Conan/conan-build
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[DO-973] harfbuzz package (!10)

Browse Source 
Co-authored-by: aleksandr.vodyanov <aleksandr.vodyanov@avroid.tech>
Reviewed-on: https://git.avroid.tech/Conan/conan_build/pulls/10
This commit is contained in:
Aleksandr Vodyanov
2024-12-26 12:02:17 +03:00
parent 39afe6a1dd
commit c807f2514e
126 changed files with 6604 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
recipes/libselinux/all/conandata.yml Normal file
View File

@@ -0,0 +1,64 @@
sources:
"3.6":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.6/libselinux-3.6.tar.gz"
sha256: "ba4e0ef34b270e7672a5e5f1b523fe2beab3a40bb33d9389f4ad3a8728f21b52"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.6/libsepol-3.6.tar.gz"
sha256: "c9dc585ea94903d784d597c861cd5dce6459168f95e22b31a0eab1cdd800975a"
"3.5":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.5/libselinux-3.5.tar.gz"
sha256: "9a3a3705ac13a2ccca2de6d652b6356fead10f36fb33115c185c5ccdf29eec19"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.5/libsepol-3.5.tar.gz"
sha256: "78fdaf69924db780bac78546e43d9c44074bad798c2c415d0b9bb96d065ee8a2"
"3.3":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.3/libselinux-3.3.tar.gz"
sha256: "acfdee27633d2496508c28727c3d41d3748076f66d42fccde2e6b9f3463a7057"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.3/libsepol-3.3.tar.gz"
sha256: "2d97df3eb8466169b389c3660acbb90c54200ac96e452eca9f41a9639f4f238b"
"3.2":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.2/libselinux-3.2.tar.gz"
sha256: "df758ef1d9d4811051dd901ea6b029ae334ffd7c671c128beb16bce1e25ac161"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/3.2/libsepol-3.2.tar.gz"
sha256: "dfc7f662af8000116e56a01de6a0394ed79be1b34b999e551346233c5dd19508"
"3.1":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20200710/libselinux-3.1.tar.gz"
sha256: "ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20200710/libsepol-3.1.tar.gz"
sha256: "ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc"
"3.0":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20191204/libselinux-3.0.tar.gz"
sha256: "2ea2b30f671dae9d6b1391cbe8fb2ce5d36a3ee4fb1cd3c32f0d933c31b82433"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20191204/libsepol-3.0.tar.gz"
sha256: "5b7ae1881909f1048b06f7a0c364c5c8a86ec12e0ec76e740fe9595a6033eb79"
"2.9":
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20190315/libselinux-2.9.tar.gz"
sha256: "1bccc8873e449587d9a2b2cf253de9b89a8291b9fbc7c59393ca9e5f5f4d2693"
- url: "https://nexus.avroid.tech/repository/devops-raw-proxy-github/SELinuxProject/selinux/releases/download/20190315/libsepol-2.9.tar.gz"
sha256: "a34b12b038d121e3e459b1cbaca3c9202e983137819c16baf63658390e3f1d5d"
patches:
"3.6":
- patch_file: patches/0003-fix-missing-include-3.6.patch
base_path: libselinux-3.6
patch_description: "Fix a missing #include <stdint.h>"
patch_type: "portability"
- patch_file: patches/0004-libsepol-src-Makefile-fix-reallocarray-detection.patch
patch_description: "libsepol/src/Makefile: fix reallocarray detection"
patch_source: "https://lore.kernel.org/selinux/20240108210314.339682-1-fontaine.fabrice@gmail.com/"
patch_type: "portability"
base_path: libsepol-3.6
- patch_file: patches/0005-libselinux-libsepol-Add-CFLAGS-and-LDFLAGS.patch
patch_description: "libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks"
patch_source: "https://lore.kernel.org/selinux/20240313224806.2859045-1-jwcart2@gmail.com/T/#u"
patch_type: "portability"
"3.3":
- patch_file: patches/0003-fix-link-pcre.patch
base_path: libselinux-3.3
"3.0":
- patch_file: patches/0001-fix-fno-common-3.0.patch
base_path: libsepol-3.0
- patch_file: patches/0002-remove-cil_mem_error_handler.patch
base_path: libsepol-3.0
"2.9":
- patch_file: patches/0001-fix-fno-common-2.9.patch
base_path: libsepol-2.9
- patch_file: patches/0002-remove-cil_mem_error_handler.patch
base_path: libsepol-2.9

139
recipes/libselinux/all/conanfile.py Normal file
View File

@@ -0,0 +1,139 @@
import os
from conan import ConanFile
from conan.errors import ConanInvalidConfiguration
from conan.tools.build import cross_building
from conan.tools.env import VirtualBuildEnv
from conan.tools.files import apply_conandata_patches, chdir, copy, export_conandata_patches, get, rename, replace_in_file, save
from conan.tools.gnu import Autotools, AutotoolsToolchain, PkgConfigDeps
from conan.tools.layout import basic_layout
from conan.tools.scm import Version
required_conan_version = ">=1.53.0"
class LibSELinuxConan(ConanFile):
name = "libselinux"
description = (
"Security-enhanced Linux is a patch of the Linux kernel and a number "
"of utilities with enhanced security functionality designed to add "
"mandatory access controls to Linux"
)
topics = ("linux", "selinux", "security", "security-enhanced")
url = "https://github.com/conan-io/conan-center-index"
homepage = "https://github.com/SELinuxProject/selinux"
license = (
# https://github.com/SELinuxProject/selinux/blob/main/libselinux/LICENSE
# For the libselinux component: public domain with a limited liability clause
"libselinux-1.0",
# https://github.com/SELinuxProject/selinux/blob/main/libsepol/LICENSE
# For the libsepol component: LGPL-2.1
"LGPL-2.1-or-later",
)
package_type = "library"
settings = "os", "arch", "compiler", "build_type"
options = {
"shared": [True, False],
"fPIC": [True, False],
}
default_options = {
"shared": False,
"fPIC": True,
}
def export_sources(self):
export_conandata_patches(self)
def configure(self):
if self.options.shared:
self.options.rm_safe("fPIC")
self.settings.rm_safe("compiler.cppstd")
self.settings.rm_safe("compiler.libcxx")
def layout(self):
basic_layout(self, src_folder="src")
def requirements(self):
self.requires("pcre2/[>=10.43]")
def validate(self):
if self.settings.os not in ["Linux", "FreeBSD"]:
raise ConanInvalidConfiguration(f"{self.ref} only supports Linux")
def build_requirements(self):
self.tool_requires("flex/2.6.4")
if not self.conf.get("tools.gnu:pkg_config", default=False, check_type=str):
self.tool_requires("pkgconf/2.2.0")
def source(self):
for download in self.conan_data["sources"][self.version]:
get(self, **download)
@property
def _sepol_source_folder(self):
return os.path.join(self.source_folder, f"libsepol-{self.version}")
@property
def _selinux_source_folder(self):
return os.path.join(self.source_folder, f"libselinux-{self.version}")
def generate(self):
virtual_build_env = VirtualBuildEnv(self)
virtual_build_env.generate()
pkg_config_deps = PkgConfigDeps(self)
pkg_config_deps.generate()
tc = AutotoolsToolchain(self)
sepol_include_folder = os.path.join(self._sepol_source_folder, "include")
tc.extra_cflags.append(f"-I{sepol_include_folder}")
sepol_lib_folder = os.path.join(self._sepol_source_folder, "src")
tc.extra_ldflags.append(f"-L{sepol_lib_folder}")
tc.make_args.append("USE_PCRE2=y")
env = tc.environment()
if cross_building(self):
env.append_path("PKG_CONFIG_LIBDIR", self.generators_folder)
tc.generate(env=env)
def build(self):
apply_conandata_patches(self)
autotools = Autotools(self)
for subdir in [self._sepol_source_folder, self._selinux_source_folder]:
with chdir(self, subdir):
# Build only .a or .so, not both
replace_in_file(self, os.path.join("src", "Makefile"),
"all: $(LIBA) $(LIBSO) $(LIBPC)",
"all: $(LIBSO)" if self.options.shared else "all: $(LIBA)")
# Skip utils dir by truncating its Makefile
save(self, os.path.join("utils", "Makefile"), "all:\n")
autotools.make()
def _copy_licenses(self):
copy(self, "LICENSE", self._selinux_source_folder, os.path.join(self.package_folder, "licenses"))
rename(self, os.path.join(self.package_folder, "licenses", "LICENSE"),
os.path.join(self.package_folder, "licenses", "LICENSE-libselinux"))
if Version(self.version) >= "3.5":
copy(self, "LICENSE", self._sepol_source_folder, os.path.join(self.package_folder, "licenses"))
rename(self, os.path.join(self.package_folder, "licenses", "LICENSE"),
os.path.join(self.package_folder, "licenses", "LICENSE-libsepol"))
else:
copy(self, "COPYING", self._sepol_source_folder, os.path.join(self.package_folder, "licenses"))
rename(self, os.path.join(self.package_folder, "licenses", "COPYING"),
os.path.join(self.package_folder, "licenses", "LICENSE-libsepol"))
def package(self):
self._copy_licenses()
for library in [self._sepol_source_folder, self._selinux_source_folder]:
copy(self, "*.h", os.path.join(library, "include"), os.path.join(self.package_folder, "include"))
if self.options.shared:
copy(self, "*.so*", library, os.path.join(self.package_folder, "lib"), keep_path=False)
else:
copy(self, "*.a", library, os.path.join(self.package_folder, "lib"), keep_path=False)
def package_info(self):
self.cpp_info.components["selinux"].set_property("pkg_config_name", "libselinux")
self.cpp_info.components["selinux"].libs = ["selinux"]
self.cpp_info.components["selinux"].requires = ["sepol", "pcre2::pcre2"]
if self.options.shared:
self.cpp_info.components["selinux"].system_libs = ["dl"]
self.cpp_info.components["sepol"].set_property("pkg_config_name", "libsepol")
self.cpp_info.components["sepol"].libs = ["sepol"]

507
recipes/libselinux/all/patches/0001-fix-fno-common-2.9.patch Normal file
View File

@@ -0,0 +1,507 @@
libsepol: fix CIL_KEY_* build errors with -fno-common
GCC 10 comes with -fno-common enabled by default - fix the CIL_KEY_*
global variables to be defined only once in cil.c and declared in the
header file correctly with the 'extern' keyword, so that other units
including the file don't generate duplicate definitions.
see https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c
--- a/cil/src/cil.c
+++ b/cil/src/cil.c
@@ -77,6 +77,167 @@ int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
};
+char *CIL_KEY_CONS_T1;
+char *CIL_KEY_CONS_T2;
+char *CIL_KEY_CONS_T3;
+char *CIL_KEY_CONS_R1;
+char *CIL_KEY_CONS_R2;
+char *CIL_KEY_CONS_R3;
+char *CIL_KEY_CONS_U1;
+char *CIL_KEY_CONS_U2;
+char *CIL_KEY_CONS_U3;
+char *CIL_KEY_CONS_L1;
+char *CIL_KEY_CONS_L2;
+char *CIL_KEY_CONS_H1;
+char *CIL_KEY_CONS_H2;
+char *CIL_KEY_AND;
+char *CIL_KEY_OR;
+char *CIL_KEY_NOT;
+char *CIL_KEY_EQ;
+char *CIL_KEY_NEQ;
+char *CIL_KEY_CONS_DOM;
+char *CIL_KEY_CONS_DOMBY;
+char *CIL_KEY_CONS_INCOMP;
+char *CIL_KEY_CONDTRUE;
+char *CIL_KEY_CONDFALSE;
+char *CIL_KEY_SELF;
+char *CIL_KEY_OBJECT_R;
+char *CIL_KEY_STAR;
+char *CIL_KEY_TCP;
+char *CIL_KEY_UDP;
+char *CIL_KEY_DCCP;
+char *CIL_KEY_SCTP;
+char *CIL_KEY_AUDITALLOW;
+char *CIL_KEY_TUNABLEIF;
+char *CIL_KEY_ALLOW;
+char *CIL_KEY_DONTAUDIT;
+char *CIL_KEY_TYPETRANSITION;
+char *CIL_KEY_TYPECHANGE;
+char *CIL_KEY_CALL;
+char *CIL_KEY_TUNABLE;
+char *CIL_KEY_XOR;
+char *CIL_KEY_ALL;
+char *CIL_KEY_RANGE;
+char *CIL_KEY_GLOB;
+char *CIL_KEY_FILE;
+char *CIL_KEY_DIR;
+char *CIL_KEY_CHAR;
+char *CIL_KEY_BLOCK;
+char *CIL_KEY_SOCKET;
+char *CIL_KEY_PIPE;
+char *CIL_KEY_SYMLINK;
+char *CIL_KEY_ANY;
+char *CIL_KEY_XATTR;
+char *CIL_KEY_TASK;
+char *CIL_KEY_TRANS;
+char *CIL_KEY_TYPE;
+char *CIL_KEY_ROLE;
+char *CIL_KEY_USER;
+char *CIL_KEY_USERATTRIBUTE;
+char *CIL_KEY_USERATTRIBUTESET;
+char *CIL_KEY_SENSITIVITY;
+char *CIL_KEY_CATEGORY;
+char *CIL_KEY_CATSET;
+char *CIL_KEY_LEVEL;
+char *CIL_KEY_LEVELRANGE;
+char *CIL_KEY_CLASS;
+char *CIL_KEY_IPADDR;
+char *CIL_KEY_MAP_CLASS;
+char *CIL_KEY_CLASSPERMISSION;
+char *CIL_KEY_BOOL;
+char *CIL_KEY_STRING;
+char *CIL_KEY_NAME;
+char *CIL_KEY_SOURCE;
+char *CIL_KEY_TARGET;
+char *CIL_KEY_LOW;
+char *CIL_KEY_HIGH;
+char *CIL_KEY_LOW_HIGH;
+char *CIL_KEY_HANDLEUNKNOWN;
+char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
+char *CIL_KEY_HANDLEUNKNOWN_DENY;
+char *CIL_KEY_HANDLEUNKNOWN_REJECT;
+char *CIL_KEY_MACRO;
+char *CIL_KEY_IN;
+char *CIL_KEY_MLS;
+char *CIL_KEY_DEFAULTRANGE;
+char *CIL_KEY_BLOCKINHERIT;
+char *CIL_KEY_BLOCKABSTRACT;
+char *CIL_KEY_CLASSORDER;
+char *CIL_KEY_CLASSMAPPING;
+char *CIL_KEY_CLASSPERMISSIONSET;
+char *CIL_KEY_COMMON;
+char *CIL_KEY_CLASSCOMMON;
+char *CIL_KEY_SID;
+char *CIL_KEY_SIDCONTEXT;
+char *CIL_KEY_SIDORDER;
+char *CIL_KEY_USERLEVEL;
+char *CIL_KEY_USERRANGE;
+char *CIL_KEY_USERBOUNDS;
+char *CIL_KEY_USERPREFIX;
+char *CIL_KEY_SELINUXUSER;
+char *CIL_KEY_SELINUXUSERDEFAULT;
+char *CIL_KEY_TYPEATTRIBUTE;
+char *CIL_KEY_TYPEATTRIBUTESET;
+char *CIL_KEY_EXPANDTYPEATTRIBUTE;
+char *CIL_KEY_TYPEALIAS;
+char *CIL_KEY_TYPEALIASACTUAL;
+char *CIL_KEY_TYPEBOUNDS;
+char *CIL_KEY_TYPEPERMISSIVE;
+char *CIL_KEY_RANGETRANSITION;
+char *CIL_KEY_USERROLE;
+char *CIL_KEY_ROLETYPE;
+char *CIL_KEY_ROLETRANSITION;
+char *CIL_KEY_ROLEALLOW;
+char *CIL_KEY_ROLEATTRIBUTE;
+char *CIL_KEY_ROLEATTRIBUTESET;
+char *CIL_KEY_ROLEBOUNDS;
+char *CIL_KEY_BOOLEANIF;
+char *CIL_KEY_NEVERALLOW;
+char *CIL_KEY_TYPEMEMBER;
+char *CIL_KEY_SENSALIAS;
+char *CIL_KEY_SENSALIASACTUAL;
+char *CIL_KEY_CATALIAS;
+char *CIL_KEY_CATALIASACTUAL;
+char *CIL_KEY_CATORDER;
+char *CIL_KEY_SENSITIVITYORDER;
+char *CIL_KEY_SENSCAT;
+char *CIL_KEY_CONSTRAIN;
+char *CIL_KEY_MLSCONSTRAIN;
+char *CIL_KEY_VALIDATETRANS;
+char *CIL_KEY_MLSVALIDATETRANS;
+char *CIL_KEY_CONTEXT;
+char *CIL_KEY_FILECON;
+char *CIL_KEY_IBPKEYCON;
+char *CIL_KEY_IBENDPORTCON;
+char *CIL_KEY_PORTCON;
+char *CIL_KEY_NODECON;
+char *CIL_KEY_GENFSCON;
+char *CIL_KEY_NETIFCON;
+char *CIL_KEY_PIRQCON;
+char *CIL_KEY_IOMEMCON;
+char *CIL_KEY_IOPORTCON;
+char *CIL_KEY_PCIDEVICECON;
+char *CIL_KEY_DEVICETREECON;
+char *CIL_KEY_FSUSE;
+char *CIL_KEY_POLICYCAP;
+char *CIL_KEY_OPTIONAL;
+char *CIL_KEY_DEFAULTUSER;
+char *CIL_KEY_DEFAULTROLE;
+char *CIL_KEY_DEFAULTTYPE;
+char *CIL_KEY_ROOT;
+char *CIL_KEY_NODE;
+char *CIL_KEY_PERM;
+char *CIL_KEY_ALLOWX;
+char *CIL_KEY_AUDITALLOWX;
+char *CIL_KEY_DONTAUDITX;
+char *CIL_KEY_NEVERALLOWX;
+char *CIL_KEY_PERMISSIONX;
+char *CIL_KEY_IOCTL;
+char *CIL_KEY_UNORDERED;
+char *CIL_KEY_SRC_INFO;
+char *CIL_KEY_SRC_CIL;
+char *CIL_KEY_SRC_HLL;
+
static void cil_init_keys(void)
{
/* Initialize CIL Keys into strpool */
--- a/cil/src/cil_internal.h
+++ b/cil/src/cil_internal.h
@@ -74,165 +74,325 @@ enum cil_pass {
/*
Keywords
*/
+extern
char *CIL_KEY_CONS_T1;
+extern
char *CIL_KEY_CONS_T2;
+extern
char *CIL_KEY_CONS_T3;
+extern
char *CIL_KEY_CONS_R1;
+extern
char *CIL_KEY_CONS_R2;
+extern
char *CIL_KEY_CONS_R3;
+extern
char *CIL_KEY_CONS_U1;
+extern
char *CIL_KEY_CONS_U2;
+extern
char *CIL_KEY_CONS_U3;
+extern
char *CIL_KEY_CONS_L1;
+extern
char *CIL_KEY_CONS_L2;
+extern
char *CIL_KEY_CONS_H1;
+extern
char *CIL_KEY_CONS_H2;
+extern
char *CIL_KEY_AND;
+extern
char *CIL_KEY_OR;
+extern
char *CIL_KEY_NOT;
+extern
char *CIL_KEY_EQ;
+extern
char *CIL_KEY_NEQ;
+extern
char *CIL_KEY_CONS_DOM;
+extern
char *CIL_KEY_CONS_DOMBY;
+extern
char *CIL_KEY_CONS_INCOMP;
+extern
char *CIL_KEY_CONDTRUE;
+extern
char *CIL_KEY_CONDFALSE;
+extern
char *CIL_KEY_SELF;
+extern
char *CIL_KEY_OBJECT_R;
+extern
char *CIL_KEY_STAR;
+extern
char *CIL_KEY_TCP;
+extern
char *CIL_KEY_UDP;
+extern
char *CIL_KEY_DCCP;
+extern
char *CIL_KEY_SCTP;
+extern
char *CIL_KEY_AUDITALLOW;
+extern
char *CIL_KEY_TUNABLEIF;
+extern
char *CIL_KEY_ALLOW;
+extern
char *CIL_KEY_DONTAUDIT;
+extern
char *CIL_KEY_TYPETRANSITION;
+extern
char *CIL_KEY_TYPECHANGE;
+extern
char *CIL_KEY_CALL;
+extern
char *CIL_KEY_TUNABLE;
+extern
char *CIL_KEY_XOR;
+extern
char *CIL_KEY_ALL;
+extern
char *CIL_KEY_RANGE;
+extern
char *CIL_KEY_GLOB;
+extern
char *CIL_KEY_FILE;
+extern
char *CIL_KEY_DIR;
+extern
char *CIL_KEY_CHAR;
+extern
char *CIL_KEY_BLOCK;
+extern
char *CIL_KEY_SOCKET;
+extern
char *CIL_KEY_PIPE;
+extern
char *CIL_KEY_SYMLINK;
+extern
char *CIL_KEY_ANY;
+extern
char *CIL_KEY_XATTR;
+extern
char *CIL_KEY_TASK;
+extern
char *CIL_KEY_TRANS;
+extern
char *CIL_KEY_TYPE;
+extern
char *CIL_KEY_ROLE;
+extern
char *CIL_KEY_USER;
+extern
char *CIL_KEY_USERATTRIBUTE;
+extern
char *CIL_KEY_USERATTRIBUTESET;
+extern
char *CIL_KEY_SENSITIVITY;
+extern
char *CIL_KEY_CATEGORY;
+extern
char *CIL_KEY_CATSET;
+extern
char *CIL_KEY_LEVEL;
+extern
char *CIL_KEY_LEVELRANGE;
+extern
char *CIL_KEY_CLASS;
+extern
char *CIL_KEY_IPADDR;
+extern
char *CIL_KEY_MAP_CLASS;
+extern
char *CIL_KEY_CLASSPERMISSION;
+extern
char *CIL_KEY_BOOL;
+extern
char *CIL_KEY_STRING;
+extern
char *CIL_KEY_NAME;
+extern
char *CIL_KEY_SOURCE;
+extern
char *CIL_KEY_TARGET;
+extern
char *CIL_KEY_LOW;
+extern
char *CIL_KEY_HIGH;
+extern
char *CIL_KEY_LOW_HIGH;
+extern
char *CIL_KEY_HANDLEUNKNOWN;
+extern
char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
+extern
char *CIL_KEY_HANDLEUNKNOWN_DENY;
+extern
char *CIL_KEY_HANDLEUNKNOWN_REJECT;
+extern
char *CIL_KEY_MACRO;
+extern
char *CIL_KEY_IN;
+extern
char *CIL_KEY_MLS;
+extern
char *CIL_KEY_DEFAULTRANGE;
+extern
char *CIL_KEY_BLOCKINHERIT;
+extern
char *CIL_KEY_BLOCKABSTRACT;
+extern
char *CIL_KEY_CLASSORDER;
+extern
char *CIL_KEY_CLASSMAPPING;
+extern
char *CIL_KEY_CLASSPERMISSIONSET;
+extern
char *CIL_KEY_COMMON;
+extern
char *CIL_KEY_CLASSCOMMON;
+extern
char *CIL_KEY_SID;
+extern
char *CIL_KEY_SIDCONTEXT;
+extern
char *CIL_KEY_SIDORDER;
+extern
char *CIL_KEY_USERLEVEL;
+extern
char *CIL_KEY_USERRANGE;
+extern
char *CIL_KEY_USERBOUNDS;
+extern
char *CIL_KEY_USERPREFIX;
+extern
char *CIL_KEY_SELINUXUSER;
+extern
char *CIL_KEY_SELINUXUSERDEFAULT;
+extern
char *CIL_KEY_TYPEATTRIBUTE;
+extern
char *CIL_KEY_TYPEATTRIBUTESET;
+extern
char *CIL_KEY_EXPANDTYPEATTRIBUTE;
+extern
char *CIL_KEY_TYPEALIAS;
+extern
char *CIL_KEY_TYPEALIASACTUAL;
+extern
char *CIL_KEY_TYPEBOUNDS;
+extern
char *CIL_KEY_TYPEPERMISSIVE;
+extern
char *CIL_KEY_RANGETRANSITION;
+extern
char *CIL_KEY_USERROLE;
+extern
char *CIL_KEY_ROLETYPE;
+extern
char *CIL_KEY_ROLETRANSITION;
+extern
char *CIL_KEY_ROLEALLOW;
+extern
char *CIL_KEY_ROLEATTRIBUTE;
+extern
char *CIL_KEY_ROLEATTRIBUTESET;
+extern
char *CIL_KEY_ROLEBOUNDS;
+extern
char *CIL_KEY_BOOLEANIF;
+extern
char *CIL_KEY_NEVERALLOW;
+extern
char *CIL_KEY_TYPEMEMBER;
+extern
char *CIL_KEY_SENSALIAS;
+extern
char *CIL_KEY_SENSALIASACTUAL;
+extern
char *CIL_KEY_CATALIAS;
+extern
char *CIL_KEY_CATALIASACTUAL;
+extern
char *CIL_KEY_CATORDER;
+extern
char *CIL_KEY_SENSITIVITYORDER;
+extern
char *CIL_KEY_SENSCAT;
+extern
char *CIL_KEY_CONSTRAIN;
+extern
char *CIL_KEY_MLSCONSTRAIN;
+extern
char *CIL_KEY_VALIDATETRANS;
+extern
char *CIL_KEY_MLSVALIDATETRANS;
+extern
char *CIL_KEY_CONTEXT;
+extern
char *CIL_KEY_FILECON;
+extern
char *CIL_KEY_IBPKEYCON;
+extern
char *CIL_KEY_IBENDPORTCON;
+extern
char *CIL_KEY_PORTCON;
+extern
char *CIL_KEY_NODECON;
+extern
char *CIL_KEY_GENFSCON;
+extern
char *CIL_KEY_NETIFCON;
+extern
char *CIL_KEY_PIRQCON;
+extern
char *CIL_KEY_IOMEMCON;
+extern
char *CIL_KEY_IOPORTCON;
+extern
char *CIL_KEY_PCIDEVICECON;
+extern
char *CIL_KEY_DEVICETREECON;
+extern
char *CIL_KEY_FSUSE;
+extern
char *CIL_KEY_POLICYCAP;
+extern
char *CIL_KEY_OPTIONAL;
+extern
char *CIL_KEY_DEFAULTUSER;
+extern
char *CIL_KEY_DEFAULTROLE;
+extern
char *CIL_KEY_DEFAULTTYPE;
+extern
char *CIL_KEY_ROOT;
+extern
char *CIL_KEY_NODE;
+extern
char *CIL_KEY_PERM;
+extern
char *CIL_KEY_ALLOWX;
+extern
char *CIL_KEY_AUDITALLOWX;
+extern
char *CIL_KEY_DONTAUDITX;
+extern
char *CIL_KEY_NEVERALLOWX;
+extern
char *CIL_KEY_PERMISSIONX;
+extern
char *CIL_KEY_IOCTL;
+extern
char *CIL_KEY_UNORDERED;
+extern
char *CIL_KEY_SRC_INFO;
+extern
char *CIL_KEY_SRC_CIL;
+extern
char *CIL_KEY_SRC_HLL;
/*

510
recipes/libselinux/all/patches/0001-fix-fno-common-3.0.patch Normal file
View File

@@ -0,0 +1,510 @@
libsepol: fix CIL_KEY_* build errors with -fno-common
GCC 10 comes with -fno-common enabled by default - fix the CIL_KEY_*
global variables to be defined only once in cil.c and declared in the
header file correctly with the 'extern' keyword, so that other units
including the file don't generate duplicate definitions.
see https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c
--- a/cil/src/cil.c
+++ b/cil/src/cil.c
@@ -77,6 +77,168 @@ int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
{1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
};
+char *CIL_KEY_CONS_T1;
+char *CIL_KEY_CONS_T2;
+char *CIL_KEY_CONS_T3;
+char *CIL_KEY_CONS_R1;
+char *CIL_KEY_CONS_R2;
+char *CIL_KEY_CONS_R3;
+char *CIL_KEY_CONS_U1;
+char *CIL_KEY_CONS_U2;
+char *CIL_KEY_CONS_U3;
+char *CIL_KEY_CONS_L1;
+char *CIL_KEY_CONS_L2;
+char *CIL_KEY_CONS_H1;
+char *CIL_KEY_CONS_H2;
+char *CIL_KEY_AND;
+char *CIL_KEY_OR;
+char *CIL_KEY_NOT;
+char *CIL_KEY_EQ;
+char *CIL_KEY_NEQ;
+char *CIL_KEY_CONS_DOM;
+char *CIL_KEY_CONS_DOMBY;
+char *CIL_KEY_CONS_INCOMP;
+char *CIL_KEY_CONDTRUE;
+char *CIL_KEY_CONDFALSE;
+char *CIL_KEY_SELF;
+char *CIL_KEY_OBJECT_R;
+char *CIL_KEY_STAR;
+char *CIL_KEY_TCP;
+char *CIL_KEY_UDP;
+char *CIL_KEY_DCCP;
+char *CIL_KEY_SCTP;
+char *CIL_KEY_AUDITALLOW;
+char *CIL_KEY_TUNABLEIF;
+char *CIL_KEY_ALLOW;
+char *CIL_KEY_DONTAUDIT;
+char *CIL_KEY_TYPETRANSITION;
+char *CIL_KEY_TYPECHANGE;
+char *CIL_KEY_CALL;
+char *CIL_KEY_TUNABLE;
+char *CIL_KEY_XOR;
+char *CIL_KEY_ALL;
+char *CIL_KEY_RANGE;
+char *CIL_KEY_GLOB;
+char *CIL_KEY_FILE;
+char *CIL_KEY_DIR;
+char *CIL_KEY_CHAR;
+char *CIL_KEY_BLOCK;
+char *CIL_KEY_SOCKET;
+char *CIL_KEY_PIPE;
+char *CIL_KEY_SYMLINK;
+char *CIL_KEY_ANY;
+char *CIL_KEY_XATTR;
+char *CIL_KEY_TASK;
+char *CIL_KEY_TRANS;
+char *CIL_KEY_TYPE;
+char *CIL_KEY_ROLE;
+char *CIL_KEY_USER;
+char *CIL_KEY_USERATTRIBUTE;
+char *CIL_KEY_USERATTRIBUTESET;
+char *CIL_KEY_SENSITIVITY;
+char *CIL_KEY_CATEGORY;
+char *CIL_KEY_CATSET;
+char *CIL_KEY_LEVEL;
+char *CIL_KEY_LEVELRANGE;
+char *CIL_KEY_CLASS;
+char *CIL_KEY_IPADDR;
+char *CIL_KEY_MAP_CLASS;
+char *CIL_KEY_CLASSPERMISSION;
+char *CIL_KEY_BOOL;
+char *CIL_KEY_STRING;
+char *CIL_KEY_NAME;
+char *CIL_KEY_SOURCE;
+char *CIL_KEY_TARGET;
+char *CIL_KEY_LOW;
+char *CIL_KEY_HIGH;
+char *CIL_KEY_LOW_HIGH;
+char *CIL_KEY_GLBLUB;
+char *CIL_KEY_HANDLEUNKNOWN;
+char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
+char *CIL_KEY_HANDLEUNKNOWN_DENY;
+char *CIL_KEY_HANDLEUNKNOWN_REJECT;
+char *CIL_KEY_MACRO;
+char *CIL_KEY_IN;
+char *CIL_KEY_MLS;
+char *CIL_KEY_DEFAULTRANGE;
+char *CIL_KEY_BLOCKINHERIT;
+char *CIL_KEY_BLOCKABSTRACT;
+char *CIL_KEY_CLASSORDER;
+char *CIL_KEY_CLASSMAPPING;
+char *CIL_KEY_CLASSPERMISSIONSET;
+char *CIL_KEY_COMMON;
+char *CIL_KEY_CLASSCOMMON;
+char *CIL_KEY_SID;
+char *CIL_KEY_SIDCONTEXT;
+char *CIL_KEY_SIDORDER;
+char *CIL_KEY_USERLEVEL;
+char *CIL_KEY_USERRANGE;
+char *CIL_KEY_USERBOUNDS;
+char *CIL_KEY_USERPREFIX;
+char *CIL_KEY_SELINUXUSER;
+char *CIL_KEY_SELINUXUSERDEFAULT;
+char *CIL_KEY_TYPEATTRIBUTE;
+char *CIL_KEY_TYPEATTRIBUTESET;
+char *CIL_KEY_EXPANDTYPEATTRIBUTE;
+char *CIL_KEY_TYPEALIAS;
+char *CIL_KEY_TYPEALIASACTUAL;
+char *CIL_KEY_TYPEBOUNDS;
+char *CIL_KEY_TYPEPERMISSIVE;
+char *CIL_KEY_RANGETRANSITION;
+char *CIL_KEY_USERROLE;
+char *CIL_KEY_ROLETYPE;
+char *CIL_KEY_ROLETRANSITION;
+char *CIL_KEY_ROLEALLOW;
+char *CIL_KEY_ROLEATTRIBUTE;
+char *CIL_KEY_ROLEATTRIBUTESET;
+char *CIL_KEY_ROLEBOUNDS;
+char *CIL_KEY_BOOLEANIF;
+char *CIL_KEY_NEVERALLOW;
+char *CIL_KEY_TYPEMEMBER;
+char *CIL_KEY_SENSALIAS;
+char *CIL_KEY_SENSALIASACTUAL;
+char *CIL_KEY_CATALIAS;
+char *CIL_KEY_CATALIASACTUAL;
+char *CIL_KEY_CATORDER;
+char *CIL_KEY_SENSITIVITYORDER;
+char *CIL_KEY_SENSCAT;
+char *CIL_KEY_CONSTRAIN;
+char *CIL_KEY_MLSCONSTRAIN;
+char *CIL_KEY_VALIDATETRANS;
+char *CIL_KEY_MLSVALIDATETRANS;
+char *CIL_KEY_CONTEXT;
+char *CIL_KEY_FILECON;
+char *CIL_KEY_IBPKEYCON;
+char *CIL_KEY_IBENDPORTCON;
+char *CIL_KEY_PORTCON;
+char *CIL_KEY_NODECON;
+char *CIL_KEY_GENFSCON;
+char *CIL_KEY_NETIFCON;
+char *CIL_KEY_PIRQCON;
+char *CIL_KEY_IOMEMCON;
+char *CIL_KEY_IOPORTCON;
+char *CIL_KEY_PCIDEVICECON;
+char *CIL_KEY_DEVICETREECON;
+char *CIL_KEY_FSUSE;
+char *CIL_KEY_POLICYCAP;
+char *CIL_KEY_OPTIONAL;
+char *CIL_KEY_DEFAULTUSER;
+char *CIL_KEY_DEFAULTROLE;
+char *CIL_KEY_DEFAULTTYPE;
+char *CIL_KEY_ROOT;
+char *CIL_KEY_NODE;
+char *CIL_KEY_PERM;
+char *CIL_KEY_ALLOWX;
+char *CIL_KEY_AUDITALLOWX;
+char *CIL_KEY_DONTAUDITX;
+char *CIL_KEY_NEVERALLOWX;
+char *CIL_KEY_PERMISSIONX;
+char *CIL_KEY_IOCTL;
+char *CIL_KEY_UNORDERED;
+char *CIL_KEY_SRC_INFO;
+char *CIL_KEY_SRC_CIL;
+char *CIL_KEY_SRC_HLL;
+
static void cil_init_keys(void)
{
/* Initialize CIL Keys into strpool */
--- a/cil/src/cil_internal.h
+++ b/cil/src/cil_internal.h
@@ -74,166 +74,327 @@ enum cil_pass {
/*
Keywords
*/
+extern
char *CIL_KEY_CONS_T1;
+extern
char *CIL_KEY_CONS_T2;
+extern
char *CIL_KEY_CONS_T3;
+extern
char *CIL_KEY_CONS_R1;
+extern
char *CIL_KEY_CONS_R2;
+extern
char *CIL_KEY_CONS_R3;
+extern
char *CIL_KEY_CONS_U1;
+extern
char *CIL_KEY_CONS_U2;
+extern
char *CIL_KEY_CONS_U3;
+extern
char *CIL_KEY_CONS_L1;
+extern
char *CIL_KEY_CONS_L2;
+extern
char *CIL_KEY_CONS_H1;
+extern
char *CIL_KEY_CONS_H2;
+extern
char *CIL_KEY_AND;
+extern
char *CIL_KEY_OR;
+extern
char *CIL_KEY_NOT;
+extern
char *CIL_KEY_EQ;
+extern
char *CIL_KEY_NEQ;
+extern
char *CIL_KEY_CONS_DOM;
+extern
char *CIL_KEY_CONS_DOMBY;
+extern
char *CIL_KEY_CONS_INCOMP;
+extern
char *CIL_KEY_CONDTRUE;
+extern
char *CIL_KEY_CONDFALSE;
+extern
char *CIL_KEY_SELF;
+extern
char *CIL_KEY_OBJECT_R;
+extern
char *CIL_KEY_STAR;
+extern
char *CIL_KEY_TCP;
+extern
char *CIL_KEY_UDP;
+extern
char *CIL_KEY_DCCP;
+extern
char *CIL_KEY_SCTP;
+extern
char *CIL_KEY_AUDITALLOW;
+extern
char *CIL_KEY_TUNABLEIF;
+extern
char *CIL_KEY_ALLOW;
+extern
char *CIL_KEY_DONTAUDIT;
+extern
char *CIL_KEY_TYPETRANSITION;
+extern
char *CIL_KEY_TYPECHANGE;
+extern
char *CIL_KEY_CALL;
+extern
char *CIL_KEY_TUNABLE;
+extern
char *CIL_KEY_XOR;
+extern
char *CIL_KEY_ALL;
+extern
char *CIL_KEY_RANGE;
+extern
char *CIL_KEY_GLOB;
+extern
char *CIL_KEY_FILE;
+extern
char *CIL_KEY_DIR;
+extern
char *CIL_KEY_CHAR;
+extern
char *CIL_KEY_BLOCK;
+extern
char *CIL_KEY_SOCKET;
+extern
char *CIL_KEY_PIPE;
+extern
char *CIL_KEY_SYMLINK;
+extern
char *CIL_KEY_ANY;
+extern
char *CIL_KEY_XATTR;
+extern
char *CIL_KEY_TASK;
+extern
char *CIL_KEY_TRANS;
+extern
char *CIL_KEY_TYPE;
+extern
char *CIL_KEY_ROLE;
+extern
char *CIL_KEY_USER;
+extern
char *CIL_KEY_USERATTRIBUTE;
+extern
char *CIL_KEY_USERATTRIBUTESET;
+extern
char *CIL_KEY_SENSITIVITY;
+extern
char *CIL_KEY_CATEGORY;
+extern
char *CIL_KEY_CATSET;
+extern
char *CIL_KEY_LEVEL;
+extern
char *CIL_KEY_LEVELRANGE;
+extern
char *CIL_KEY_CLASS;
+extern
char *CIL_KEY_IPADDR;
+extern
char *CIL_KEY_MAP_CLASS;
+extern
char *CIL_KEY_CLASSPERMISSION;
+extern
char *CIL_KEY_BOOL;
+extern
char *CIL_KEY_STRING;
+extern
char *CIL_KEY_NAME;
+extern
char *CIL_KEY_SOURCE;
+extern
char *CIL_KEY_TARGET;
+extern
char *CIL_KEY_LOW;
+extern
char *CIL_KEY_HIGH;
+extern
char *CIL_KEY_LOW_HIGH;
+extern
char *CIL_KEY_GLBLUB;
+extern
char *CIL_KEY_HANDLEUNKNOWN;
+extern
char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
+extern
char *CIL_KEY_HANDLEUNKNOWN_DENY;
+extern
char *CIL_KEY_HANDLEUNKNOWN_REJECT;
+extern
char *CIL_KEY_MACRO;
+extern
char *CIL_KEY_IN;
+extern
char *CIL_KEY_MLS;
+extern
char *CIL_KEY_DEFAULTRANGE;
+extern
char *CIL_KEY_BLOCKINHERIT;
+extern
char *CIL_KEY_BLOCKABSTRACT;
+extern
char *CIL_KEY_CLASSORDER;
+extern
char *CIL_KEY_CLASSMAPPING;
+extern
char *CIL_KEY_CLASSPERMISSIONSET;
+extern
char *CIL_KEY_COMMON;
+extern
char *CIL_KEY_CLASSCOMMON;
+extern
char *CIL_KEY_SID;
+extern
char *CIL_KEY_SIDCONTEXT;
+extern
char *CIL_KEY_SIDORDER;
+extern
char *CIL_KEY_USERLEVEL;
+extern
char *CIL_KEY_USERRANGE;
+extern
char *CIL_KEY_USERBOUNDS;
+extern
char *CIL_KEY_USERPREFIX;
+extern
char *CIL_KEY_SELINUXUSER;
+extern
char *CIL_KEY_SELINUXUSERDEFAULT;
+extern
char *CIL_KEY_TYPEATTRIBUTE;
+extern
char *CIL_KEY_TYPEATTRIBUTESET;
+extern
char *CIL_KEY_EXPANDTYPEATTRIBUTE;
+extern
char *CIL_KEY_TYPEALIAS;
+extern
char *CIL_KEY_TYPEALIASACTUAL;
+extern
char *CIL_KEY_TYPEBOUNDS;
+extern
char *CIL_KEY_TYPEPERMISSIVE;
+extern
char *CIL_KEY_RANGETRANSITION;
+extern
char *CIL_KEY_USERROLE;
+extern
char *CIL_KEY_ROLETYPE;
+extern
char *CIL_KEY_ROLETRANSITION;
+extern
char *CIL_KEY_ROLEALLOW;
+extern
char *CIL_KEY_ROLEATTRIBUTE;
+extern
char *CIL_KEY_ROLEATTRIBUTESET;
+extern
char *CIL_KEY_ROLEBOUNDS;
+extern
char *CIL_KEY_BOOLEANIF;
+extern
char *CIL_KEY_NEVERALLOW;
+extern
char *CIL_KEY_TYPEMEMBER;
+extern
char *CIL_KEY_SENSALIAS;
+extern
char *CIL_KEY_SENSALIASACTUAL;
+extern
char *CIL_KEY_CATALIAS;
+extern
char *CIL_KEY_CATALIASACTUAL;
+extern
char *CIL_KEY_CATORDER;
+extern
char *CIL_KEY_SENSITIVITYORDER;
+extern
char *CIL_KEY_SENSCAT;
+extern
char *CIL_KEY_CONSTRAIN;
+extern
char *CIL_KEY_MLSCONSTRAIN;
+extern
char *CIL_KEY_VALIDATETRANS;
+extern
char *CIL_KEY_MLSVALIDATETRANS;
+extern
char *CIL_KEY_CONTEXT;
+extern
char *CIL_KEY_FILECON;
+extern
char *CIL_KEY_IBPKEYCON;
+extern
char *CIL_KEY_IBENDPORTCON;
+extern
char *CIL_KEY_PORTCON;
+extern
char *CIL_KEY_NODECON;
+extern
char *CIL_KEY_GENFSCON;
+extern
char *CIL_KEY_NETIFCON;
+extern
char *CIL_KEY_PIRQCON;
+extern
char *CIL_KEY_IOMEMCON;
+extern
char *CIL_KEY_IOPORTCON;
+extern
char *CIL_KEY_PCIDEVICECON;
+extern
char *CIL_KEY_DEVICETREECON;
+extern
char *CIL_KEY_FSUSE;
+extern
char *CIL_KEY_POLICYCAP;
+extern
char *CIL_KEY_OPTIONAL;
+extern
char *CIL_KEY_DEFAULTUSER;
+extern
char *CIL_KEY_DEFAULTROLE;
+extern
char *CIL_KEY_DEFAULTTYPE;
+extern
char *CIL_KEY_ROOT;
+extern
char *CIL_KEY_NODE;
+extern
char *CIL_KEY_PERM;
+extern
char *CIL_KEY_ALLOWX;
+extern
char *CIL_KEY_AUDITALLOWX;
+extern
char *CIL_KEY_DONTAUDITX;
+extern
char *CIL_KEY_NEVERALLOWX;
+extern
char *CIL_KEY_PERMISSIONX;
+extern
char *CIL_KEY_IOCTL;
+extern
char *CIL_KEY_UNORDERED;
+extern
char *CIL_KEY_SRC_INFO;
+extern
char *CIL_KEY_SRC_CIL;
+extern
char *CIL_KEY_SRC_HLL;
/*

45
recipes/libselinux/all/patches/0002-remove-cil_mem_error_handler.patch Normal file
View File

@@ -0,0 +1,45 @@
libsepol: remove leftovers of cil_mem_error_handler
Commit 4459d63 ("libsepol: Remove cil_mem_error_handler() function
pointer") replaced cil_mem_error_handler usage with inline contents of
the default handler. However, it left over the header declaration and
two callers. Convert these as well and remove the header declaration.
This also fixes a build failure with -fno-common.
see https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0
--- a/cil/src/cil_mem.h
+++ b/cil/src/cil_mem.h
@@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size);
void *cil_realloc(void *ptr, size_t size);
char *cil_strdup(const char *str);
int cil_asprintf(char **strp, const char *fmt, ...);
-void (*cil_mem_error_handler)(void);
#endif /* CIL_MEM_H_ */
--- a/cil/src/cil_strpool.c
+++ b/cil/src/cil_strpool.c
@@ -80,8 +80,8 @@ char *cil_strpool_add(const char *str)
int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref);
if (rc != SEPOL_OK) {
pthread_mutex_unlock(&cil_strpool_mutex);
- (*cil_mem_error_handler)();
- pthread_mutex_lock(&cil_strpool_mutex);
+ cil_log(CIL_ERR, "Failed to allocate memory\n");
+ exit(1);
}
}
@@ -104,8 +104,8 @@ void cil_strpool_init(void)
cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE);
if (cil_strpool_tab == NULL) {
pthread_mutex_unlock(&cil_strpool_mutex);
- (*cil_mem_error_handler)();
- return;
+ cil_log(CIL_ERR, "Failed to allocate memory\n");
+ exit(1);
}
}
cil_strpool_readers++;

11
recipes/libselinux/all/patches/0003-fix-link-pcre.patch Normal file
View File

@@ -0,0 +1,11 @@
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -43,7 +43,7 @@ endif
override CFLAGS += -I../include -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
override LDFLAGS += -L../src
-override LDLIBS += -lselinux $(FTS_LDLIBS)
+override LDLIBS += -lselinux $(FTS_LDLIBS) $(PCRE_LDLIBS)
PCRE_LDLIBS ?= -lpcre
ifeq ($(ANDROID_HOST),y)

10
recipes/libselinux/all/patches/0003-fix-missing-include-3.6.patch Normal file
View File

@@ -0,0 +1,10 @@
--- src/selinux_internal.c
+++ src/selinux_internal.c
@@ -1,6 +5,7 @@
#include "selinux_internal.h"
#include <errno.h>
#include <stdlib.h>
#include <string.h>
+#include <stdint.h>

48
recipes/libselinux/all/patches/0004-libsepol-src-Makefile-fix-reallocarray-detection.patch Normal file
View File

@@ -0,0 +1,48 @@
From a520f972bce9ec267f4e76b729bc3b7c1bdf13e6 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Mon, 8 Jan 2024 22:03:14 +0100
Subject: [PATCH 1/3] libsepol/src/Makefile: fix reallocarray detection
Pass LDFLAGS when checking for reallocarray to avoid the following
static build failure with musl raised since version 3.4 and
https://github.com/SELinuxProject/selinux/commit/f0a5f6e33084bd83d409bb7c932256139f471e71
because -static is not passed when checking for reallocarray:
/home/autobuild/autobuild/instance-9/output-1/host/bin/armeb-buildroot-linux-musleabi-gcc -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64 -O0 -g0 -static -I. -I../include -D_GNU_SOURCE -I../cil/include -fPIC -c -o assertion.o assertion.c
In file included from assertion.c:28:
private.h:88:21: error: static declaration of 'reallocarray' follows non-static declaration
88 | static inline void* reallocarray(void *ptr, size_t nmemb, size_t size) {
| ^~~~~~~~~~~~
In file included from ../include/sepol/policydb/mls_types.h:35,
from ../include/sepol/policydb/context.h:23,
from ../include/sepol/policydb/policydb.h:62,
from assertion.c:24:
/home/autobuild/autobuild/instance-9/output-1/host/armeb-buildroot-linux-musleabi/sysroot/usr/include/stdlib.h:150:7: note: previous declaration of 'reallocarray' with type 'void *(void *, size_t, size_t)' {aka 'void *(void *, unsigned int, unsigned int)'}
150 | void *reallocarray (void *, size_t, size_t);
| ^~~~~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/0170032548a38e2c991d62dc5823808458ad03b3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
src/Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Makefile b/src/Makefile
index d80a941f..16b9bd5e 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -31,7 +31,7 @@ endif
# check for reallocarray(3) availability
H := \#
-ifeq (yes,$(shell printf '${H}define _GNU_SOURCE\n${H}include <stdlib.h>\nint main(void){void*p=reallocarray(NULL, 1, sizeof(char));return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
+ifeq (yes,$(shell printf '${H}define _GNU_SOURCE\n${H}include <stdlib.h>\nint main(void){void*p=reallocarray(NULL, 1, sizeof(char));return 0;}' | $(CC) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
override CFLAGS += -DHAVE_REALLOCARRAY
endif
--
2.44.0

61
recipes/libselinux/all/patches/0005-libselinux-libsepol-Add-CFLAGS-and-LDFLAGS.patch Normal file
View File

@@ -0,0 +1,61 @@
[PATCH] libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks
@ 2024-03-13 22:48 James Carter
0 siblings, 0 replies; only message in thread
From: James Carter @ 2024-03-13 22:48 UTC (permalink / raw)
To: selinux; +Cc: jordan, winfried_mb2, James Carter
In libselinux there is an availability check for strlcpy() and
in both libselinux and libsepol there are availability checks for
reallocarray() in the src Makfiles. CFLAGS and LDFLAGS are needed
for cross-compiling, but, unfortunately, the default CFLAGS cause
all of these availability checks to fail to compile because of
compilationerrors (rather than just the function not being available).
Add CFLAGS and LDFLAGS to the availibility checks, update the checks
so that a compilation error will only happen if the function being
checked for is not available, and make checks for the same function
the same in both libselinux and libsepol.
Suggested-by: Jordan Williams <jordan@jwillikers.com>
Suggested-by: Winfried Dobbe <winfried_mb2@xmsnet.nl>
Signed-off-by: James Carter <jwcart2@gmail.com>
---
libselinux/src/Makefile | 4 ++--
libsepol/src/Makefile | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/libselinux-3.6/src/Makefile b/libselinux-3.6/src/Makefile
index d3b981fc..41cfbdca 100644
--- a/libselinux-3.6/src/Makefile
+++ b/libselinux-3.6/src/Makefile
@@ -104,13 +104,13 @@ override CFLAGS += -I../include -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
# check for strlcpy(3) availability
H := \#
-ifeq (yes,$(shell printf '${H}include <string.h>\nint main(void){char*d,*s;strlcpy(d, s, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
+ifeq (yes,$(shell printf '${H}include <string.h>\nint main(void){char d[2];const char *s="a";return (size_t)strlcpy(d,s,sizeof(d))>=sizeof(d);}' | $(CC) $(CFLAGS) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
override CFLAGS += -DHAVE_STRLCPY
endif
# check for reallocarray(3) availability
H := \#
-ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){reallocarray(NULL, 0, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
+ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){return reallocarray(NULL,0,0)==NULL;}' | $(CC) $(CFLAGS) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
override CFLAGS += -DHAVE_REALLOCARRAY
endif
diff --git a/libsepol-3.6/src/Makefile b/libsepol-3.6/src/Makefile
index 16b9bd5e..7b0e8446 100644
--- a/libsepol-3.6/src/Makefile
+++ b/libsepol-3.6/src/Makefile
@@ -31,7 +31,7 @@ endif
# check for reallocarray(3) availability
H := \#
-ifeq (yes,$(shell printf '${H}define _GNU_SOURCE\n${H}include <stdlib.h>\nint main(void){void*p=reallocarray(NULL, 1, sizeof(char));return 0;}' | $(CC) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
+ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){return reallocarray(NULL,0,0)==NULL;}' | $(CC) $(CFLAGS) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
override CFLAGS += -DHAVE_REALLOCARRAY
endif
--
2.44.0

7
recipes/libselinux/all/test_package/CMakeLists.txt Normal file
View File

@@ -0,0 +1,7 @@
cmake_minimum_required(VERSION 3.15)
project(test_package LANGUAGES C)
find_package(libselinux REQUIRED CONFIG)
add_executable(${PROJECT_NAME} test_package.c)
target_link_libraries(${PROJECT_NAME} PRIVATE libselinux::libselinux)

9
recipes/libselinux/all/test_package/CMakeUserPresets.json Normal file
View File

@@ -0,0 +1,9 @@
{
"version": 4,
"vendor": {
"conan": {}
},
"include": [
"build/gcc-12-x86_64-gnu17-release/generators/CMakePresets.json"
]
}

26
recipes/libselinux/all/test_package/conanfile.py Normal file
View File

@@ -0,0 +1,26 @@
from conan import ConanFile
from conan.tools.build import can_run
from conan.tools.cmake import cmake_layout, CMake
import os
class TestPackageConan(ConanFile):
settings = "os", "arch", "compiler", "build_type"
generators = "CMakeDeps", "CMakeToolchain", "VirtualRunEnv"
test_type = "explicit"
def requirements(self):
self.requires(self.tested_reference_str)
def layout(self):
cmake_layout(self)
def build(self):
cmake = CMake(self)
cmake.configure()
cmake.build()
def test(self):
if can_run(self):
bin_path = os.path.join(self.cpp.build.bindirs[0], "test_package")
self.run(bin_path, env="conanrun")

11
recipes/libselinux/all/test_package/test_package.c Normal file
View File

@@ -0,0 +1,11 @@
#include <stdio.h>
#include <selinux/selinux.h>
int main()
{
if (is_selinux_enabled())
printf("SELinux is enabled\n");
else
printf("SELinux is not enabled\n");
return 0;
}

15
recipes/libselinux/config.yml Normal file
View File

@@ -0,0 +1,15 @@
versions:
"3.6":
folder: all
"3.5":
folder: all
"3.3":
folder: all
"3.2":
folder: all
"3.1":
folder: all
"3.0":
folder: all
"2.9":
folder: all