libsepol: upgrade to 3.1 (20200710)

Drop backported patches: 0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch 0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2021-01-07 11:43:32 +0800
committer: Joe MacDonald <joe@deserted.net> 2021-01-14 07:12:08 -0500
commit: ce1240622d76186f2bc1ed0a493a8a7391e8bad2 (patch)
tree: 7eae2a138f246eebeb35afd84e7f9de6e82d0b71
parent: a15e84fbf5fa6cc398b69dd2bf34c9a7db791120 (diff)
download: meta-selinux-ce1240622d76186f2bc1ed0a493a8a7391e8bad2.tar.gz
4 files changed, 8 insertions, 607 deletions
diff --git a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch b/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
deleted file mode 100644
index 46c56a4..0000000
--- a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
+++ /dev/null
@@ -1,530 +0,0 @@
-From a96e8c59ecac84096d870b42701a504791a8cc8c Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@redhat.com>
-Date: Thu, 23 Jan 2020 13:57:13 +0100
-Subject: [PATCH] libsepol: fix CIL_KEY_* build errors with -fno-common
-GCC 10 comes with -fno-common enabled by default - fix the CIL_KEY_*
-global variables to be defined only once in cil.c and declared in the
-header file correctly with the 'extern' keyword, so that other units
-including the file don't generate duplicate definitions.
-Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c]
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- cil/src/cil.c          | 162 ++++++++++++++++
- cil/src/cil_internal.h | 322 ++++++++++++++++----------------
- 2 files changed, 323 insertions(+), 161 deletions(-)
-diff --git a/cil/src/cil.c b/cil/src/cil.c
-index de729cf8..d222ad3a 100644
--- a/cil/src/cil.c
-+++ b/cil/src/cil.c
-@@ -77,6 +77,168 @@ int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
-        {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
- };
- 
-+char *CIL_KEY_CONS_T1;
-+char *CIL_KEY_CONS_T2;
-+char *CIL_KEY_CONS_T3;
-+char *CIL_KEY_CONS_R1;
-+char *CIL_KEY_CONS_R2;
-+char *CIL_KEY_CONS_R3;
-+char *CIL_KEY_CONS_U1;
-+char *CIL_KEY_CONS_U2;
-+char *CIL_KEY_CONS_U3;
-+char *CIL_KEY_CONS_L1;
-+char *CIL_KEY_CONS_L2;
-+char *CIL_KEY_CONS_H1;
-+char *CIL_KEY_CONS_H2;
-+char *CIL_KEY_AND;
-+char *CIL_KEY_OR;
-+char *CIL_KEY_NOT;
-+char *CIL_KEY_EQ;
-+char *CIL_KEY_NEQ;
-+char *CIL_KEY_CONS_DOM;
-+char *CIL_KEY_CONS_DOMBY;
-+char *CIL_KEY_CONS_INCOMP;
-+char *CIL_KEY_CONDTRUE;
-+char *CIL_KEY_CONDFALSE;
-+char *CIL_KEY_SELF;
-+char *CIL_KEY_OBJECT_R;
-+char *CIL_KEY_STAR;
-+char *CIL_KEY_TCP;
-+char *CIL_KEY_UDP;
-+char *CIL_KEY_DCCP;
-+char *CIL_KEY_SCTP;
-+char *CIL_KEY_AUDITALLOW;
-+char *CIL_KEY_TUNABLEIF;
-+char *CIL_KEY_ALLOW;
-+char *CIL_KEY_DONTAUDIT;
-+char *CIL_KEY_TYPETRANSITION;
-+char *CIL_KEY_TYPECHANGE;
-+char *CIL_KEY_CALL;
-+char *CIL_KEY_TUNABLE;
-+char *CIL_KEY_XOR;
-+char *CIL_KEY_ALL;
-+char *CIL_KEY_RANGE;
-+char *CIL_KEY_GLOB;
-+char *CIL_KEY_FILE;
-+char *CIL_KEY_DIR;
-+char *CIL_KEY_CHAR;
-+char *CIL_KEY_BLOCK;
-+char *CIL_KEY_SOCKET;
-+char *CIL_KEY_PIPE;
-+char *CIL_KEY_SYMLINK;
-+char *CIL_KEY_ANY;
-+char *CIL_KEY_XATTR;
-+char *CIL_KEY_TASK;
-+char *CIL_KEY_TRANS;
-+char *CIL_KEY_TYPE;
-+char *CIL_KEY_ROLE;
-+char *CIL_KEY_USER;
-+char *CIL_KEY_USERATTRIBUTE;
-+char *CIL_KEY_USERATTRIBUTESET;
-+char *CIL_KEY_SENSITIVITY;
-+char *CIL_KEY_CATEGORY;
-+char *CIL_KEY_CATSET;
-+char *CIL_KEY_LEVEL;
-+char *CIL_KEY_LEVELRANGE;
-+char *CIL_KEY_CLASS;
-+char *CIL_KEY_IPADDR;
-+char *CIL_KEY_MAP_CLASS;
-+char *CIL_KEY_CLASSPERMISSION;
-+char *CIL_KEY_BOOL;
-+char *CIL_KEY_STRING;
-+char *CIL_KEY_NAME;
-+char *CIL_KEY_SOURCE;
-+char *CIL_KEY_TARGET;
-+char *CIL_KEY_LOW;
-+char *CIL_KEY_HIGH;
-+char *CIL_KEY_LOW_HIGH;
-+char *CIL_KEY_GLBLUB;
-+char *CIL_KEY_HANDLEUNKNOWN;
-+char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
-+char *CIL_KEY_HANDLEUNKNOWN_DENY;
-+char *CIL_KEY_HANDLEUNKNOWN_REJECT;
-+char *CIL_KEY_MACRO;
-+char *CIL_KEY_IN;
-+char *CIL_KEY_MLS;
-+char *CIL_KEY_DEFAULTRANGE;
-+char *CIL_KEY_BLOCKINHERIT;
-+char *CIL_KEY_BLOCKABSTRACT;
-+char *CIL_KEY_CLASSORDER;
-+char *CIL_KEY_CLASSMAPPING;
-+char *CIL_KEY_CLASSPERMISSIONSET;
-+char *CIL_KEY_COMMON;
-+char *CIL_KEY_CLASSCOMMON;
-+char *CIL_KEY_SID;
-+char *CIL_KEY_SIDCONTEXT;
-+char *CIL_KEY_SIDORDER;
-+char *CIL_KEY_USERLEVEL;
-+char *CIL_KEY_USERRANGE;
-+char *CIL_KEY_USERBOUNDS;
-+char *CIL_KEY_USERPREFIX;
-+char *CIL_KEY_SELINUXUSER;
-+char *CIL_KEY_SELINUXUSERDEFAULT;
-+char *CIL_KEY_TYPEATTRIBUTE;
-+char *CIL_KEY_TYPEATTRIBUTESET;
-+char *CIL_KEY_EXPANDTYPEATTRIBUTE;
-+char *CIL_KEY_TYPEALIAS;
-+char *CIL_KEY_TYPEALIASACTUAL;
-+char *CIL_KEY_TYPEBOUNDS;
-+char *CIL_KEY_TYPEPERMISSIVE;
-+char *CIL_KEY_RANGETRANSITION;
-+char *CIL_KEY_USERROLE;
-+char *CIL_KEY_ROLETYPE;
-+char *CIL_KEY_ROLETRANSITION;
-+char *CIL_KEY_ROLEALLOW;
-+char *CIL_KEY_ROLEATTRIBUTE;
-+char *CIL_KEY_ROLEATTRIBUTESET;
-+char *CIL_KEY_ROLEBOUNDS;
-+char *CIL_KEY_BOOLEANIF;
-+char *CIL_KEY_NEVERALLOW;
-+char *CIL_KEY_TYPEMEMBER;
-+char *CIL_KEY_SENSALIAS;
-+char *CIL_KEY_SENSALIASACTUAL;
-+char *CIL_KEY_CATALIAS;
-+char *CIL_KEY_CATALIASACTUAL;
-+char *CIL_KEY_CATORDER;
-+char *CIL_KEY_SENSITIVITYORDER;
-+char *CIL_KEY_SENSCAT;
-+char *CIL_KEY_CONSTRAIN;
-+char *CIL_KEY_MLSCONSTRAIN;
-+char *CIL_KEY_VALIDATETRANS;
-+char *CIL_KEY_MLSVALIDATETRANS;
-+char *CIL_KEY_CONTEXT;
-+char *CIL_KEY_FILECON;
-+char *CIL_KEY_IBPKEYCON;
-+char *CIL_KEY_IBENDPORTCON;
-+char *CIL_KEY_PORTCON;
-+char *CIL_KEY_NODECON;
-+char *CIL_KEY_GENFSCON;
-+char *CIL_KEY_NETIFCON;
-+char *CIL_KEY_PIRQCON;
-+char *CIL_KEY_IOMEMCON;
-+char *CIL_KEY_IOPORTCON;
-+char *CIL_KEY_PCIDEVICECON;
-+char *CIL_KEY_DEVICETREECON;
-+char *CIL_KEY_FSUSE;
-+char *CIL_KEY_POLICYCAP;
-+char *CIL_KEY_OPTIONAL;
-+char *CIL_KEY_DEFAULTUSER;
-+char *CIL_KEY_DEFAULTROLE;
-+char *CIL_KEY_DEFAULTTYPE;
-+char *CIL_KEY_ROOT;
-+char *CIL_KEY_NODE;
-+char *CIL_KEY_PERM;
-+char *CIL_KEY_ALLOWX;
-+char *CIL_KEY_AUDITALLOWX;
-+char *CIL_KEY_DONTAUDITX;
-+char *CIL_KEY_NEVERALLOWX;
-+char *CIL_KEY_PERMISSIONX;
-+char *CIL_KEY_IOCTL;
-+char *CIL_KEY_UNORDERED;
-+char *CIL_KEY_SRC_INFO;
-+char *CIL_KEY_SRC_CIL;
-+char *CIL_KEY_SRC_HLL;
-+
- static void cil_init_keys(void)
- {
-        /* Initialize CIL Keys into strpool */
-diff --git a/cil/src/cil_internal.h b/cil/src/cil_internal.h
-index 30fab649..9bdcbdd0 100644
--- a/cil/src/cil_internal.h
-+++ b/cil/src/cil_internal.h
-@@ -74,167 +74,167 @@ enum cil_pass {
- /*
-        Keywords
- */
-char *CIL_KEY_CONS_T1;
-char *CIL_KEY_CONS_T2;
-char *CIL_KEY_CONS_T3;
-char *CIL_KEY_CONS_R1;
-char *CIL_KEY_CONS_R2;
-char *CIL_KEY_CONS_R3;
-char *CIL_KEY_CONS_U1;
-char *CIL_KEY_CONS_U2;
-char *CIL_KEY_CONS_U3;
-char *CIL_KEY_CONS_L1;
-char *CIL_KEY_CONS_L2;
-char *CIL_KEY_CONS_H1;
-char *CIL_KEY_CONS_H2;
-char *CIL_KEY_AND;
-char *CIL_KEY_OR;
-char *CIL_KEY_NOT;
-char *CIL_KEY_EQ;
-char *CIL_KEY_NEQ;
-char *CIL_KEY_CONS_DOM;
-char *CIL_KEY_CONS_DOMBY;
-char *CIL_KEY_CONS_INCOMP;
-char *CIL_KEY_CONDTRUE;
-char *CIL_KEY_CONDFALSE;
-char *CIL_KEY_SELF;
-char *CIL_KEY_OBJECT_R;
-char *CIL_KEY_STAR;
-char *CIL_KEY_TCP;
-char *CIL_KEY_UDP;
-char *CIL_KEY_DCCP;
-char *CIL_KEY_SCTP;
-char *CIL_KEY_AUDITALLOW;
-char *CIL_KEY_TUNABLEIF;
-char *CIL_KEY_ALLOW;
-char *CIL_KEY_DONTAUDIT;
-char *CIL_KEY_TYPETRANSITION;
-char *CIL_KEY_TYPECHANGE;
-char *CIL_KEY_CALL;
-char *CIL_KEY_TUNABLE;
-char *CIL_KEY_XOR;
-char *CIL_KEY_ALL;
-char *CIL_KEY_RANGE;
-char *CIL_KEY_GLOB;
-char *CIL_KEY_FILE;
-char *CIL_KEY_DIR;
-char *CIL_KEY_CHAR;
-char *CIL_KEY_BLOCK;
-char *CIL_KEY_SOCKET;
-char *CIL_KEY_PIPE;
-char *CIL_KEY_SYMLINK;
-char *CIL_KEY_ANY;
-char *CIL_KEY_XATTR;
-char *CIL_KEY_TASK;
-char *CIL_KEY_TRANS;
-char *CIL_KEY_TYPE;
-char *CIL_KEY_ROLE;
-char *CIL_KEY_USER;
-char *CIL_KEY_USERATTRIBUTE;
-char *CIL_KEY_USERATTRIBUTESET;
-char *CIL_KEY_SENSITIVITY;
-char *CIL_KEY_CATEGORY;
-char *CIL_KEY_CATSET;
-char *CIL_KEY_LEVEL;
-char *CIL_KEY_LEVELRANGE;
-char *CIL_KEY_CLASS;
-char *CIL_KEY_IPADDR;
-char *CIL_KEY_MAP_CLASS;
-char *CIL_KEY_CLASSPERMISSION;
-char *CIL_KEY_BOOL;
-char *CIL_KEY_STRING;
-char *CIL_KEY_NAME;
-char *CIL_KEY_SOURCE;
-char *CIL_KEY_TARGET;
-char *CIL_KEY_LOW;
-char *CIL_KEY_HIGH;
-char *CIL_KEY_LOW_HIGH;
-char *CIL_KEY_GLBLUB;
-char *CIL_KEY_HANDLEUNKNOWN;
-char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
-char *CIL_KEY_HANDLEUNKNOWN_DENY;
-char *CIL_KEY_HANDLEUNKNOWN_REJECT;
-char *CIL_KEY_MACRO;
-char *CIL_KEY_IN;
-char *CIL_KEY_MLS;
-char *CIL_KEY_DEFAULTRANGE;
-char *CIL_KEY_BLOCKINHERIT;
-char *CIL_KEY_BLOCKABSTRACT;
-char *CIL_KEY_CLASSORDER;
-char *CIL_KEY_CLASSMAPPING;
-char *CIL_KEY_CLASSPERMISSIONSET;
-char *CIL_KEY_COMMON;
-char *CIL_KEY_CLASSCOMMON;
-char *CIL_KEY_SID;
-char *CIL_KEY_SIDCONTEXT;
-char *CIL_KEY_SIDORDER;
-char *CIL_KEY_USERLEVEL;
-char *CIL_KEY_USERRANGE;
-char *CIL_KEY_USERBOUNDS;
-char *CIL_KEY_USERPREFIX;
-char *CIL_KEY_SELINUXUSER;
-char *CIL_KEY_SELINUXUSERDEFAULT;
-char *CIL_KEY_TYPEATTRIBUTE;
-char *CIL_KEY_TYPEATTRIBUTESET;
-char *CIL_KEY_EXPANDTYPEATTRIBUTE;
-char *CIL_KEY_TYPEALIAS;
-char *CIL_KEY_TYPEALIASACTUAL;
-char *CIL_KEY_TYPEBOUNDS;
-char *CIL_KEY_TYPEPERMISSIVE;
-char *CIL_KEY_RANGETRANSITION;
-char *CIL_KEY_USERROLE;
-char *CIL_KEY_ROLETYPE;
-char *CIL_KEY_ROLETRANSITION;
-char *CIL_KEY_ROLEALLOW;
-char *CIL_KEY_ROLEATTRIBUTE;
-char *CIL_KEY_ROLEATTRIBUTESET;
-char *CIL_KEY_ROLEBOUNDS;
-char *CIL_KEY_BOOLEANIF;
-char *CIL_KEY_NEVERALLOW;
-char *CIL_KEY_TYPEMEMBER;
-char *CIL_KEY_SENSALIAS;
-char *CIL_KEY_SENSALIASACTUAL;
-char *CIL_KEY_CATALIAS;
-char *CIL_KEY_CATALIASACTUAL;
-char *CIL_KEY_CATORDER;
-char *CIL_KEY_SENSITIVITYORDER;
-char *CIL_KEY_SENSCAT;
-char *CIL_KEY_CONSTRAIN;
-char *CIL_KEY_MLSCONSTRAIN;
-char *CIL_KEY_VALIDATETRANS;
-char *CIL_KEY_MLSVALIDATETRANS;
-char *CIL_KEY_CONTEXT;
-char *CIL_KEY_FILECON;
-char *CIL_KEY_IBPKEYCON;
-char *CIL_KEY_IBENDPORTCON;
-char *CIL_KEY_PORTCON;
-char *CIL_KEY_NODECON;
-char *CIL_KEY_GENFSCON;
-char *CIL_KEY_NETIFCON;
-char *CIL_KEY_PIRQCON;
-char *CIL_KEY_IOMEMCON;
-char *CIL_KEY_IOPORTCON;
-char *CIL_KEY_PCIDEVICECON;
-char *CIL_KEY_DEVICETREECON;
-char *CIL_KEY_FSUSE;
-char *CIL_KEY_POLICYCAP;
-char *CIL_KEY_OPTIONAL;
-char *CIL_KEY_DEFAULTUSER;
-char *CIL_KEY_DEFAULTROLE;
-char *CIL_KEY_DEFAULTTYPE;
-char *CIL_KEY_ROOT;
-char *CIL_KEY_NODE;
-char *CIL_KEY_PERM;
-char *CIL_KEY_ALLOWX;
-char *CIL_KEY_AUDITALLOWX;
-char *CIL_KEY_DONTAUDITX;
-char *CIL_KEY_NEVERALLOWX;
-char *CIL_KEY_PERMISSIONX;
-char *CIL_KEY_IOCTL;
-char *CIL_KEY_UNORDERED;
-char *CIL_KEY_SRC_INFO;
-char *CIL_KEY_SRC_CIL;
-char *CIL_KEY_SRC_HLL;
-+extern char *CIL_KEY_CONS_T1;
-+extern char *CIL_KEY_CONS_T2;
-+extern char *CIL_KEY_CONS_T3;
-+extern char *CIL_KEY_CONS_R1;
-+extern char *CIL_KEY_CONS_R2;
-+extern char *CIL_KEY_CONS_R3;
-+extern char *CIL_KEY_CONS_U1;
-+extern char *CIL_KEY_CONS_U2;
-+extern char *CIL_KEY_CONS_U3;
-+extern char *CIL_KEY_CONS_L1;
-+extern char *CIL_KEY_CONS_L2;
-+extern char *CIL_KEY_CONS_H1;
-+extern char *CIL_KEY_CONS_H2;
-+extern char *CIL_KEY_AND;
-+extern char *CIL_KEY_OR;
-+extern char *CIL_KEY_NOT;
-+extern char *CIL_KEY_EQ;
-+extern char *CIL_KEY_NEQ;
-+extern char *CIL_KEY_CONS_DOM;
-+extern char *CIL_KEY_CONS_DOMBY;
-+extern char *CIL_KEY_CONS_INCOMP;
-+extern char *CIL_KEY_CONDTRUE;
-+extern char *CIL_KEY_CONDFALSE;
-+extern char *CIL_KEY_SELF;
-+extern char *CIL_KEY_OBJECT_R;
-+extern char *CIL_KEY_STAR;
-+extern char *CIL_KEY_TCP;
-+extern char *CIL_KEY_UDP;
-+extern char *CIL_KEY_DCCP;
-+extern char *CIL_KEY_SCTP;
-+extern char *CIL_KEY_AUDITALLOW;
-+extern char *CIL_KEY_TUNABLEIF;
-+extern char *CIL_KEY_ALLOW;
-+extern char *CIL_KEY_DONTAUDIT;
-+extern char *CIL_KEY_TYPETRANSITION;
-+extern char *CIL_KEY_TYPECHANGE;
-+extern char *CIL_KEY_CALL;
-+extern char *CIL_KEY_TUNABLE;
-+extern char *CIL_KEY_XOR;
-+extern char *CIL_KEY_ALL;
-+extern char *CIL_KEY_RANGE;
-+extern char *CIL_KEY_GLOB;
-+extern char *CIL_KEY_FILE;
-+extern char *CIL_KEY_DIR;
-+extern char *CIL_KEY_CHAR;
-+extern char *CIL_KEY_BLOCK;
-+extern char *CIL_KEY_SOCKET;
-+extern char *CIL_KEY_PIPE;
-+extern char *CIL_KEY_SYMLINK;
-+extern char *CIL_KEY_ANY;
-+extern char *CIL_KEY_XATTR;
-+extern char *CIL_KEY_TASK;
-+extern char *CIL_KEY_TRANS;
-+extern char *CIL_KEY_TYPE;
-+extern char *CIL_KEY_ROLE;
-+extern char *CIL_KEY_USER;
-+extern char *CIL_KEY_USERATTRIBUTE;
-+extern char *CIL_KEY_USERATTRIBUTESET;
-+extern char *CIL_KEY_SENSITIVITY;
-+extern char *CIL_KEY_CATEGORY;
-+extern char *CIL_KEY_CATSET;
-+extern char *CIL_KEY_LEVEL;
-+extern char *CIL_KEY_LEVELRANGE;
-+extern char *CIL_KEY_CLASS;
-+extern char *CIL_KEY_IPADDR;
-+extern char *CIL_KEY_MAP_CLASS;
-+extern char *CIL_KEY_CLASSPERMISSION;
-+extern char *CIL_KEY_BOOL;
-+extern char *CIL_KEY_STRING;
-+extern char *CIL_KEY_NAME;
-+extern char *CIL_KEY_SOURCE;
-+extern char *CIL_KEY_TARGET;
-+extern char *CIL_KEY_LOW;
-+extern char *CIL_KEY_HIGH;
-+extern char *CIL_KEY_LOW_HIGH;
-+extern char *CIL_KEY_GLBLUB;
-+extern char *CIL_KEY_HANDLEUNKNOWN;
-+extern char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
-+extern char *CIL_KEY_HANDLEUNKNOWN_DENY;
-+extern char *CIL_KEY_HANDLEUNKNOWN_REJECT;
-+extern char *CIL_KEY_MACRO;
-+extern char *CIL_KEY_IN;
-+extern char *CIL_KEY_MLS;
-+extern char *CIL_KEY_DEFAULTRANGE;
-+extern char *CIL_KEY_BLOCKINHERIT;
-+extern char *CIL_KEY_BLOCKABSTRACT;
-+extern char *CIL_KEY_CLASSORDER;
-+extern char *CIL_KEY_CLASSMAPPING;
-+extern char *CIL_KEY_CLASSPERMISSIONSET;
-+extern char *CIL_KEY_COMMON;
-+extern char *CIL_KEY_CLASSCOMMON;
-+extern char *CIL_KEY_SID;
-+extern char *CIL_KEY_SIDCONTEXT;
-+extern char *CIL_KEY_SIDORDER;
-+extern char *CIL_KEY_USERLEVEL;
-+extern char *CIL_KEY_USERRANGE;
-+extern char *CIL_KEY_USERBOUNDS;
-+extern char *CIL_KEY_USERPREFIX;
-+extern char *CIL_KEY_SELINUXUSER;
-+extern char *CIL_KEY_SELINUXUSERDEFAULT;
-+extern char *CIL_KEY_TYPEATTRIBUTE;
-+extern char *CIL_KEY_TYPEATTRIBUTESET;
-+extern char *CIL_KEY_EXPANDTYPEATTRIBUTE;
-+extern char *CIL_KEY_TYPEALIAS;
-+extern char *CIL_KEY_TYPEALIASACTUAL;
-+extern char *CIL_KEY_TYPEBOUNDS;
-+extern char *CIL_KEY_TYPEPERMISSIVE;
-+extern char *CIL_KEY_RANGETRANSITION;
-+extern char *CIL_KEY_USERROLE;
-+extern char *CIL_KEY_ROLETYPE;
-+extern char *CIL_KEY_ROLETRANSITION;
-+extern char *CIL_KEY_ROLEALLOW;
-+extern char *CIL_KEY_ROLEATTRIBUTE;
-+extern char *CIL_KEY_ROLEATTRIBUTESET;
-+extern char *CIL_KEY_ROLEBOUNDS;
-+extern char *CIL_KEY_BOOLEANIF;
-+extern char *CIL_KEY_NEVERALLOW;
-+extern char *CIL_KEY_TYPEMEMBER;
-+extern char *CIL_KEY_SENSALIAS;
-+extern char *CIL_KEY_SENSALIASACTUAL;
-+extern char *CIL_KEY_CATALIAS;
-+extern char *CIL_KEY_CATALIASACTUAL;
-+extern char *CIL_KEY_CATORDER;
-+extern char *CIL_KEY_SENSITIVITYORDER;
-+extern char *CIL_KEY_SENSCAT;
-+extern char *CIL_KEY_CONSTRAIN;
-+extern char *CIL_KEY_MLSCONSTRAIN;
-+extern char *CIL_KEY_VALIDATETRANS;
-+extern char *CIL_KEY_MLSVALIDATETRANS;
-+extern char *CIL_KEY_CONTEXT;
-+extern char *CIL_KEY_FILECON;
-+extern char *CIL_KEY_IBPKEYCON;
-+extern char *CIL_KEY_IBENDPORTCON;
-+extern char *CIL_KEY_PORTCON;
-+extern char *CIL_KEY_NODECON;
-+extern char *CIL_KEY_GENFSCON;
-+extern char *CIL_KEY_NETIFCON;
-+extern char *CIL_KEY_PIRQCON;
-+extern char *CIL_KEY_IOMEMCON;
-+extern char *CIL_KEY_IOPORTCON;
-+extern char *CIL_KEY_PCIDEVICECON;
-+extern char *CIL_KEY_DEVICETREECON;
-+extern char *CIL_KEY_FSUSE;
-+extern char *CIL_KEY_POLICYCAP;
-+extern char *CIL_KEY_OPTIONAL;
-+extern char *CIL_KEY_DEFAULTUSER;
-+extern char *CIL_KEY_DEFAULTROLE;
-+extern char *CIL_KEY_DEFAULTTYPE;
-+extern char *CIL_KEY_ROOT;
-+extern char *CIL_KEY_NODE;
-+extern char *CIL_KEY_PERM;
-+extern char *CIL_KEY_ALLOWX;
-+extern char *CIL_KEY_AUDITALLOWX;
-+extern char *CIL_KEY_DONTAUDITX;
-+extern char *CIL_KEY_NEVERALLOWX;
-+extern char *CIL_KEY_PERMISSIONX;
-+extern char *CIL_KEY_IOCTL;
-+extern char *CIL_KEY_UNORDERED;
-+extern char *CIL_KEY_SRC_INFO;
-+extern char *CIL_KEY_SRC_CIL;
-+extern char *CIL_KEY_SRC_HLL;
- 
- /*
-        Symbol Table Array Indices
-- 
-2.17.1
diff --git a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch b/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch
deleted file mode 100644
index 674fddd..0000000
--- a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 3d32fc24d6aff360a538c63dad08ca5c957551b0 Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@redhat.com>
-Date: Thu, 23 Jan 2020 13:57:14 +0100
-Subject: [PATCH] libsepol: remove leftovers of cil_mem_error_handler
-Commit 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function
-pointer") replaced cil_mem_error_handler usage with inline contents of
-the default handler. However, it left over the header declaration and
-two callers. Convert these as well and remove the header declaration.
-This also fixes a build failure with -fno-common.
-Fixes: 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer")
-Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0]
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- cil/src/cil_mem.h     | 1 -
- cil/src/cil_strpool.c | 8 ++++----
- 2 files changed, 4 insertions(+), 5 deletions(-)
-diff --git a/cil/src/cil_mem.h b/cil/src/cil_mem.h
-index 902ce131..794f02a3 100644
--- a/cil/src/cil_mem.h
-+++ b/cil/src/cil_mem.h
-@@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size);
- void *cil_realloc(void *ptr, size_t size);
- char *cil_strdup(const char *str);
- int cil_asprintf(char **strp, const char *fmt, ...);
-void (*cil_mem_error_handler)(void);
- 
- #endif /* CIL_MEM_H_ */
- 
-diff --git a/cil/src/cil_strpool.c b/cil/src/cil_strpool.c
-index 97d4c4b9..2598bbf3 100644
--- a/cil/src/cil_strpool.c
-+++ b/cil/src/cil_strpool.c
-@@ -80,8 +80,8 @@ char *cil_strpool_add(const char *str)
-                int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref);
-                if (rc != SEPOL_OK) {
-                        pthread_mutex_unlock(&cil_strpool_mutex);
-                       (*cil_mem_error_handler)();
-                       pthread_mutex_lock(&cil_strpool_mutex);
-+                       cil_log(CIL_ERR, "Failed to allocate memory\n");
-+                       exit(1);
-                }
-        }
- 
-@@ -104,8 +104,8 @@ void cil_strpool_init(void)
-                cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE);
-                if (cil_strpool_tab == NULL) {
-                        pthread_mutex_unlock(&cil_strpool_mutex);
-                       (*cil_mem_error_handler)();
-                       return;
-+                       cil_log(CIL_ERR, "Failed to allocate memory\n");
-+                       exit(1);
-                }
-        }
-        cil_strpool_readers++;
-- 
-2.17.1
diff --git a/recipes-security/selinux/libsepol_3.0.bb b/recipes-security/selinux/libsepol_3.0.bb
deleted file mode 100644
index 58559d7..0000000
--- a/recipes-security/selinux/libsepol_3.0.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
-SRC_URI[md5sum] = "22ddb9994910cb9cfff5cb9663cb7ae7"
-SRC_URI[sha256sum] = "5b7ae1881909f1048b06f7a0c364c5c8a86ec12e0ec76e740fe9595a6033eb79"
-SRC_URI += "\
-        file://0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch \
-        file://0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch \
-        "
diff --git a/recipes-security/selinux/libsepol_3.1.bb b/recipes-security/selinux/libsepol_3.1.bb
new file mode 100644
index 0000000..1568025
--- /dev/null
+++ b/recipes-security/selinux/libsepol_3.1.bb
@@ -0,0 +1,8 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
+SRC_URI[md5sum] = "b56dc01b76b97dcb730ab4e2fd1c9dea"
+SRC_URI[sha256sum] = "ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc"
author	Yi Zhao <yi.zhao@windriver.com>	2021-01-07 11:43:32 +0800
committer	Joe MacDonald <joe@deserted.net>	2021-01-14 07:12:08 -0500
commit	ce1240622d76186f2bc1ed0a493a8a7391e8bad2 (patch)
tree	7eae2a138f246eebeb35afd84e7f9de6e82d0b71
parent	a15e84fbf5fa6cc398b69dd2bf34c9a7db791120 (diff)
download	meta-selinux-ce1240622d76186f2bc1ed0a493a8a7391e8bad2.tar.gz

diff --git a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch b/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch deleted file mode 100644 index 46c56a4..0000000 --- a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch +++ /dev/null
@@ -1,530 +0,0 @@
1	From a96e8c59ecac84096d870b42701a504791a8cc8c Mon Sep 17 00:00:00 2001
2	From: Ondrej Mosnacek <omosnace@redhat.com>
3	Date: Thu, 23 Jan 2020 13:57:13 +0100
4	Subject: [PATCH] libsepol: fix CIL_KEY_* build errors with -fno-common
5
6	GCC 10 comes with -fno-common enabled by default - fix the CIL_KEY_*
7	global variables to be defined only once in cil.c and declared in the
8	header file correctly with the 'extern' keyword, so that other units
9	including the file don't generate duplicate definitions.
10
11	Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
12
13	Upstream-Status: Backport
14	[https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c]
15
16	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
17	---
18	cil/src/cil.c \| 162 ++++++++++++++++
19	cil/src/cil_internal.h \| 322 ++++++++++++++++----------------
20	2 files changed, 323 insertions(+), 161 deletions(-)
21
22	diff --git a/cil/src/cil.c b/cil/src/cil.c
23	index de729cf8..d222ad3a 100644
24	--- a/cil/src/cil.c
25	+++ b/cil/src/cil.c
26	@@ -77,6 +77,168 @@ int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
27	{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
28	};
29
30	+char *CIL_KEY_CONS_T1;
31	+char *CIL_KEY_CONS_T2;
32	+char *CIL_KEY_CONS_T3;
33	+char *CIL_KEY_CONS_R1;
34	+char *CIL_KEY_CONS_R2;
35	+char *CIL_KEY_CONS_R3;
36	+char *CIL_KEY_CONS_U1;
37	+char *CIL_KEY_CONS_U2;
38	+char *CIL_KEY_CONS_U3;
39	+char *CIL_KEY_CONS_L1;
40	+char *CIL_KEY_CONS_L2;
41	+char *CIL_KEY_CONS_H1;
42	+char *CIL_KEY_CONS_H2;
43	+char *CIL_KEY_AND;
44	+char *CIL_KEY_OR;
45	+char *CIL_KEY_NOT;
46	+char *CIL_KEY_EQ;
47	+char *CIL_KEY_NEQ;
48	+char *CIL_KEY_CONS_DOM;
49	+char *CIL_KEY_CONS_DOMBY;
50	+char *CIL_KEY_CONS_INCOMP;
51	+char *CIL_KEY_CONDTRUE;
52	+char *CIL_KEY_CONDFALSE;
53	+char *CIL_KEY_SELF;
54	+char *CIL_KEY_OBJECT_R;
55	+char *CIL_KEY_STAR;
56	+char *CIL_KEY_TCP;
57	+char *CIL_KEY_UDP;
58	+char *CIL_KEY_DCCP;
59	+char *CIL_KEY_SCTP;
60	+char *CIL_KEY_AUDITALLOW;
61	+char *CIL_KEY_TUNABLEIF;
62	+char *CIL_KEY_ALLOW;
63	+char *CIL_KEY_DONTAUDIT;
64	+char *CIL_KEY_TYPETRANSITION;
65	+char *CIL_KEY_TYPECHANGE;
66	+char *CIL_KEY_CALL;
67	+char *CIL_KEY_TUNABLE;
68	+char *CIL_KEY_XOR;
69	+char *CIL_KEY_ALL;
70	+char *CIL_KEY_RANGE;
71	+char *CIL_KEY_GLOB;
72	+char *CIL_KEY_FILE;
73	+char *CIL_KEY_DIR;
74	+char *CIL_KEY_CHAR;
75	+char *CIL_KEY_BLOCK;
76	+char *CIL_KEY_SOCKET;
77	+char *CIL_KEY_PIPE;
78	+char *CIL_KEY_SYMLINK;
79	+char *CIL_KEY_ANY;
80	+char *CIL_KEY_XATTR;
81	+char *CIL_KEY_TASK;
82	+char *CIL_KEY_TRANS;
83	+char *CIL_KEY_TYPE;
84	+char *CIL_KEY_ROLE;
85	+char *CIL_KEY_USER;
86	+char *CIL_KEY_USERATTRIBUTE;
87	+char *CIL_KEY_USERATTRIBUTESET;
88	+char *CIL_KEY_SENSITIVITY;
89	+char *CIL_KEY_CATEGORY;
90	+char *CIL_KEY_CATSET;
91	+char *CIL_KEY_LEVEL;
92	+char *CIL_KEY_LEVELRANGE;
93	+char *CIL_KEY_CLASS;
94	+char *CIL_KEY_IPADDR;
95	+char *CIL_KEY_MAP_CLASS;
96	+char *CIL_KEY_CLASSPERMISSION;
97	+char *CIL_KEY_BOOL;
98	+char *CIL_KEY_STRING;
99	+char *CIL_KEY_NAME;
100	+char *CIL_KEY_SOURCE;
101	+char *CIL_KEY_TARGET;
102	+char *CIL_KEY_LOW;
103	+char *CIL_KEY_HIGH;
104	+char *CIL_KEY_LOW_HIGH;
105	+char *CIL_KEY_GLBLUB;
106	+char *CIL_KEY_HANDLEUNKNOWN;
107	+char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
108	+char *CIL_KEY_HANDLEUNKNOWN_DENY;
109	+char *CIL_KEY_HANDLEUNKNOWN_REJECT;
110	+char *CIL_KEY_MACRO;
111	+char *CIL_KEY_IN;
112	+char *CIL_KEY_MLS;
113	+char *CIL_KEY_DEFAULTRANGE;
114	+char *CIL_KEY_BLOCKINHERIT;
115	+char *CIL_KEY_BLOCKABSTRACT;
116	+char *CIL_KEY_CLASSORDER;
117	+char *CIL_KEY_CLASSMAPPING;
118	+char *CIL_KEY_CLASSPERMISSIONSET;
119	+char *CIL_KEY_COMMON;
120	+char *CIL_KEY_CLASSCOMMON;
121	+char *CIL_KEY_SID;
122	+char *CIL_KEY_SIDCONTEXT;
123	+char *CIL_KEY_SIDORDER;
124	+char *CIL_KEY_USERLEVEL;
125	+char *CIL_KEY_USERRANGE;
126	+char *CIL_KEY_USERBOUNDS;
127	+char *CIL_KEY_USERPREFIX;
128	+char *CIL_KEY_SELINUXUSER;
129	+char *CIL_KEY_SELINUXUSERDEFAULT;
130	+char *CIL_KEY_TYPEATTRIBUTE;
131	+char *CIL_KEY_TYPEATTRIBUTESET;
132	+char *CIL_KEY_EXPANDTYPEATTRIBUTE;
133	+char *CIL_KEY_TYPEALIAS;
134	+char *CIL_KEY_TYPEALIASACTUAL;
135	+char *CIL_KEY_TYPEBOUNDS;
136	+char *CIL_KEY_TYPEPERMISSIVE;
137	+char *CIL_KEY_RANGETRANSITION;
138	+char *CIL_KEY_USERROLE;
139	+char *CIL_KEY_ROLETYPE;
140	+char *CIL_KEY_ROLETRANSITION;
141	+char *CIL_KEY_ROLEALLOW;
142	+char *CIL_KEY_ROLEATTRIBUTE;
143	+char *CIL_KEY_ROLEATTRIBUTESET;
144	+char *CIL_KEY_ROLEBOUNDS;
145	+char *CIL_KEY_BOOLEANIF;
146	+char *CIL_KEY_NEVERALLOW;
147	+char *CIL_KEY_TYPEMEMBER;
148	+char *CIL_KEY_SENSALIAS;
149	+char *CIL_KEY_SENSALIASACTUAL;
150	+char *CIL_KEY_CATALIAS;
151	+char *CIL_KEY_CATALIASACTUAL;
152	+char *CIL_KEY_CATORDER;
153	+char *CIL_KEY_SENSITIVITYORDER;
154	+char *CIL_KEY_SENSCAT;
155	+char *CIL_KEY_CONSTRAIN;
156	+char *CIL_KEY_MLSCONSTRAIN;
157	+char *CIL_KEY_VALIDATETRANS;
158	+char *CIL_KEY_MLSVALIDATETRANS;
159	+char *CIL_KEY_CONTEXT;
160	+char *CIL_KEY_FILECON;
161	+char *CIL_KEY_IBPKEYCON;
162	+char *CIL_KEY_IBENDPORTCON;
163	+char *CIL_KEY_PORTCON;
164	+char *CIL_KEY_NODECON;
165	+char *CIL_KEY_GENFSCON;
166	+char *CIL_KEY_NETIFCON;
167	+char *CIL_KEY_PIRQCON;
168	+char *CIL_KEY_IOMEMCON;
169	+char *CIL_KEY_IOPORTCON;
170	+char *CIL_KEY_PCIDEVICECON;
171	+char *CIL_KEY_DEVICETREECON;
172	+char *CIL_KEY_FSUSE;
173	+char *CIL_KEY_POLICYCAP;
174	+char *CIL_KEY_OPTIONAL;
175	+char *CIL_KEY_DEFAULTUSER;
176	+char *CIL_KEY_DEFAULTROLE;
177	+char *CIL_KEY_DEFAULTTYPE;
178	+char *CIL_KEY_ROOT;
179	+char *CIL_KEY_NODE;
180	+char *CIL_KEY_PERM;
181	+char *CIL_KEY_ALLOWX;
182	+char *CIL_KEY_AUDITALLOWX;
183	+char *CIL_KEY_DONTAUDITX;
184	+char *CIL_KEY_NEVERALLOWX;
185	+char *CIL_KEY_PERMISSIONX;
186	+char *CIL_KEY_IOCTL;
187	+char *CIL_KEY_UNORDERED;
188	+char *CIL_KEY_SRC_INFO;
189	+char *CIL_KEY_SRC_CIL;
190	+char *CIL_KEY_SRC_HLL;
191	+
192	static void cil_init_keys(void)
193	{
194	/* Initialize CIL Keys into strpool */
195	diff --git a/cil/src/cil_internal.h b/cil/src/cil_internal.h
196	index 30fab649..9bdcbdd0 100644
197	--- a/cil/src/cil_internal.h
198	+++ b/cil/src/cil_internal.h
199	@@ -74,167 +74,167 @@ enum cil_pass {
200	/*
201	Keywords
202	*/
203	-char *CIL_KEY_CONS_T1;
204	-char *CIL_KEY_CONS_T2;
205	-char *CIL_KEY_CONS_T3;
206	-char *CIL_KEY_CONS_R1;
207	-char *CIL_KEY_CONS_R2;
208	-char *CIL_KEY_CONS_R3;
209	-char *CIL_KEY_CONS_U1;
210	-char *CIL_KEY_CONS_U2;
211	-char *CIL_KEY_CONS_U3;
212	-char *CIL_KEY_CONS_L1;
213	-char *CIL_KEY_CONS_L2;
214	-char *CIL_KEY_CONS_H1;
215	-char *CIL_KEY_CONS_H2;
216	-char *CIL_KEY_AND;
217	-char *CIL_KEY_OR;
218	-char *CIL_KEY_NOT;
219	-char *CIL_KEY_EQ;
220	-char *CIL_KEY_NEQ;
221	-char *CIL_KEY_CONS_DOM;
222	-char *CIL_KEY_CONS_DOMBY;
223	-char *CIL_KEY_CONS_INCOMP;
224	-char *CIL_KEY_CONDTRUE;
225	-char *CIL_KEY_CONDFALSE;
226	-char *CIL_KEY_SELF;
227	-char *CIL_KEY_OBJECT_R;
228	-char *CIL_KEY_STAR;
229	-char *CIL_KEY_TCP;
230	-char *CIL_KEY_UDP;
231	-char *CIL_KEY_DCCP;
232	-char *CIL_KEY_SCTP;
233	-char *CIL_KEY_AUDITALLOW;
234	-char *CIL_KEY_TUNABLEIF;
235	-char *CIL_KEY_ALLOW;
236	-char *CIL_KEY_DONTAUDIT;
237	-char *CIL_KEY_TYPETRANSITION;
238	-char *CIL_KEY_TYPECHANGE;
239	-char *CIL_KEY_CALL;
240	-char *CIL_KEY_TUNABLE;
241	-char *CIL_KEY_XOR;
242	-char *CIL_KEY_ALL;
243	-char *CIL_KEY_RANGE;
244	-char *CIL_KEY_GLOB;
245	-char *CIL_KEY_FILE;
246	-char *CIL_KEY_DIR;
247	-char *CIL_KEY_CHAR;
248	-char *CIL_KEY_BLOCK;
249	-char *CIL_KEY_SOCKET;
250	-char *CIL_KEY_PIPE;
251	-char *CIL_KEY_SYMLINK;
252	-char *CIL_KEY_ANY;
253	-char *CIL_KEY_XATTR;
254	-char *CIL_KEY_TASK;
255	-char *CIL_KEY_TRANS;
256	-char *CIL_KEY_TYPE;
257	-char *CIL_KEY_ROLE;
258	-char *CIL_KEY_USER;
259	-char *CIL_KEY_USERATTRIBUTE;
260	-char *CIL_KEY_USERATTRIBUTESET;
261	-char *CIL_KEY_SENSITIVITY;
262	-char *CIL_KEY_CATEGORY;
263	-char *CIL_KEY_CATSET;
264	-char *CIL_KEY_LEVEL;
265	-char *CIL_KEY_LEVELRANGE;
266	-char *CIL_KEY_CLASS;
267	-char *CIL_KEY_IPADDR;
268	-char *CIL_KEY_MAP_CLASS;
269	-char *CIL_KEY_CLASSPERMISSION;
270	-char *CIL_KEY_BOOL;
271	-char *CIL_KEY_STRING;
272	-char *CIL_KEY_NAME;
273	-char *CIL_KEY_SOURCE;
274	-char *CIL_KEY_TARGET;
275	-char *CIL_KEY_LOW;
276	-char *CIL_KEY_HIGH;
277	-char *CIL_KEY_LOW_HIGH;
278	-char *CIL_KEY_GLBLUB;
279	-char *CIL_KEY_HANDLEUNKNOWN;
280	-char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
281	-char *CIL_KEY_HANDLEUNKNOWN_DENY;
282	-char *CIL_KEY_HANDLEUNKNOWN_REJECT;
283	-char *CIL_KEY_MACRO;
284	-char *CIL_KEY_IN;
285	-char *CIL_KEY_MLS;
286	-char *CIL_KEY_DEFAULTRANGE;
287	-char *CIL_KEY_BLOCKINHERIT;
288	-char *CIL_KEY_BLOCKABSTRACT;
289	-char *CIL_KEY_CLASSORDER;
290	-char *CIL_KEY_CLASSMAPPING;
291	-char *CIL_KEY_CLASSPERMISSIONSET;
292	-char *CIL_KEY_COMMON;
293	-char *CIL_KEY_CLASSCOMMON;
294	-char *CIL_KEY_SID;
295	-char *CIL_KEY_SIDCONTEXT;
296	-char *CIL_KEY_SIDORDER;
297	-char *CIL_KEY_USERLEVEL;
298	-char *CIL_KEY_USERRANGE;
299	-char *CIL_KEY_USERBOUNDS;
300	-char *CIL_KEY_USERPREFIX;
301	-char *CIL_KEY_SELINUXUSER;
302	-char *CIL_KEY_SELINUXUSERDEFAULT;
303	-char *CIL_KEY_TYPEATTRIBUTE;
304	-char *CIL_KEY_TYPEATTRIBUTESET;
305	-char *CIL_KEY_EXPANDTYPEATTRIBUTE;
306	-char *CIL_KEY_TYPEALIAS;
307	-char *CIL_KEY_TYPEALIASACTUAL;
308	-char *CIL_KEY_TYPEBOUNDS;
309	-char *CIL_KEY_TYPEPERMISSIVE;
310	-char *CIL_KEY_RANGETRANSITION;
311	-char *CIL_KEY_USERROLE;
312	-char *CIL_KEY_ROLETYPE;
313	-char *CIL_KEY_ROLETRANSITION;
314	-char *CIL_KEY_ROLEALLOW;
315	-char *CIL_KEY_ROLEATTRIBUTE;
316	-char *CIL_KEY_ROLEATTRIBUTESET;
317	-char *CIL_KEY_ROLEBOUNDS;
318	-char *CIL_KEY_BOOLEANIF;
319	-char *CIL_KEY_NEVERALLOW;
320	-char *CIL_KEY_TYPEMEMBER;
321	-char *CIL_KEY_SENSALIAS;
322	-char *CIL_KEY_SENSALIASACTUAL;
323	-char *CIL_KEY_CATALIAS;
324	-char *CIL_KEY_CATALIASACTUAL;
325	-char *CIL_KEY_CATORDER;
326	-char *CIL_KEY_SENSITIVITYORDER;
327	-char *CIL_KEY_SENSCAT;
328	-char *CIL_KEY_CONSTRAIN;
329	-char *CIL_KEY_MLSCONSTRAIN;
330	-char *CIL_KEY_VALIDATETRANS;
331	-char *CIL_KEY_MLSVALIDATETRANS;
332	-char *CIL_KEY_CONTEXT;
333	-char *CIL_KEY_FILECON;
334	-char *CIL_KEY_IBPKEYCON;
335	-char *CIL_KEY_IBENDPORTCON;
336	-char *CIL_KEY_PORTCON;
337	-char *CIL_KEY_NODECON;
338	-char *CIL_KEY_GENFSCON;
339	-char *CIL_KEY_NETIFCON;
340	-char *CIL_KEY_PIRQCON;
341	-char *CIL_KEY_IOMEMCON;
342	-char *CIL_KEY_IOPORTCON;
343	-char *CIL_KEY_PCIDEVICECON;
344	-char *CIL_KEY_DEVICETREECON;
345	-char *CIL_KEY_FSUSE;
346	-char *CIL_KEY_POLICYCAP;
347	-char *CIL_KEY_OPTIONAL;
348	-char *CIL_KEY_DEFAULTUSER;
349	-char *CIL_KEY_DEFAULTROLE;
350	-char *CIL_KEY_DEFAULTTYPE;
351	-char *CIL_KEY_ROOT;
352	-char *CIL_KEY_NODE;
353	-char *CIL_KEY_PERM;
354	-char *CIL_KEY_ALLOWX;
355	-char *CIL_KEY_AUDITALLOWX;
356	-char *CIL_KEY_DONTAUDITX;
357	-char *CIL_KEY_NEVERALLOWX;
358	-char *CIL_KEY_PERMISSIONX;
359	-char *CIL_KEY_IOCTL;
360	-char *CIL_KEY_UNORDERED;
361	-char *CIL_KEY_SRC_INFO;
362	-char *CIL_KEY_SRC_CIL;
363	-char *CIL_KEY_SRC_HLL;
364	+extern char *CIL_KEY_CONS_T1;
365	+extern char *CIL_KEY_CONS_T2;
366	+extern char *CIL_KEY_CONS_T3;
367	+extern char *CIL_KEY_CONS_R1;
368	+extern char *CIL_KEY_CONS_R2;
369	+extern char *CIL_KEY_CONS_R3;
370	+extern char *CIL_KEY_CONS_U1;
371	+extern char *CIL_KEY_CONS_U2;
372	+extern char *CIL_KEY_CONS_U3;
373	+extern char *CIL_KEY_CONS_L1;
374	+extern char *CIL_KEY_CONS_L2;
375	+extern char *CIL_KEY_CONS_H1;
376	+extern char *CIL_KEY_CONS_H2;
377	+extern char *CIL_KEY_AND;
378	+extern char *CIL_KEY_OR;
379	+extern char *CIL_KEY_NOT;
380	+extern char *CIL_KEY_EQ;
381	+extern char *CIL_KEY_NEQ;
382	+extern char *CIL_KEY_CONS_DOM;
383	+extern char *CIL_KEY_CONS_DOMBY;
384	+extern char *CIL_KEY_CONS_INCOMP;
385	+extern char *CIL_KEY_CONDTRUE;
386	+extern char *CIL_KEY_CONDFALSE;
387	+extern char *CIL_KEY_SELF;
388	+extern char *CIL_KEY_OBJECT_R;
389	+extern char *CIL_KEY_STAR;
390	+extern char *CIL_KEY_TCP;
391	+extern char *CIL_KEY_UDP;
392	+extern char *CIL_KEY_DCCP;
393	+extern char *CIL_KEY_SCTP;
394	+extern char *CIL_KEY_AUDITALLOW;
395	+extern char *CIL_KEY_TUNABLEIF;
396	+extern char *CIL_KEY_ALLOW;
397	+extern char *CIL_KEY_DONTAUDIT;
398	+extern char *CIL_KEY_TYPETRANSITION;
399	+extern char *CIL_KEY_TYPECHANGE;
400	+extern char *CIL_KEY_CALL;
401	+extern char *CIL_KEY_TUNABLE;
402	+extern char *CIL_KEY_XOR;
403	+extern char *CIL_KEY_ALL;
404	+extern char *CIL_KEY_RANGE;
405	+extern char *CIL_KEY_GLOB;
406	+extern char *CIL_KEY_FILE;
407	+extern char *CIL_KEY_DIR;
408	+extern char *CIL_KEY_CHAR;
409	+extern char *CIL_KEY_BLOCK;
410	+extern char *CIL_KEY_SOCKET;
411	+extern char *CIL_KEY_PIPE;
412	+extern char *CIL_KEY_SYMLINK;
413	+extern char *CIL_KEY_ANY;
414	+extern char *CIL_KEY_XATTR;
415	+extern char *CIL_KEY_TASK;
416	+extern char *CIL_KEY_TRANS;
417	+extern char *CIL_KEY_TYPE;
418	+extern char *CIL_KEY_ROLE;
419	+extern char *CIL_KEY_USER;
420	+extern char *CIL_KEY_USERATTRIBUTE;
421	+extern char *CIL_KEY_USERATTRIBUTESET;
422	+extern char *CIL_KEY_SENSITIVITY;
423	+extern char *CIL_KEY_CATEGORY;
424	+extern char *CIL_KEY_CATSET;
425	+extern char *CIL_KEY_LEVEL;
426	+extern char *CIL_KEY_LEVELRANGE;
427	+extern char *CIL_KEY_CLASS;
428	+extern char *CIL_KEY_IPADDR;
429	+extern char *CIL_KEY_MAP_CLASS;
430	+extern char *CIL_KEY_CLASSPERMISSION;
431	+extern char *CIL_KEY_BOOL;
432	+extern char *CIL_KEY_STRING;
433	+extern char *CIL_KEY_NAME;
434	+extern char *CIL_KEY_SOURCE;
435	+extern char *CIL_KEY_TARGET;
436	+extern char *CIL_KEY_LOW;
437	+extern char *CIL_KEY_HIGH;
438	+extern char *CIL_KEY_LOW_HIGH;
439	+extern char *CIL_KEY_GLBLUB;
440	+extern char *CIL_KEY_HANDLEUNKNOWN;
441	+extern char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
442	+extern char *CIL_KEY_HANDLEUNKNOWN_DENY;
443	+extern char *CIL_KEY_HANDLEUNKNOWN_REJECT;
444	+extern char *CIL_KEY_MACRO;
445	+extern char *CIL_KEY_IN;
446	+extern char *CIL_KEY_MLS;
447	+extern char *CIL_KEY_DEFAULTRANGE;
448	+extern char *CIL_KEY_BLOCKINHERIT;
449	+extern char *CIL_KEY_BLOCKABSTRACT;
450	+extern char *CIL_KEY_CLASSORDER;
451	+extern char *CIL_KEY_CLASSMAPPING;
452	+extern char *CIL_KEY_CLASSPERMISSIONSET;
453	+extern char *CIL_KEY_COMMON;
454	+extern char *CIL_KEY_CLASSCOMMON;
455	+extern char *CIL_KEY_SID;
456	+extern char *CIL_KEY_SIDCONTEXT;
457	+extern char *CIL_KEY_SIDORDER;
458	+extern char *CIL_KEY_USERLEVEL;
459	+extern char *CIL_KEY_USERRANGE;
460	+extern char *CIL_KEY_USERBOUNDS;
461	+extern char *CIL_KEY_USERPREFIX;
462	+extern char *CIL_KEY_SELINUXUSER;
463	+extern char *CIL_KEY_SELINUXUSERDEFAULT;
464	+extern char *CIL_KEY_TYPEATTRIBUTE;
465	+extern char *CIL_KEY_TYPEATTRIBUTESET;
466	+extern char *CIL_KEY_EXPANDTYPEATTRIBUTE;
467	+extern char *CIL_KEY_TYPEALIAS;
468	+extern char *CIL_KEY_TYPEALIASACTUAL;
469	+extern char *CIL_KEY_TYPEBOUNDS;
470	+extern char *CIL_KEY_TYPEPERMISSIVE;
471	+extern char *CIL_KEY_RANGETRANSITION;
472	+extern char *CIL_KEY_USERROLE;
473	+extern char *CIL_KEY_ROLETYPE;
474	+extern char *CIL_KEY_ROLETRANSITION;
475	+extern char *CIL_KEY_ROLEALLOW;
476	+extern char *CIL_KEY_ROLEATTRIBUTE;
477	+extern char *CIL_KEY_ROLEATTRIBUTESET;
478	+extern char *CIL_KEY_ROLEBOUNDS;
479	+extern char *CIL_KEY_BOOLEANIF;
480	+extern char *CIL_KEY_NEVERALLOW;
481	+extern char *CIL_KEY_TYPEMEMBER;
482	+extern char *CIL_KEY_SENSALIAS;
483	+extern char *CIL_KEY_SENSALIASACTUAL;
484	+extern char *CIL_KEY_CATALIAS;
485	+extern char *CIL_KEY_CATALIASACTUAL;
486	+extern char *CIL_KEY_CATORDER;
487	+extern char *CIL_KEY_SENSITIVITYORDER;
488	+extern char *CIL_KEY_SENSCAT;
489	+extern char *CIL_KEY_CONSTRAIN;
490	+extern char *CIL_KEY_MLSCONSTRAIN;
491	+extern char *CIL_KEY_VALIDATETRANS;
492	+extern char *CIL_KEY_MLSVALIDATETRANS;
493	+extern char *CIL_KEY_CONTEXT;
494	+extern char *CIL_KEY_FILECON;
495	+extern char *CIL_KEY_IBPKEYCON;
496	+extern char *CIL_KEY_IBENDPORTCON;
497	+extern char *CIL_KEY_PORTCON;
498	+extern char *CIL_KEY_NODECON;
499	+extern char *CIL_KEY_GENFSCON;
500	+extern char *CIL_KEY_NETIFCON;
501	+extern char *CIL_KEY_PIRQCON;
502	+extern char *CIL_KEY_IOMEMCON;
503	+extern char *CIL_KEY_IOPORTCON;
504	+extern char *CIL_KEY_PCIDEVICECON;
505	+extern char *CIL_KEY_DEVICETREECON;
506	+extern char *CIL_KEY_FSUSE;
507	+extern char *CIL_KEY_POLICYCAP;
508	+extern char *CIL_KEY_OPTIONAL;
509	+extern char *CIL_KEY_DEFAULTUSER;
510	+extern char *CIL_KEY_DEFAULTROLE;
511	+extern char *CIL_KEY_DEFAULTTYPE;
512	+extern char *CIL_KEY_ROOT;
513	+extern char *CIL_KEY_NODE;
514	+extern char *CIL_KEY_PERM;
515	+extern char *CIL_KEY_ALLOWX;
516	+extern char *CIL_KEY_AUDITALLOWX;
517	+extern char *CIL_KEY_DONTAUDITX;
518	+extern char *CIL_KEY_NEVERALLOWX;
519	+extern char *CIL_KEY_PERMISSIONX;
520	+extern char *CIL_KEY_IOCTL;
521	+extern char *CIL_KEY_UNORDERED;
522	+extern char *CIL_KEY_SRC_INFO;
523	+extern char *CIL_KEY_SRC_CIL;
524	+extern char *CIL_KEY_SRC_HLL;
525
526	/*
527	Symbol Table Array Indices
528	--
529	2.17.1
530


diff --git a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch b/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch deleted file mode 100644 index 674fddd..0000000 --- a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch +++ /dev/null
@@ -1,65 +0,0 @@
1	From 3d32fc24d6aff360a538c63dad08ca5c957551b0 Mon Sep 17 00:00:00 2001
2	From: Ondrej Mosnacek <omosnace@redhat.com>
3	Date: Thu, 23 Jan 2020 13:57:14 +0100
4	Subject: [PATCH] libsepol: remove leftovers of cil_mem_error_handler
5
6	Commit 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function
7	pointer") replaced cil_mem_error_handler usage with inline contents of
8	the default handler. However, it left over the header declaration and
9	two callers. Convert these as well and remove the header declaration.
10
11	This also fixes a build failure with -fno-common.
12
13	Fixes: 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer")
14	Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
15
16	Upstream-Status: Backport
17	[https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0]
18
19	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
20	---
21	cil/src/cil_mem.h \| 1 -
22	cil/src/cil_strpool.c \| 8 ++++----
23	2 files changed, 4 insertions(+), 5 deletions(-)
24
25	diff --git a/cil/src/cil_mem.h b/cil/src/cil_mem.h
26	index 902ce131..794f02a3 100644
27	--- a/cil/src/cil_mem.h
28	+++ b/cil/src/cil_mem.h
29	@@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size);
30	void cil_realloc(void ptr, size_t size);
31	char cil_strdup(const char str);
32	int cil_asprintf(char *strp, const char fmt, ...);
33	-void (*cil_mem_error_handler)(void);
34
35	#endif /* CIL_MEM_H_ */
36
37	diff --git a/cil/src/cil_strpool.c b/cil/src/cil_strpool.c
38	index 97d4c4b9..2598bbf3 100644
39	--- a/cil/src/cil_strpool.c
40	+++ b/cil/src/cil_strpool.c
41	@@ -80,8 +80,8 @@ char cil_strpool_add(const char str)
42	int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref);
43	if (rc != SEPOL_OK) {
44	pthread_mutex_unlock(&cil_strpool_mutex);
45	- (*cil_mem_error_handler)();
46	- pthread_mutex_lock(&cil_strpool_mutex);
47	+ cil_log(CIL_ERR, "Failed to allocate memory\n");
48	+ exit(1);
49	}
50	}
51
52	@@ -104,8 +104,8 @@ void cil_strpool_init(void)
53	cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE);
54	if (cil_strpool_tab == NULL) {
55	pthread_mutex_unlock(&cil_strpool_mutex);
56	- (*cil_mem_error_handler)();
57	- return;
58	+ cil_log(CIL_ERR, "Failed to allocate memory\n");
59	+ exit(1);
60	}
61	}
62	cil_strpool_readers++;
63	--
64	2.17.1
65


diff --git a/recipes-security/selinux/libsepol_3.0.bb b/recipes-security/selinux/libsepol_3.0.bb deleted file mode 100644 index 58559d7..0000000 --- a/recipes-security/selinux/libsepol_3.0.bb +++ /dev/null
@@ -1,12 +0,0 @@
1	require selinux_20191204.inc
2	require ${BPN}.inc
3
4	LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
5
6	SRC_URI[md5sum] = "22ddb9994910cb9cfff5cb9663cb7ae7"
7	SRC_URI[sha256sum] = "5b7ae1881909f1048b06f7a0c364c5c8a86ec12e0ec76e740fe9595a6033eb79"
8
9	SRC_URI += "\
10	file://0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch \
11	file://0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch \
12	"


diff --git a/recipes-security/selinux/libsepol_3.1.bb b/recipes-security/selinux/libsepol_3.1.bb new file mode 100644 index 0000000..1568025 --- /dev/null +++ b/recipes-security/selinux/libsepol_3.1.bb
@@ -0,0 +1,8 @@
		1	require selinux_20200710.inc
		2	require ${BPN}.inc
		3
		4	LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
		5
		6	SRC_URI[md5sum] = "b56dc01b76b97dcb730ab4e2fd1c9dea"
		7	SRC_URI[sha256sum] = "ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc"
		8