libselinux: Fix selinux_init_load_policy() for sysvinit.

With sysvinit, selinux_init_load_policy() will fail since sysfs is
still not mounted.

2 files changed, 29 insertions, 0 deletions

diff --git a/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch b/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
new file mode 100644
index 0000000..d959f2c
--- /dev/null
+++ b/recipes-security/selinux/libselinux/libselinux-fix-init-load-policy.patch
@@ -0,0 +1,27 @@
+From ac70ca3b336b52b01cdc38157d25bf7e85098ee1 Mon Sep 17 00:00:00 2001
+From: Xin Ouyang <Xin.Ouyang@windriver.com>
+Date: Thu, 12 Apr 2012 16:10:10 +0800
+Subject: [PATCH] libselinux: fix init load policy
+
+selinux_init_load_policy() would fail if we use the new mount point
+for selinuxfs(/sys/fs/selinux) while sysfs(/sys) is still not
+mounted.
+---
+ src/load_policy.c |    1 +
+ 1 files changed, 1 insertions(+), 0 deletions(-)
+
+diff --git a/src/load_policy.c b/src/load_policy.c
+index f569664..60e7efd 100644
+--- a/src/load_policy.c
++++ b/src/load_policy.c
+@@ -370,6 +370,7 @@ int selinux_init_load_policy(int *enforce)
+         * mount it if present for use in the calls below.  
+         */
+        char *mntpoint = NULL;
++       rc = mount("sysfs", "/sys", "sysfs", 0, 0);
+        if (mount(SELINUXFS, SELINUXMNT, SELINUXFS, 0, 0) == 0 || errno == EBUSY) {
+                mntpoint = SELINUXMNT;
+        } else {
+-- 
+1.7.5.4
+
diff --git a/recipes-security/selinux/libselinux_2.1.9.bb b/recipes-security/selinux/libselinux_2.1.9.bb
index 4d7d4de..d25c318 100644
--- a/recipes-security/selinux/libselinux_2.1.9.bb
+++ b/recipes-security/selinux/libselinux_2.1.9.bb
@@ -13,6 +13,8 @@ inherit lib_package
 SRC_URI[md5sum] = "8ea0548dd65e9479b357ba1447f89221"
 SRC_URI[sha256sum] = "749d4b39c80aa9df8247b8b3187ab72442c0dbad6e70bf312e25052bd4e7063f"
 
+SRC_URI += "file://libselinux-fix-init-load-policy.patch"
+
 DEPENDS += "libsepol python python-native swig-native"
 
 PACKAGES += "${PN}-python"