- Add upstream patches that fix build with libselinux 2.3
Added: 292d3f2d-libselinux-build-fix1.patch, b109c097-libselinux-build-fix2.patch Dropped: libselinux-build-fix.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=379
This commit is contained in:
parent
40ebd7b517
commit
92f6cbc9c8
98
292d3f2d-libselinux-build-fix1.patch
Normal file
98
292d3f2d-libselinux-build-fix1.patch
Normal file
@ -0,0 +1,98 @@
|
||||
commit 292d3f2d38e8faca075ababcb652f2e090b745b2
|
||||
Author: Cédric Bosdonnat <cbosdonnat@suse.com>
|
||||
Date: Wed May 28 14:44:08 2014 +0200
|
||||
|
||||
build: fix build with libselinux 2.3
|
||||
|
||||
Several function signatures changed in libselinux 2.3, now taking
|
||||
a 'const char *' instead of 'security_context_t'. The latter is
|
||||
defined in selinux/selinux.h as
|
||||
|
||||
typedef char *security_context_t;
|
||||
|
||||
Signed-off-by: Eric Blake <eblake@redhat.com>
|
||||
|
||||
Index: libvirt-1.2.4/m4/virt-selinux.m4
|
||||
===================================================================
|
||||
--- libvirt-1.2.4.orig/m4/virt-selinux.m4
|
||||
+++ libvirt-1.2.4/m4/virt-selinux.m4
|
||||
@@ -1,6 +1,6 @@
|
||||
dnl The libselinux.so library
|
||||
dnl
|
||||
-dnl Copyright (C) 2012-2013 Red Hat, Inc.
|
||||
+dnl Copyright (C) 2012-2014 Red Hat, Inc.
|
||||
dnl
|
||||
dnl This library is free software; you can redistribute it and/or
|
||||
dnl modify it under the terms of the GNU Lesser General Public
|
||||
@@ -28,6 +28,21 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
|
||||
[with_selinux_mount=check])
|
||||
|
||||
if test "$with_selinux" = "yes"; then
|
||||
+ # libselinux changed signatures between 2.2 and 2.3
|
||||
+ AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
|
||||
+ [AC_COMPILE_IFELSE(
|
||||
+ [AC_LANG_PROGRAM(
|
||||
+ [[
|
||||
+#include <selinux/selinux.h>
|
||||
+int setcon(const security_context_t context);
|
||||
+ ]])],
|
||||
+ [gt_cv_setcon_param='security_context_t'],
|
||||
+ [gt_cv_setcon_param='const char*'])])
|
||||
+ if test "$gt_cv_setcon_param" = 'const char*'; then
|
||||
+ AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
|
||||
+ [SELinux uses newer char * for security context])
|
||||
+ fi
|
||||
+
|
||||
AC_MSG_CHECKING([SELinux mount point])
|
||||
if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
|
||||
if test -d /sys/fs/selinux ; then
|
||||
Index: libvirt-1.2.4/tests/securityselinuxhelper.c
|
||||
===================================================================
|
||||
--- libvirt-1.2.4.orig/tests/securityselinuxhelper.c
|
||||
+++ libvirt-1.2.4/tests/securityselinuxhelper.c
|
||||
@@ -156,7 +156,11 @@ int getpidcon(pid_t pid, security_contex
|
||||
return getpidcon_raw(pid, context);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setcon_raw(const char *context)
|
||||
+#else
|
||||
int setcon_raw(security_context_t context)
|
||||
+#endif
|
||||
{
|
||||
if (!is_selinux_enabled()) {
|
||||
errno = EINVAL;
|
||||
@@ -165,13 +169,21 @@ int setcon_raw(security_context_t contex
|
||||
return setenv("FAKE_SELINUX_CONTEXT", context, 1);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setcon(const char *context)
|
||||
+#else
|
||||
int setcon(security_context_t context)
|
||||
+#endif
|
||||
{
|
||||
return setcon_raw(context);
|
||||
}
|
||||
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setfilecon_raw(const char *path, const char *con)
|
||||
+#else
|
||||
int setfilecon_raw(const char *path, security_context_t con)
|
||||
+#endif
|
||||
{
|
||||
const char *constr = con;
|
||||
if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
|
||||
@@ -182,7 +194,11 @@ int setfilecon_raw(const char *path, sec
|
||||
constr, strlen(constr), 0);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setfilecon(const char *path, const char *con)
|
||||
+#else
|
||||
int setfilecon(const char *path, security_context_t con)
|
||||
+#endif
|
||||
{
|
||||
return setfilecon_raw(path, con);
|
||||
}
|
101
b109c097-libselinux-build-fix2.patch
Normal file
101
b109c097-libselinux-build-fix2.patch
Normal file
@ -0,0 +1,101 @@
|
||||
commit b109c097654c4fe003e8535481191f37a35d5d7b
|
||||
Author: Jim Fehlig <jfehlig@suse.com>
|
||||
Date: Wed May 28 13:48:21 2014 -0600
|
||||
|
||||
maint: cleanup detection of const'ness of selinux ctx
|
||||
|
||||
Commit 292d3f2d fixed the build with libselinux 2.3, but missed
|
||||
some suggestions by eblake
|
||||
|
||||
https://www.redhat.com/archives/libvir-list/2014-May/msg00977.html
|
||||
|
||||
This patch changes the macro introduced in 292d3f2d to either be
|
||||
empty in the case of newer libselinux, or contain 'const' in the
|
||||
case of older libselinux. The macro is then used directly in
|
||||
tests/securityselinuxhelper.c.
|
||||
|
||||
Index: libvirt-1.2.4/m4/virt-selinux.m4
|
||||
===================================================================
|
||||
--- libvirt-1.2.4.orig/m4/virt-selinux.m4
|
||||
+++ libvirt-1.2.4/m4/virt-selinux.m4
|
||||
@@ -29,19 +29,18 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
|
||||
|
||||
if test "$with_selinux" = "yes"; then
|
||||
# libselinux changed signatures between 2.2 and 2.3
|
||||
- AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
|
||||
+ AC_CACHE_CHECK([for selinux setcon parameter type], [lv_cv_setcon_param],
|
||||
[AC_COMPILE_IFELSE(
|
||||
[AC_LANG_PROGRAM(
|
||||
[[
|
||||
#include <selinux/selinux.h>
|
||||
-int setcon(const security_context_t context);
|
||||
+int setcon(char *context);
|
||||
]])],
|
||||
- [gt_cv_setcon_param='security_context_t'],
|
||||
- [gt_cv_setcon_param='const char*'])])
|
||||
- if test "$gt_cv_setcon_param" = 'const char*'; then
|
||||
- AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
|
||||
- [SELinux uses newer char * for security context])
|
||||
- fi
|
||||
+ [lv_cv_setcon_const=''],
|
||||
+ [lv_cv_setcon_const='const'])])
|
||||
+ AC_DEFINE_UNQUOTED([VIR_SELINUX_CTX_CONST], [$lv_cv_setcon_const],
|
||||
+ [Define to empty or 'const' depending on how SELinux qualifies its
|
||||
+ security context parameters])
|
||||
|
||||
AC_MSG_CHECKING([SELinux mount point])
|
||||
if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
|
||||
Index: libvirt-1.2.4/tests/securityselinuxhelper.c
|
||||
===================================================================
|
||||
--- libvirt-1.2.4.orig/tests/securityselinuxhelper.c
|
||||
+++ libvirt-1.2.4/tests/securityselinuxhelper.c
|
||||
@@ -156,11 +156,7 @@ int getpidcon(pid_t pid, security_contex
|
||||
return getpidcon_raw(pid, context);
|
||||
}
|
||||
|
||||
-#ifdef SELINUX_CTX_CHAR_PTR
|
||||
-int setcon_raw(const char *context)
|
||||
-#else
|
||||
-int setcon_raw(security_context_t context)
|
||||
-#endif
|
||||
+int setcon_raw(VIR_SELINUX_CTX_CONST char *context)
|
||||
{
|
||||
if (!is_selinux_enabled()) {
|
||||
errno = EINVAL;
|
||||
@@ -169,21 +165,13 @@ int setcon_raw(security_context_t contex
|
||||
return setenv("FAKE_SELINUX_CONTEXT", context, 1);
|
||||
}
|
||||
|
||||
-#ifdef SELINUX_CTX_CHAR_PTR
|
||||
-int setcon(const char *context)
|
||||
-#else
|
||||
-int setcon(security_context_t context)
|
||||
-#endif
|
||||
+int setcon(VIR_SELINUX_CTX_CONST char *context)
|
||||
{
|
||||
return setcon_raw(context);
|
||||
}
|
||||
|
||||
|
||||
-#ifdef SELINUX_CTX_CHAR_PTR
|
||||
-int setfilecon_raw(const char *path, const char *con)
|
||||
-#else
|
||||
-int setfilecon_raw(const char *path, security_context_t con)
|
||||
-#endif
|
||||
+int setfilecon_raw(const char *path, VIR_SELINUX_CTX_CONST char *con)
|
||||
{
|
||||
const char *constr = con;
|
||||
if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
|
||||
@@ -194,11 +182,7 @@ int setfilecon_raw(const char *path, sec
|
||||
constr, strlen(constr), 0);
|
||||
}
|
||||
|
||||
-#ifdef SELINUX_CTX_CHAR_PTR
|
||||
-int setfilecon(const char *path, const char *con)
|
||||
-#else
|
||||
-int setfilecon(const char *path, security_context_t con)
|
||||
-#endif
|
||||
+int setfilecon(const char *path, VIR_SELINUX_CTX_CONST char *con)
|
||||
{
|
||||
return setfilecon_raw(path, con);
|
||||
}
|
@ -1,79 +0,0 @@
|
||||
diff --git a/m4/virt-selinux.m4 b/m4/virt-selinux.m4
|
||||
index 003c2a8..d1f0347 100644
|
||||
--- a/m4/virt-selinux.m4
|
||||
+++ b/m4/virt-selinux.m4
|
||||
@@ -28,6 +28,24 @@ AC_DEFUN([LIBVIRT_CHECK_SELINUX],[
|
||||
[with_selinux_mount=check])
|
||||
|
||||
if test "$with_selinux" = "yes"; then
|
||||
+ AC_CACHE_CHECK([for selinux setcon parameter type], [gt_cv_setcon_param],
|
||||
+ [AC_COMPILE_IFELSE(
|
||||
+ [AC_LANG_PROGRAM(
|
||||
+ [[
|
||||
+#include <selinux/selinux.h>
|
||||
+
|
||||
+int setcon(const security_context_t context) {
|
||||
+ return 0;
|
||||
+}
|
||||
+ ]],
|
||||
+ [[]])],
|
||||
+ [gt_cv_setcon_param='security_context'],
|
||||
+ [gt_cv_setcon_param='const char*'])])
|
||||
+ if test "$gt_cv_setcon_param" = 'const char*'; then
|
||||
+ AC_DEFINE_UNQUOTED([SELINUX_CTX_CHAR_PTR], 1,
|
||||
+ [SELinux uses char * for security context])
|
||||
+ fi
|
||||
+
|
||||
AC_MSG_CHECKING([SELinux mount point])
|
||||
if test "$with_selinux_mount" = "check" || test -z "$with_selinux_mount"; then
|
||||
if test -d /sys/fs/selinux ; then
|
||||
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
|
||||
index dbc4c29..af4fae4 100644
|
||||
--- a/tests/securityselinuxhelper.c
|
||||
+++ b/tests/securityselinuxhelper.c
|
||||
@@ -156,7 +156,11 @@ int getpidcon(pid_t pid, security_context_t *context)
|
||||
return getpidcon_raw(pid, context);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setcon_raw(const char *context)
|
||||
+#else
|
||||
int setcon_raw(security_context_t context)
|
||||
+#endif
|
||||
{
|
||||
if (!is_selinux_enabled()) {
|
||||
errno = EINVAL;
|
||||
@@ -165,13 +169,21 @@ int setcon_raw(security_context_t context)
|
||||
return setenv("FAKE_SELINUX_CONTEXT", context, 1);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setcon(const char *context)
|
||||
+#else
|
||||
int setcon(security_context_t context)
|
||||
+#endif
|
||||
{
|
||||
return setcon_raw(context);
|
||||
}
|
||||
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setfilecon_raw(const char *path, const char *con)
|
||||
+#else
|
||||
int setfilecon_raw(const char *path, security_context_t con)
|
||||
+#endif
|
||||
{
|
||||
const char *constr = con;
|
||||
if (STRPREFIX(path, abs_builddir "/securityselinuxlabeldata/nfs/")) {
|
||||
@@ -182,7 +194,11 @@ int setfilecon_raw(const char *path, security_context_t con)
|
||||
constr, strlen(constr), 0);
|
||||
}
|
||||
|
||||
+#ifdef SELINUX_CTX_CHAR_PTR
|
||||
+int setfilecon(const char *path, const char *con)
|
||||
+#else
|
||||
int setfilecon(const char *path, security_context_t con)
|
||||
+#endif
|
||||
{
|
||||
return setfilecon_raw(path, con);
|
||||
}
|
@ -1,3 +1,11 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed May 28 17:13:29 MDT 2014 - jfehlig@suse.com
|
||||
|
||||
- Add upstream patches that fix build with libselinux 2.3
|
||||
Added: 292d3f2d-libselinux-build-fix1.patch,
|
||||
b109c097-libselinux-build-fix2.patch
|
||||
Dropped: libselinux-build-fix.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 28 12:42:34 UTC 2014 - cbosdonnat@suse.com
|
||||
|
||||
|
@ -434,12 +434,13 @@ Patch2: da744120-use-reboot-flag.patch
|
||||
Patch3: d6b27d3e-CVE-2014-0179.patch
|
||||
Patch4: fd43d1f8-libxl-iface-hostdev.patch
|
||||
Patch5: 99f50208-managed-hostdev-iface.patch
|
||||
Patch6: 292d3f2d-libselinux-build-fix1.patch
|
||||
Patch7: b109c097-libselinux-build-fix2.patch
|
||||
# Need to go upstream
|
||||
Patch100: xen-name-for-devid.patch
|
||||
Patch101: ia64-clone.patch
|
||||
Patch102: xen-pv-cdrom.patch
|
||||
Patch103: add-nocow-to-vol-xml.patch
|
||||
Patch104: libselinux-build-fix.patch
|
||||
# pending review upstream patches
|
||||
Patch150: libxl-migration-support.patch
|
||||
# Our patches
|
||||
@ -959,11 +960,12 @@ namespaces.
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch100 -p1
|
||||
%patch101 -p1
|
||||
%patch102 -p1
|
||||
%patch103 -p1
|
||||
%patch104 -p1
|
||||
%patch150 -p1
|
||||
%patch200 -p1
|
||||
%patch201 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user