
+ PKG_CHECK_MODULES(SERVER_DEP
+     REQUIRED
+-    libsystemd-daemon
++    libsystemd
+     )
+ 
+ FIND_PACKAGE(Boost REQUIRED)
+-- 
+2.1.4
diff --git a/meta-security/recipes-security/security-manager/security-manager_git.bb b/meta-security/recipes-security/security-manager/security-manager_git.bb
new file mode 100644
index 000000000..65134d31a
--- /dev/null
+++ b/meta-security/recipes-security/security-manager/security-manager_git.bb
@@ -0,0 +1,34 @@
+require security-manager.inc
+
+PV = "1.0.2+git${SRCPV}"
+SRCREV = "860305a595d681d650024ad07b3b0977e1fcb0a6"
+SRC_URI += "git://github.com/Samsung/security-manager.git"
+S = "${WORKDIR}/git"
+
+SRC_URI += " \
+file://systemd-stop-using-compat-libs.patch \
+file://security-manager-policy-reload-do-not-depend-on-GNU-.patch \
+file://0001-Smack-rules-create-two-new-functions.patch \
+file://0002-app-install-implement-multiple-set-of-smack-rules.patch \
+file://c-11-replace-depracated-auto_ptr.patch \
+file://socket-manager-removes-tizen-specific-call.patch \
+file://Removing-tizen-platform-config.patch \
+file://removes-dependency-to-libslp-db-utils.patch \
+"
+
+##########################################
+# This are patches for backward compatibility to the version dizzy of poky.
+# The dizzy version of libcap isn't providing a packconfig file.
+# This is solved by the patch libcap-without-pkgconfig.patch.
+# But after solving that issue, it appears that linux/xattr.h should
+# also be include add definitions of XATTR_NAME_SMACK... values.
+# Unfortunately, there is no explanation why linux/xattr.h should
+# also be included (patch include-linux-xattr.patch)
+##########################################
+do_patch[depends] = "libcap:do_populate_sysroot"
+APPLY = "${@str('no' if os.path.exists('${STAGING_LIBDIR}/pkgconfig/libcap.pc') else 'yes')}"
+SRC_URI += "\
+  file://libcap-without-pkgconfig.patch;apply=${APPLY} \
+  file://include-linux-xattr.patch;apply=${APPLY} \
+"
+
diff --git a/meta-security/recipes-security/smack/smack-userspace_git.bb b/meta-security/recipes-security/smack/smack-userspace_git.bb
new file mode 100644
index 000000000..aa6d5fa6f
--- /dev/null
+++ b/meta-security/recipes-security/smack/smack-userspace_git.bb
@@ -0,0 +1,27 @@
+DESCRIPTION = "Selection of tools for developers working with Smack"
+HOMEPAGE = "https://github.com/smack-team/smack"
+SECTION = "Security/Access Control"
+LICENSE = "LGPL-2.1"
+
+# Alias needed to satisfy dependencies in other recipes.
+# This recipe itself cannot be named "smack" because that
+# would conflict with the "smack" override.
+PROVIDES = "smack"
+RPROVIDES_${PN} += "smack"
+
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/GPL-2.0;md5=801f80980d171dd6425610833a22dbe6"
+PV = "1.2.0+git${SRCPV}"
+SRCREV = "d82bac7dac69823fd40015dffad1a128505a2258"
+SRC_URI += "git://github.com/smack-team/smack.git;protocol=https;branch=v1.2.x"
+S = "${WORKDIR}/git"
+
+inherit autotools
+
+BBCLASSEXTEND = "native"
+
+# Fix copied from meta-tizen.
+do_configure_prepend() {
+  export ac_cv_prog_DOXYGEN=""
+  sed -i 's@systemd_new=no@systemd_new=yes@' ${S}/configure.ac
+  sed -i '/PKG_CHECK_MODULES(/,/)/{s/b/r/p;d}' ${S}/configure.ac
+}
diff --git a/meta-security/recipes-security/smacknet/files/smacknet b/meta-security/recipes-security/smacknet/files/smacknet
new file mode 100644
index 000000000..3818d30ae
--- /dev/null
+++ b/meta-security/recipes-security/smacknet/files/smacknet
@@ -0,0 +1,184 @@
+#!/usr/bin/python
+# Copyright (c) 2012, 2013, Intel Corporation 
+# Copyright (c) 2009 David Wolinsky <davidiw@ufl.edu), University of Florida
+# All rights reserved.
+# 
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. The name of the author may not be used to endorse or promote products
+#    derived from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+import socket,fcntl, struct, thread
+import os.path
+import sys
+
+SMACKFS_LOAD="/sys/fs/smackfs/load2"
+SMACKFS_NETLABEL="/sys/fs/smackfs/netlabel"
+SIOCGIFADDR = 0x8915
+SIOCGIFNETMASK = 0x891b
+
+def get_ip_address(ifname):
+    s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+    return fcntl.ioctl(s.fileno(), SIOCGIFADDR, 
+			struct.pack('256s', ifname.encode("utf-8")))[20:24]
+
+def get_netmask(ifname):
+   s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
+   return fcntl.ioctl(s.fileno(), SIOCGIFNETMASK, 
+			struct.pack('256s', ifname.encode("utf-8")))[20:24]
+
+def applynetlabeltags(interface, addr):
+	if not interface.startswith("lo"):
+		bmask = get_netmask(interface.encode("utf-8"))
+		prefix = bin(struct.unpack(">L", bmask)[0]).count("1")
+		tags = [
+			addr+"/"+str(prefix)+" Network::Local\n", 
+			"0.0.0.0/0 Network::Cloud\n",
+			"127.0.0.1/8 -CIPSO\n"]
+		smackfs_netlabel(tags)
+	
+def loadnetlabelrules():
+	rulesSystem = [
+		"System Network::Cloud w\n",
+		"System Network::Local w\n",
+		"Network::Cloud System w\n",
+		"Network::Local System w\n"]
+	smackfs_load2(rulesSystem)
+
+def smackfs_load2 (rules):
+	with open(SMACKFS_LOAD, "w") as load2:
+		for rule in rules:
+			load2.write(rule)
+
+def smackfs_netlabel (tags):
+	for tag in tags:
+		with open(SMACKFS_NETLABEL, "w") as netlabel:
+			netlabel.write(tag)
+
+""" 
+    Source of: Class ip monitor, and other functions named bellow.
+    Original author: David Wolinsky <davidiw@ufl.edu
+    Copied from: https://github.com/davidiw/Grid-Appliance/blob/master/scripts/ip_monitor.py
+    
+"""
+
+"""4 byte alignment"""
+
+def align(inc):
+	diff = inc % 4
+	return inc + ((4 - diff) % 4)
+
+class ifaddr:
+  """Parse an ifaddr packet"""
+  LOCAL = 2
+  LABEL = 3
+
+  def __init__(self, packet):
+    self.family, self.prefixlen, self.flags, self.scope, self.index = \
+        struct.unpack("BBBBI", packet[:8])
+
+class rtattr:
+  """Parse a rtattr packet"""
+  GRP_IPV4_IFADDR = 0x10
+
+  NEWADDR = 20
+  DELADDR = 21
+  GETADDR = 22
+
+  def __init__(self, packet):
+    self.len, self.type = struct.unpack("HH", packet[:4])
+    if self.type == ifaddr.LOCAL:
+      addr = struct.unpack("BBBB", packet[4:self.len])
+      self.payload = "%s.%s.%s.%s" % (addr[0], addr[1], addr[2], addr[3])
+    elif self.type == ifaddr.LABEL:
+      self.payload = packet[4:self.len].strip("\0")
+    else:
+      self.payload = packet[4:self.len]
+
+class netlink:
+  """Parse a netlink packet"""
+  REQUEST = 1
+  ROOT = 0x100
+  MATCH = 0x200
+  DONE = 3
+
+  def __init__(self, packet):
+    self.msglen, self.msgtype, self.flags, self.seq, self.pid = \
+        struct.unpack("IHHII", packet[:16])
+    self.ifa = None
+    try:
+      self.ifa = ifaddr(packet[16:24])
+    except:
+      return
+
+    self.rtas = {}
+    pos = 24
+    while pos < self.msglen:
+      try:
+        rta = rtattr(packet[pos:])
+      except:
+        break
+      pos += align(rta.len)
+      self.rtas[rta.type] = rta.payload
+
+class ip_monitor:
+  def __init__(self, callback = None):
+    if callback == None:
+      callback = self.print_cb
+    self._callback = callback
+
+  def print_cb(self, label, addr):
+    print (label + " => " + addr)
+
+  def request_addrs(self, sock):
+    sock.send(struct.pack("IHHIIBBBBI", 24, rtattr.GETADDR, \
+      netlink.REQUEST | netlink.ROOT | netlink.MATCH, 0, sock.getsockname()[0], \
+      socket.AF_INET, 0, 0, 0, 0))
+
+  def start_thread(self):
+    thread.start_new_thread(self.run, ())
+
+  def run(self):
+    sock = socket.socket(socket.AF_NETLINK, socket.SOCK_RAW, socket.NETLINK_ROUTE)
+    sock.bind((0, rtattr.GRP_IPV4_IFADDR))
+    self.request_addrs(sock)
+
+    while True:
+      data = sock.recv(4096)
+      pos = 0
+      while pos < len(data):
+        nl = netlink(data[pos:])
+        if nl.msgtype == netlink.DONE:
+          break
+        pos += align(nl.msglen)
+        if nl.msgtype != rtattr.NEWADDR:
+          continue
+        self._callback(nl.rtas[ifaddr.LABEL], nl.rtas[ifaddr.LOCAL])
+
+def main():
+	if not os.path.isfile(SMACKFS_LOAD):
+		print ("Smack not found.")
+		return -1
+	loadnetlabelrules()
+	
+	ip_monitor(applynetlabeltags).run()
+
+if __name__ == "__main__":
+    main()
diff --git a/meta-security/recipes-security/smacknet/files/smacknet.service b/meta-security/recipes-security/smacknet/files/smacknet.service
new file mode 100644
index 000000000..218d8b896
--- /dev/null
+++ b/meta-security/recipes-security/smacknet/files/smacknet.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=netlabels configuration for SMACK
+Wants=network.target network-online.target
+After=network.target network-online.target
+
+[Service]
+TimeoutStartSec=0
+ExecStart=@BINDIR@/smacknet
+
+[Install]
+WantedBy=multi-user.target
diff --git a/meta-security/recipes-security/smacknet/smacknet.bb b/meta-security/recipes-security/smacknet/smacknet.bb
new file mode 100644
index 000000000..553456aee
--- /dev/null
+++ b/meta-security/recipes-security/smacknet/smacknet.bb
@@ -0,0 +1,29 @@
+#SMACKNET Description
+SUMMARY = "Smack network labels configuration"
+DESCRIPTION = "Provide service that will be labeling the network rules"
+LICENSE = "BSD-3-Clause"
+LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/BSD-3-Clause;md5=550794465ba0ec5312d6919e203a55f9"
+RDEPENDS_${PN} = "python"
+
+SRC_URI += "file://smacknet \
+        file://smacknet.service \
+	"
+S = "${WORKDIR}"
+
+inherit systemd
+
+inherit distro_features_check
+REQUIRED_DISTRO_FEATURES = "smack"
+
+#netlabel configuration service
+SYSTEMD_SERVICE_${PN} = "smacknet.service"
+SYSTEMD_AUTO_ENABLE = "enable"
+do_install(){
+        install -d ${D}${bindir}
+        install -m 0551 ${WORKDIR}/smacknet ${D}${bindir}
+
+        install -d -m 755 ${D}${systemd_unitdir}/system
+        install -m 644 ${WORKDIR}/smacknet.service ${D}${systemd_unitdir}/system
+        sed -i -e 's,@BINDIR@,${bindir},g' ${D}${systemd_unitdir}/system/smacknet.service
+}
+   
-- 
cgit 1.2.3-korg