summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWenzong Fan <wenzong.fan@windriver.com>2017-09-04 22:59:41 -0700
committerMark Hatle <mark.hatle@windriver.com>2017-09-13 19:48:38 -0500
commitb00974f7b431e192ad81bfd7b4e323123c3007ff (patch)
tree729d6ab51235e8b3112e3302dba47c26fca5e48f
parent375dfa620195209b4263e0529edc00e771b8eb18 (diff)
downloadmeta-selinux-b00974f7b431e192ad81bfd7b4e323123c3007ff.tar.gz
libsemanage: uprev to 2.7 (20170804)
Remove patches that included by new version: - 0001-libsemanage-simplify-string-utilities-functions.patch - 0002-libsemanage-add-semanage_str_replace-utility-functio.patch - 0003-libsemanage-genhomedircon-drop-ustr-dependency.patch - 0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch - libsemanage-fix-path-len-limit.patch Rebase patch: - libsemanage-allow-to-disable-audit-support.patch Set PYCEXT and PYSITEDIR to generate the _semanage.so and install it to ${libdir}/python${PYTHON_BASEVERSION}/site-packages. Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Update libsemanage_git to match. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Diffstat
-rw-r--r--recipes-security/selinux/libsemanage.inc2
-rw-r--r--recipes-security/selinux/libsemanage/0001-libsemanage-simplify-string-utilities-functions.patch115
-rw-r--r--recipes-security/selinux/libsemanage/0002-libsemanage-add-semanage_str_replace-utility-functio.patch164
-rw-r--r--recipes-security/selinux/libsemanage/0003-libsemanage-genhomedircon-drop-ustr-dependency.patch323
-rw-r--r--recipes-security/selinux/libsemanage/0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch61
-rw-r--r--recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch68
-rw-r--r--recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch28
-rw-r--r--recipes-security/selinux/libsemanage_2.7.bb (renamed from recipes-security/selinux/libsemanage_2.6.bb)11
-rw-r--r--recipes-security/selinux/libsemanage_git.bb6
-rw-r--r--recipes-security/selinux/selinux_git.inc2
10 files changed, 46 insertions, 734 deletions
diff --git a/recipes-security/selinux/libsemanage.inc b/recipes-security/selinux/libsemanage.inc
index 504101d..9b238c8 100644
--- a/recipes-security/selinux/libsemanage.inc
+++ b/recipes-security/selinux/libsemanage.inc
@@ -40,6 +40,8 @@ do_install() {
40 40
41 oe_runmake install-pywrap swigify \ 41 oe_runmake install-pywrap swigify \
42 DESTDIR=${D} \ 42 DESTDIR=${D} \
43 PYCEXT='.so' \
44 PYSITEDIR='${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages' \
43 PYLIBVER='python${PYTHON_BASEVERSION}' \ 45 PYLIBVER='python${PYTHON_BASEVERSION}' \
44 PYLIBDIR='${D}/${libdir}/$(PYLIBVER)' 46 PYLIBDIR='${D}/${libdir}/$(PYLIBVER)'
45 47
diff --git a/recipes-security/selinux/libsemanage/0001-libsemanage-simplify-string-utilities-functions.patch b/recipes-security/selinux/libsemanage/0001-libsemanage-simplify-string-utilities-functions.patch
deleted file mode 100644
index fd478d0..0000000
--- a/recipes-security/selinux/libsemanage/0001-libsemanage-simplify-string-utilities-functions.patch
+++ /dev/null
@@ -1,115 +0,0 @@
1From 514a5df959ea0e13db4e87f73c2ac5edcceebd52 Mon Sep 17 00:00:00 2001
2From: Nicolas Iooss <nicolas.iooss@m4x.org>
3Date: Wed, 21 Dec 2016 19:21:01 +0100
4Subject: [PATCH 1/4] libsemanage: simplify string utilities functions
5
6Use string functions from C standard library instead of ustr. This makes
7the code simpler and make utilities.c no longer depend on ustr library.
8
9This changes how semanage_split() behaves when delim is not empty (NULL
10or "") and the input string contains several successive delimiters:
11semanage_split("foo::::bar", ":") returned "bar" and now returns ":bar".
12This would not have any impact in the current code as semanage_split()
13is only called with delim="=" (through semanage_findval(), in
14libsemanage/src/genhomedircon.c), in order to split a "key=value"
15statement.
16
17Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
18(cherry picked from commit a228bb3736c5957d41ad9e01eb1283fc6883a6e5)
19---
20 libsemanage/src/utilities.c | 59 ++++++++++-----------------------------------
21 1 file changed, 13 insertions(+), 46 deletions(-)
22
23diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c
24index f48ffa4..fa86cc7 100644
25--- a/libsemanage/src/utilities.c
26+++ b/libsemanage/src/utilities.c
27@@ -26,7 +26,6 @@
28 #include <string.h>
29 #include <sys/types.h>
30 #include <assert.h>
31-#include <ustr.h>
32
33 #define TRUE 1
34 #define FALSE 0
35@@ -74,64 +73,32 @@ char *semanage_split_on_space(const char *str)
36 {
37 /* as per the man page, these are the isspace() chars */
38 const char *seps = "\f\n\r\t\v ";
39- size_t slen = strlen(seps);
40- size_t off = 0, rside_len = 0;
41- char *retval = NULL;
42- Ustr *ustr = USTR_NULL, *temp = USTR_NULL;
43+ size_t off = 0;
44
45 if (!str)
46- goto done;
47- if (!(ustr = ustr_dup_cstr(str)))
48- goto done;
49- temp =
50- ustr_split_spn_chrs(ustr, &off, seps, slen, USTR_NULL,
51- USTR_FLAG_SPLIT_DEF);
52- if (!temp)
53- goto done;
54- /* throw away the left hand side */
55- ustr_sc_free(&temp);
56-
57- rside_len = ustr_len(ustr) - off;
58- temp = ustr_dup_subustr(ustr, off + 1, rside_len);
59- if (!temp)
60- goto done;
61- retval = strdup(ustr_cstr(temp));
62- ustr_sc_free(&temp);
63+ return NULL;
64
65- done:
66- ustr_sc_free(&ustr);
67- return retval;
68+ /* skip one token and the spaces before and after it */
69+ off = strspn(str, seps);
70+ off += strcspn(str + off, seps);
71+ off += strspn(str + off, seps);
72+ return strdup(str + off);
73 }
74
75 char *semanage_split(const char *str, const char *delim)
76 {
77- Ustr *ustr = USTR_NULL, *temp = USTR_NULL;
78- size_t off = 0, rside_len = 0;
79- char *retval = NULL;
80+ char *retval;
81
82 if (!str)
83- goto done;
84+ return NULL;
85 if (!delim || !(*delim))
86 return semanage_split_on_space(str);
87- ustr = ustr_dup_cstr(str);
88- temp =
89- ustr_split_cstr(ustr, &off, delim, USTR_NULL, USTR_FLAG_SPLIT_DEF);
90- if (!temp)
91- goto done;
92- /* throw away the left hand side */
93- ustr_sc_free(&temp);
94-
95- rside_len = ustr_len(ustr) - off;
96
97- temp = ustr_dup_subustr(ustr, off + 1, rside_len);
98- if (!temp)
99- goto done;
100- retval = strdup(ustr_cstr(temp));
101- ustr_sc_free(&temp);
102+ retval = strstr(str, delim);
103+ if (retval == NULL)
104+ return NULL;
105
106- done:
107- ustr_sc_free(&ustr);
108- return retval;
109+ return strdup(retval + strlen(delim));
110 }
111
112 int semanage_list_push(semanage_list_t ** list, const char *data)
113--
1142.10.2
115
diff --git a/recipes-security/selinux/libsemanage/0002-libsemanage-add-semanage_str_replace-utility-functio.patch b/recipes-security/selinux/libsemanage/0002-libsemanage-add-semanage_str_replace-utility-functio.patch
deleted file mode 100644
index ed32785..0000000
--- a/recipes-security/selinux/libsemanage/0002-libsemanage-add-semanage_str_replace-utility-functio.patch
+++ /dev/null
@@ -1,164 +0,0 @@
1From de8b13baf3773b41367f265e7dd06c013816ba0a Mon Sep 17 00:00:00 2001
2From: Nicolas Iooss <nicolas.iooss@m4x.org>
3Date: Wed, 21 Dec 2016 19:21:02 +0100
4Subject: [PATCH 2/4] libsemanage: add semanage_str_replace() utility function
5
6This function will be used in the next commit.
7
8Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
9(cherry picked from commit 57a3b1b4b0a50a1d14f825d2933339063ced4fec)
10---
11 libsemanage/src/utilities.c | 55 ++++++++++++++++++++++++++++++++++++++
12 libsemanage/src/utilities.h | 10 +++++++
13 libsemanage/tests/test_utilities.c | 34 +++++++++++++++++++++++
14 3 files changed, 99 insertions(+)
15
16diff --git a/libsemanage/src/utilities.c b/libsemanage/src/utilities.c
17index fa86cc7..0d50d99 100644
18--- a/libsemanage/src/utilities.c
19+++ b/libsemanage/src/utilities.c
20@@ -230,6 +230,61 @@ void semanage_rtrim(char *str, char trim_to)
21 }
22 }
23
24+char *semanage_str_replace(const char *search, const char *replace,
25+ const char *src, size_t lim)
26+{
27+ size_t count = 0, slen, rlen, newsize;
28+ char *p, *pres, *result;
29+ const char *psrc;
30+
31+ slen = strlen(search);
32+ rlen = strlen(replace);
33+
34+ /* Do not support empty search strings */
35+ if (slen == 0)
36+ return NULL;
37+
38+ /* Count the occurences of search in src and compute the new size */
39+ for (p = strstr(src, search); p != NULL; p = strstr(p + slen, search)) {
40+ count++;
41+ if (lim && count >= lim)
42+ break;
43+ }
44+ if (!count)
45+ return strdup(src);
46+
47+ /* Allocate the result string */
48+ newsize = strlen(src) + 1 + count * (rlen - slen);
49+ result = malloc(newsize);
50+ if (!result)
51+ return NULL;
52+
53+ /* Fill the result */
54+ psrc = src;
55+ pres = result;
56+ for (p = strstr(src, search); p != NULL; p = strstr(psrc, search)) {
57+ /* Copy the part which has not been modified */
58+ if (p != psrc) {
59+ size_t length = (size_t)(p - psrc);
60+ memcpy(pres, psrc, length);
61+ pres += length;
62+ }
63+ /* Copy the replacement part */
64+ if (rlen != 0) {
65+ memcpy(pres, replace, rlen);
66+ pres += rlen;
67+ }
68+ psrc = p + slen;
69+ count--;
70+ if (!count)
71+ break;
72+ }
73+ /* Copy the last part, after doing a sanity check */
74+ assert(pres + strlen(psrc) + 1 == result + newsize);
75+ strcpy(pres, psrc);
76+ return result;
77+}
78+
79 /* list_addafter_controlmem does *NOT* duplicate the data argument
80 * use at your own risk, I am building a list out of malloc'd memory and
81 * it is only going to get stored into this list, thus when I destroy it
82diff --git a/libsemanage/src/utilities.h b/libsemanage/src/utilities.h
83index 5fa15ef..f2ff31f 100644
84--- a/libsemanage/src/utilities.h
85+++ b/libsemanage/src/utilities.h
86@@ -116,6 +116,16 @@ int semanage_str_count(char *data, char what);
87 void semanage_rtrim(char *str, char trim_to);
88
89 /**
90+ * @param value being searched for
91+ * @param replacement value that replaces found search values
92+ * @param string being searched and replaced on
93+ * @param maximum number of value occurences (zero for unlimited)
94+ * @return newly-allocated string with the replaced values
95+ */
96+char *semanage_str_replace(const char *search, const char *replace,
97+ const char *src, size_t lim);
98+
99+/**
100 * @param data some string
101 * @return modifies the string such that the first whitespace char becomes
102 * '\0', ending the string.
103diff --git a/libsemanage/tests/test_utilities.c b/libsemanage/tests/test_utilities.c
104index 32cc33c..cdfed0c 100644
105--- a/libsemanage/tests/test_utilities.c
106+++ b/libsemanage/tests/test_utilities.c
107@@ -40,6 +40,7 @@ void test_semanage_split(void);
108 void test_semanage_list(void);
109 void test_semanage_str_count(void);
110 void test_semanage_rtrim(void);
111+void test_semanage_str_replace(void);
112 void test_semanage_findval(void);
113 void test_slurp_file_filter(void);
114
115@@ -101,6 +102,10 @@ int semanage_utilities_add_tests(CU_pSuite suite)
116 if (NULL == CU_add_test(suite, "semanage_rtrim", test_semanage_rtrim)) {
117 goto err;
118 }
119+ if (NULL == CU_add_test(suite, "semanage_str_replace",
120+ test_semanage_str_replace)) {
121+ goto err;
122+ }
123 if (NULL == CU_add_test(suite, "semanage_findval",
124 test_semanage_findval)) {
125 goto err;
126@@ -244,6 +249,35 @@ void test_semanage_rtrim(void)
127 CU_ASSERT_STRING_EQUAL(str, "/blah/foo/bar");
128 }
129
130+void test_semanage_str_replace(void)
131+{
132+ const char *test_str = "Hello, I am %{USERNAME} and my id is %{USERID}";
133+ char *str1, *str2;
134+
135+ str1 = semanage_str_replace("%{USERNAME}", "root", test_str, 0);
136+ CU_ASSERT_STRING_EQUAL(str1, "Hello, I am root and my id is %{USERID}");
137+
138+ str2 = semanage_str_replace("%{USERID}", "0", str1, 1);
139+ CU_ASSERT_STRING_EQUAL(str2, "Hello, I am root and my id is 0");
140+ free(str1);
141+ free(str2);
142+
143+ str1 = semanage_str_replace(":(", ";)", "Test :( :) ! :(:(:))(:(", 0);
144+ CU_ASSERT_STRING_EQUAL(str1, "Test ;) :) ! ;);):))(;)");
145+ free(str1);
146+
147+ str1 = semanage_str_replace(":(", ";)", "Test :( :) ! :(:(:))(:(", 3);
148+ CU_ASSERT_STRING_EQUAL(str1, "Test ;) :) ! ;);):))(:(");
149+ free(str1);
150+
151+ str1 = semanage_str_replace("", "empty search string", "test", 0);
152+ CU_ASSERT_EQUAL(str1, NULL);
153+
154+ str1 = semanage_str_replace("a", "", "abracadabra", 0);
155+ CU_ASSERT_STRING_EQUAL(str1, "brcdbr");
156+ free(str1);
157+}
158+
159 void test_semanage_findval(void)
160 {
161 char *tok;
162--
1632.10.2
164
diff --git a/recipes-security/selinux/libsemanage/0003-libsemanage-genhomedircon-drop-ustr-dependency.patch b/recipes-security/selinux/libsemanage/0003-libsemanage-genhomedircon-drop-ustr-dependency.patch
deleted file mode 100644
index fde2349..0000000
--- a/recipes-security/selinux/libsemanage/0003-libsemanage-genhomedircon-drop-ustr-dependency.patch
+++ /dev/null
@@ -1,323 +0,0 @@
1From e8dd31df2268013afb1e8dbe5e617b9c4e9e388e Mon Sep 17 00:00:00 2001
2From: Nicolas Iooss <nicolas.iooss@m4x.org>
3Date: Wed, 21 Dec 2016 19:21:03 +0100
4Subject: [PATCH 3/4] libsemanage: genhomedircon: drop ustr dependency
5
6ustr library uses old (pre-C99) "extern inline" semantic. This makes it
7incompatible with recent versions of gcc and clang, which default to
8C99 standard. Distributions have shipped patched versions of this
9library to fix issues (e.g. Gentoo package uses this patch:
10https://gitweb.gentoo.org/repo/gentoo.git/tree/dev-libs/ustr/files/ustr-1.0.4-gcc_5-check.patch?id=7dea6f8820f36bf389e6315044bea7507553bed0
11) but there is no upstream solution to make ustr compatible with C99
12standard.
13
14The git tree of ustr (http://www.and.org/ustr/ustr.git) has not been
15updated since 2008 and the developer of this project did not reply to
16emails.
17
18Therefore update genhomedircon implementation in order to no longer
19rely on ustr library.
20
21Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
22(cherry picked from commit 300b8ad4235688171f2a91e7aeb14d0ee3561c13)
23---
24 libsemanage/src/genhomedircon.c | 154 ++++++++++++++++++++--------------------
25 1 file changed, 77 insertions(+), 77 deletions(-)
26
27diff --git a/libsemanage/src/genhomedircon.c b/libsemanage/src/genhomedircon.c
28index 6991fff..0f84aa3 100644
29--- a/libsemanage/src/genhomedircon.c
30+++ b/libsemanage/src/genhomedircon.c
31@@ -34,9 +34,9 @@
32
33 #include "utilities.h"
34 #include "genhomedircon.h"
35-#include <ustr.h>
36
37 #include <assert.h>
38+#include <ctype.h>
39 #include <limits.h>
40 #include <stdio.h>
41 #include <stdlib.h>
42@@ -239,46 +239,39 @@ static int fcontext_matches(const semanage_fcontext_t *fcontext, void *varg)
43 {
44 const char *oexpr = semanage_fcontext_get_expr(fcontext);
45 fc_match_handle_t *handp = varg;
46- struct Ustr *expr;
47+ char *expr = NULL;
48 regex_t re;
49 int type, retval = -1;
50+ size_t len;
51
52 /* Only match ALL or DIR */
53 type = semanage_fcontext_get_type(fcontext);
54 if (type != SEMANAGE_FCONTEXT_ALL && type != SEMANAGE_FCONTEXT_ALL)
55 return 0;
56
57- /* Convert oexpr into a Ustr and anchor it at the beginning */
58- expr = ustr_dup_cstr("^");
59- if (expr == USTR_NULL)
60- goto done;
61- if (!ustr_add_cstr(&expr, oexpr))
62- goto done;
63-
64- /* Strip off trailing ".+" or ".*" */
65- if (ustr_cmp_suffix_cstr_eq(expr, ".+") ||
66- ustr_cmp_suffix_cstr_eq(expr, ".*")) {
67- if (!ustr_del(&expr, 2))
68- goto done;
69- }
70-
71- /* Strip off trailing "(/.*)?" */
72- if (ustr_cmp_suffix_cstr_eq(expr, "(/.*)?")) {
73- if (!ustr_del(&expr, 6))
74- goto done;
75- }
76-
77- if (ustr_cmp_suffix_cstr_eq(expr, "/")) {
78- if (!ustr_del(&expr, 1))
79- goto done;
80- }
81-
82- /* Append pattern to eat up trailing slashes */
83- if (!ustr_add_cstr(&expr, "/*$"))
84- goto done;
85+ len = strlen(oexpr);
86+ /* Define a macro to strip a literal string from the end of oexpr */
87+#define rstrip_oexpr_len(cstr, cstrlen) \
88+ do { \
89+ if (len >= (cstrlen) && !strncmp(oexpr + len - (cstrlen), (cstr), (cstrlen))) \
90+ len -= (cstrlen); \
91+ } while (0)
92+#define rstrip_oexpr(cstr) rstrip_oexpr_len(cstr, sizeof(cstr) - 1)
93+
94+ rstrip_oexpr(".+");
95+ rstrip_oexpr(".*");
96+ rstrip_oexpr("(/.*)?");
97+ rstrip_oexpr("/");
98+
99+#undef rstrip_oexpr_len
100+#undef rstrip_oexpr
101+
102+ /* Anchor oexpr at the beginning and append pattern to eat up trailing slashes */
103+ if (asprintf(&expr, "^%.*s/*$", (int)len, oexpr) < 0)
104+ return -1;
105
106 /* Check dir against expr */
107- if (regcomp(&re, ustr_cstr(expr), REG_EXTENDED) != 0)
108+ if (regcomp(&re, expr, REG_EXTENDED) != 0)
109 goto done;
110 if (regexec(&re, handp->dir, 0, NULL, 0) == 0)
111 handp->matched = 1;
112@@ -287,7 +280,7 @@ static int fcontext_matches(const semanage_fcontext_t *fcontext, void *varg)
113 retval = 0;
114
115 done:
116- ustr_free(expr);
117+ free(expr);
118
119 return retval;
120 }
121@@ -523,44 +516,50 @@ static semanage_list_t *make_template(genhomedircon_settings_t * s,
122 return template_data;
123 }
124
125-static Ustr *replace_all(const char *str, const replacement_pair_t * repl)
126+static char *replace_all(const char *str, const replacement_pair_t * repl)
127 {
128- Ustr *retval = USTR_NULL;
129+ char *retval, *retval2;
130 int i;
131
132 if (!str || !repl)
133- goto done;
134- if (!(retval = ustr_dup_cstr(str)))
135- goto done;
136+ return NULL;
137
138- for (i = 0; repl[i].search_for; i++) {
139- ustr_replace_cstr(&retval, repl[i].search_for,
140- repl[i].replace_with, 0);
141+ retval = strdup(str);
142+ for (i = 0; retval != NULL && repl[i].search_for; i++) {
143+ retval2 = semanage_str_replace(repl[i].search_for,
144+ repl[i].replace_with, retval, 0);
145+ free(retval);
146+ retval = retval2;
147 }
148- if (ustr_enomem(retval))
149- ustr_sc_free(&retval);
150-
151- done:
152 return retval;
153 }
154
155-static const char * extract_context(Ustr *line)
156+static const char *extract_context(const char *line)
157 {
158- const char whitespace[] = " \t\n";
159- size_t off, len;
160-
161- /* check for trailing whitespace */
162- off = ustr_spn_chrs_rev(line, 0, whitespace, strlen(whitespace));
163-
164- /* find the length of the last field in line */
165- len = ustr_cspn_chrs_rev(line, off, whitespace, strlen(whitespace));
166-
167- if (len == 0)
168+ const char *p = line;
169+ size_t off;
170+
171+ off = strlen(p);
172+ p += off;
173+ /* consider trailing whitespaces */
174+ while (off > 0) {
175+ p--;
176+ off--;
177+ if (!isspace(*p))
178+ break;
179+ }
180+ if (off == 0)
181 return NULL;
182- return ustr_cstr(line) + ustr_len(line) - (len + off);
183+
184+ /* find the last field in line */
185+ while (off > 0 && !isspace(*(p - 1))) {
186+ p--;
187+ off--;
188+ }
189+ return p;
190 }
191
192-static int check_line(genhomedircon_settings_t * s, Ustr *line)
193+static int check_line(genhomedircon_settings_t * s, const char *line)
194 {
195 sepol_context_t *ctx_record = NULL;
196 const char *ctx_str;
197@@ -584,22 +583,22 @@ static int write_replacements(genhomedircon_settings_t * s, FILE * out,
198 const semanage_list_t * tpl,
199 const replacement_pair_t *repl)
200 {
201- Ustr *line = USTR_NULL;
202+ char *line;
203
204 for (; tpl; tpl = tpl->next) {
205 line = replace_all(tpl->data, repl);
206 if (!line)
207 goto fail;
208 if (check_line(s, line) == STATUS_SUCCESS) {
209- if (!ustr_io_putfileline(&line, out))
210+ if (fprintf(out, "%s\n", line) < 0)
211 goto fail;
212 }
213- ustr_sc_free(&line);
214+ free(line);
215 }
216 return STATUS_SUCCESS;
217
218 fail:
219- ustr_sc_free(&line);
220+ free(line);
221 return STATUS_ERR;
222 }
223
224@@ -607,7 +606,7 @@ static int write_contexts(genhomedircon_settings_t *s, FILE *out,
225 semanage_list_t *tpl, const replacement_pair_t *repl,
226 const genhomedircon_user_entry_t *user)
227 {
228- Ustr *line = USTR_NULL;
229+ char *line, *temp;
230 sepol_context_t *context = NULL;
231 char *new_context_str = NULL;
232
233@@ -624,10 +623,10 @@ static int write_contexts(genhomedircon_settings_t *s, FILE *out,
234
235 if (strcmp(old_context_str, CONTEXT_NONE) == 0) {
236 if (check_line(s, line) == STATUS_SUCCESS &&
237- !ustr_io_putfileline(&line, out)) {
238+ fprintf(out, "%s\n", line) < 0) {
239 goto fail;
240 }
241-
242+ free(line);
243 continue;
244 }
245
246@@ -653,25 +652,27 @@ static int write_contexts(genhomedircon_settings_t *s, FILE *out,
247 goto fail;
248 }
249
250- if (!ustr_replace_cstr(&line, old_context_str,
251- new_context_str, 1)) {
252+ temp = semanage_str_replace(old_context_str, new_context_str,
253+ line, 1);
254+ if (!temp) {
255 goto fail;
256 }
257+ free(line);
258+ line = temp;
259
260 if (check_line(s, line) == STATUS_SUCCESS) {
261- if (!ustr_io_putfileline(&line, out)) {
262+ if (fprintf(out, "%s\n", line) < 0)
263 goto fail;
264- }
265 }
266
267- ustr_sc_free(&line);
268+ free(line);
269 sepol_context_free(context);
270 free(new_context_str);
271 }
272
273 return STATUS_SUCCESS;
274 fail:
275- ustr_sc_free(&line);
276+ free(line);
277 sepol_context_free(context);
278 free(new_context_str);
279 return STATUS_ERR;
280@@ -1284,20 +1285,19 @@ static int write_context_file(genhomedircon_settings_t * s, FILE * out)
281 }
282
283 for (h = homedirs; h; h = h->next) {
284- Ustr *temp = ustr_dup_cstr(h->data);
285+ char *temp = NULL;
286
287- if (!temp || !ustr_add_cstr(&temp, "/" FALLBACK_NAME)) {
288- ustr_sc_free(&temp);
289+ if (asprintf(&temp, "%s/%s", h->data, FALLBACK_NAME) < 0) {
290 retval = STATUS_ERR;
291 goto done;
292 }
293
294 free(s->fallback->home);
295- s->fallback->home = (char*) ustr_cstr(temp);
296+ s->fallback->home = temp;
297
298 if (write_home_dir_context(s, out, homedir_context_tpl,
299 s->fallback) != STATUS_SUCCESS) {
300- ustr_sc_free(&temp);
301+ free(temp);
302 s->fallback->home = NULL;
303 retval = STATUS_ERR;
304 goto done;
305@@ -1305,13 +1305,13 @@ static int write_context_file(genhomedircon_settings_t * s, FILE * out)
306 if (write_home_root_context(s, out,
307 homeroot_context_tpl,
308 h->data) != STATUS_SUCCESS) {
309- ustr_sc_free(&temp);
310+ free(temp);
311 s->fallback->home = NULL;
312 retval = STATUS_ERR;
313 goto done;
314 }
315
316- ustr_sc_free(&temp);
317+ free(temp);
318 s->fallback->home = NULL;
319 }
320 }
321--
3222.10.2
323
diff --git a/recipes-security/selinux/libsemanage/0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch b/recipes-security/selinux/libsemanage/0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch
deleted file mode 100644
index 1800493..0000000
--- a/recipes-security/selinux/libsemanage/0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch
+++ /dev/null
@@ -1,61 +0,0 @@
1From c7e55daa20f5659799aed47b819ad73e03d11e8f Mon Sep 17 00:00:00 2001
2From: Nicolas Iooss <nicolas.iooss@m4x.org>
3Date: Wed, 21 Dec 2016 19:21:04 +0100
4Subject: [PATCH 4/4] libsemanage: remove ustr library from Makefiles, README
5 and pkg-config
6
7This library is no longer used by libsemanage.
8
9Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
10(cherry picked from commit 920ee9ee18024c7714f1121e91854f38fa1eef73)
11
12Tweaked due to conditional audit patch and no README.
13---
14 README | 2 +-
15 libsemanage/src/Makefile | 2 +-
16 libsemanage/src/libsemanage.pc.in | 2 +-
17 libsemanage/tests/Makefile | 2 +-
18 4 files changed, 4 insertions(+), 4 deletions(-)
19
20diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile
21index 68aab72..83daf0f 100644
22--- a/libsemanage/src/Makefile
23+++ b/libsemanage/src/Makefile
24@@ -91,7 +91,7 @@ $(LIBA): $(OBJS)
25 $(RANLIB) $@
26
27 $(LIBSO): $(LOBJS)
28- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol $(LIBAUDIT) -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
29+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol $(LIBAUDIT) -lselinux -lbz2 -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
30 ln -sf $@ $(TARGET)
31
32 $(LIBPC): $(LIBPC).in ../VERSION
33diff --git a/libsemanage/src/libsemanage.pc.in b/libsemanage/src/libsemanage.pc.in
34index 81e1805..d3eaa06 100644
35--- a/libsemanage/src/libsemanage.pc.in
36+++ b/libsemanage/src/libsemanage.pc.in
37@@ -7,7 +7,7 @@ Name: libsemanage
38 Description: SELinux management library
39 Version: @VERSION@
40 URL: http://userspace.selinuxproject.org/
41-Requires.private: libselinux libsepol ustr
42+Requires.private: libselinux libsepol
43 Libs: -L${libdir} -lsemanage
44 Libs.private: -lbz2
45 Cflags: -I${includedir}
46diff --git a/libsemanage/tests/Makefile b/libsemanage/tests/Makefile
47index 4b81fed..56285b3 100644
48--- a/libsemanage/tests/Makefile
49+++ b/libsemanage/tests/Makefile
50@@ -12,7 +12,7 @@ LIBS = ../src/libsemanage.a ../../libselinux/src/libselinux.a ../../libsepol/src
51 LIBAUDIT = -laudit
52 endif
53
54-LDFLAGS += -lcunit -lustr -lbz2 $(LIBAUDIT)
55+LDFLAGS += -lcunit -lbz2 $(LIBAUDIT)
56 OBJECTS = $(SOURCES:.c=.o)
57
58 all: $(EXECUTABLE)
59--
602.10.2
61
diff --git a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
index d727acf..91efe81 100644
--- a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
+++ b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
@@ -7,16 +7,16 @@ Upstream-Status: Pending
7 7
8Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> 8Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
9--- 9---
10 src/Makefile | 10 +++++++++- 10 src/Makefile | 10 +++++++++-
11 src/seusers_local.c | 13 +++++++++++++ 11 src/seusers_local.c | 13 +++++++++++++
12 tests/Makefile | 10 +++++++++- 12 tests/Makefile | 10 +++++++++-
13 3 files changed, 31 insertions(+), 2 deletions(-) 13 3 files changed, 31 insertions(+), 2 deletions(-)
14 14
15Index: libsemanage-2.5/src/Makefile 15diff --git a/src/Makefile b/src/Makefile
16=================================================================== 16index fdb178f..43e1266 100644
17--- libsemanage-2.5.orig/src/Makefile 2016-02-25 13:20:30.867978414 -0500 17--- a/src/Makefile
18+++ libsemanage-2.5/src/Makefile 2016-02-25 13:20:30.859978414 -0500 18+++ b/src/Makefile
19@@ -28,6 +28,14 @@ 19@@ -29,6 +29,14 @@ ifeq ($(DEBUG),1)
20 export LDFLAGS = -g 20 export LDFLAGS = -g
21 endif 21 endif
22 22
@@ -31,20 +31,20 @@ Index: libsemanage-2.5/src/Makefile
31 LEX = flex 31 LEX = flex
32 LFLAGS = -s 32 LFLAGS = -s
33 YACC = bison 33 YACC = bison
34@@ -92,7 +100,7 @@ 34@@ -91,7 +99,7 @@ $(LIBA): $(OBJS)
35 $(RANLIB) $@ 35 $(RANLIB) $@
36 36
37 $(LIBSO): $(LOBJS) 37 $(LIBSO): $(LOBJS)
38- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs 38- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol -laudit -lselinux -lbz2 -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
39+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol $(LIBAUDIT) -lselinux -lbz2 -lustr -L$(LIBDIR) -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs 39+ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -lsepol $(LIBAUDIT) -lselinux -lbz2 -Wl,-soname,$(LIBSO),--version-script=libsemanage.map,-z,defs
40 ln -sf $@ $(TARGET) 40 ln -sf $@ $(TARGET)
41 41
42 $(LIBPC): $(LIBPC).in ../VERSION 42 $(LIBPC): $(LIBPC).in ../VERSION
43Index: libsemanage-2.5/src/seusers_local.c 43diff --git a/src/seusers_local.c b/src/seusers_local.c
44=================================================================== 44index 42c3a8b..9ee31e2 100644
45--- libsemanage-2.5.orig/src/seusers_local.c 2016-02-25 13:20:30.867978414 -0500 45--- a/src/seusers_local.c
46+++ libsemanage-2.5/src/seusers_local.c 2016-02-25 13:20:30.863978414 -0500 46+++ b/src/seusers_local.c
47@@ -8,7 +8,11 @@ 47@@ -8,7 +8,11 @@ typedef struct semanage_seuser record_t;
48 48
49 #include <sepol/policydb.h> 49 #include <sepol/policydb.h>
50 #include <sepol/context.h> 50 #include <sepol/context.h>
@@ -56,7 +56,7 @@ Index: libsemanage-2.5/src/seusers_local.c
56 #include <errno.h> 56 #include <errno.h>
57 #include "user_internal.h" 57 #include "user_internal.h"
58 #include "seuser_internal.h" 58 #include "seuser_internal.h"
59@@ -51,6 +55,7 @@ 59@@ -51,6 +55,7 @@ static char *semanage_user_roles(semanage_handle_t * handle, const char *sename)
60 return roles; 60 return roles;
61 } 61 }
62 62
@@ -64,7 +64,7 @@ Index: libsemanage-2.5/src/seusers_local.c
64 static int semanage_seuser_audit(semanage_handle_t * handle, 64 static int semanage_seuser_audit(semanage_handle_t * handle,
65 const semanage_seuser_t * seuser, 65 const semanage_seuser_t * seuser,
66 const semanage_seuser_t * previous, 66 const semanage_seuser_t * previous,
67@@ -114,6 +119,7 @@ 67@@ -114,6 +119,7 @@ err:
68 free(proles); 68 free(proles);
69 return rc; 69 return rc;
70 } 70 }
@@ -72,7 +72,7 @@ Index: libsemanage-2.5/src/seusers_local.c
72 72
73 int semanage_seuser_modify_local(semanage_handle_t * handle, 73 int semanage_seuser_modify_local(semanage_handle_t * handle,
74 const semanage_seuser_key_t * key, 74 const semanage_seuser_key_t * key,
75@@ -158,8 +164,11 @@ 75@@ -158,8 +164,11 @@ int semanage_seuser_modify_local(semanage_handle_t * handle,
76 (void) semanage_seuser_query(handle, key, &previous); 76 (void) semanage_seuser_query(handle, key, &previous);
77 handle->msg_callback = callback; 77 handle->msg_callback = callback;
78 rc = dbase_modify(handle, dconfig, key, new); 78 rc = dbase_modify(handle, dconfig, key, new);
@@ -84,7 +84,7 @@ Index: libsemanage-2.5/src/seusers_local.c
84 err: 84 err:
85 if (previous) 85 if (previous)
86 semanage_seuser_free(previous); 86 semanage_seuser_free(previous);
87@@ -175,8 +184,12 @@ 87@@ -175,8 +184,12 @@ int semanage_seuser_del_local(semanage_handle_t * handle,
88 dbase_config_t *dconfig = semanage_seuser_dbase_local(handle); 88 dbase_config_t *dconfig = semanage_seuser_dbase_local(handle);
89 rc = dbase_del(handle, dconfig, key); 89 rc = dbase_del(handle, dconfig, key);
90 semanage_seuser_query(handle, key, &seuser); 90 semanage_seuser_query(handle, key, &seuser);
@@ -97,15 +97,14 @@ Index: libsemanage-2.5/src/seusers_local.c
97 if (seuser) 97 if (seuser)
98 semanage_seuser_free(seuser); 98 semanage_seuser_free(seuser);
99 return rc; 99 return rc;
100Index: libsemanage-2.5/tests/Makefile 100diff --git a/tests/Makefile b/tests/Makefile
101=================================================================== 101index 2ef8d30..50d582a 100644
102--- libsemanage-2.5.orig/tests/Makefile 2016-02-25 13:20:30.867978414 -0500 102--- a/tests/Makefile
103+++ libsemanage-2.5/tests/Makefile 2016-02-25 13:22:05.171978120 -0500 103+++ b/tests/Makefile
104@@ -13,7 +13,15 @@ 104@@ -6,10 +6,18 @@ SOURCES = $(sort $(wildcard *.c))
105 CC = gcc 105
106 CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter 106 ###########################################################################
107 INCLUDE = -I$(TESTSRC) -I$(TESTSRC)/../include 107
108-LDFLAGS += -lcunit -lustr -lbz2 -laudit
109+DISABLE_AUDIT ?= n 108+DISABLE_AUDIT ?= n
110+ifeq ($(DISABLE_AUDIT),y) 109+ifeq ($(DISABLE_AUDIT),y)
111+ LIBAUDIT = 110+ LIBAUDIT =
@@ -114,7 +113,14 @@ Index: libsemanage-2.5/tests/Makefile
114+ LIBAUDIT = -laudit 113+ LIBAUDIT = -laudit
115+endif 114+endif
116+ 115+
117+LDFLAGS += -lcunit -lustr -lbz2 $(LIBAUDIT) 116 EXECUTABLE = libsemanage-tests
117 CFLAGS += -g -O0 -Wall -W -Wundef -Wmissing-noreturn -Wmissing-format-attribute -Wno-unused-parameter
118 override CFLAGS += -I../src -I../include
119-override LDLIBS += -lcunit -lbz2 -laudit -lselinux -lsepol
120+override LDLIBS += -lcunit -lbz2 $(LIBAUDIT) -lselinux -lsepol
121
118 OBJECTS = $(SOURCES:.c=.o) 122 OBJECTS = $(SOURCES:.c=.o)
119 123
120 all: $(EXECUTABLE) 124--
1252.13.0
126
diff --git a/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch b/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch
deleted file mode 100644
index c98f3fc..0000000
--- a/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch
+++ /dev/null
@@ -1,28 +0,0 @@
1Subject: [PATCH] libsemanage: fix path length limit
2
3semanage_remove_directory uses NAME_MAX(255) as the max length of
4file pathes, this will cause failures when the path length>255.
5
6Upstream-Status: pending
7
8Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
9---
10 src/semanage_store.c | 2 +-
11 1 file changed, 1 insertion(+), 1 deletion(-)
12
13diff --git a/src/semanage_store.c b/src/semanage_store.c
14index 3fd4996..251a2d6 100644
15--- a/src/semanage_store.c
16+++ b/src/semanage_store.c
17@@ -580,7 +580,7 @@ int semanage_remove_directory(const char *path)
18 return -1;
19 }
20 for (i = 0; i < num_entries; i++) {
21- char s[NAME_MAX];
22+ char s[PATH_MAX];
23 struct stat buf;
24 snprintf(s, sizeof(s), "%s/%s", path, namelist[i]->d_name);
25 if (stat(s, &buf) == -1) {
26--
271.7.9.5
28
diff --git a/recipes-security/selinux/libsemanage_2.6.bb b/recipes-security/selinux/libsemanage_2.7.bb
index 5e24c9d..d7b5312 100644
--- a/recipes-security/selinux/libsemanage_2.6.bb
+++ b/recipes-security/selinux/libsemanage_2.7.bb
@@ -1,23 +1,18 @@
1include selinux_20161014.inc 1include selinux_20170804.inc
2include ${BPN}.inc 2include ${BPN}.inc
3 3
4LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" 4LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
5 5
6SRC_URI[md5sum] = "666a48c4058c07f2b07ede9eaf210c5f" 6SRC_URI[md5sum] = "a6b5c451fbe45ff9e3e0e65f2db0ae1d"
7SRC_URI[sha256sum] = "4f81541047290b751f2ffb926fcd381c186f22db18d9fe671b0b4a6a54e8cfce" 7SRC_URI[sha256sum] = "07e9477714ce6a4557a1fe924ea4cb06501b62d0fa0e3c0dc32a2cf47cb8d476"
8 8
9SRC_URI += "\ 9SRC_URI += "\
10 file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ 10 file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
11 file://libsemanage-fix-path-len-limit.patch \
12 file://libsemanage-fix-path-nologin.patch \ 11 file://libsemanage-fix-path-nologin.patch \
13 file://libsemanage-drop-Wno-unused-but-set-variable.patch \ 12 file://libsemanage-drop-Wno-unused-but-set-variable.patch \
14 file://libsemanage-define-FD_CLOEXEC-as-necessary.patch;striplevel=2 \ 13 file://libsemanage-define-FD_CLOEXEC-as-necessary.patch;striplevel=2 \
15 file://libsemanage-allow-to-disable-audit-support.patch \ 14 file://libsemanage-allow-to-disable-audit-support.patch \
16 file://libsemanage-disable-expand-check-on-policy-load.patch \ 15 file://libsemanage-disable-expand-check-on-policy-load.patch \
17 file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \ 16 file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \
18 file://0001-libsemanage-simplify-string-utilities-functions.patch;striplevel=2 \
19 file://0002-libsemanage-add-semanage_str_replace-utility-functio.patch;striplevel=2 \
20 file://0003-libsemanage-genhomedircon-drop-ustr-dependency.patch;striplevel=2 \
21 file://0004-libsemanage-remove-ustr-library-from-Makefiles-READM.patch;striplevel=2 \
22 " 17 "
23FILES_${PN} += "/usr/libexec" 18FILES_${PN} += "/usr/libexec"
diff --git a/recipes-security/selinux/libsemanage_git.bb b/recipes-security/selinux/libsemanage_git.bb
index eaef3ab..2e1fdc8 100644
--- a/recipes-security/selinux/libsemanage_git.bb
+++ b/recipes-security/selinux/libsemanage_git.bb
@@ -1,5 +1,4 @@
1PR = "r99" 1PV = "2.7+git${SRCPV}"
2PV = "2.2+git${SRCPV}"
3 2
4include selinux_git.inc 3include selinux_git.inc
5include ${BPN}.inc 4include ${BPN}.inc
@@ -8,10 +7,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
8 7
9SRC_URI += "\ 8SRC_URI += "\
10 file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ 9 file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
11 file://libsemanage-fix-path-len-limit.patch \
12 file://libsemanage-fix-path-nologin.patch \ 10 file://libsemanage-fix-path-nologin.patch \
13 file://libsemanage-drop-Wno-unused-but-set-variable.patch \ 11 file://libsemanage-drop-Wno-unused-but-set-variable.patch \
14 file://libsemanage-define-FD_CLOEXEC-as-necessary.patch;striplevel=2 \ 12 file://libsemanage-define-FD_CLOEXEC-as-necessary.patch;striplevel=2 \
15 file://libsemanage-allow-to-disable-audit-support.patch \ 13 file://libsemanage-allow-to-disable-audit-support.patch \
14 file://libsemanage-disable-expand-check-on-policy-load.patch \
16 file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \ 15 file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \
17 " 16 "
17FILES_${PN} += "/usr/libexec"
diff --git a/recipes-security/selinux/selinux_git.inc b/recipes-security/selinux/selinux_git.inc
index 6112d7d..9887bd1 100644
--- a/recipes-security/selinux/selinux_git.inc
+++ b/recipes-security/selinux/selinux_git.inc
@@ -1,4 +1,4 @@
1SRCREV = "edc2e99687b050d5be21a78a66d038aa1fc068d9" 1SRCREV = "1bac758bf6cf884c112b80545d5fc5b668fc7d71"
2 2
3SRC_URI = "git://github.com/SELinuxProject/selinux.git;protocol=http" 3SRC_URI = "git://github.com/SELinuxProject/selinux.git;protocol=http"
4 4
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-31 04:31:03 +0000