From 62b9c816a5000dc01b28e78213bde26b58cbca9d Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@windriver.com>
Date: Sat, 16 Dec 2023 16:21:30 +0800
Subject: libselinux: upgrade 3.5 -> 3.6

* Refresh patches.
* Merge libselinux and libselinux-python.
  The previous libselinux recipe was split into libselinux and
  libselinux-python due to loop dependency[1]. Now this error is gone,
  we can merge these two recipes into one again.

[1] https://git.yoctoproject.org/meta-selinux/commit/?id=7bb1507928f2e0f54ff8eac4135e15e821cdb1e2

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Joe MacDonald <joe@deserted.net>
---
 recipes-security/selinux/libselinux-python_3.5.bb  | 56 --------------------
 ...x-python-modules-install-path-for-multili.patch | 10 ++--
 ...PYCEXT-and-rely-on-the-installed-file-nam.patch |  8 +--
 ...restore-drop-the-obsolete-LSF-transitiona.patch | 21 ++++----
 recipes-security/selinux/libselinux_3.5.bb         | 33 ------------
 recipes-security/selinux/libselinux_3.6.bb         | 60 ++++++++++++++++++++++
 6 files changed, 80 insertions(+), 108 deletions(-)
 delete mode 100644 recipes-security/selinux/libselinux-python_3.5.bb
 delete mode 100644 recipes-security/selinux/libselinux_3.5.bb
 create mode 100644 recipes-security/selinux/libselinux_3.6.bb

diff --git a/recipes-security/selinux/libselinux-python_3.5.bb b/recipes-security/selinux/libselinux-python_3.5.bb
deleted file mode 100644
index b382be1..0000000
--- a/recipes-security/selinux/libselinux-python_3.5.bb
+++ /dev/null
@@ -1,56 +0,0 @@
-SUMMARY = "SELinux library and simple utilities"
-DESCRIPTION = "libselinux provides an API for SELinux applications to get and set \
-process and file security contexts and to obtain security policy \
-decisions.  Required for any applications that use the SELinux API."
-SECTION = "base"
-LICENSE = "PD"
-LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
-
-require selinux_common.inc
-
-inherit python3targetconfig pkgconfig
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/libselinux:"
-SRC_URI += "\
-        file://0001-Makefile-fix-python-modules-install-path-for-multili.patch \
-        file://0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch \
-        file://0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch \
-        "
-
-S = "${WORKDIR}/git/libselinux"
-
-DEPENDS = "libsepol libpcre2 swig-native python3-setuptools-scm-native"
-DEPENDS:append:libc-musl = " fts"
-
-RDEPENDS:${PN} = "libselinux python3-core python3-shell"
-
-def get_policyconfigarch(d):
-    import re
-    target = d.getVar('TARGET_ARCH')
-    p = re.compile('i.86')
-    target = p.sub('i386',target)
-    return "ARCH=%s" % (target)
-
-EXTRA_OEMAKE = "${@get_policyconfigarch(d)}"
-EXTRA_OEMAKE:append:libc-musl = " FTS_LDLIBS=-lfts"
-
-FILES:${PN} = "${PYTHON_SITEPACKAGES_DIR}/*"
-INSANE_SKIP:${PN} = "dev-so"
-
-do_compile() {
-    oe_runmake pywrap -j1 \
-        PYLIBVER='python${PYTHON_BASEVERSION}' \
-        PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \
-        PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'
-}
-
-do_install() {
-    oe_runmake install-pywrap \
-        DESTDIR=${D} \
-        PYLIBVER='python${PYTHON_BASEVERSION}' \
-        PYTHONLIBDIR='${PYTHON_SITEPACKAGES_DIR}'
-
-    # Fix buildpaths issue
-    sed -i -e 's,${WORKDIR},,g' \
-        ${D}${PYTHON_SITEPACKAGES_DIR}/selinux-${PV}.dist-info/direct_url.json
-}
diff --git a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
index 1b9dfbb..b307b6f 100644
--- a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
+++ b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
@@ -1,4 +1,4 @@
-From 57a087de68d6f7fe955268ee36b523cbe7c0c6db Mon Sep 17 00:00:00 2001
+From dff260851ccecf9723a6ddfce0103e09f3ba4613 Mon Sep 17 00:00:00 2001
 From: Yi Zhao <yi.zhao@windriver.com>
 Date: Mon, 13 Apr 2020 12:44:23 +0800
 Subject: [PATCH] Makefile: fix python modules install path for multilib
@@ -11,15 +11,15 @@ Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/src/Makefile b/src/Makefile
-index 36d5712..983f8af 100644
+index d3b981f..265f1be 100644
 --- a/src/Makefile
 +++ b/src/Makefile
-@@ -187,7 +187,7 @@ install: all
+@@ -191,7 +191,7 @@ install: all
  	ln -sf --relative $(DESTDIR)$(SHLIBDIR)/$(LIBSO) $(DESTDIR)$(LIBDIR)/$(TARGET)
  
  install-pywrap: pywrap
--	$(PYTHON) -m pip install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR) --ignore-installed --no-deps` $(PYTHON_SETUP_ARGS) .
-+	$(PYTHON) -m pip install --prefix=$(PREFIX) --root $(DESTDIR) --ignore-installed --no-deps $(PYTHON_SETUP_ARGS) .
+-	CFLAGS="$(CPPFLAGS) $(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) -m pip install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR) --ignore-installed --no-deps` $(PYTHON_SETUP_ARGS) .
++	CFLAGS="$(CPPFLAGS) $(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) -m pip install --prefix=$(PREFIX) --root $(DESTDIR) --ignore-installed --no-deps $(PYTHON_SETUP_ARGS) .
  	install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
  	ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux$(PYCEXT) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)
  
diff --git a/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch b/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
index cd5510d..7ebe64f 100644
--- a/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
+++ b/recipes-security/selinux/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
@@ -1,4 +1,4 @@
-From 1454521f2b9f2cbc3c40177aae9c260ec8966ae0 Mon Sep 17 00:00:00 2001
+From 303d8dfe53fcd02ea5818f976369cdb629bc1114 Mon Sep 17 00:00:00 2001
 From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
 Date: Fri, 25 Oct 2019 13:37:14 +0200
 Subject: [PATCH] Do not use PYCEXT, and rely on the installed file name
@@ -27,7 +27,7 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com>
  1 file changed, 1 insertion(+), 2 deletions(-)
 
 diff --git a/src/Makefile b/src/Makefile
-index 983f8af..3d777bb 100644
+index 265f1be..47e51d6 100644
 --- a/src/Makefile
 +++ b/src/Makefile
 @@ -15,7 +15,6 @@ INCLUDEDIR ?= $(PREFIX)/include
@@ -38,9 +38,9 @@ index 983f8af..3d777bb 100644
  RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
  RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" + RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
  RUBYINSTALL ?= $(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]')
-@@ -189,7 +188,7 @@ install: all
+@@ -193,7 +192,7 @@ install: all
  install-pywrap: pywrap
- 	$(PYTHON) -m pip install --prefix=$(PREFIX) --root $(DESTDIR) --ignore-installed --no-deps $(PYTHON_SETUP_ARGS) .
+ 	CFLAGS="$(CPPFLAGS) $(CFLAGS) $(SWIG_CFLAGS)" $(PYTHON) -m pip install --prefix=$(PREFIX) --root $(DESTDIR) --ignore-installed --no-deps $(PYTHON_SETUP_ARGS) .
  	install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
 -	ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux$(PYCEXT) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)
 +	ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux*.so $(DESTDIR)$(PYTHONLIBDIR)/
diff --git a/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch b/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch
index 5b37395..0cd8f20 100644
--- a/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch
+++ b/recipes-security/selinux/libselinux/0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch
@@ -1,4 +1,4 @@
-From a822176c6f181d1e6989900dfc58bbdab6d9065a Mon Sep 17 00:00:00 2001
+From 6c2af45ec8cff9b282d599dc098db0ca127bdc59 Mon Sep 17 00:00:00 2001
 From: Renato Caldas <renato@calgera.com>
 Date: Thu, 29 Jun 2023 13:59:11 +0100
 Subject: [PATCH] libselinux: restore: drop the obsolete LSF transitional API.
@@ -10,23 +10,23 @@ Upstream-Status: Submitted [https://github.com/SELinuxProject/selinux/pull/401]
 
 Signed-off-by: Renato Caldas <renato@calgera.com>
 ---
- libselinux/src/selinux_restorecon.c | 4 ++--
+ src/selinux_restorecon.c | 4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
 
-diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
-index 7ef2d45d..2ff920b0 100644
+diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c
+index 38f10f1..5b3d035 100644
 --- a/src/selinux_restorecon.c
 +++ b/src/selinux_restorecon.c
-@@ -437,7 +437,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
+@@ -436,7 +436,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
  	file_spec_t *prevfl, *fl;
  	uint32_t h;
  	int ret;
 -	struct stat64 sb;
 +	struct stat sb;
-
+ 
  	__pthread_mutex_lock(&fl_mutex);
-
-@@ -451,7 +451,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
+ 
+@@ -450,7 +450,7 @@ static int filespec_add(ino_t ino, const char *con, const char *file,
  	for (prevfl = &fl_head[h], fl = fl_head[h].next; fl;
  	     prevfl = fl, fl = fl->next) {
  		if (ino == fl->ino) {
@@ -35,5 +35,6 @@ index 7ef2d45d..2ff920b0 100644
  			if (ret < 0 || sb.st_ino != ino) {
  				freecon(fl->con);
  				free(fl->file);
---
-2.41.0
+-- 
+2.25.1
+
diff --git a/recipes-security/selinux/libselinux_3.5.bb b/recipes-security/selinux/libselinux_3.5.bb
deleted file mode 100644
index 37383eb..0000000
--- a/recipes-security/selinux/libselinux_3.5.bb
+++ /dev/null
@@ -1,33 +0,0 @@
-SUMMARY = "SELinux library and simple utilities"
-DESCRIPTION = "libselinux provides an API for SELinux applications to get and set \
-process and file security contexts and to obtain security policy \
-decisions.  Required for any applications that use the SELinux API."
-SECTION = "base"
-LICENSE = "PD"
-LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
-
-require selinux_common.inc
-
-inherit lib_package pkgconfig
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/libselinux:"
-SRC_URI += "\
-        file://0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch \
-        "
-
-DEPENDS = "libsepol libpcre2"
-DEPENDS:append:libc-musl = " fts"
-
-S = "${WORKDIR}/git/libselinux"
-
-def get_policyconfigarch(d):
-    import re
-    target = d.getVar('TARGET_ARCH')
-    p = re.compile('i.86')
-    target = p.sub('i386',target)
-    return "ARCH=%s" % (target)
-
-EXTRA_OEMAKE = "${@get_policyconfigarch(d)}"
-EXTRA_OEMAKE:append:libc-musl = " FTS_LDLIBS=-lfts"
-
-BBCLASSEXTEND = "native"
diff --git a/recipes-security/selinux/libselinux_3.6.bb b/recipes-security/selinux/libselinux_3.6.bb
new file mode 100644
index 0000000..dab4965
--- /dev/null
+++ b/recipes-security/selinux/libselinux_3.6.bb
@@ -0,0 +1,60 @@
+SUMMARY = "SELinux library and simple utilities"
+DESCRIPTION = "libselinux provides an API for SELinux applications to get and set \
+process and file security contexts and to obtain security policy \
+decisions.  Required for any applications that use the SELinux API."
+SECTION = "base"
+LICENSE = "PD"
+LIC_FILES_CHKSUM = "file://${S}/LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
+
+require selinux_common.inc
+
+inherit lib_package pkgconfig python3targetconfig
+
+FILESEXTRAPATHS:prepend := "${THISDIR}/libselinux:"
+SRC_URI += "\
+        file://0001-Makefile-fix-python-modules-install-path-for-multili.patch \
+        file://0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch \
+        file://0003-libselinux-restore-drop-the-obsolete-LSF-transitiona.patch \
+        "
+
+S = "${WORKDIR}/git/libselinux"
+
+DEPENDS = "libsepol libpcre2 swig-native python3-setuptools-scm-native"
+DEPENDS:append:libc-musl = " fts"
+
+def get_policyconfigarch(d):
+    import re
+    target = d.getVar('TARGET_ARCH')
+    p = re.compile('i.86')
+    target = p.sub('i386',target)
+    return "ARCH=%s" % (target)
+
+EXTRA_OEMAKE = "${@get_policyconfigarch(d)}"
+EXTRA_OEMAKE:append:libc-musl = " FTS_LDLIBS=-lfts"
+
+do_compile:append() {
+    oe_runmake pywrap -j1 \
+        PYLIBVER='python${PYTHON_BASEVERSION}' \
+        PYINC='-I${STAGING_INCDIR}/${PYLIBVER}' \
+        PYLIBS='-L${STAGING_LIBDIR}/${PYLIBVER} -l${PYLIBVER}'
+}
+
+do_install:append() {
+    oe_runmake install-pywrap \
+        DESTDIR=${D} \
+        PREFIX=${prefix}
+        PYLIBVER='python${PYTHON_BASEVERSION}' \
+        PYTHONLIBDIR='${PYTHON_SITEPACKAGES_DIR}'
+
+    # Fix buildpaths issue
+    sed -i -e 's,${WORKDIR},,g' \
+        ${D}${PYTHON_SITEPACKAGES_DIR}/selinux-${PV}.dist-info/direct_url.json
+}
+
+PACKAGES += "${PN}-python"
+RDEPENDS:${PN}-python = "python3-core python3-shell"
+
+FILES:${PN}-python = "${PYTHON_SITEPACKAGES_DIR}/*"
+INSANE_SKIP:${PN}-python = "dev-so"
+
+BBCLASSEXTEND = "native"
-- 
cgit v1.2.3-54-g00ecf