summaryrefslogtreecommitdiffstats
path: root/recipes-security/selinux/selinux_common.inc
Commit message (Collapse)AuthorAgeFilesLines
* selinux: upgrade 3.6 -> 3.7Yi Zhao2024-06-291-1/+1
| | | | | | | | | | | | | | | | | ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.7 * audit2allow -C for CIL output mode * sepolgen: adjust parse for refpolicy * semanage: Allow modifying records on "add" * semanage: Do not sort local fcontext definitions * Improved man pages * checkpolicy: support CIDR notation for nodecon statements * sandbox: Add support for Wayland * Code improvements and bug fixes Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe.macdonald@siemens.com>
* selinux: upgrade 3.5 -> 3.6Yi Zhao2023-12-181-2/+2
| | | | | | | | | | ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.6 * Switch branch to main Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: Set CVE_PRODUCTmickledoreschitrod=cisco.com@lists.yoctoproject.org2023-05-311-0/+2
| | | | | | | | | | | | | | | | | | | | | | The CVE product name for selinux-* package is (usually) the selinux (and not our recipe name), so use selinux as the default. See also: http://lists.openembedded.org/pipermail/openembedded-core/2017-July/139897.html "Results from cve-check are not very good at the moment. One of the reasons for this is that component names used in CVE database differ from yocto recipe names. This series fixes several of those name mapping problems by setting the CVE_PRODUCT correctly in the recipes. To check this mapping with after a build, I'm exporting LICENSE and CVE_PRODUCT variables to buildhistory for recipes and packages." Value added is based on: https://nvd.nist.gov/vuln/search/results?results_type=overview&search_type=all&cpe_product=cpe%3A%2F%3Akernel%3Aselinux Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade 3.4 -> 3.5Yi Zhao2023-03-271-1/+1
| | | | | | | | ChangeLog: https://github.com/SELinuxProject/selinux/releases/tag/3.5 Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade 3.3 -> 3.4Yi Zhao2022-08-281-1/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade 3.2 -> 3.3Yi Zhao2021-12-081-1/+1
| | | | | | | Drop backport CVE patches. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* recipes: update SRC_URI branch and protocolsYi Zhao2021-11-221-1/+1
| | | | | | | | Update SRC_URIs using git to include branch=master if no branch is set and also to use protocol=https for github urls. Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: update inc file to 3.2Yi Zhao2021-03-171-5/+10
| | | | | | | | | | | | * Drop selinux_DATE.inc since upstream now uses X.Y version instead of date for release tag[1]. Move its content to selinux_common.inc. * Switch to git repo in SRC_URI, then all selinux recipes can use unified source. [1] https://github.com/SELinuxProject/selinux/commit/f63ac245f7addf832e8cde3cc4f26607b738994d Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: upgrade inc files to 3.1 (20200710)Yi Zhao2021-01-141-2/+1
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe@deserted.net>
* selinux: uprev inc files to 2.9 (20190315)Yi Zhao2019-12-191-3/+1
| | | | | | | | * Update SRC_URI * Add UPSTREAM_CHECK_URI and UPSTREAM_CHECK_REGEX Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* selinux: uprev inc files to 2.8 (20180524)Yi Zhao2018-09-071-4/+5
| | | | | Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* selinux_common: remove EXTRA_OEMAKE = "-e"Wenzong Fan2017-01-051-5/+0
| | | | | | | | | | | | | | | | Some variables are exported by top Makefile and updated from sub Makefile (such as PCRE_LDFLAGS, DISABLE_FLAGS ...). The '-e' option prevents those variables from updating in the sub Makefile and causes libselinux build errors: | label.lo:(.data.rel.ro.local+0x20): undefined reference to `selabel_property_init' | label.lo:(.data.rel.ro.local+0x28): undefined reference to `selabel_service_init' oe-core also cleaned such default value from commit: aeb65386 Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Use the SELinux project release tarballs.Philip Tricca2015-09-081-4/+0
| | | | | | | | | | | | | | | | The SRC_URI used for the last SELinux userspace upgrade was the wrong one. We were using the URI generated by GitHub when tags are added to a repo. These are not the SELinux release tarballs. The SELinux project generates and releases tarballs for each tool and posts them to their GitHub wiki 'Releases' page: https://github.com/SELinuxProject/selinux/wiki/Releases. This patch fixes this URI, fixes the SELINUX_RELEASE variable that didn't get updated during the last upgrade, removes the workaround for the 'S' variable and fixes up the SRC_URI hashes. Signed-off-by: Philip Tricca <flihp@twobit.us> Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* selinux-userspace: update userspace SRC_URI and checksumsJoe MacDonald2014-09-161-1/+5
| | | | | | | | | Trac has been turned off on OSS. Update all SRC_URI links for the userspace components to point at the github project releases. The github releases also have a slightly different directory structure in the tarballs, requiring an update of the checksums as well. Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
* Add selinux common include file for build.Xin Ouyang2012-02-201-0/+21
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-07-20 04:57:39 +0000