pool/libsemanage
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
822e5bb994
libsemanage/libsemanage-update-map-file.patch
Johannes Segitz 23f21e2372 Accepting request 814134 from home:pmonrealgonzalez:branches:security:SELinux 
- Fix build with LTO: [bsc#1133102]
  * Enable LTO (Link Time Optimization) and build with -ffat-lto-objects
  * Update map file to include new symbols and remove wildcards
- Add libsemanage-update-map-file.patch

- Fix build with LTO: [bsc#1133102]
  * Enable LTO (Link Time Optimization)
  * Update map file to include new symbols and remove wildcards
- Add libsemanage-update-map-file.patch

OBS-URL: https://build.opensuse.org/request/show/814134
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsemanage?expand=0&rev=82
2020-06-15 07:22:03 +00:00

410 lines
13 KiB
Diff
Raw Blame History

From 3fc08f8908571195dfaac7d3179504873f37b4c0 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Mon, 23 Mar 2020 11:52:33 -0500
Subject: [PATCH] libsemanage: update linker script
With the old hidden_def and hidden_proto DSO infrastructure removed,
correctness of the map file becomes paramount, as it is what filters out
public API. Because of this, the wild cards should not be used, as it
lets some functions through that should not be made public API. Thus
remove the wild cards, and sort the list.
Additionally, verify that nothing changed in external symbols as well:
This was checked by generating an old export map (from master):
nm --defined-only -g ./src/libsemanage.so | cut -d' ' -f 3-3 | grep -v '^_' > old.map
Then creating a new one for this library after this patch is applied:
nm --defined-only -g ./src/libsemanage.so | cut -d' ' -f 3-3 | grep -v '^_' > new.map
And diffing them:
diff old.map new.map
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
libsemanage/src/libsemanage.map | 372 +++++++++++++++++++++++++++++---
1 file changed, 345 insertions(+), 27 deletions(-)
diff --git a/libsemanage/src/libsemanage.map b/libsemanage/src/libsemanage.map
index 020366967..e1861ccbe 100644
--- a/libsemanage/src/libsemanage.map
+++ b/libsemanage/src/libsemanage.map
@@ -1,31 +1,349 @@
LIBSEMANAGE_1.0 {
- global: semanage_handle_create; semanage_handle_destroy;
- semanage_is_managed; semanage_connect; semanage_disconnect;
- semanage_msg_*;
- semanage_begin_transaction; semanage_commit;
- semanage_module_install; semanage_module_install_file;
- semanage_module_upgrade; semanage_module_upgrade_file;
- semanage_module_install_base; semanage_module_install_base_file;
- semanage_module_enable;
- semanage_module_disable;
- semanage_module_remove;
- semanage_module_list; semanage_module_info_datum_destroy;
- semanage_module_list_nth; semanage_module_get_name;
- semanage_module_get_version; semanage_select_store;
- semanage_module_get_enabled;
- semanage_reload_policy; semanage_set_reload; semanage_set_rebuild;
- semanage_set_root;
- semanage_root;
- semanage_user_*; semanage_bool_*; semanage_seuser_*;
- semanage_iface_*; semanage_port_*; semanage_context_*;
- semanage_ibpkey_*;
- semanage_ibendport_*;
- semanage_node_*;
- semanage_fcontext_*; semanage_access_check; semanage_set_create_store;
- semanage_is_connected; semanage_get_disable_dontaudit; semanage_set_disable_dontaudit;
- semanage_mls_enabled;
- semanage_set_check_contexts;
- semanage_get_preserve_tunables; semanage_set_preserve_tunables;
+ global:
+ semanage_access_check;
+ semanage_begin_transaction;
+ semanage_bool_clone;
+ semanage_bool_compare;
+ semanage_bool_compare2;
+ semanage_bool_count;
+ semanage_bool_count_active;
+ semanage_bool_count_local;
+ semanage_bool_create;
+ semanage_bool_del_local;
+ semanage_bool_exists;
+ semanage_bool_exists_active;
+ semanage_bool_exists_local;
+ semanage_bool_free;
+ semanage_bool_get_name;
+ semanage_bool_get_value;
+ semanage_bool_iterate;
+ semanage_bool_iterate_active;
+ semanage_bool_iterate_local;
+ semanage_bool_key_create;
+ semanage_bool_key_extract;
+ semanage_bool_key_free;
+ semanage_bool_list;
+ semanage_bool_list_active;
+ semanage_bool_list_local;
+ semanage_bool_modify_local;
+ semanage_bool_query;
+ semanage_bool_query_active;
+ semanage_bool_query_local;
+ semanage_bool_set_active;
+ semanage_bool_set_name;
+ semanage_bool_set_value;
+ semanage_commit;
+ semanage_connect;
+ semanage_context_clone;
+ semanage_context_create;
+ semanage_context_free;
+ semanage_context_from_string;
+ semanage_context_get_mls;
+ semanage_context_get_role;
+ semanage_context_get_type;
+ semanage_context_get_user;
+ semanage_context_set_mls;
+ semanage_context_set_role;
+ semanage_context_set_type;
+ semanage_context_set_user;
+ semanage_context_to_string;
+ semanage_disconnect;
+ semanage_fcontext_clone;
+ semanage_fcontext_compare;
+ semanage_fcontext_compare2;
+ semanage_fcontext_count;
+ semanage_fcontext_count_local;
+ semanage_fcontext_create;
+ semanage_fcontext_del_local;
+ semanage_fcontext_exists;
+ semanage_fcontext_exists_local;
+ semanage_fcontext_free;
+ semanage_fcontext_get_con;
+ semanage_fcontext_get_expr;
+ semanage_fcontext_get_type;
+ semanage_fcontext_get_type_str;
+ semanage_fcontext_iterate;
+ semanage_fcontext_iterate_local;
+ semanage_fcontext_key_create;
+ semanage_fcontext_key_extract;
+ semanage_fcontext_key_free;
+ semanage_fcontext_list;
+ semanage_fcontext_list_homedirs;
+ semanage_fcontext_list_local;
+ semanage_fcontext_modify_local;
+ semanage_fcontext_query;
+ semanage_fcontext_query_local;
+ semanage_fcontext_set_con;
+ semanage_fcontext_set_expr;
+ semanage_fcontext_set_type;
+ semanage_get_default_priority;
+ semanage_get_disable_dontaudit;
+ semanage_get_hll_compiler_path;
+ semanage_get_ignore_module_cache;
+ semanage_get_preserve_tunables;
+ semanage_handle_create;
+ semanage_handle_destroy;
+ semanage_ibendport_clone;
+ semanage_ibendport_compare;
+ semanage_ibendport_compare2;
+ semanage_ibendport_count;
+ semanage_ibendport_count_local;
+ semanage_ibendport_create;
+ semanage_ibendport_del_local;
+ semanage_ibendport_exists;
+ semanage_ibendport_exists_local;
+ semanage_ibendport_free;
+ semanage_ibendport_get_con;
+ semanage_ibendport_get_ibdev_name;
+ semanage_ibendport_get_port;
+ semanage_ibendport_iterate;
+ semanage_ibendport_iterate_local;
+ semanage_ibendport_key_create;
+ semanage_ibendport_key_extract;
+ semanage_ibendport_key_free;
+ semanage_ibendport_list;
+ semanage_ibendport_list_local;
+ semanage_ibendport_modify_local;
+ semanage_ibendport_query;
+ semanage_ibendport_query_local;
+ semanage_ibendport_set_con;
+ semanage_ibendport_set_ibdev_name;
+ semanage_ibendport_set_port;
+ semanage_ibpkey_clone;
+ semanage_ibpkey_compare;
+ semanage_ibpkey_compare2;
+ semanage_ibpkey_count;
+ semanage_ibpkey_count_local;
+ semanage_ibpkey_create;
+ semanage_ibpkey_del_local;
+ semanage_ibpkey_exists;
+ semanage_ibpkey_exists_local;
+ semanage_ibpkey_free;
+ semanage_ibpkey_get_con;
+ semanage_ibpkey_get_high;
+ semanage_ibpkey_get_low;
+ semanage_ibpkey_get_subnet_prefix;
+ semanage_ibpkey_get_subnet_prefix_bytes;
+ semanage_ibpkey_iterate;
+ semanage_ibpkey_iterate_local;
+ semanage_ibpkey_key_create;
+ semanage_ibpkey_key_extract;
+ semanage_ibpkey_key_free;
+ semanage_ibpkey_list;
+ semanage_ibpkey_list_local;
+ semanage_ibpkey_modify_local;
+ semanage_ibpkey_query;
+ semanage_ibpkey_query_local;
+ semanage_ibpkey_set_con;
+ semanage_ibpkey_set_pkey;
+ semanage_ibpkey_set_range;
+ semanage_ibpkey_set_subnet_prefix;
+ semanage_ibpkey_set_subnet_prefix_bytes;
+ semanage_iface_clone;
+ semanage_iface_compare;
+ semanage_iface_compare2;
+ semanage_iface_count;
+ semanage_iface_count_local;
+ semanage_iface_create;
+ semanage_iface_del_local;
+ semanage_iface_exists;
+ semanage_iface_exists_local;
+ semanage_iface_free;
+ semanage_iface_get_ifcon;
+ semanage_iface_get_msgcon;
+ semanage_iface_get_name;
+ semanage_iface_iterate;
+ semanage_iface_iterate_local;
+ semanage_iface_key_create;
+ semanage_iface_key_extract;
+ semanage_iface_key_free;
+ semanage_iface_list;
+ semanage_iface_list_local;
+ semanage_iface_modify_local;
+ semanage_iface_query;
+ semanage_iface_query_local;
+ semanage_iface_set_ifcon;
+ semanage_iface_set_msgcon;
+ semanage_iface_set_name;
+ semanage_is_connected;
+ semanage_is_managed;
+ semanage_mls_enabled;
+ semanage_module_disable;
+ semanage_module_enable;
+ semanage_module_extract;
+ semanage_module_get_enabled;
+ semanage_module_get_module_info;
+ semanage_module_get_name;
+ semanage_module_get_version;
+ semanage_module_info_create;
+ semanage_module_info_datum_destroy;
+ semanage_module_info_destroy;
+ semanage_module_info_get_enabled;
+ semanage_module_info_get_lang_ext;
+ semanage_module_info_get_name;
+ semanage_module_info_get_priority;
+ semanage_module_info_set_enabled;
+ semanage_module_info_set_lang_ext;
+ semanage_module_info_set_name;
+ semanage_module_info_set_priority;
+ semanage_module_install;
+ semanage_module_install_base;
+ semanage_module_install_base_file;
+ semanage_module_install_file;
+ semanage_module_install_info;
+ semanage_module_key_create;
+ semanage_module_key_destroy;
+ semanage_module_key_get_name;
+ semanage_module_key_get_priority;
+ semanage_module_key_set_name;
+ semanage_module_key_set_priority;
+ semanage_module_list;
+ semanage_module_list_all;
+ semanage_module_list_nth;
+ semanage_module_remove;
+ semanage_module_remove_key;
+ semanage_module_set_enabled;
+ semanage_module_upgrade;
+ semanage_module_upgrade_file;
+ semanage_msg_get_channel;
+ semanage_msg_get_fname;
+ semanage_msg_get_level;
+ semanage_msg_set_callback;
+ semanage_node_clone;
+ semanage_node_compare;
+ semanage_node_compare2;
+ semanage_node_count;
+ semanage_node_count_local;
+ semanage_node_create;
+ semanage_node_del_local;
+ semanage_node_exists;
+ semanage_node_exists_local;
+ semanage_node_free;
+ semanage_node_get_addr;
+ semanage_node_get_addr_bytes;
+ semanage_node_get_con;
+ semanage_node_get_mask;
+ semanage_node_get_mask_bytes;
+ semanage_node_get_proto;
+ semanage_node_get_proto_str;
+ semanage_node_iterate;
+ semanage_node_iterate_local;
+ semanage_node_key_create;
+ semanage_node_key_extract;
+ semanage_node_key_free;
+ semanage_node_list;
+ semanage_node_list_local;
+ semanage_node_modify_local;
+ semanage_node_query;
+ semanage_node_query_local;
+ semanage_node_set_addr;
+ semanage_node_set_addr_bytes;
+ semanage_node_set_con;
+ semanage_node_set_mask;
+ semanage_node_set_mask_bytes;
+ semanage_node_set_proto;
+ semanage_port_clone;
+ semanage_port_compare;
+ semanage_port_compare2;
+ semanage_port_count;
+ semanage_port_count_local;
+ semanage_port_create;
+ semanage_port_del_local;
+ semanage_port_exists;
+ semanage_port_exists_local;
+ semanage_port_free;
+ semanage_port_get_con;
+ semanage_port_get_high;
+ semanage_port_get_low;
+ semanage_port_get_proto;
+ semanage_port_get_proto_str;
+ semanage_port_iterate;
+ semanage_port_iterate_local;
+ semanage_port_key_create;
+ semanage_port_key_extract;
+ semanage_port_key_free;
+ semanage_port_list;
+ semanage_port_list_local;
+ semanage_port_modify_local;
+ semanage_port_query;
+ semanage_port_query_local;
+ semanage_port_set_con;
+ semanage_port_set_port;
+ semanage_port_set_proto;
+ semanage_port_set_range;
+ semanage_reload_policy;
+ semanage_root;
+ semanage_select_store;
+ semanage_set_check_contexts;
+ semanage_set_create_store;
+ semanage_set_default_priority;
+ semanage_set_disable_dontaudit;
+ semanage_set_ignore_module_cache;
+ semanage_set_preserve_tunables;
+ semanage_set_rebuild;
+ semanage_set_reload;
+ semanage_set_root;
+ semanage_set_store_root;
+ semanage_seuser_clone;
+ semanage_seuser_compare;
+ semanage_seuser_compare2;
+ semanage_seuser_count;
+ semanage_seuser_count_local;
+ semanage_seuser_create;
+ semanage_seuser_del_local;
+ semanage_seuser_exists;
+ semanage_seuser_exists_local;
+ semanage_seuser_free;
+ semanage_seuser_get_mlsrange;
+ semanage_seuser_get_name;
+ semanage_seuser_get_sename;
+ semanage_seuser_iterate;
+ semanage_seuser_iterate_local;
+ semanage_seuser_key_create;
+ semanage_seuser_key_extract;
+ semanage_seuser_key_free;
+ semanage_seuser_list;
+ semanage_seuser_list_local;
+ semanage_seuser_modify_local;
+ semanage_seuser_query;
+ semanage_seuser_query_local;
+ semanage_seuser_set_mlsrange;
+ semanage_seuser_set_name;
+ semanage_seuser_set_sename;
+ semanage_user_add_role;
+ semanage_user_clone;
+ semanage_user_compare;
+ semanage_user_compare2;
+ semanage_user_count;
+ semanage_user_count_local;
+ semanage_user_create;
+ semanage_user_del_local;
+ semanage_user_del_role;
+ semanage_user_exists;
+ semanage_user_exists_local;
+ semanage_user_free;
+ semanage_user_get_mlslevel;
+ semanage_user_get_mlsrange;
+ semanage_user_get_name;
+ semanage_user_get_num_roles;
+ semanage_user_get_prefix;
+ semanage_user_get_roles;
+ semanage_user_has_role;
+ semanage_user_iterate;
+ semanage_user_iterate_local;
+ semanage_user_key_create;
+ semanage_user_key_extract;
+ semanage_user_key_free;
+ semanage_user_list;
+ semanage_user_list_local;
+ semanage_user_modify_local;
+ semanage_user_query;
+ semanage_user_query_local;
+ semanage_user_set_mlslevel;
+ semanage_user_set_mlsrange;
+ semanage_user_set_name;
+ semanage_user_set_prefix;
+ semanage_user_set_roles;
local: *;
};
Reference in New Issue View Git Blame Copy Permalink