libselinux: uprev to 2.9 (20190315)

* Switch to python3 * Drop patches: 0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch 0001-src-Makefile-fix-includedir-in-libselinux.pc.patch * Split into libselinux recipe and libselinux-python recipe to fix the loop dependency error. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
author: Yi Zhao <yi.zhao@windriver.com> 2019-11-14 09:48:46 +0800
committer: Joe MacDonald <joe_macdonald@mentor.com> 2019-12-19 11:09:21 -0500
commit: 5e3643b618a2a01304165dc1b80f6d784742dc70 (patch)
tree: 88dbe48b3d976eefa7b3d7a681099880853c4833 /recipes-security
parent: 5fbf7227c937324776586c27a99def853aae3a7a (diff)
download: meta-selinux-5e3643b618a2a01304165dc1b80f6d784742dc70.tar.gz
4 files changed, 6 insertions, 116 deletions
diff --git a/recipes-security/selinux/libselinux.inc b/recipes-security/selinux/libselinux.inc
index 6e115e3..8d381de 100644
--- a/recipes-security/selinux/libselinux.inc
+++ b/recipes-security/selinux/libselinux.inc
@@ -5,15 +5,10 @@ decisions.  Required for any applications that use the SELinux API."
 SECTION = "base"
 LICENSE = "PD"
-inherit lib_package pythonnative
+inherit lib_package python3native
-DEPENDS += "libsepol python libpcre swig-native"
+DEPENDS += "libsepol libpcre"
 DEPENDS_append_libc-musl = " fts"
-RDEPENDS_${PN}-python += "python-core python-shell"
-PACKAGES += "${PN}-python"
-FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
-FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/selinux/.debug/*"
 def get_policyconfigarch(d):
    import re
@@ -26,19 +21,4 @@ EXTRA_OEMAKE += "${@get_policyconfigarch(d)}"
 EXTRA_OEMAKE += "LDFLAGS='${LDFLAGS} -lpcre' LIBSEPOLA='${STAGING_LIBDIR}/libsepol.a'"
 EXTRA_OEMAKE_append_libc-musl = " FTS_LDLIBS=-lfts"
-do_compile_append() {
-    oe_runmake pywrap -j1 \
-            INCLUDEDIR='${STAGING_INCDIR}' \
-            LIBDIR='${STAGING_LIBDIR}' \
-            PYINC='-I${STAGING_INCDIR}/python${PYTHON_BASEVERSION}'
-}
-do_install_append() {
-    oe_runmake install-pywrap swigify \
-            PYTHONLIBDIR=${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages
-    if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then
-        rm -rf ${D}${base_sbindir}
-    fi
-}
 BBCLASSEXTEND = "native"
diff --git a/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch b/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch
deleted file mode 100644
index fc3e37e..0000000
--- a/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch
+++ /dev/null
@@ -1,60 +0,0 @@
-From 2c672b4cc39fbddb6faec2c7434832058f339d59 Mon Sep 17 00:00:00 2001
-From: Petr Lautrbach <plautrba@redhat.com>
-Date: Mon, 11 Mar 2019 16:00:41 +0100
-Subject: [PATCH] libselinux: Do not define gettid() if glibc >= 2.30 is used
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Since version 2.30 glibc implements gettid() system call wrapper, see
-https://sourceware.org/bugzilla/show_bug.cgi?id=6399
-Fixes:
-cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -I../include -D_GNU_SOURCE  -DNO_ANDROID_BACKEND   -c -o procattr.o procattr.c
-procattr.c:28:14: error: static declaration of ‘gettid’ follows non-static declaration
-   28 | static pid_t gettid(void)
-      |              ^~~~~~
-In file included from /usr/include/unistd.h:1170,
-                 from procattr.c:2:
-/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here
-   34 | extern __pid_t gettid (void) __THROW;
-      |                ^~~~~~
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/707e4b8610733b5c9eaac0f00239778f3edb23c2]
-Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- src/procattr.c | 15 +++++++++++++--
- 1 file changed, 13 insertions(+), 2 deletions(-)
-diff --git a/src/procattr.c b/src/procattr.c
-index 8bf8432..3c7b87f 100644
--- a/src/procattr.c
-+++ b/src/procattr.c
-@@ -22,8 +22,19 @@ static pthread_key_t destructor_key;
- static int destructor_key_initialized = 0;
- static __thread char destructor_initialized;
- 
-#ifndef __BIONIC__
-/* Bionic declares this in unistd.h and has a definition for it */
-+/* Bionic and glibc >= 2.30 declare gettid() system call wrapper in unistd.h and
-+ * has a definition for it */
-+#ifdef __BIONIC__
-+  #define OVERRIDE_GETTID 0
-+#elif !defined(__GLIBC_PREREQ)
-+  #define OVERRIDE_GETTID 1
-+#elif !__GLIBC_PREREQ(2,30)
-+  #define OVERRIDE_GETTID 1
-+#else
-+  #define OVERRIDE_GETTID 0
-+#endif
-+
-+#if OVERRIDE_GETTID
- static pid_t gettid(void)
- {
-        return syscall(__NR_gettid);
-- 
-2.7.4
diff --git a/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch b/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch
deleted file mode 100644
index 46cfaaf..0000000
--- a/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 37f3299e8f5c468fe692f36356c2c35f968b6aee Mon Sep 17 00:00:00 2001
-From: Robert Yang <liezhi.yang@windriver.com>
-Date: Thu, 18 Feb 2016 02:39:16 +0000
-Subject: [PATCH] src/Makefile: fix includedir in libselinux.pc
-Upstream-Status: Pending
-Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
-Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
- src/Makefile | 1 +
- 1 file changed, 1 insertion(+)
-diff --git a/src/Makefile b/src/Makefile
-index 977b5c8..92a4289 100644
--- a/src/Makefile
-+++ b/src/Makefile
-@@ -156,6 +156,7 @@ $(LIBSO): $(LOBJS)
- 
- $(LIBPC): $(LIBPC).in ../VERSION
-        sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):; s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
-+       sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:${libdir}:; s:@includedir@:${prefix}/include:; s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
- 
- selinuxswig_python_exception.i: ../include/selinux/selinux.h
-        bash -e exception.sh > $@ || (rm -f $@ ; false)
-- 
-2.7.4
diff --git a/recipes-security/selinux/libselinux_2.8.bb b/recipes-security/selinux/libselinux_2.9.bb
index 7545967..f04bc4a 100644
--- a/recipes-security/selinux/libselinux_2.8.bb
+++ b/recipes-security/selinux/libselinux_2.9.bb
@@ -1,16 +1,14 @@
-include selinux_20180524.inc
+require selinux_20190315.inc
-include ${BPN}.inc
+require ${BPN}.inc
 LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
-SRC_URI[md5sum] = "56057e60192b21122c1aede8ff723ca2"
+SRC_URI[md5sum] = "bb449431b6ed55a0a0496dbc366d6e31"
-SRC_URI[sha256sum] = "31db96ec7643ce10912b3c3f98506a08a9116dcfe151855fd349c3fda96187e1"
+SRC_URI[sha256sum] = "1bccc8873e449587d9a2b2cf253de9b89a8291b9fbc7c59393ca9e5f5f4d2693"
 SRC_URI += "\
        file://libselinux-drop-Wno-unused-but-set-variable.patch \
        file://libselinux-make-O_CLOEXEC-optional.patch \
        file://libselinux-make-SOCK_CLOEXEC-optional.patch \
        file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
-        file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \
-        file://0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch \
        "
author	Yi Zhao <yi.zhao@windriver.com>	2019-11-14 09:48:46 +0800
committer	Joe MacDonald <joe_macdonald@mentor.com>	2019-12-19 11:09:21 -0500
commit	5e3643b618a2a01304165dc1b80f6d784742dc70 (patch)
tree	88dbe48b3d976eefa7b3d7a681099880853c4833 /recipes-security
parent	5fbf7227c937324776586c27a99def853aae3a7a (diff)
download	meta-selinux-5e3643b618a2a01304165dc1b80f6d784742dc70.tar.gz

diff --git a/recipes-security/selinux/libselinux.inc b/recipes-security/selinux/libselinux.inc index 6e115e3..8d381de 100644 --- a/recipes-security/selinux/libselinux.inc +++ b/recipes-security/selinux/libselinux.inc
@@ -5,15 +5,10 @@ decisions. Required for any applications that use the SELinux API."
5	SECTION = "base"	5	SECTION = "base"
6	LICENSE = "PD"	6	LICENSE = "PD"
7		7
8	inherit lib_package pythonnative	8	inherit lib_package python3native
9		9
10	DEPENDS += "libsepol python libpcre swig-native"	10	DEPENDS += "libsepol libpcre"
11	DEPENDS_append_libc-musl = " fts"	11	DEPENDS_append_libc-musl = " fts"
12	RDEPENDS_${PN}-python += "python-core python-shell"
13
14	PACKAGES += "${PN}-python"
15	FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*"
16	FILES_${PN}-dbg += "${libdir}/python${PYTHON_BASEVERSION}/site-packages/selinux/.debug/*"
17		12
18	def get_policyconfigarch(d):	13	def get_policyconfigarch(d):
19	import re	14	import re
@@ -26,19 +21,4 @@ EXTRA_OEMAKE += "${@get_policyconfigarch(d)}"
26	EXTRA_OEMAKE += "LDFLAGS='${LDFLAGS} -lpcre' LIBSEPOLA='${STAGING_LIBDIR}/libsepol.a'"	21	EXTRA_OEMAKE += "LDFLAGS='${LDFLAGS} -lpcre' LIBSEPOLA='${STAGING_LIBDIR}/libsepol.a'"
27	EXTRA_OEMAKE_append_libc-musl = " FTS_LDLIBS=-lfts"	22	EXTRA_OEMAKE_append_libc-musl = " FTS_LDLIBS=-lfts"
28		23
29	do_compile_append() {
30	oe_runmake pywrap -j1 \
31	INCLUDEDIR='${STAGING_INCDIR}' \
32	LIBDIR='${STAGING_LIBDIR}' \
33	PYINC='-I${STAGING_INCDIR}/python${PYTHON_BASEVERSION}'
34	}
35
36	do_install_append() {
37	oe_runmake install-pywrap swigify \
38	PYTHONLIBDIR=${D}${libdir}/python${PYTHON_BASEVERSION}/site-packages
39	if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then
40	rm -rf ${D}${base_sbindir}
41	fi
42	}
43
44	BBCLASSEXTEND = "native"	24	BBCLASSEXTEND = "native"


diff --git a/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch b/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch deleted file mode 100644 index fc3e37e..0000000 --- a/recipes-security/selinux/libselinux/0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch +++ /dev/null
@@ -1,60 +0,0 @@
1	From 2c672b4cc39fbddb6faec2c7434832058f339d59 Mon Sep 17 00:00:00 2001
2	From: Petr Lautrbach <plautrba@redhat.com>
3	Date: Mon, 11 Mar 2019 16:00:41 +0100
4	Subject: [PATCH] libselinux: Do not define gettid() if glibc >= 2.30 is used
5	MIME-Version: 1.0
6	Content-Type: text/plain; charset=UTF-8
7	Content-Transfer-Encoding: 8bit
8
9	Since version 2.30 glibc implements gettid() system call wrapper, see
10	https://sourceware.org/bugzilla/show_bug.cgi?id=6399
11
12	Fixes:
13	cc -O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -I../include -D_GNU_SOURCE -DNO_ANDROID_BACKEND -c -o procattr.o procattr.c
14	procattr.c:28:14: error: static declaration of ‘gettid’ follows non-static declaration
15	28 \| static pid_t gettid(void)
16	\| ^~~~~~
17	In file included from /usr/include/unistd.h:1170,
18	from procattr.c:2:
19	/usr/include/bits/unistd_ext.h:34:16: note: previous declaration of ‘gettid’ was here
20	34 \| extern __pid_t gettid (void) __THROW;
21	\| ^~~~~~
22
23	Upstream-Status: Backport
24	[https://github.com/SELinuxProject/selinux/commit/707e4b8610733b5c9eaac0f00239778f3edb23c2]
25
26	Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
27	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
28	---
29	src/procattr.c \| 15 +++++++++++++--
30	1 file changed, 13 insertions(+), 2 deletions(-)
31
32	diff --git a/src/procattr.c b/src/procattr.c
33	index 8bf8432..3c7b87f 100644
34	--- a/src/procattr.c
35	+++ b/src/procattr.c
36	@@ -22,8 +22,19 @@ static pthread_key_t destructor_key;
37	static int destructor_key_initialized = 0;
38	static __thread char destructor_initialized;
39
40	-#ifndef __BIONIC__
41	-/* Bionic declares this in unistd.h and has a definition for it */
42	+/* Bionic and glibc >= 2.30 declare gettid() system call wrapper in unistd.h and
43	+ * has a definition for it */
44	+#ifdef __BIONIC__
45	+ #define OVERRIDE_GETTID 0
46	+#elif !defined(__GLIBC_PREREQ)
47	+ #define OVERRIDE_GETTID 1
48	+#elif !__GLIBC_PREREQ(2,30)
49	+ #define OVERRIDE_GETTID 1
50	+#else
51	+ #define OVERRIDE_GETTID 0
52	+#endif
53	+
54	+#if OVERRIDE_GETTID
55	static pid_t gettid(void)
56	{
57	return syscall(__NR_gettid);
58	--
59	2.7.4
60


diff --git a/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch b/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch deleted file mode 100644 index 46cfaaf..0000000 --- a/recipes-security/selinux/libselinux/0001-src-Makefile-fix-includedir-in-libselinux.pc.patch +++ /dev/null
@@ -1,28 +0,0 @@
1	From 37f3299e8f5c468fe692f36356c2c35f968b6aee Mon Sep 17 00:00:00 2001
2	From: Robert Yang <liezhi.yang@windriver.com>
3	Date: Thu, 18 Feb 2016 02:39:16 +0000
4	Subject: [PATCH] src/Makefile: fix includedir in libselinux.pc
5
6	Upstream-Status: Pending
7
8	Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
9	Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
10	---
11	src/Makefile \| 1 +
12	1 file changed, 1 insertion(+)
13
14	diff --git a/src/Makefile b/src/Makefile
15	index 977b5c8..92a4289 100644
16	--- a/src/Makefile
17	+++ b/src/Makefile
18	@@ -156,6 +156,7 @@ $(LIBSO): $(LOBJS)
19
20	$(LIBPC): $(LIBPC).in ../VERSION
21	sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):; s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
22	+ sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:${libdir}:; s:@includedir@:${prefix}/include:; s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
23
24	selinuxswig_python_exception.i: ../include/selinux/selinux.h
25	bash -e exception.sh > $@ \|\| (rm -f $@ ; false)
26	--
27	2.7.4
28


diff --git a/recipes-security/selinux/libselinux_2.8.bb b/recipes-security/selinux/libselinux_2.9.bb index 7545967..f04bc4a 100644 --- a/recipes-security/selinux/libselinux_2.8.bb +++ b/recipes-security/selinux/libselinux_2.9.bb
@@ -1,16 +1,14 @@
1	include selinux_20180524.inc	1	require selinux_20190315.inc
2	include ${BPN}.inc	2	require ${BPN}.inc
3		3
4	LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"	4	LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
5		5
6	SRC_URI[md5sum] = "56057e60192b21122c1aede8ff723ca2"	6	SRC_URI[md5sum] = "bb449431b6ed55a0a0496dbc366d6e31"
7	SRC_URI[sha256sum] = "31db96ec7643ce10912b3c3f98506a08a9116dcfe151855fd349c3fda96187e1"	7	SRC_URI[sha256sum] = "1bccc8873e449587d9a2b2cf253de9b89a8291b9fbc7c59393ca9e5f5f4d2693"
8		8
9	SRC_URI += "\	9	SRC_URI += "\
10	file://libselinux-drop-Wno-unused-but-set-variable.patch \	10	file://libselinux-drop-Wno-unused-but-set-variable.patch \
11	file://libselinux-make-O_CLOEXEC-optional.patch \	11	file://libselinux-make-O_CLOEXEC-optional.patch \
12	file://libselinux-make-SOCK_CLOEXEC-optional.patch \	12	file://libselinux-make-SOCK_CLOEXEC-optional.patch \
13	file://libselinux-define-FD_CLOEXEC-as-necessary.patch \	13	file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
14	file://0001-src-Makefile-fix-includedir-in-libselinux.pc.patch \
15	file://0001-libselinux-Do-not-define-gettid-if-glibc-2.30-is-use.patch \
16	"	14	"