From 40b6433ba83f97952d4e7fd80cf4c2510bde9239d338958b52d1032c9e3991b3 Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Tue, 14 Jul 2020 14:13:51 +0000 Subject: [PATCH 1/2] Accepting request 820921 from home:jsegitz:branches:security:SELinux - Update to version 3.1 * Add support for new polcap genfs_seclabel_symlinks * Initialize the multiple_decls field of the cil db * Return error when identifier declared as both type and attribute * Write CIL default MLS rules on separate lines * Sort portcon rules consistently * Remove leftovers of cil_mem_error_handler * Drop remove_cil_mem_error_handler.patch, is included OBS-URL: https://build.opensuse.org/request/show/820921 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsepol?expand=0&rev=80 --- libsepol-3.0.tar.gz | 3 --- libsepol-3.1.tar.gz | 3 +++ libsepol.changes | 12 ++++++++++++ libsepol.spec | 9 +++------ 4 files changed, 18 insertions(+), 9 deletions(-) delete mode 100644 libsepol-3.0.tar.gz create mode 100644 libsepol-3.1.tar.gz diff --git a/libsepol-3.0.tar.gz b/libsepol-3.0.tar.gz deleted file mode 100644 index fd6ad88..0000000 --- a/libsepol-3.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5b7ae1881909f1048b06f7a0c364c5c8a86ec12e0ec76e740fe9595a6033eb79 -size 473864 diff --git a/libsepol-3.1.tar.gz b/libsepol-3.1.tar.gz new file mode 100644 index 0000000..73474e7 --- /dev/null +++ b/libsepol-3.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc +size 473842 diff --git a/libsepol.changes b/libsepol.changes index 06e385a..da20917 100644 --- a/libsepol.changes +++ b/libsepol.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Tue Jul 14 08:39:58 UTC 2020 - Johannes Segitz + +- Update to version 3.1 + * Add support for new polcap genfs_seclabel_symlinks + * Initialize the multiple_decls field of the cil db + * Return error when identifier declared as both type and attribute + * Write CIL default MLS rules on separate lines + * Sort portcon rules consistently + * Remove leftovers of cil_mem_error_handler + * Drop remove_cil_mem_error_handler.patch, is included + ------------------------------------------------------------------- Mon Apr 27 19:35:18 UTC 2020 - Martin Liška diff --git a/libsepol.spec b/libsepol.spec index 53727d9..6b50f0d 100644 --- a/libsepol.spec +++ b/libsepol.spec @@ -17,15 +17,14 @@ Name: libsepol -Version: 3.0 +Version: 3.1 Release: 0 Summary: SELinux binary policy manipulation library License: LGPL-2.1-or-later Group: Development/Libraries/C and C++ URL: https://github.com/SELinuxProject/selinux/wiki/Releases -Source: https://github.com/SELinuxProject/selinux/releases/download/20191204/%{name}-%{version}.tar.gz +Source: https://github.com/SELinuxProject/selinux/releases/download/20200710/%{name}-%{version}.tar.gz Source2: baselibs.conf -Patch1: remove_cil_mem_error_handler.patch BuildRequires: flex BuildRequires: pkgconfig BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -87,12 +86,10 @@ policies. %prep %setup -q -%patch1 -p1 %build %define _lto_cflags %{nil} -%global optflags %{optflags} -fcommon -export CFLAGS="%{optflags}" +export CFLAGS="%{optflags} -fcommon" make %{?_smp_mflags} %install From fcba095d86505e7e3957b9454d5df207118a07465c3f53e7e0f907dc218ad2bb Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Wed, 15 Jul 2020 08:23:23 +0000 Subject: [PATCH 2/2] Accepting request 821048 from home:jsegitz:branches:security:SELinux OBS-URL: https://build.opensuse.org/request/show/821048 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libsepol?expand=0&rev=81 --- remove_cil_mem_error_handler.patch | 54 ------------------------------ 1 file changed, 54 deletions(-) delete mode 100644 remove_cil_mem_error_handler.patch diff --git a/remove_cil_mem_error_handler.patch b/remove_cil_mem_error_handler.patch deleted file mode 100644 index 60a7b06..0000000 --- a/remove_cil_mem_error_handler.patch +++ /dev/null @@ -1,54 +0,0 @@ -commit 3d32fc24d6aff360a538c63dad08ca5c957551b0 -Author: Ondrej Mosnacek -Date: Thu Jan 23 13:57:14 2020 +0100 - - libsepol: remove leftovers of cil_mem_error_handler - - Commit 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function - pointer") replaced cil_mem_error_handler usage with inline contents of - the default handler. However, it left over the header declaration and - two callers. Convert these as well and remove the header declaration. - - This also fixes a build failure with -fno-common. - - Fixes: 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer") - Signed-off-by: Ondrej Mosnacek - -diff --git a/libsepol/cil/src/cil_mem.h b/libsepol/cil/src/cil_mem.h -index 902ce131..794f02a3 100644 ---- a/cil/src/cil_mem.h -+++ b/cil/src/cil_mem.h -@@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size); - void *cil_realloc(void *ptr, size_t size); - char *cil_strdup(const char *str); - int cil_asprintf(char **strp, const char *fmt, ...); --void (*cil_mem_error_handler)(void); - - #endif /* CIL_MEM_H_ */ - -diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c -index 97d4c4b9..2598bbf3 100644 ---- a/cil/src/cil_strpool.c -+++ b/cil/src/cil_strpool.c -@@ -80,8 +80,8 @@ char *cil_strpool_add(const char *str) - int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); - if (rc != SEPOL_OK) { - pthread_mutex_unlock(&cil_strpool_mutex); -- (*cil_mem_error_handler)(); -- pthread_mutex_lock(&cil_strpool_mutex); -+ cil_log(CIL_ERR, "Failed to allocate memory\n"); -+ exit(1); - } - } - -@@ -104,8 +104,8 @@ void cil_strpool_init(void) - cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE); - if (cil_strpool_tab == NULL) { - pthread_mutex_unlock(&cil_strpool_mutex); -- (*cil_mem_error_handler)(); -- return; -+ cil_log(CIL_ERR, "Failed to allocate memory\n"); -+ exit(1); - } - } - cil_strpool_readers++;