net-tools: drop patch

The netstat-selinux-support.patch has been merged upstream. So drop it. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
author: Yi Zhao <yi.zhao@windriver.com> 2020-07-28 16:27:58 +0800
committer: Joe MacDonald <joe@deserted.net> 2020-09-23 14:34:46 -0400
commit: 547d9be873e6b7c811d4b317e3beb19f58efd900 (patch)
tree: 2d86f0a7694f8aee8839b1b0d2fad5fede6f9c12
parent: affabe52d90f5264c9b2d4062bfa0278bdb55901 (diff)
download: meta-selinux-547d9be873e6b7c811d4b317e3beb19f58efd900.tar.gz
2 files changed, 0 insertions, 248 deletions
diff --git a/recipes-extended/net-tools/files/netstat-selinux-support.patch b/recipes-extended/net-tools/files/netstat-selinux-support.patch
deleted file mode 100644
index f089041..0000000
--- a/recipes-extended/net-tools/files/netstat-selinux-support.patch
+++ /dev/null
@@ -1,244 +0,0 @@
-From: Xin Ouyang <Xin.Ouyang@windriver.com>
-Date: Wed, 13 Jun 2012 13:32:01 +0800
-Subject: [PATCH] net-tools: netstat add SELinux support.
-Upstream-Status: Inappropriate [configuration]
-Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
-Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
---
- Makefile  |  9 ++++++++-
- netstat.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
- 2 files changed, 74 insertions(+), 4 deletions(-)
-diff --git a/Makefile b/Makefile
-index 8fcc55c..0b5c395 100644
--- a/Makefile
-+++ b/Makefile
-@@ -116,6 +116,13 @@ NET_LIB = $(NET_LIB_PATH)/lib$(NET_LIB_NAME).a
- CFLAGS = $(COPTS) -I. -idirafter ./include/ -I$(NET_LIB_PATH)
- LDFLAGS        = $(LOPTS) -L$(NET_LIB_PATH)
- 
-+ifeq ($(HAVE_SELINUX),1)
-+SELINUX_LDFLAGS        = -lselinux
-+CFLAGS         += -DHAVE_SELINUX
-+else
-+SELINUX_LDFLAGS        =
-+endif
-+
- SUBDIRS        = man/ $(NET_LIB_PATH)/
- 
- ifeq ($(origin CC), undefined)
-@@ -209,7 +216,7 @@ plipconfig: $(NET_LIB) plipconfig.o
-                $(CC) $(LDFLAGS) -o plipconfig plipconfig.o $(NLIB)
- 
- netstat:       $(NET_LIB) netstat.o statistics.o
-               $(CC) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
-+               $(CC) $(SELINUX_LDFLAGS) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
- 
- iptunnel:      $(NET_LIB) iptunnel.o
-                $(CC) $(LDFLAGS) -o iptunnel iptunnel.o $(NLIB) $(RESLIB)
-diff --git a/netstat.c b/netstat.c
-index fc10414..a773e81 100644
--- a/netstat.c
-+++ b/netstat.c
-@@ -90,6 +90,12 @@
- #include <sys/types.h>
- #include <asm-generic/param.h>
- 
-+#if HAVE_SELINUX
-+#include <selinux/selinux.h>
-+#else
-+#define security_context_t char*
-+#endif
-+
- #include "net-support.h"
- #include "pathnames.h"
- #include "version.h"
-@@ -101,6 +107,7 @@
- #include "proc.h"
- 
- #define PROGNAME_WIDTH 20
-+#define SELINUX_WIDTH 50
- 
- #if !defined(s6_addr32) && defined(in6a_words)
- #define s6_addr32 in6a_words   /* libinet6                     */
-@@ -180,6 +187,7 @@ int flag_wide= 0;
- int flag_prg = 0;
- int flag_arg = 0;
- int flag_ver = 0;
-+int flag_selinux = 0;
- 
- FILE *procinfo;
- 
-@@ -243,12 +251,17 @@ FILE *procinfo;
- #define PROGNAME_WIDTH1(s) PROGNAME_WIDTH2(s)
- #define PROGNAME_WIDTH2(s) #s
- 
-+#define SELINUX_WIDTHs SELINUX_WIDTH1(SELINUX_WIDTH)
-+#define SELINUX_WIDTH1(s) SELINUX_WIDTH2(s)
-+#define SELINUX_WIDTH2(s) #s
-+
- #define PRG_HASH_SIZE 211
- 
- static struct prg_node {
-     struct prg_node *next;
-     unsigned long inode;
-     char name[PROGNAME_WIDTH];
-+    char scon[SELINUX_WIDTH];
- } *prg_hash[PRG_HASH_SIZE];
- 
- static char prg_cache_loaded = 0;
-@@ -256,9 +269,12 @@ static char prg_cache_loaded = 0;
- #define PRG_HASHIT(x) ((x) % PRG_HASH_SIZE)
- 
- #define PROGNAME_BANNER "PID/Program name"
-+#define SELINUX_BANNER "Security Context"
- 
- #define print_progname_banner() do { if (flag_prg) printf("%-" PROGNAME_WIDTHs "s"," " PROGNAME_BANNER); } while (0)
- 
-+#define print_selinux_banner() do { if (flag_selinux) printf("%-" SELINUX_WIDTHs "s"," " SELINUX_BANNER); } while (0)
-+
- #define PRG_LOCAL_ADDRESS "local_address"
- #define PRG_INODE       "inode"
- #define PRG_SOCKET_PFX    "socket:["
-@@ -280,7 +296,7 @@ static char prg_cache_loaded = 0;
- /* NOT working as of glibc-2.0.7: */
- #undef  DIRENT_HAVE_D_TYPE_WORKS
- 
-static void prg_cache_add(unsigned long inode, char *name)
-+static void prg_cache_add(unsigned long inode, char *name, char *scon)
- {
-     unsigned hi = PRG_HASHIT(inode);
-     struct prg_node **pnp,*pn;
-@@ -301,6 +317,14 @@ static void prg_cache_add(unsigned long inode, char *name)
-     if (strlen(name)>sizeof(pn->name)-1) 
-        name[sizeof(pn->name)-1]='\0';
-     strcpy(pn->name,name);
-+
-+    {
-+       int len=(strlen(scon)-sizeof(pn->scon))+1;
-+       if (len > 0)
-+           strcpy(pn->scon,&scon[len+1]);
-+       else
-+           strcpy(pn->scon,scon);
-+    }
- }
- 
- static const char *prg_cache_get(unsigned long inode)
-@@ -313,6 +337,16 @@ static const char *prg_cache_get(unsigned long inode)
-     return("-");
- }
- 
-+static const char *prg_cache_get_con(unsigned long inode)
-+{
-+    unsigned hi=PRG_HASHIT(inode);
-+    struct prg_node *pn;
-+
-+    for (pn=prg_hash[hi];pn;pn=pn->next)
-+        if (pn->inode==inode) return(pn->scon);
-+    return("-");
-+}
-+
- static void prg_cache_clear(void)
- {
-     struct prg_node **pnp,*pn;
-@@ -384,6 +418,7 @@ static void prg_cache_load(void)
-     const char *cs,*cmdlp;
-     DIR *dirproc=NULL,*dirfd=NULL;
-     struct dirent *direproc,*direfd;
-+    security_context_t scon=NULL;
- 
-     if (prg_cache_loaded || !flag_prg) return;
-     prg_cache_loaded=1;
-@@ -453,7 +488,15 @@ static void prg_cache_load(void)
-            }
- 
-            snprintf(finbuf, sizeof(finbuf), "%s/%s", direproc->d_name, cmdlp);
-           prg_cache_add(inode, finbuf);
-+#if HAVE_SELINUX
-+           if (getpidcon(atoi(direproc->d_name), &scon) == -1) {
-+               scon=strdup("-");
-+           }
-+           prg_cache_add(inode, finbuf, scon);
-+           freecon(scon);
-+#else
-+           prg_cache_add(inode, finbuf, "-");
-+#endif
-        }
-        closedir(dirfd); 
-        dirfd = NULL;
-@@ -573,6 +616,8 @@ static void finish_this_one(int uid, unsigned long inode, const char *timers)
-     }
-     if (flag_prg)
-        printf(" %-16s",prg_cache_get(inode));
-+    if (flag_selinux)
-+       printf("%-" SELINUX_WIDTHs "s",prg_cache_get_con(inode));
-     if (flag_opt)
-        printf(" %s", timers);
-     putchar('\n');
-@@ -1566,6 +1611,8 @@ static void unix_do_one(int nr, const char *line)
-        printf("-        ");
-     if (flag_prg)
-        printf("%-" PROGNAME_WIDTHs "s",(has & HAS_INODE?prg_cache_get(inode):"-"));
-+    if (flag_selinux)
-+       printf("%-" SELINUX_WIDTHs "s",(has & HAS_INODE?prg_cache_get_con(inode):"-"));
-     puts(path);
- }
- 
-@@ -1584,6 +1631,7 @@ static int unix_info(void)
- 
-     printf(_("\nProto RefCnt Flags       Type       State         I-Node  "));
-     print_progname_banner();
-+    print_selinux_banner();
-     printf(_(" Path\n"));      /* xxx */
- 
-     {
-@@ -1874,6 +1922,7 @@ static void usage(void)
-     fprintf(stderr, _("        -o, --timers             display timers\n"));
-     fprintf(stderr, _("        -F, --fib                display Forwarding Information Base (default)\n"));
-     fprintf(stderr, _("        -C, --cache              display routing cache instead of FIB\n\n"));
-+    fprintf(stderr, _("        -Z, --context            display SELinux security context for sockets\n\n"));
- 
-     fprintf(stderr, _("  <Socket>={-t|--tcp} {-u|--udp} {-S|--sctp} {-w|--raw} {-x|--unix} --ax25 --ipx --netrom\n"));
-     fprintf(stderr, _("  <AF>=Use '-6|-4' or '-A <af>' or '--<af>'; default: %s\n"), DFLT_AF);
-@@ -1920,6 +1969,7 @@ int main
-        {"cache", 0, 0, 'C'},
-        {"fib", 0, 0, 'F'},
-        {"groups", 0, 0, 'g'},
-+       {"context", 0, 0, 'Z'},
-        {NULL, 0, 0, 0}
-     };
- 
-@@ -1931,7 +1981,7 @@ int main
-     getroute_init();           /* Set up AF routing support */
- 
-     afname[0] = '\0';
-    while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuSWVv?wxl64", longopts, &lop)) != EOF)
-+    while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuSWVv?wxlZ64", longopts, &lop)) != EOF)
-        switch (i) {
-        case -1:
-            break;
-@@ -2036,6 +2086,19 @@ int main
-            if (aftrans_opt("unix"))
-                exit(1);
-            break;
-+       case 'Z':
-+#if HAVE_SELINUX
-+           if (is_selinux_enabled() <= 0) {
-+               fprintf(stderr, _("SELinux is not enabled on this machine.\n"));
-+               exit(1);
-+           }
-+           flag_prg++;
-+           flag_selinux++;
-+#else
-+           fprintf(stderr, _("SELinux is not enabled for this application.\n"));
-+           exit(1);
-+#endif
-+           break;
-        case '?':
-        case 'h':
-            usage();
-- 
-1.9.1
diff --git a/recipes-extended/net-tools/net-tools_selinux.inc b/recipes-extended/net-tools/net-tools_selinux.inc
index cc3196f..1bcf7be 100644
--- a/recipes-extended/net-tools/net-tools_selinux.inc
+++ b/recipes-extended/net-tools/net-tools_selinux.inc
@@ -1,7 +1,3 @@
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-SRC_URI += "file://netstat-selinux-support.patch"
 inherit selinux
 DEPENDS += "${LIBSELINUX}"
author	Yi Zhao <yi.zhao@windriver.com>	2020-07-28 16:27:58 +0800
committer	Joe MacDonald <joe@deserted.net>	2020-09-23 14:34:46 -0400
commit	547d9be873e6b7c811d4b317e3beb19f58efd900 (patch)
tree	2d86f0a7694f8aee8839b1b0d2fad5fede6f9c12
parent	affabe52d90f5264c9b2d4062bfa0278bdb55901 (diff)
download	meta-selinux-547d9be873e6b7c811d4b317e3beb19f58efd900.tar.gz

diff --git a/recipes-extended/net-tools/files/netstat-selinux-support.patch b/recipes-extended/net-tools/files/netstat-selinux-support.patch deleted file mode 100644 index f089041..0000000 --- a/recipes-extended/net-tools/files/netstat-selinux-support.patch +++ /dev/null
@@ -1,244 +0,0 @@
1	From: Xin Ouyang <Xin.Ouyang@windriver.com>
2	Date: Wed, 13 Jun 2012 13:32:01 +0800
3	Subject: [PATCH] net-tools: netstat add SELinux support.
4
5	Upstream-Status: Inappropriate [configuration]
6
7	Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com>
8	Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
9	---
10	Makefile \| 9 ++++++++-
11	netstat.c \| 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---
12	2 files changed, 74 insertions(+), 4 deletions(-)
13
14	diff --git a/Makefile b/Makefile
15	index 8fcc55c..0b5c395 100644
16	--- a/Makefile
17	+++ b/Makefile
18	@@ -116,6 +116,13 @@ NET_LIB = $(NET_LIB_PATH)/lib$(NET_LIB_NAME).a
19	CFLAGS = $(COPTS) -I. -idirafter ./include/ -I$(NET_LIB_PATH)
20	LDFLAGS = $(LOPTS) -L$(NET_LIB_PATH)
21
22	+ifeq ($(HAVE_SELINUX),1)
23	+SELINUX_LDFLAGS = -lselinux
24	+CFLAGS += -DHAVE_SELINUX
25	+else
26	+SELINUX_LDFLAGS =
27	+endif
28	+
29	SUBDIRS = man/ $(NET_LIB_PATH)/
30
31	ifeq ($(origin CC), undefined)
32	@@ -209,7 +216,7 @@ plipconfig: $(NET_LIB) plipconfig.o
33	$(CC) $(LDFLAGS) -o plipconfig plipconfig.o $(NLIB)
34
35	netstat: $(NET_LIB) netstat.o statistics.o
36	- $(CC) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
37	+ $(CC) $(SELINUX_LDFLAGS) $(LDFLAGS) -o netstat netstat.o statistics.o $(NLIB) $(RESLIB)
38
39	iptunnel: $(NET_LIB) iptunnel.o
40	$(CC) $(LDFLAGS) -o iptunnel iptunnel.o $(NLIB) $(RESLIB)
41	diff --git a/netstat.c b/netstat.c
42	index fc10414..a773e81 100644
43	--- a/netstat.c
44	+++ b/netstat.c
45	@@ -90,6 +90,12 @@
46	#include <sys/types.h>
47	#include <asm-generic/param.h>
48
49	+#if HAVE_SELINUX
50	+#include <selinux/selinux.h>
51	+#else
52	+#define security_context_t char*
53	+#endif
54	+
55	#include "net-support.h"
56	#include "pathnames.h"
57	#include "version.h"
58	@@ -101,6 +107,7 @@
59	#include "proc.h"
60
61	#define PROGNAME_WIDTH 20
62	+#define SELINUX_WIDTH 50
63
64	#if !defined(s6_addr32) && defined(in6a_words)
65	#define s6_addr32 in6a_words /* libinet6 */
66	@@ -180,6 +187,7 @@ int flag_wide= 0;
67	int flag_prg = 0;
68	int flag_arg = 0;
69	int flag_ver = 0;
70	+int flag_selinux = 0;
71
72	FILE *procinfo;
73
74	@@ -243,12 +251,17 @@ FILE *procinfo;
75	#define PROGNAME_WIDTH1(s) PROGNAME_WIDTH2(s)
76	#define PROGNAME_WIDTH2(s) #s
77
78	+#define SELINUX_WIDTHs SELINUX_WIDTH1(SELINUX_WIDTH)
79	+#define SELINUX_WIDTH1(s) SELINUX_WIDTH2(s)
80	+#define SELINUX_WIDTH2(s) #s
81	+
82	#define PRG_HASH_SIZE 211
83
84	static struct prg_node {
85	struct prg_node *next;
86	unsigned long inode;
87	char name[PROGNAME_WIDTH];
88	+ char scon[SELINUX_WIDTH];
89	} *prg_hash[PRG_HASH_SIZE];
90
91	static char prg_cache_loaded = 0;
92	@@ -256,9 +269,12 @@ static char prg_cache_loaded = 0;
93	#define PRG_HASHIT(x) ((x) % PRG_HASH_SIZE)
94
95	#define PROGNAME_BANNER "PID/Program name"
96	+#define SELINUX_BANNER "Security Context"
97
98	#define print_progname_banner() do { if (flag_prg) printf("%-" PROGNAME_WIDTHs "s"," " PROGNAME_BANNER); } while (0)
99
100	+#define print_selinux_banner() do { if (flag_selinux) printf("%-" SELINUX_WIDTHs "s"," " SELINUX_BANNER); } while (0)
101	+
102	#define PRG_LOCAL_ADDRESS "local_address"
103	#define PRG_INODE "inode"
104	#define PRG_SOCKET_PFX "socket:["
105	@@ -280,7 +296,7 @@ static char prg_cache_loaded = 0;
106	/* NOT working as of glibc-2.0.7: */
107	#undef DIRENT_HAVE_D_TYPE_WORKS
108
109	-static void prg_cache_add(unsigned long inode, char *name)
110	+static void prg_cache_add(unsigned long inode, char name, char scon)
111	{
112	unsigned hi = PRG_HASHIT(inode);
113	struct prg_node *pnp,pn;
114	@@ -301,6 +317,14 @@ static void prg_cache_add(unsigned long inode, char *name)
115	if (strlen(name)>sizeof(pn->name)-1)
116	name[sizeof(pn->name)-1]='\0';
117	strcpy(pn->name,name);
118	+
119	+ {
120	+ int len=(strlen(scon)-sizeof(pn->scon))+1;
121	+ if (len > 0)
122	+ strcpy(pn->scon,&scon[len+1]);
123	+ else
124	+ strcpy(pn->scon,scon);
125	+ }
126	}
127
128	static const char *prg_cache_get(unsigned long inode)
129	@@ -313,6 +337,16 @@ static const char *prg_cache_get(unsigned long inode)
130	return("-");
131	}
132
133	+static const char *prg_cache_get_con(unsigned long inode)
134	+{
135	+ unsigned hi=PRG_HASHIT(inode);
136	+ struct prg_node *pn;
137	+
138	+ for (pn=prg_hash[hi];pn;pn=pn->next)
139	+ if (pn->inode==inode) return(pn->scon);
140	+ return("-");
141	+}
142	+
143	static void prg_cache_clear(void)
144	{
145	struct prg_node *pnp,pn;
146	@@ -384,6 +418,7 @@ static void prg_cache_load(void)
147	const char cs,cmdlp;
148	DIR dirproc=NULL,dirfd=NULL;
149	struct dirent direproc,direfd;
150	+ security_context_t scon=NULL;
151
152	if (prg_cache_loaded \|\| !flag_prg) return;
153	prg_cache_loaded=1;
154	@@ -453,7 +488,15 @@ static void prg_cache_load(void)
155	}
156
157	snprintf(finbuf, sizeof(finbuf), "%s/%s", direproc->d_name, cmdlp);
158	- prg_cache_add(inode, finbuf);
159	+#if HAVE_SELINUX
160	+ if (getpidcon(atoi(direproc->d_name), &scon) == -1) {
161	+ scon=strdup("-");
162	+ }
163	+ prg_cache_add(inode, finbuf, scon);
164	+ freecon(scon);
165	+#else
166	+ prg_cache_add(inode, finbuf, "-");
167	+#endif
168	}
169	closedir(dirfd);
170	dirfd = NULL;
171	@@ -573,6 +616,8 @@ static void finish_this_one(int uid, unsigned long inode, const char *timers)
172	}
173	if (flag_prg)
174	printf(" %-16s",prg_cache_get(inode));
175	+ if (flag_selinux)
176	+ printf("%-" SELINUX_WIDTHs "s",prg_cache_get_con(inode));
177	if (flag_opt)
178	printf(" %s", timers);
179	putchar('\n');
180	@@ -1566,6 +1611,8 @@ static void unix_do_one(int nr, const char *line)
181	printf("- ");
182	if (flag_prg)
183	printf("%-" PROGNAME_WIDTHs "s",(has & HAS_INODE?prg_cache_get(inode):"-"));
184	+ if (flag_selinux)
185	+ printf("%-" SELINUX_WIDTHs "s",(has & HAS_INODE?prg_cache_get_con(inode):"-"));
186	puts(path);
187	}
188
189	@@ -1584,6 +1631,7 @@ static int unix_info(void)
190
191	printf(_("\nProto RefCnt Flags Type State I-Node "));
192	print_progname_banner();
193	+ print_selinux_banner();
194	printf(_(" Path\n")); /* xxx */
195
196	{
197	@@ -1874,6 +1922,7 @@ static void usage(void)
198	fprintf(stderr, _(" -o, --timers display timers\n"));
199	fprintf(stderr, _(" -F, --fib display Forwarding Information Base (default)\n"));
200	fprintf(stderr, _(" -C, --cache display routing cache instead of FIB\n\n"));
201	+ fprintf(stderr, _(" -Z, --context display SELinux security context for sockets\n\n"));
202
203	fprintf(stderr, _(" <Socket>={-t\|--tcp} {-u\|--udp} {-S\|--sctp} {-w\|--raw} {-x\|--unix} --ax25 --ipx --netrom\n"));
204	fprintf(stderr, _(" <AF>=Use '-6\|-4' or '-A <af>' or '--<af>'; default: %s\n"), DFLT_AF);
205	@@ -1920,6 +1969,7 @@ int main
206	{"cache", 0, 0, 'C'},
207	{"fib", 0, 0, 'F'},
208	{"groups", 0, 0, 'g'},
209	+ {"context", 0, 0, 'Z'},
210	{NULL, 0, 0, 0}
211	};
212
213	@@ -1931,7 +1981,7 @@ int main
214	getroute_init(); /* Set up AF routing support */
215
216	afname[0] = '\0';
217	- while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuSWVv?wxl64", longopts, &lop)) != EOF)
218	+ while ((i = getopt_long(argc, argv, "MCFA:acdegphinNorstuSWVv?wxlZ64", longopts, &lop)) != EOF)
219	switch (i) {
220	case -1:
221	break;
222	@@ -2036,6 +2086,19 @@ int main
223	if (aftrans_opt("unix"))
224	exit(1);
225	break;
226	+ case 'Z':
227	+#if HAVE_SELINUX
228	+ if (is_selinux_enabled() <= 0) {
229	+ fprintf(stderr, _("SELinux is not enabled on this machine.\n"));
230	+ exit(1);
231	+ }
232	+ flag_prg++;
233	+ flag_selinux++;
234	+#else
235	+ fprintf(stderr, _("SELinux is not enabled for this application.\n"));
236	+ exit(1);
237	+#endif
238	+ break;
239	case '?':
240	case 'h':
241	usage();
242	--
243	1.9.1
244


diff --git a/recipes-extended/net-tools/net-tools_selinux.inc b/recipes-extended/net-tools/net-tools_selinux.inc index cc3196f..1bcf7be 100644 --- a/recipes-extended/net-tools/net-tools_selinux.inc +++ b/recipes-extended/net-tools/net-tools_selinux.inc
@@ -1,7 +1,3 @@
1	FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
2
3	SRC_URI += "file://netstat-selinux-support.patch"
4
5	inherit selinux	1	inherit selinux
6		2
7	DEPENDS += "${LIBSELINUX}"	3	DEPENDS += "${LIBSELINUX}"