dbus: update 1.12.22 -> 1.14.0

Drop patches: clear-guid_from_server-if-send_negotiate_unix_f.patch stop_using_selinux_set_mapping.patch (both merged upstream) python-config.patch (patched code removed upstream) License-Update: whitespace fixes (From OE-Core rev: 4513e4369973afb71f40625da058a3eaf6ccd4c4) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Alexander Kanavin <alex.kanavin@gmail.com> 2022-03-09 23:22:14 +0100
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2022-03-15 08:40:09 +0000
commit: 73dd9fae43460894c96d4d801293efceb30d9596 (patch)
tree: 9ec02e0c54cf1a5119fa6ec5e023ee4ad293e060 /meta/recipes-core/dbus
parent: 1341ebeab0eb3958c8d7135cf7b60835d54d1fa5 (diff)
download: poky-73dd9fae43460894c96d4d801293efceb30d9596.tar.gz
4 files changed, 4 insertions, 293 deletions
diff --git a/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch b/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch
deleted file mode 100644
index 6bb6d9c82e..0000000000
--- a/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-From b8f84bd39485d3977625c9a8b8e8cff5d23be56f Mon Sep 17 00:00:00 2001
-From: Roy Li <rongqing.li@windriver.com>
-Date: Thu, 27 Feb 2014 09:05:02 +0800
-Subject: [PATCH] dbus: clear guid_from_server if send_negotiate_unix_fd
- failed
-Upstream-Status: Submitted
-bus-test dispatch test failed with below information:
-    ./bus/bus-test: Running message dispatch test
-    Activating service name='org.freedesktop.DBus.TestSuiteEchoService'
-    Successfully activated service 'org.freedesktop.DBus.TestSuiteEchoService'
-    6363: assertion failed "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0" file "dbus-auth.c" line 1545 function process_ok
-      ./bus/bus-test(_dbus_print_backtrace+0x29) [0x80cb969]
-      ./bus/bus-test(_dbus_abort+0x14) [0x80cfb44]
-      ./bus/bus-test(_dbus_real_assert+0x53) [0x80b52c3]
-      ./bus/bus-test() [0x80e24da]
-      ./bus/bus-test(_dbus_auth_do_work+0x388) [0x80e3848]
-      ./bus/bus-test() [0x80aea49]
-      ./bus/bus-test() [0x80affde]
-      ./bus/bus-test(_dbus_transport_handle_watch+0xb1) [0x80ad841]
-      ./bus/bus-test(_dbus_connection_handle_watch+0x104) [0x8089174]
-      ./bus/bus-test(dbus_watch_handle+0xd8) [0x80b15e8]
-      ./bus/bus-test(_dbus_loop_iterate+0x4a9) [0x80d1509]
-      ./bus/bus-test(bus_test_run_clients_loop+0x5d) [0x808129d]
-      ./bus/bus-test() [0x806cab0]
-      ./bus/bus-test() [0x806e0ca]
-      ./bus/bus-test() [0x806da6f]
-      ./bus/bus-test(_dbus_test_oom_handling+0x18c) [0x80b5c8c]
-      ./bus/bus-test() [0x806f723]
-      ./bus/bus-test(bus_dispatch_test+0x3c) [0x8071aac]
-      ./bus/bus-test(main+0x1b7) [0x805acc7]
-      /lib/libc.so.6(__libc_start_main+0xf3) [0x45f919b3]
-      ./bus/bus-test() [0x805ae39]
-The stack is below:
-    #0  0xffffe425 in __kernel_vsyscall ()
-    #1  0x45fa62d6 in raise () from /lib/libc.so.6
-    #2  0x45fa9653 in abort () from /lib/libc.so.6
-    #3  0x080cfb65 in _dbus_abort () at dbus-sysdeps.c:94
-    #4  0x080b52c3 in _dbus_real_assert (condition=0,
-        condition_text=condition_text@entry=0x8117a38 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0",
-        file=file@entry=0x8117273 "dbus-auth.c", line=line@entry=1545,
-        func=func@entry=0x8117f8e <__FUNCTION__.3492> "process_ok")
-        data=0x8157290) at dbus-connection.c:1515
-    #0  0x00000033fee353e9 in raise () from /lib64/libc.so.6
-    #1  0x00000033fee38508 in abort () from /lib64/libc.so.6
-    #2  0x000000000047d585 in _dbus_abort () at dbus-sysdeps.c:94
-    #3  0x0000000000466486 in _dbus_real_assert (condition=<optimized out>,
-        condition_text=condition_text@entry=0x4c2988 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0",
-        file=file@entry=0x4c21a5 "dbus-auth.c", line=line@entry=1546,
-        func=func@entry=0x4c2fce <__FUNCTION__.3845> "process_ok")
-        at dbus-internals.c:931
-    #4  0x000000000048d424 in process_ok (args_from_ok=0x7fffffffe480,
-        auth=0x6ff340) at dbus-auth.c:1546
-    #5  handle_client_state_waiting_for_data (auth=0x6ff340,
-        command=<optimized out>, args=0x7fffffffe480) at dbus-auth.c:1996
-    #6  0x000000000048e789 in process_command (auth=0x6ff340) at dbus-auth.c:2208
-    #7  _dbus_auth_do_work (auth=0x6ff340) at dbus-auth.c:2458
-    #8  0x000000000046091d in do_authentication (
-        transport=transport@entry=0x6ffaa0, do_reading=do_reading@entry=1,
-        do_writing=do_writing@entry=0,
-        auth_completed=auth_completed@entry=0x7fffffffe55c)
-        at dbus-transport-socket.c:442
-    #9  0x0000000000461d08 in socket_handle_watch (transport=0x6ffaa0,
-        watch=0x6f4190, flags=1) at dbus-transport-socket.c:921
-    #10 0x000000000045fa3a in _dbus_transport_handle_watch (transport=0x6ffaa0,
-Once send_negotiate_unix_fd failed, this failure will happen, since
-auth->guid_from_server has been set to some value before
-send_negotiate_unix_fd. send_negotiate_unix_fd failure will lead to
-this auth be handled by process_ok again, but this auth->guid_from_server
-is not zero.
-So we should clear auth->guid_from_server if send_negotiate_unix_fd failed
-Signed-off-by: Roy Li <rongqing.li@windriver.com>
---
- dbus/dbus-auth.c |    9 +++++++--
- 1 file changed, 7 insertions(+), 2 deletions(-)
-diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c
-index d2c37a7..37b45c6 100644
--- a/dbus/dbus-auth.c
-+++ b/dbus/dbus-auth.c
-@@ -1571,8 +1571,13 @@ process_ok(DBusAuth *auth,
-   _dbus_verbose ("Got GUID '%s' from the server\n",
-                  _dbus_string_get_const_data (& DBUS_AUTH_CLIENT (auth)->guid_from_server));
- 
-  if (auth->unix_fd_possible)
-    return send_negotiate_unix_fd(auth);
-+  if (auth->unix_fd_possible) {
-+     if (!send_negotiate_unix_fd(auth)) {
-+         _dbus_string_set_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server, 0);
-+         return FALSE;
-+     }
-+     return TRUE;
-+  }
- 
-   _dbus_verbose("Not negotiating unix fd passing, since not possible\n");
-   return send_begin (auth);
-- 
-1.7.10.4
diff --git a/meta/recipes-core/dbus/dbus/python-config.patch b/meta/recipes-core/dbus/dbus/python-config.patch
deleted file mode 100644
index da2f10c726..0000000000
--- a/meta/recipes-core/dbus/dbus/python-config.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-When building the dbus-ptest package, we have to enable python.  However
-checking if the host-system python has the necessary library isn't useful.
-Disable the python module check for cross compiling.
-Upstream-Status: Inappropriate [oe specific]
-Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
---
- configure.ac | 7 -------
- 1 file changed, 7 deletions(-)
-diff --git a/configure.ac b/configure.ac
-index 80d27b4..becc1cc 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -279,13 +279,6 @@ if test "x$enable_tests" = xyes; then
-   # full test coverage is required, Python is a hard dependency
-   AC_MSG_NOTICE([Full test coverage (--enable-tests=yes) requires Python, dbus-python, pygi])
-   AM_PATH_PYTHON([2.6])
-  AC_MSG_CHECKING([for Python modules for full test coverage])
-  if "$PYTHON" -c "import dbus, gi.repository.GObject, dbus.mainloop.glib"; then
-    AC_MSG_RESULT([yes])
-  else
-    AC_MSG_RESULT([no])
-    AC_MSG_ERROR([cannot import dbus, gi.repository.GObject, dbus.mainloop.glib Python modules])
-  fi
- else
-   # --enable-tests not given: do not abort if Python is missing
-   AM_PATH_PYTHON([2.6], [], [:])
-- 
-1.9.1
diff --git a/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch b/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch
deleted file mode 100644
index 7035098e41..0000000000
--- a/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch
+++ /dev/null
@@ -1,148 +0,0 @@
-From 6072f8b24153d844a3033108a17bcd0c1a967816 Mon Sep 17 00:00:00 2001
-From: Laurent Bigonville <bigon@bigon.be>
-Date: Sat, 3 Mar 2018 11:15:23 +0100
-Subject: [PATCH] Stop using selinux_set_mapping() function
-Currently, if the "dbus" security class or the associated AV doesn't
-exist, dbus-daemon fails to initialize and exits immediately. Also the
-security classes or access vector cannot be reordered in the policy.
-This can be a problem for people developing their own policy or trying
-to access a machine where, for some reasons, there is not policy defined
-at all.
-The code here copy the behaviour of the selinux_check_access() function.
-We cannot use this function here as it doesn't allow us to define the
-AVC entry reference.
-See the discussion at https://marc.info/?l=selinux&m=152163374332372&w=2
-Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/198
---
- bus/selinux.c | 75 ++++++++++++++++++++++++++++-----------------------
- 1 file changed, 42 insertions(+), 33 deletions(-)
-Upstream-Status: Backport
-Signed-off-by: Nisha.Parrakat <Nisha.Parrakat@kpit.com>
-diff --git a/bus/selinux.c b/bus/selinux.c
--- a/bus/selinux.c     2021-08-11 14:45:59.048513026 +0000
-+++ b/bus/selinux.c     2021-08-11 14:57:47.144846966 +0000
-@@ -311,24 +311,6 @@
- #endif
- }
- 
-/*
- * Private Flask definitions; the order of these constants must
- * exactly match that of the structure array below!
- */
-/* security dbus class constants */
-#define SECCLASS_DBUS       1
-
-/* dbus's per access vector constants */
-#define DBUS__ACQUIRE_SVC   1
-#define DBUS__SEND_MSG      2
-
-#ifdef HAVE_SELINUX
-static struct security_class_mapping dbus_map[] = {
-  { "dbus", { "acquire_svc", "send_msg", NULL } },
-  { NULL }
-};
-#endif /* HAVE_SELINUX */
-
- /**
-  * Establish dynamic object class and permission mapping and
-  * initialize the user space access vector cache (AVC) for D-Bus and set up
-@@ -350,13 +332,6 @@
- 
-   _dbus_verbose ("SELinux is enabled in this kernel.\n");
- 
-  if (selinux_set_mapping (dbus_map) < 0)
-    {
-      _dbus_warn ("Failed to set up security class mapping (selinux_set_mapping():%s).",
-                   strerror (errno));
-      return FALSE; 
-    }
-
-   avc_entry_ref_init (&aeref);
-   if (avc_init ("avc", &mem_cb, &log_cb, &thread_cb, &lock_cb) < 0)
-     {
-@@ -421,19 +396,53 @@
- static dbus_bool_t
- bus_selinux_check (BusSELinuxID        *sender_sid,
-                    BusSELinuxID        *override_sid,
-                   security_class_t     target_class,
-                   access_vector_t      requested,
-+                   const char          *target_class,
-+                   const char          *requested,
-                   DBusString          *auxdata)
- {
-+  int saved_errno;
-+  security_class_t security_class;
-+  access_vector_t requested_access;
-+
-   if (!selinux_enabled)
-     return TRUE;
- 
-+  security_class = string_to_security_class (target_class);
-+  if (security_class == 0)
-+    {
-+      saved_errno = errno;
-+      log_callback (SELINUX_ERROR, "Unknown class %s", target_class);
-+      if (security_deny_unknown () == 0)
-+        {
-+          return TRUE;
-+       }
-+
-+      _dbus_verbose ("Unknown class %s\n", target_class);
-+      errno = saved_errno;
-+      return FALSE;
-+    }
-+
-+  requested_access = string_to_av_perm (security_class, requested);
-+  if (requested_access == 0)
-+    {
-+      saved_errno = errno;
-+      log_callback (SELINUX_ERROR, "Unknown permission %s for class %s", requested, target_class);
-+      if (security_deny_unknown () == 0)
-+        {
-+          return TRUE;
-+       }
-+
-+      _dbus_verbose ("Unknown permission %s for class %s\n", requested, target_class);
-+      errno = saved_errno;
-+      return FALSE;
-+    }
-+
-   /* Make the security check.  AVC checks enforcing mode here as well. */
-   if (avc_has_perm (SELINUX_SID_FROM_BUS (sender_sid),
-                     override_sid ?
-                     SELINUX_SID_FROM_BUS (override_sid) :
-                     bus_sid,
-                    target_class, requested, &aeref, auxdata) < 0)
-+                    security_class, requested_access, &aeref, auxdata) < 0)
-     {
-     switch (errno)
-       {
-@@ -500,8 +509,8 @@
-   
-   ret = bus_selinux_check (connection_sid,
-                           service_sid,
-                          SECCLASS_DBUS,
-                          DBUS__ACQUIRE_SVC,
-+                          "dbus",
-+                          "acquire_svc",
-                           &auxdata);
- 
-   _dbus_string_free (&auxdata);
-@@ -629,8 +638,8 @@
- 
-   ret = bus_selinux_check (sender_sid, 
-                           recipient_sid,
-                          SECCLASS_DBUS, 
-                          DBUS__SEND_MSG,
-+                          "dbus", 
-+                          "send_msg",
-                           &auxdata);
- 
-   _dbus_string_free (&auxdata);
diff --git a/meta/recipes-core/dbus/dbus_1.12.22.bb b/meta/recipes-core/dbus/dbus_1.14.0.bb
index 792f34c7ef..7598c45f8e 100644
--- a/meta/recipes-core/dbus/dbus_1.12.22.bb
+++ b/meta/recipes-core/dbus/dbus_1.14.0.bb
@@ -7,18 +7,15 @@ inherit autotools pkgconfig gettext upstream-version-is-even ptest-gnome
 LICENSE = "AFL-2.1 | GPL-2.0-or-later"
 LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \
-                    file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c"
+                    file://dbus/dbus.h;beginline=6;endline=20;md5=866739837ccd835350af94dccd6457d8"
-SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \
+SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.xz \
           file://run-ptest \
-           file://python-config.patch \
           file://tmpdir.patch \
           file://dbus-1.init \
-           file://clear-guid_from_server-if-send_negotiate_unix_f.patch \
-           file://stop_using_selinux_set_mapping.patch \
 "
-SRC_URI[sha256sum] = "8d25785c798ec4f892e6f9d177fb0ceeb8b29867b119798f9d5228561d3ad474"
+SRC_URI[sha256sum] = "ccd7cce37596e0a19558fd6648d1272ab43f011d80c8635aea8fd0bad58aebd4"
 EXTRA_OECONF = "--disable-xml-docs \
                --disable-doxygen-docs \
@@ -37,7 +34,7 @@ PACKAGECONFIG:class-native = ""
 PACKAGECONFIG:class-nativesdk = ""
 PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd"
-PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm"
+PACKAGECONFIG[x11] = "--enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm"
 PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session"
 PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,,"
 PACKAGECONFIG[audit] = "--enable-libaudit,--disable-libaudit,audit"
author	Alexander Kanavin <alex.kanavin@gmail.com>	2022-03-09 23:22:14 +0100
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2022-03-15 08:40:09 +0000
commit	73dd9fae43460894c96d4d801293efceb30d9596 (patch)
tree	9ec02e0c54cf1a5119fa6ec5e023ee4ad293e060 /meta/recipes-core/dbus
parent	1341ebeab0eb3958c8d7135cf7b60835d54d1fa5 (diff)
download	poky-73dd9fae43460894c96d4d801293efceb30d9596.tar.gz

diff --git a/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch b/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch deleted file mode 100644 index 6bb6d9c82e..0000000000 --- a/meta/recipes-core/dbus/dbus/clear-guid_from_server-if-send_negotiate_unix_f.patch +++ /dev/null
@@ -1,104 +0,0 @@
1	From b8f84bd39485d3977625c9a8b8e8cff5d23be56f Mon Sep 17 00:00:00 2001
2	From: Roy Li <rongqing.li@windriver.com>
3	Date: Thu, 27 Feb 2014 09:05:02 +0800
4	Subject: [PATCH] dbus: clear guid_from_server if send_negotiate_unix_fd
5	failed
6
7	Upstream-Status: Submitted
8
9	bus-test dispatch test failed with below information:
10	./bus/bus-test: Running message dispatch test
11	Activating service name='org.freedesktop.DBus.TestSuiteEchoService'
12	Successfully activated service 'org.freedesktop.DBus.TestSuiteEchoService'
13	6363: assertion failed "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0" file "dbus-auth.c" line 1545 function process_ok
14	./bus/bus-test(_dbus_print_backtrace+0x29) [0x80cb969]
15	./bus/bus-test(_dbus_abort+0x14) [0x80cfb44]
16	./bus/bus-test(_dbus_real_assert+0x53) [0x80b52c3]
17	./bus/bus-test() [0x80e24da]
18	./bus/bus-test(_dbus_auth_do_work+0x388) [0x80e3848]
19	./bus/bus-test() [0x80aea49]
20	./bus/bus-test() [0x80affde]
21	./bus/bus-test(_dbus_transport_handle_watch+0xb1) [0x80ad841]
22	./bus/bus-test(_dbus_connection_handle_watch+0x104) [0x8089174]
23	./bus/bus-test(dbus_watch_handle+0xd8) [0x80b15e8]
24	./bus/bus-test(_dbus_loop_iterate+0x4a9) [0x80d1509]
25	./bus/bus-test(bus_test_run_clients_loop+0x5d) [0x808129d]
26	./bus/bus-test() [0x806cab0]
27	./bus/bus-test() [0x806e0ca]
28	./bus/bus-test() [0x806da6f]
29	./bus/bus-test(_dbus_test_oom_handling+0x18c) [0x80b5c8c]
30	./bus/bus-test() [0x806f723]
31	./bus/bus-test(bus_dispatch_test+0x3c) [0x8071aac]
32	./bus/bus-test(main+0x1b7) [0x805acc7]
33	/lib/libc.so.6(__libc_start_main+0xf3) [0x45f919b3]
34	./bus/bus-test() [0x805ae39]
35
36	The stack is below:
37	#0 0xffffe425 in __kernel_vsyscall ()
38	#1 0x45fa62d6 in raise () from /lib/libc.so.6
39	#2 0x45fa9653 in abort () from /lib/libc.so.6
40	#3 0x080cfb65 in _dbus_abort () at dbus-sysdeps.c:94
41	#4 0x080b52c3 in _dbus_real_assert (condition=0,
42	condition_text=condition_text@entry=0x8117a38 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0",
43	file=file@entry=0x8117273 "dbus-auth.c", line=line@entry=1545,
44	func=func@entry=0x8117f8e <__FUNCTION__.3492> "process_ok")
45	data=0x8157290) at dbus-connection.c:1515
46	#0 0x00000033fee353e9 in raise () from /lib64/libc.so.6
47	#1 0x00000033fee38508 in abort () from /lib64/libc.so.6
48	#2 0x000000000047d585 in _dbus_abort () at dbus-sysdeps.c:94
49	#3 0x0000000000466486 in _dbus_real_assert (condition=<optimized out>,
50	condition_text=condition_text@entry=0x4c2988 "_dbus_string_get_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server) == 0",
51	file=file@entry=0x4c21a5 "dbus-auth.c", line=line@entry=1546,
52	func=func@entry=0x4c2fce <__FUNCTION__.3845> "process_ok")
53	at dbus-internals.c:931
54	#4 0x000000000048d424 in process_ok (args_from_ok=0x7fffffffe480,
55	auth=0x6ff340) at dbus-auth.c:1546
56	#5 handle_client_state_waiting_for_data (auth=0x6ff340,
57	command=<optimized out>, args=0x7fffffffe480) at dbus-auth.c:1996
58	#6 0x000000000048e789 in process_command (auth=0x6ff340) at dbus-auth.c:2208
59	#7 _dbus_auth_do_work (auth=0x6ff340) at dbus-auth.c:2458
60	#8 0x000000000046091d in do_authentication (
61	transport=transport@entry=0x6ffaa0, do_reading=do_reading@entry=1,
62	do_writing=do_writing@entry=0,
63	auth_completed=auth_completed@entry=0x7fffffffe55c)
64	at dbus-transport-socket.c:442
65	#9 0x0000000000461d08 in socket_handle_watch (transport=0x6ffaa0,
66	watch=0x6f4190, flags=1) at dbus-transport-socket.c:921
67	#10 0x000000000045fa3a in _dbus_transport_handle_watch (transport=0x6ffaa0,
68
69	Once send_negotiate_unix_fd failed, this failure will happen, since
70	auth->guid_from_server has been set to some value before
71	send_negotiate_unix_fd. send_negotiate_unix_fd failure will lead to
72	this auth be handled by process_ok again, but this auth->guid_from_server
73	is not zero.
74
75	So we should clear auth->guid_from_server if send_negotiate_unix_fd failed
76
77	Signed-off-by: Roy Li <rongqing.li@windriver.com>
78	---
79	dbus/dbus-auth.c \| 9 +++++++--
80	1 file changed, 7 insertions(+), 2 deletions(-)
81
82	diff --git a/dbus/dbus-auth.c b/dbus/dbus-auth.c
83	index d2c37a7..37b45c6 100644
84	--- a/dbus/dbus-auth.c
85	+++ b/dbus/dbus-auth.c
86	@@ -1571,8 +1571,13 @@ process_ok(DBusAuth *auth,
87	_dbus_verbose ("Got GUID '%s' from the server\n",
88	_dbus_string_get_const_data (& DBUS_AUTH_CLIENT (auth)->guid_from_server));
89
90	- if (auth->unix_fd_possible)
91	- return send_negotiate_unix_fd(auth);
92	+ if (auth->unix_fd_possible) {
93	+ if (!send_negotiate_unix_fd(auth)) {
94	+ _dbus_string_set_length (& DBUS_AUTH_CLIENT (auth)->guid_from_server, 0);
95	+ return FALSE;
96	+ }
97	+ return TRUE;
98	+ }
99
100	_dbus_verbose("Not negotiating unix fd passing, since not possible\n");
101	return send_begin (auth);
102	--
103	1.7.10.4
104


diff --git a/meta/recipes-core/dbus/dbus/python-config.patch b/meta/recipes-core/dbus/dbus/python-config.patch deleted file mode 100644 index da2f10c726..0000000000 --- a/meta/recipes-core/dbus/dbus/python-config.patch +++ /dev/null
@@ -1,34 +0,0 @@
1	When building the dbus-ptest package, we have to enable python. However
2	checking if the host-system python has the necessary library isn't useful.
3
4	Disable the python module check for cross compiling.
5
6	Upstream-Status: Inappropriate [oe specific]
7
8	Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
9
10	---
11	configure.ac \| 7 -------
12	1 file changed, 7 deletions(-)
13
14	diff --git a/configure.ac b/configure.ac
15	index 80d27b4..becc1cc 100644
16	--- a/configure.ac
17	+++ b/configure.ac
18	@@ -279,13 +279,6 @@ if test "x$enable_tests" = xyes; then
19	# full test coverage is required, Python is a hard dependency
20	AC_MSG_NOTICE([Full test coverage (--enable-tests=yes) requires Python, dbus-python, pygi])
21	AM_PATH_PYTHON([2.6])
22	- AC_MSG_CHECKING([for Python modules for full test coverage])
23	- if "$PYTHON" -c "import dbus, gi.repository.GObject, dbus.mainloop.glib"; then
24	- AC_MSG_RESULT([yes])
25	- else
26	- AC_MSG_RESULT([no])
27	- AC_MSG_ERROR([cannot import dbus, gi.repository.GObject, dbus.mainloop.glib Python modules])
28	- fi
29	else
30	# --enable-tests not given: do not abort if Python is missing
31	AM_PATH_PYTHON([2.6], [], [:])
32	--
33	1.9.1
34


diff --git a/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch b/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch deleted file mode 100644 index 7035098e41..0000000000 --- a/meta/recipes-core/dbus/dbus/stop_using_selinux_set_mapping.patch +++ /dev/null
@@ -1,148 +0,0 @@
1	From 6072f8b24153d844a3033108a17bcd0c1a967816 Mon Sep 17 00:00:00 2001
2	From: Laurent Bigonville <bigon@bigon.be>
3	Date: Sat, 3 Mar 2018 11:15:23 +0100
4	Subject: [PATCH] Stop using selinux_set_mapping() function
5
6	Currently, if the "dbus" security class or the associated AV doesn't
7	exist, dbus-daemon fails to initialize and exits immediately. Also the
8	security classes or access vector cannot be reordered in the policy.
9	This can be a problem for people developing their own policy or trying
10	to access a machine where, for some reasons, there is not policy defined
11	at all.
12
13	The code here copy the behaviour of the selinux_check_access() function.
14	We cannot use this function here as it doesn't allow us to define the
15	AVC entry reference.
16
17	See the discussion at https://marc.info/?l=selinux&m=152163374332372&w=2
18
19	Resolves: https://gitlab.freedesktop.org/dbus/dbus/issues/198
20	---
21	bus/selinux.c \| 75 ++++++++++++++++++++++++++++-----------------------
22	1 file changed, 42 insertions(+), 33 deletions(-)
23
24
25	Upstream-Status: Backport
26	Signed-off-by: Nisha.Parrakat <Nisha.Parrakat@kpit.com>
27	diff --git a/bus/selinux.c b/bus/selinux.c
28
29	--- a/bus/selinux.c 2021-08-11 14:45:59.048513026 +0000
30	+++ b/bus/selinux.c 2021-08-11 14:57:47.144846966 +0000
31	@@ -311,24 +311,6 @@
32	#endif
33	}
34
35	-/*
36	- * Private Flask definitions; the order of these constants must
37	- * exactly match that of the structure array below!
38	- */
39	-/* security dbus class constants */
40	-#define SECCLASS_DBUS 1
41	-
42	-/* dbus's per access vector constants */
43	-#define DBUS__ACQUIRE_SVC 1
44	-#define DBUS__SEND_MSG 2
45	-
46	-#ifdef HAVE_SELINUX
47	-static struct security_class_mapping dbus_map[] = {
48	- { "dbus", { "acquire_svc", "send_msg", NULL } },
49	- { NULL }
50	-};
51	-#endif /* HAVE_SELINUX */
52	-
53	/**
54	* Establish dynamic object class and permission mapping and
55	* initialize the user space access vector cache (AVC) for D-Bus and set up
56	@@ -350,13 +332,6 @@
57
58	_dbus_verbose ("SELinux is enabled in this kernel.\n");
59
60	- if (selinux_set_mapping (dbus_map) < 0)
61	- {
62	- _dbus_warn ("Failed to set up security class mapping (selinux_set_mapping():%s).",
63	- strerror (errno));
64	- return FALSE;
65	- }
66	-
67	avc_entry_ref_init (&aeref);
68	if (avc_init ("avc", &mem_cb, &log_cb, &thread_cb, &lock_cb) < 0)
69	{
70	@@ -421,19 +396,53 @@
71	static dbus_bool_t
72	bus_selinux_check (BusSELinuxID *sender_sid,
73	BusSELinuxID *override_sid,
74	- security_class_t target_class,
75	- access_vector_t requested,
76	+ const char *target_class,
77	+ const char *requested,
78	DBusString *auxdata)
79	{
80	+ int saved_errno;
81	+ security_class_t security_class;
82	+ access_vector_t requested_access;
83	+
84	if (!selinux_enabled)
85	return TRUE;
86
87	+ security_class = string_to_security_class (target_class);
88	+ if (security_class == 0)
89	+ {
90	+ saved_errno = errno;
91	+ log_callback (SELINUX_ERROR, "Unknown class %s", target_class);
92	+ if (security_deny_unknown () == 0)
93	+ {
94	+ return TRUE;
95	+ }
96	+
97	+ _dbus_verbose ("Unknown class %s\n", target_class);
98	+ errno = saved_errno;
99	+ return FALSE;
100	+ }
101	+
102	+ requested_access = string_to_av_perm (security_class, requested);
103	+ if (requested_access == 0)
104	+ {
105	+ saved_errno = errno;
106	+ log_callback (SELINUX_ERROR, "Unknown permission %s for class %s", requested, target_class);
107	+ if (security_deny_unknown () == 0)
108	+ {
109	+ return TRUE;
110	+ }
111	+
112	+ _dbus_verbose ("Unknown permission %s for class %s\n", requested, target_class);
113	+ errno = saved_errno;
114	+ return FALSE;
115	+ }
116	+
117	/* Make the security check. AVC checks enforcing mode here as well. */
118	if (avc_has_perm (SELINUX_SID_FROM_BUS (sender_sid),
119	override_sid ?
120	SELINUX_SID_FROM_BUS (override_sid) :
121	bus_sid,
122	- target_class, requested, &aeref, auxdata) < 0)
123	+ security_class, requested_access, &aeref, auxdata) < 0)
124	{
125	switch (errno)
126	{
127	@@ -500,8 +509,8 @@
128
129	ret = bus_selinux_check (connection_sid,
130	service_sid,
131	- SECCLASS_DBUS,
132	- DBUS__ACQUIRE_SVC,
133	+ "dbus",
134	+ "acquire_svc",
135	&auxdata);
136
137	_dbus_string_free (&auxdata);
138	@@ -629,8 +638,8 @@
139
140	ret = bus_selinux_check (sender_sid,
141	recipient_sid,
142	- SECCLASS_DBUS,
143	- DBUS__SEND_MSG,
144	+ "dbus",
145	+ "send_msg",
146	&auxdata);
147
148	_dbus_string_free (&auxdata);


diff --git a/meta/recipes-core/dbus/dbus_1.12.22.bb b/meta/recipes-core/dbus/dbus_1.14.0.bb index 792f34c7ef..7598c45f8e 100644 --- a/meta/recipes-core/dbus/dbus_1.12.22.bb +++ b/meta/recipes-core/dbus/dbus_1.14.0.bb
@@ -7,18 +7,15 @@ inherit autotools pkgconfig gettext upstream-version-is-even ptest-gnome
7		7
8	LICENSE = "AFL-2.1 \| GPL-2.0-or-later"	8	LICENSE = "AFL-2.1 \| GPL-2.0-or-later"
9	LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \	9	LIC_FILES_CHKSUM = "file://COPYING;md5=10dded3b58148f3f1fd804b26354af3e \
10	file://dbus/dbus.h;beginline=6;endline=20;md5=7755c9d7abccd5dbd25a6a974538bb3c"	10	file://dbus/dbus.h;beginline=6;endline=20;md5=866739837ccd835350af94dccd6457d8"
11		11
12	SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.gz \	12	SRC_URI = "https://dbus.freedesktop.org/releases/dbus/dbus-${PV}.tar.xz \
13	file://run-ptest \	13	file://run-ptest \
14	file://python-config.patch \
15	file://tmpdir.patch \	14	file://tmpdir.patch \
16	file://dbus-1.init \	15	file://dbus-1.init \
17	file://clear-guid_from_server-if-send_negotiate_unix_f.patch \
18	file://stop_using_selinux_set_mapping.patch \
19	"	16	"
20		17
21	SRC_URI[sha256sum] = "8d25785c798ec4f892e6f9d177fb0ceeb8b29867b119798f9d5228561d3ad474"	18	SRC_URI[sha256sum] = "ccd7cce37596e0a19558fd6648d1272ab43f011d80c8635aea8fd0bad58aebd4"
22		19
23	EXTRA_OECONF = "--disable-xml-docs \	20	EXTRA_OECONF = "--disable-xml-docs \
24	--disable-doxygen-docs \	21	--disable-doxygen-docs \
@@ -37,7 +34,7 @@ PACKAGECONFIG:class-native = ""
37	PACKAGECONFIG:class-nativesdk = ""	34	PACKAGECONFIG:class-nativesdk = ""
38		35
39	PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd"	36	PACKAGECONFIG[systemd] = "--enable-systemd --with-systemdsystemunitdir=${systemd_system_unitdir},--disable-systemd --without-systemdsystemunitdir,systemd"
40	PACKAGECONFIG[x11] = "--with-x --enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm"	37	PACKAGECONFIG[x11] = "--enable-x11-autolaunch,--without-x --disable-x11-autolaunch, virtual/libx11 libsm"
41	PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session"	38	PACKAGECONFIG[user-session] = "--enable-user-session --with-systemduserunitdir=${systemd_user_unitdir},--disable-user-session"
42	PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,,"	39	PACKAGECONFIG[verbose-mode] = "--enable-verbose-mode,,,"
43	PACKAGECONFIG[audit] = "--enable-libaudit,--disable-libaudit,audit"	40	PACKAGECONFIG[audit] = "--enable-libaudit,--disable-libaudit,audit"