From eba0f0ff8c1365aa12ead3498d812b9dbffa3f49 Mon Sep 17 00:00:00 2001 From: Wenzong Fan Date: Thu, 5 Jan 2017 00:23:20 -0800 Subject: libselinux: uprev to 2.6 (20161014) * rebase patch: - libselinux-make-O_CLOEXEC-optional.patch * cleanup patches: - libselinux-only-mount-proc-if-necessary.patch - libselinux-procattr-return-einval-for-0-pid.patch - libselinux-procattr-return-error-on-invalid-pid.patch * other fixes: - remove useless variables according to latest Makefile - update FILES_${PN}-python to match the installed file: '${libdir}/python2.7/site-packages/_selinux.so'. Signed-off-by: Wenzong Fan Signed-off-by: Joe MacDonald --- .../libselinux-make-O_CLOEXEC-optional.patch | 77 +++++++++++----------- 1 file changed, 38 insertions(+), 39 deletions(-) (limited to 'recipes-security/selinux/libselinux/libselinux-make-O_CLOEXEC-optional.patch') diff --git a/recipes-security/selinux/libselinux/libselinux-make-O_CLOEXEC-optional.patch b/recipes-security/selinux/libselinux/libselinux-make-O_CLOEXEC-optional.patch index 98d31cc..a041dd3 100644 --- a/recipes-security/selinux/libselinux/libselinux-make-O_CLOEXEC-optional.patch +++ b/recipes-security/selinux/libselinux/libselinux-make-O_CLOEXEC-optional.patch @@ -17,37 +17,18 @@ produce curious AVC Denied messages. Uptream-Status: Inappropriate [O_CLOEXEC has been in Linux since 2007 and POSIX since 2008] Signed-off-by: Joe MacDonald +Signed-off-by: Wenzong Fan --- - src/label_file.c | 8 +++++++- - src/procattr.c | 8 +++++++- - src/sestatus.c | 8 +++++++- - src/stringrep.c | 8 +++++++- - 4 files changed, 28 insertions(+), 4 deletions(-) + src/procattr.c | 16 ++++++++++++++-- + src/sestatus.c | 8 +++++++- + src/stringrep.c | 8 +++++++- + 3 files changed, 28 insertions(+), 4 deletions(-) -Index: libselinux-2.5/src/label_file.c -=================================================================== ---- libselinux-2.5.orig/src/label_file.c 2016-02-25 13:10:00.159980383 -0500 -+++ libselinux-2.5/src/label_file.c 2016-02-25 13:10:00.155980383 -0500 -@@ -124,7 +124,13 @@ - return -1; - } - -- mmapfd = open(mmap_path, O_RDONLY | O_CLOEXEC); -+ mmapfd = open(mmap_path, O_RDONLY -+#ifdef O_CLOEXEC -+ | O_CLOEXEC -+#else -+#warning O_CLOEXEC undefined on this platform, this may leak file descriptors -+#endif -+ ); - if (mmapfd < 0) - return -1; - -Index: libselinux-2.5/src/procattr.c -=================================================================== ---- libselinux-2.5.orig/src/procattr.c 2016-02-25 13:10:00.159980383 -0500 -+++ libselinux-2.5/src/procattr.c 2016-02-25 13:11:58.527980013 -0500 -@@ -76,7 +76,13 @@ +diff --git a/src/procattr.c b/src/procattr.c +index 7efcd7e..3007876 100644 +--- a/src/procattr.c ++++ b/src/procattr.c +@@ -79,7 +79,13 @@ static int openattr(pid_t pid, const char *attr, int flags) rc = asprintf(&path, "/proc/thread-self/attr/%s", attr); if (rc < 0) return -1; @@ -62,11 +43,26 @@ Index: libselinux-2.5/src/procattr.c if (fd >= 0 || errno != ENOENT) goto out; free(path); -Index: libselinux-2.5/src/sestatus.c -=================================================================== ---- libselinux-2.5.orig/src/sestatus.c 2016-02-25 13:10:00.159980383 -0500 -+++ libselinux-2.5/src/sestatus.c 2016-02-25 13:10:00.155980383 -0500 -@@ -268,7 +268,13 @@ +@@ -92,7 +98,13 @@ static int openattr(pid_t pid, const char *attr, int flags) + if (rc < 0) + return -1; + +- fd = open(path, flags | O_CLOEXEC); ++ fd = open(path, flags ++#ifdef O_CLOEXEC ++ | O_CLOEXEC ++#else ++#warning O_CLOEXEC undefined on this platform, this may leak file descriptors ++#endif ++ ); + out: + free(path); + return fd; +diff --git a/src/sestatus.c b/src/sestatus.c +index ed29dc5..0cb15b6 100644 +--- a/src/sestatus.c ++++ b/src/sestatus.c +@@ -268,7 +268,13 @@ int selinux_status_open(int fallback) return -1; snprintf(path, sizeof(path), "%s/status", selinux_mnt); @@ -81,11 +77,11 @@ Index: libselinux-2.5/src/sestatus.c if (fd < 0) goto error; -Index: libselinux-2.5/src/stringrep.c -=================================================================== ---- libselinux-2.5.orig/src/stringrep.c 2016-02-25 13:10:00.159980383 -0500 -+++ libselinux-2.5/src/stringrep.c 2016-02-25 13:10:00.155980383 -0500 -@@ -105,7 +105,13 @@ +diff --git a/src/stringrep.c b/src/stringrep.c +index 2dbec2b..de2a70b 100644 +--- a/src/stringrep.c ++++ b/src/stringrep.c +@@ -105,7 +105,13 @@ static struct discover_class_node * discover_class(const char *s) struct stat m; snprintf(path, sizeof path, "%s/class/%s/perms/%s", selinux_mnt,s,dentry->d_name); @@ -100,3 +96,6 @@ Index: libselinux-2.5/src/stringrep.c if (fd < 0) goto err4; +-- +2.7.4 + -- cgit v1.2.3-54-g00ecf