All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH v6 0/6] *** Update selinux libraries ***
@ 2016-06-26 22:39 Adam Duskett
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
                   ` (5 more replies)
  0 siblings, 6 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

Many of the packages in buildroot pertaining to selinux are woefully
out of date.  This patch series focuses on bringing these packages
up to date with the current releases.

Adam Duskett (6):
  audit: bump to version 2.6
  libsemanage: bump to version 2.5
  checkpolicy: bump to version 2.5
  libselinux: bump to version 2.5
  libsepol: bump to version 2.5
  setools: fix build with latest selinux libraries.

 package/audit/audit.hash                           |  2 +-
 package/audit/audit.mk                             |  2 +-
 package/checkpolicy/checkpolicy.hash               |  2 +-
 package/checkpolicy/checkpolicy.mk                 |  4 +-
 package/libselinux/libselinux.hash                 |  2 +-
 package/libselinux/libselinux.mk                   |  6 +-
 .../libsemanage/0001-execption-lib-path-fix.patch  | 14 ----
 .../0001-workaround-blackfin-issue.patch           | 25 ++++++
 .../0002-workaround-blackfin-issue.patch           | 24 ------
 package/libsemanage/libsemanage.hash               |  2 +-
 package/libsemanage/libsemanage.mk                 |  6 +-
 package/libsepol/0001-support-static-only.patch    | 26 +++----
 .../libsepol/0002-workaround-blackfin-issue.patch  |  8 +-
 package/libsepol/libsepol.hash                     |  2 +-
 package/libsepol/libsepol.mk                       |  4 +-
 ...s-Update-for-2015-02-02-Userspace-release.patch | 90 ++++++++++++++++++++++
 16 files changed, 150 insertions(+), 69 deletions(-)
 delete mode 100644 package/libsemanage/0001-execption-lib-path-fix.patch
 create mode 100644 package/libsemanage/0001-workaround-blackfin-issue.patch
 delete mode 100644 package/libsemanage/0002-workaround-blackfin-issue.patch
 create mode 100644 package/setools/0003-setools-Update-for-2015-02-02-Userspace-release.patch

-- 
2.7.4

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-06-29 19:42   ` Yann E. MORIN
                     ` (2 more replies)
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5 Adam Duskett
                   ` (4 subsequent siblings)
  5 siblings, 3 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v4 -> v6:
 - Patch series version bump.

Changes v3 -> v4:
 - Updated to 2.6 instead of 2.5.2

Changes v2 -> v3:
 - Split patch into two patches.  One for a version bump, the second for
 the ability to build as a host package.

Changes v1 -> v2:
 - Version bump and the ability to build as a host package as a
   single patch.

 package/audit/audit.hash | 2 +-
 package/audit/audit.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/audit/audit.hash b/package/audit/audit.hash
index f234fdb..3712f43 100644
--- a/package/audit/audit.hash
+++ b/package/audit/audit.hash
@@ -1,2 +1,2 @@
 #Locally computed
-sha256	25f57f465f3230d7b1166b615ffd6748818a3dc225d0e8b396c5b2e951674e23	audit-2.4.4.tar.gz
+sha256	b04dbc16dd877c32c3a05a512ed825abfbd5fabd5d3ecca6b4fcbd6bbac5f94e	audit-2.6.tar.gz
diff --git a/package/audit/audit.mk b/package/audit/audit.mk
index 1fbc623..937244d 100644
--- a/package/audit/audit.mk
+++ b/package/audit/audit.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AUDIT_VERSION = 2.4.4
+AUDIT_VERSION = 2.6
 AUDIT_SITE = http://people.redhat.com/sgrubb/audit
 AUDIT_LICENSE = GPLv2
 AUDIT_LICENSE_FILES = COPYING
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-06-29 20:32   ` Yann E. MORIN
  2016-07-01  9:08   ` Thomas Petazzoni
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 3/6] checkpolicy: " Adam Duskett
                   ` (3 subsequent siblings)
  5 siblings, 2 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

The 0001-execption-lib-path-fix.patch is also no longer needed, as the
new version of libsemanage includes the fix provided by the patch.
As such, the patch was removed, and 0002 was renamed to 0001.

Audit was added as a dependency as the new version of libsemanage
will fail to compile searching for audit.h

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v5 -> v6:
 - Removed check for policycoreutils

Changes v3 -> v5:
 - Patch series version bump.

Changes v2 -> v3:
 - Added better explination as to why host-audit is added.

Changes v1 -> v2:
 - Reverted changes to the select.

 .../libsemanage/0001-execption-lib-path-fix.patch  | 14 ------------
 .../0001-workaround-blackfin-issue.patch           | 25 ++++++++++++++++++++++
 .../0002-workaround-blackfin-issue.patch           | 24 ---------------------
 package/libsemanage/libsemanage.hash               |  2 +-
 package/libsemanage/libsemanage.mk                 |  6 +++---
 5 files changed, 29 insertions(+), 42 deletions(-)
 delete mode 100644 package/libsemanage/0001-execption-lib-path-fix.patch
 create mode 100644 package/libsemanage/0001-workaround-blackfin-issue.patch
 delete mode 100644 package/libsemanage/0002-workaround-blackfin-issue.patch

diff --git a/package/libsemanage/0001-execption-lib-path-fix.patch b/package/libsemanage/0001-execption-lib-path-fix.patch
deleted file mode 100644
index cbcbea5..0000000
--- a/package/libsemanage/0001-execption-lib-path-fix.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Patch to correct a missing header file issue.
-
-Signed-off-by Clayton Shotwell <clshotwe@rockwellcollins.com>
-
---- a/src/exception.sh	2011-12-21 11:46:04.000000000 -0600
-+++ b/src/exception.sh	2012-08-27 11:29:58.000000000 -0500
-@@ -9,6 +9,6 @@
- }
- "
- }
--gcc -x c -c - -aux-info temp.aux < ../include/semanage/semanage.h
-+gcc -x c -c - -aux-info temp.aux -I../include < ../include/semanage/semanage.h
- for i in `awk '/extern int/ { print $6 }' temp.aux`; do except $i ; done
- rm -f -- temp.aux -.o
diff --git a/package/libsemanage/0001-workaround-blackfin-issue.patch b/package/libsemanage/0001-workaround-blackfin-issue.patch
new file mode 100644
index 0000000..7ce9606
--- /dev/null
+++ b/package/libsemanage/0001-workaround-blackfin-issue.patch
@@ -0,0 +1,25 @@
+Do not make symbols hidden on Blackfin
+
+The libselinux logic to hide internal symbols from the DSO doesn't
+work properly on Blackfin due to the USER_LABEL_PREFIX not being
+handled properly. A real fix is not that simple, so this patch simply
+disables the internal symbol hiding mechanism. This means that those
+symbols are visible in the final DSO, which is not a problem for
+proper execution, it just isn't as clean.
+
+Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
+
+Index: b/src/dso.h
+===================================================================
+--- a/src/dso.h
++++ b/src/dso.h
+@@ -1,7 +1,7 @@
+ #ifndef _SEPOL_DSO_H
+ #define _SEPOL_DSO_H	1
+ 
+-#ifdef SHARED
++#if defined(SHARED) && !defined(__bfin__)
+ # define hidden __attribute__ ((visibility ("hidden")))
+ # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
+ # define __hidden_proto(fct, internal)	\
diff --git a/package/libsemanage/0002-workaround-blackfin-issue.patch b/package/libsemanage/0002-workaround-blackfin-issue.patch
deleted file mode 100644
index 5d00c69..0000000
--- a/package/libsemanage/0002-workaround-blackfin-issue.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Do not make symbols hidden on Blackfin
-
-The libselinux logic to hide internal symbols from the DSO doesn't
-work properly on Blackfin due to the USER_LABEL_PREFIX not being
-handled properly. A real fix is not that simple, so this patch simply
-disables the internal symbol hiding mechanism. This means that those
-symbols are visible in the final DSO, which is not a problem for
-proper execution, it just isn't as clean.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/src/dso.h
-===================================================================
---- a/src/dso.h
-+++ b/src/dso.h
-@@ -1,7 +1,7 @@
- #ifndef _SELINUX_DSO_H
- #define _SELINUX_DSO_H	1
- 
--#ifdef SHARED
-+#if defined(SHARED) && !defined(__bfin__)
- # define hidden __attribute__ ((visibility ("hidden")))
- # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
- # define __hidden_proto(fct, internal)	\
diff --git a/package/libsemanage/libsemanage.hash b/package/libsemanage/libsemanage.hash
index d4204d1..69f7c8d 100644
--- a/package/libsemanage/libsemanage.hash
+++ b/package/libsemanage/libsemanage.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 de2e8077245581e94576276f54e80a53c23c28d6961d2dfbe2f004eaba452e91 libsemanage-2.1.10.tar.gz
+sha256 46e2f36254369b6e91d1eea0460c262b139361b055a3a67d3ceea2d8ef72e006 libsemanage-2.5.tar.gz
diff --git a/package/libsemanage/libsemanage.mk b/package/libsemanage/libsemanage.mk
index 197c14e..a60d018 100644
--- a/package/libsemanage/libsemanage.mk
+++ b/package/libsemanage/libsemanage.mk
@@ -4,11 +4,11 @@
 #
 ################################################################################
 
-LIBSEMANAGE_VERSION = 2.1.10
-LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSEMANAGE_VERSION = 2.5
+LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSEMANAGE_LICENSE = LGPLv2.1+
 LIBSEMANAGE_LICENSE_FILES = COPYING
-LIBSEMANAGE_DEPENDENCIES = host-bison host-flex libselinux ustr bzip2
+LIBSEMANAGE_DEPENDENCIES = host-bison host-flex audit libselinux ustr bzip2
 LIBSEMANAGE_INSTALL_STAGING = YES
 
 LIBSEMANAGE_MAKE_OPTS = $(TARGET_CONFIGURE_OPTS)
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 3/6] checkpolicy: bump to version 2.5
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5 Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-06-29 20:34   ` Yann E. MORIN
  2016-07-01  9:10   ` Thomas Petazzoni
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 4/6] libselinux: " Adam Duskett
                   ` (2 subsequent siblings)
  5 siblings, 2 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v1 - v6:
 - Patch series version bump.

 package/checkpolicy/checkpolicy.hash | 2 +-
 package/checkpolicy/checkpolicy.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/checkpolicy/checkpolicy.hash b/package/checkpolicy/checkpolicy.hash
index 32b5ff6..bc5199c 100644
--- a/package/checkpolicy/checkpolicy.hash
+++ b/package/checkpolicy/checkpolicy.hash
@@ -1,2 +1,2 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 e6a0ac539b74859b4262b317eb90d9914deb15e7aa509659f47724d50fe2ecc6  checkpolicy-2.1.12.tar.gz
+sha256 33af9f3eb19135a7e6536ecd3fbb9686323000016cd51eb88346346ed7546001  checkpolicy-2.5.tar.gz
diff --git a/package/checkpolicy/checkpolicy.mk b/package/checkpolicy/checkpolicy.mk
index 4b7b2f3..f1b76d0 100644
--- a/package/checkpolicy/checkpolicy.mk
+++ b/package/checkpolicy/checkpolicy.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-CHECKPOLICY_VERSION = 2.1.12
-CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+CHECKPOLICY_VERSION = 2.5
+CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 CHECKPOLICY_LICENSE = GPLv2
 CHECKPOLICY_LICENSE_FILES = COPYING
 
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 4/6] libselinux: bump to version 2.5
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
                   ` (2 preceding siblings ...)
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 3/6] checkpolicy: " Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-06-30 22:38   ` Yann E. MORIN
  2016-07-01  9:10   ` Thomas Petazzoni
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 5/6] libsepol: " Adam Duskett
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries Adam Duskett
  5 siblings, 2 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

In addition, if a user is using glibc 2.22, the default CFLAG
D_FILE_OFFSET_BITS=64 will cause a compile error.  This flag is now
removed from the CFLAGS in the make file to ensure that toolchains
compiled against glibc 2.22 will build the new version of the package
properly.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v3 - v6:
 - Patch series version bump.

Changes v2 -> v3:
 - Changed logic to use filter-out instead of specifying cflags manually.

Changes v1 -> v2:
 - Reverted depends on in the config file.
 - Added manual cflags.


 package/libselinux/libselinux.hash | 2 +-
 package/libselinux/libselinux.mk   | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/package/libselinux/libselinux.hash b/package/libselinux/libselinux.hash
index 861c327..a4c3440 100644
--- a/package/libselinux/libselinux.hash
+++ b/package/libselinux/libselinux.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 57aad47c06b7ec18a76e8d9870539277a84cb40109cfdcf70ed3260bdb04447a libselinux-2.1.13.tar.gz
+sha256 94c9e97706280bedcc288f784f67f2b9d3d6136c192b2c9f812115edba58514f libselinux-2.5.tar.gz
diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk
index d4b96c4..6f94173 100644
--- a/package/libselinux/libselinux.mk
+++ b/package/libselinux/libselinux.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSELINUX_VERSION = 2.1.13
-LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSELINUX_VERSION = 2.5
+LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSELINUX_LICENSE = Public Domain
 LIBSELINUX_LICENSE_FILES = LICENSE
 
@@ -13,8 +13,10 @@ LIBSELINUX_DEPENDENCIES = libsepol pcre
 
 LIBSELINUX_INSTALL_STAGING = YES
 
+# Filter out D_FILE_OFFSET_BITS=64. This fixes errors caused by glibc 2.22.
 LIBSELINUX_MAKE_OPTS = \
 	$(TARGET_CONFIGURE_OPTS) \
+	CFLAGS="$(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))" \
 	LDFLAGS="$(TARGET_LDFLAGS) -lpcre -lpthread" \
 	ARCH=$(KERNEL_ARCH)
 
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 5/6] libsepol: bump to version 2.5
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
                   ` (3 preceding siblings ...)
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 4/6] libselinux: " Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-07-01  9:11   ` Thomas Petazzoni
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries Adam Duskett
  5 siblings, 1 reply; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v3 - v6:
 - Patch series version bump.

Changes v2 - v3:
 - Added SOB to included patch files.

Changes v1 - v2:
 - Fixed broken (by me) support static-only patch that caused build
 errors

 package/libsepol/0001-support-static-only.patch    | 26 +++++++++++-----------
 .../libsepol/0002-workaround-blackfin-issue.patch  |  8 ++++---
 package/libsepol/libsepol.hash                     |  2 +-
 package/libsepol/libsepol.mk                       |  4 ++--
 4 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/package/libsepol/0001-support-static-only.patch b/package/libsepol/0001-support-static-only.patch
index b974680..3e9a84f 100644
--- a/package/libsepol/0001-support-static-only.patch
+++ b/package/libsepol/0001-support-static-only.patch
@@ -7,37 +7,37 @@ libraries. It allows to support cases where the target architecture
 does not have support for shared libraries.
 
 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
 
 Index: b/src/Makefile
 ===================================================================
+
+diff --git a/src/Makefile b/src/Makefile
+index db6c2ba..0006285 100644
 --- a/src/Makefile
 +++ b/src/Makefile
-@@ -17,7 +17,12 @@
- CFLAGS ?= -Werror -Wall -W -Wundef -Wshadow -Wmissing-noreturn -Wmissing-format-attribute
- override CFLAGS += -I. -I../include -D_GNU_SOURCE
+@@ -30,8 +30,12 @@ LOBJS += $(sort $(patsubst %.c,%.lo,$(wildcard $(CILDIR)/src/*.c) $(CIL_GENERATE
+ override CFLAGS += -I$(CILDIR)/include
+ endif
  
--all: $(LIBA) $(LIBSO) $(LIBPC)
 +ALL_TARGETS = $(LIBA) $(LIBPC)
 +ifeq ($(STATIC),)
 +ALL_TARGETS += $(LIBSO)
 +endif
-+
+
+-all: $(LIBA) $(LIBSO) $(LIBPC)
 +all: $(ALL_TARGETS)
  
+
  $(LIBA):  $(OBJS)
- 	$(AR) rcs $@ $^
-@@ -39,11 +44,13 @@
- install: all
- 	test -d $(LIBDIR) || install -m 755 -d $(LIBDIR)
- 	install -m 644 $(LIBA) $(LIBDIR)
--	test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR)
--	install -m 755 $(LIBSO) $(SHLIBDIR)
+@@ -70,7 +74,11 @@ install: all
+ 	install -m 755 $(LIBSO) $(SHLIBDIR)
  	test -d $(LIBDIR)/pkgconfig || install -m 755 -d $(LIBDIR)/pkgconfig
  	install -m 644 $(LIBPC) $(LIBDIR)/pkgconfig
 +ifeq ($(STATIC),)
 +	test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR)
 +	install -m 755 $(LIBSO) $(SHLIBDIR)
- 	cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET)
+ 	ln -sf --relative $(SHLIBDIR)/$(LIBSO) $(LIBDIR)/$(TARGET)
 +endif
  
  relabel:
diff --git a/package/libsepol/0002-workaround-blackfin-issue.patch b/package/libsepol/0002-workaround-blackfin-issue.patch
index 5d00c69..3c3bd48 100644
--- a/package/libsepol/0002-workaround-blackfin-issue.patch
+++ b/package/libsepol/0002-workaround-blackfin-issue.patch
@@ -8,17 +8,19 @@ symbols are visible in the final DSO, which is not a problem for
 proper execution, it just isn't as clean.
 
 Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
 
 Index: b/src/dso.h
 ===================================================================
 --- a/src/dso.h
 +++ b/src/dso.h
-@@ -1,7 +1,7 @@
- #ifndef _SELINUX_DSO_H
- #define _SELINUX_DSO_H	1
+@@ -5,7 +5,7 @@
+     #define DISABLE_SYMVER 1
+ #endif
  
 -#ifdef SHARED
 +#if defined(SHARED) && !defined(__bfin__)
  # define hidden __attribute__ ((visibility ("hidden")))
  # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
  # define __hidden_proto(fct, internal)	\
+
diff --git a/package/libsepol/libsepol.hash b/package/libsepol/libsepol.hash
index df5dabd..266ce43 100644
--- a/package/libsepol/libsepol.hash
+++ b/package/libsepol/libsepol.hash
@@ -1,2 +1,2 @@
 # From https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256	290d17f583635a4a5d8a2141511272adf0571c4205cdea38b5a68df20d58a70b  libsepol-2.1.9.tar.gz
+sha256 2bdeec56d0a08b082b93b40703b4b3329cc5562152f7254d8f6ef6b56afe850a  libsepol-2.5.tar.gz
diff --git a/package/libsepol/libsepol.mk b/package/libsepol/libsepol.mk
index 1e709c6..93896cf 100644
--- a/package/libsepol/libsepol.mk
+++ b/package/libsepol/libsepol.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSEPOL_VERSION = 2.1.9
-LIBSEPOL_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSEPOL_VERSION = 2.5
+LIBSEPOL_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSEPOL_LICENSE = LGPLv2.1+
 LIBSEPOL_LICENSE_FILES = COPYING
 
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries.
  2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
                   ` (4 preceding siblings ...)
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 5/6] libsepol: " Adam Duskett
@ 2016-06-26 22:39 ` Adam Duskett
  2016-07-01  9:11   ` Thomas Petazzoni
  5 siblings, 1 reply; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:39 UTC (permalink / raw)
  To: buildroot

Setools 3.3.8 won't cleanly compile against newer versions
of the new selinux libraries. This patch fixes these errors.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
Changes v5 - v6:
 - Updated patch name to match the one found on git.
 - Added the original commit message and SoB in the patch.

Changes v2 - v5:
 - Patch series version bump.

Changes v1 -> v2:
 - Added subject, commit log, and SoB-line to 0003 patch.


 ...s-Update-for-2015-02-02-Userspace-release.patch | 90 ++++++++++++++++++++++
 1 file changed, 90 insertions(+)
 create mode 100644 package/setools/0003-setools-Update-for-2015-02-02-Userspace-release.patch

diff --git a/package/setools/0003-setools-Update-for-2015-02-02-Userspace-release.patch b/package/setools/0003-setools-Update-for-2015-02-02-Userspace-release.patch
new file mode 100644
index 0000000..b0842d9
--- /dev/null
+++ b/package/setools/0003-setools-Update-for-2015-02-02-Userspace-release.patch
@@ -0,0 +1,90 @@
+setools: Add patch to support 2.4 toolstack.
+Signed-off-by: Philip Tricca <flihp@twobit.us>
+Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
+URL: https://github.com/flihp/meta-selinux/commit/e09eaef7a9acb552a4a5e1f90117154ae06b6fda
+
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
+
+diff --git a/libqpol/src/policy_define.c b/libqpol/src/policy_define.c
+index fad6b60..231962f 100644
+--- a/libqpol/src/policy_define.c
++++ b/libqpol/src/policy_define.c
+@@ -1449,7 +1449,7 @@ int define_compute_type_helper(int which, avrule_t ** rule)
+ 				return -1;
+ 			}
+ 			class_perm_node_init(perm);
+-			perm->class = i + 1;
++			perm->tclass = i + 1;
+ 			perm->data = datum->s.value;
+ 			perm->next = avrule->perms;
+ 			avrule->perms = perm;
+@@ -1699,7 +1699,7 @@ int define_te_avtab_helper(int which, avrule_t ** rule)
+ 			goto out;
+ 		}
+ 		class_perm_node_init(cur_perms);
+-		cur_perms->class = i + 1;
++		cur_perms->tclass = i + 1;
+ 		if (!perms)
+ 			perms = cur_perms;
+ 		if (tail)
+diff --git a/libqpol/src/policy_extend.c b/libqpol/src/policy_extend.c
+index 5325a87..1417271 100644
+--- a/libqpol/src/policy_extend.c
++++ b/libqpol/src/policy_extend.c
+@@ -843,7 +843,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_
+ 			for (class_node = rule->perms; class_node; class_node = class_node->next) {
+ 				key.rule_type = rule->specified;
+ 				key.source_val = key.target_val = i + 1;
+-				key.class_val = class_node->class;
++				key.class_val = class_node->tclass;
+ 				key.cond = cond;
+ 				if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
+ 					goto err;
+@@ -856,7 +856,7 @@ static int qpol_syn_rule_table_insert_sepol_avrule(qpol_policy_t * policy, qpol_
+ 				key.rule_type = rule->specified;
+ 				key.source_val = i + 1;
+ 				key.target_val = j + 1;
+-				key.class_val = class_node->class;
++				key.class_val = class_node->tclass;
+ 				key.cond = cond;
+ 				if (qpol_syn_rule_table_insert_entry(policy, table, &key, new_rule))
+ 					goto err;
+diff --git a/libqpol/src/syn_rule_query.c b/libqpol/src/syn_rule_query.c
+index 3e63204..d7578f1 100644
+--- a/libqpol/src/syn_rule_query.c
++++ b/libqpol/src/syn_rule_query.c
+@@ -67,7 +67,7 @@ static void *syn_rule_class_state_get_cur(const qpol_iterator_t * iter)
+ 		return NULL;
+ 	}
+
+-	return db->class_val_to_struct[srcs->cur->class - 1];
++	return db->class_val_to_struct[srcs->cur->tclass - 1];
+ }
+
+ static int syn_rule_class_state_next(qpol_iterator_t * iter)
+@@ -465,10 +465,10 @@ int qpol_syn_avrule_get_perm_iter(const qpol_policy_t * policy, const qpol_syn_a
+ 	}
+
+ 	for (node = internal_rule->perms; node; node = node->next) {
+-		for (i = 0; i < db->class_val_to_struct[node->class - 1]->permissions.nprim; i++) {
++		for (i = 0; i < db->class_val_to_struct[node->tclass - 1]->permissions.nprim; i++) {
+ 			if (!(node->data & (1 << i)))
+ 				continue;
+-			tmp = sepol_av_to_string(db, node->class, (sepol_access_vector_t) (1 << i));
++			tmp = sepol_av_to_string(db, node->tclass, (sepol_access_vector_t) (1 << i));
+ 			if (tmp) {
+ 				tmp++; /* remove prepended space */
+ 				for (cur = 0; cur < perm_list_sz; cur++)
+diff --git a/secmds/replcon.cc b/secmds/replcon.cc
+index 34f7c1a..307c39f 100644
+--- a/secmds/replcon.cc
++++ b/secmds/replcon.cc
+@@ -60,7 +60,7 @@ static struct option const longopts[] = {
+ 	{NULL, 0, NULL, 0}
+ };
+
+-extern int lsetfilecon_raw(const char *, security_context_t) __attribute__ ((weak));
++extern int lsetfilecon_raw(const char *, const char *) __attribute__ ((weak));
+
+ /**
+  * As that setools must work with older libselinux versions that may
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
@ 2016-06-29 19:42   ` Yann E. MORIN
  2016-07-01  9:08   ` Thomas Petazzoni
  2016-07-05 17:16   ` Yann E. MORIN
  2 siblings, 0 replies; 22+ messages in thread
From: Yann E. MORIN @ 2016-06-29 19:42 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>

Hash verified to be OK.

Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>

Regards,
Yann E. MORIN.

> ---
> Changes v4 -> v6:
>  - Patch series version bump.
> 
> Changes v3 -> v4:
>  - Updated to 2.6 instead of 2.5.2
> 
> Changes v2 -> v3:
>  - Split patch into two patches.  One for a version bump, the second for
>  the ability to build as a host package.
> 
> Changes v1 -> v2:
>  - Version bump and the ability to build as a host package as a
>    single patch.
> 
>  package/audit/audit.hash | 2 +-
>  package/audit/audit.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/package/audit/audit.hash b/package/audit/audit.hash
> index f234fdb..3712f43 100644
> --- a/package/audit/audit.hash
> +++ b/package/audit/audit.hash
> @@ -1,2 +1,2 @@
>  #Locally computed
> -sha256	25f57f465f3230d7b1166b615ffd6748818a3dc225d0e8b396c5b2e951674e23	audit-2.4.4.tar.gz
> +sha256	b04dbc16dd877c32c3a05a512ed825abfbd5fabd5d3ecca6b4fcbd6bbac5f94e	audit-2.6.tar.gz
> diff --git a/package/audit/audit.mk b/package/audit/audit.mk
> index 1fbc623..937244d 100644
> --- a/package/audit/audit.mk
> +++ b/package/audit/audit.mk
> @@ -4,7 +4,7 @@
>  #
>  ################################################################################
>  
> -AUDIT_VERSION = 2.4.4
> +AUDIT_VERSION = 2.6
>  AUDIT_SITE = http://people.redhat.com/sgrubb/audit
>  AUDIT_LICENSE = GPLv2
>  AUDIT_LICENSE_FILES = COPYING
> -- 
> 2.7.4
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5 Adam Duskett
@ 2016-06-29 20:32   ` Yann E. MORIN
  2016-07-01  9:08   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Yann E. MORIN @ 2016-06-29 20:32 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
> The 0001-execption-lib-path-fix.patch is also no longer needed, as the
> new version of libsemanage includes the fix provided by the patch.
> As such, the patch was removed, and 0002 was renamed to 0001.
> 
> Audit was added as a dependency as the new version of libsemanage
> will fail to compile searching for audit.h
> 
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
[--SNIP--]
> diff --git a/package/libsemanage/0001-workaround-blackfin-issue.patch b/package/libsemanage/0001-workaround-blackfin-issue.patch
> new file mode 100644
> index 0000000..7ce9606
> --- /dev/null
> +++ b/package/libsemanage/0001-workaround-blackfin-issue.patch
[--SNIP--]
> diff --git a/package/libsemanage/0002-workaround-blackfin-issue.patch b/package/libsemanage/0002-workaround-blackfin-issue.patch
> deleted file mode 100644
> index 5d00c69..0000000
> --- a/package/libsemanage/0002-workaround-blackfin-issue.patch
> +++ /dev/null
[--SNIP--]

So 0002 was renamed to 0001. Next time, please use the -M and -C options
so that git detects renames and copies. This makes it easier to review.

No need to resend just for that.

Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>

Regards,
Yann E. MORIN.

> diff --git a/package/libsemanage/libsemanage.hash b/package/libsemanage/libsemanage.hash
> index d4204d1..69f7c8d 100644
> --- a/package/libsemanage/libsemanage.hash
> +++ b/package/libsemanage/libsemanage.hash
> @@ -1,2 +1,2 @@
>  # Locally computed
> -sha256 de2e8077245581e94576276f54e80a53c23c28d6961d2dfbe2f004eaba452e91 libsemanage-2.1.10.tar.gz
> +sha256 46e2f36254369b6e91d1eea0460c262b139361b055a3a67d3ceea2d8ef72e006 libsemanage-2.5.tar.gz
> diff --git a/package/libsemanage/libsemanage.mk b/package/libsemanage/libsemanage.mk
> index 197c14e..a60d018 100644
> --- a/package/libsemanage/libsemanage.mk
> +++ b/package/libsemanage/libsemanage.mk
> @@ -4,11 +4,11 @@
>  #
>  ################################################################################
>  
> -LIBSEMANAGE_VERSION = 2.1.10
> -LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
> +LIBSEMANAGE_VERSION = 2.5
> +LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
>  LIBSEMANAGE_LICENSE = LGPLv2.1+
>  LIBSEMANAGE_LICENSE_FILES = COPYING
> -LIBSEMANAGE_DEPENDENCIES = host-bison host-flex libselinux ustr bzip2
> +LIBSEMANAGE_DEPENDENCIES = host-bison host-flex audit libselinux ustr bzip2
>  LIBSEMANAGE_INSTALL_STAGING = YES
>  
>  LIBSEMANAGE_MAKE_OPTS = $(TARGET_CONFIGURE_OPTS)
> -- 
> 2.7.4
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 3/6] checkpolicy: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 3/6] checkpolicy: " Adam Duskett
@ 2016-06-29 20:34   ` Yann E. MORIN
  2016-07-01  9:10   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Yann E. MORIN @ 2016-06-29 20:34 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>

Hash successfulyl checked OK here.

Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>

Regards,
Yann E. MORIN.

> ---
> Changes v1 - v6:
>  - Patch series version bump.
> 
>  package/checkpolicy/checkpolicy.hash | 2 +-
>  package/checkpolicy/checkpolicy.mk   | 4 ++--
>  2 files changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/package/checkpolicy/checkpolicy.hash b/package/checkpolicy/checkpolicy.hash
> index 32b5ff6..bc5199c 100644
> --- a/package/checkpolicy/checkpolicy.hash
> +++ b/package/checkpolicy/checkpolicy.hash
> @@ -1,2 +1,2 @@
>  # https://github.com/SELinuxProject/selinux/wiki/Releases
> -sha256 e6a0ac539b74859b4262b317eb90d9914deb15e7aa509659f47724d50fe2ecc6  checkpolicy-2.1.12.tar.gz
> +sha256 33af9f3eb19135a7e6536ecd3fbb9686323000016cd51eb88346346ed7546001  checkpolicy-2.5.tar.gz
> diff --git a/package/checkpolicy/checkpolicy.mk b/package/checkpolicy/checkpolicy.mk
> index 4b7b2f3..f1b76d0 100644
> --- a/package/checkpolicy/checkpolicy.mk
> +++ b/package/checkpolicy/checkpolicy.mk
> @@ -4,8 +4,8 @@
>  #
>  ################################################################################
>  
> -CHECKPOLICY_VERSION = 2.1.12
> -CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
> +CHECKPOLICY_VERSION = 2.5
> +CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
>  CHECKPOLICY_LICENSE = GPLv2
>  CHECKPOLICY_LICENSE_FILES = COPYING
>  
> -- 
> 2.7.4
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 4/6] libselinux: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 4/6] libselinux: " Adam Duskett
@ 2016-06-30 22:38   ` Yann E. MORIN
  2016-07-01  9:10   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Yann E. MORIN @ 2016-06-30 22:38 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
> In addition, if a user is using glibc 2.22, the default CFLAG
> D_FILE_OFFSET_BITS=64 will cause a compile error.  This flag is now
> removed from the CFLAGS in the make file to ensure that toolchains
> compiled against glibc 2.22 will build the new version of the package
> properly.
> 
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
[--SNIP--]
> diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk
> index d4b96c4..6f94173 100644
> --- a/package/libselinux/libselinux.mk
> +++ b/package/libselinux/libselinux.mk
> @@ -4,8 +4,8 @@
>  #
>  ################################################################################
>  
> -LIBSELINUX_VERSION = 2.1.13
> -LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
> +LIBSELINUX_VERSION = 2.5
> +LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
>  LIBSELINUX_LICENSE = Public Domain
>  LIBSELINUX_LICENSE_FILES = LICENSE
>  
> @@ -13,8 +13,10 @@ LIBSELINUX_DEPENDENCIES = libsepol pcre
>  
>  LIBSELINUX_INSTALL_STAGING = YES
>  
> +# Filter out D_FILE_OFFSET_BITS=64. This fixes errors caused by glibc 2.22.
>  LIBSELINUX_MAKE_OPTS = \
>  	$(TARGET_CONFIGURE_OPTS) \
> +	CFLAGS="$(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))" \

I was a bit unsure about that one. Discussing with Thomas just confirmed
what I was thinking: this means that this package will not be able to
use 64-bit offset, and thus won't be able to deal with files greater
than 2GiB in size.

On the other hand, this program can *not* handle such files anyway,
since fts in not 64-bit aware anyway.

And we are already using this kind of hack in other packages.

So:

Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>

Regards,
Yann E. MORIN.

>  	LDFLAGS="$(TARGET_LDFLAGS) -lpcre -lpthread" \
>  	ARCH=$(KERNEL_ARCH)
>  
> -- 
> 2.7.4
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
  2016-06-29 19:42   ` Yann E. MORIN
@ 2016-07-01  9:08   ` Thomas Petazzoni
  2016-07-05 17:16   ` Yann E. MORIN
  2 siblings, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:08 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:08 -0400, Adam Duskett wrote:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
> Changes v4 -> v6:
>  - Patch series version bump.

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5 Adam Duskett
  2016-06-29 20:32   ` Yann E. MORIN
@ 2016-07-01  9:08   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:08 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:09 -0400, Adam Duskett wrote:

> -LIBSEMANAGE_VERSION = 2.1.10
> -LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
> +LIBSEMANAGE_VERSION = 2.5
> +LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
>  LIBSEMANAGE_LICENSE = LGPLv2.1+
>  LIBSEMANAGE_LICENSE_FILES = COPYING
> -LIBSEMANAGE_DEPENDENCIES = host-bison host-flex libselinux ustr bzip2
> +LIBSEMANAGE_DEPENDENCIES = host-bison host-flex audit libselinux ustr bzip2

When you add a dependency to a .mk file, you must also take it into
account in the Config.in file by selecting the package. And when you do
this, you need to replicate the "depends on" of the selected package in
the current package.

I've fixed that up and applied. Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 4/6] libselinux: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 4/6] libselinux: " Adam Duskett
  2016-06-30 22:38   ` Yann E. MORIN
@ 2016-07-01  9:10   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:10 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:11 -0400, Adam Duskett wrote:
> In addition, if a user is using glibc 2.22, the default CFLAG
> D_FILE_OFFSET_BITS=64 will cause a compile error.  This flag is now
> removed from the CFLAGS in the make file to ensure that toolchains
> compiled against glibc 2.22 will build the new version of the package
> properly.
> 
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
> Changes v3 - v6:
>  - Patch series version bump.

fts() is only available in glibc:

 - It is not available at all in musl

 - It is only available optionally in uClibc, and our default uClibc
   configuration does not have it enabled.

Since it's anyway not available in musl, I've decided to add a
dependency of libselinux on glibc.

In addition, I've sent a mail to the SELinux guys to ask them to move
from the fts() interface to the POSIX-compliant nftw() interface. Of
course, if you are interested in submitting a patch that changes
libselinux to use nftw() instead of fts(), it would be more than
welcome.

Applied with the glibc dependency added (and propagated to all
libselinux reverse dependencies). Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 3/6] checkpolicy: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 3/6] checkpolicy: " Adam Duskett
  2016-06-29 20:34   ` Yann E. MORIN
@ 2016-07-01  9:10   ` Thomas Petazzoni
  1 sibling, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:10 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:10 -0400, Adam Duskett wrote:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
> Changes v1 - v6:
>  - Patch series version bump.

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 5/6] libsepol: bump to version 2.5
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 5/6] libsepol: " Adam Duskett
@ 2016-07-01  9:11   ` Thomas Petazzoni
  0 siblings, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:11 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:12 -0400, Adam Duskett wrote:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>

This new version didn't build with uClibc, due to a missing <stdarg.h>
include. I've added a patch fixing that and applied. In addition, I've
sent the patch to the SELinux developers.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries.
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries Adam Duskett
@ 2016-07-01  9:11   ` Thomas Petazzoni
  0 siblings, 0 replies; 22+ messages in thread
From: Thomas Petazzoni @ 2016-07-01  9:11 UTC (permalink / raw)
  To: buildroot

Hello,

On Sun, 26 Jun 2016 18:39:13 -0400, Adam Duskett wrote:
> Setools 3.3.8 won't cleanly compile against newer versions
> of the new selinux libraries. This patch fixes these errors.
> 
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
> Changes v5 - v6:
>  - Updated patch name to match the one found on git.
>  - Added the original commit message and SoB in the patch.

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
  2016-06-29 19:42   ` Yann E. MORIN
  2016-07-01  9:08   ` Thomas Petazzoni
@ 2016-07-05 17:16   ` Yann E. MORIN
  2016-07-06 13:47     ` Adam Duskett
  2 siblings, 1 reply; 22+ messages in thread
From: Yann E. MORIN @ 2016-07-05 17:16 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
[--SNIP--]
> diff --git a/package/audit/audit.mk b/package/audit/audit.mk
> index 1fbc623..937244d 100644
> --- a/package/audit/audit.mk
> +++ b/package/audit/audit.mk
> @@ -4,7 +4,7 @@
>  #
>  ################################################################################
>  
> -AUDIT_VERSION = 2.4.4
> +AUDIT_VERSION = 2.6

This is causing a bunch of autobuilder failures:
    http://autobuild.buildroot.org/?reason=audit-2.6.2

Care to have a look at it, please?

Regards,
Yann E. MORIN.

>  AUDIT_SITE = http://people.redhat.com/sgrubb/audit
>  AUDIT_LICENSE = GPLv2
>  AUDIT_LICENSE_FILES = COPYING
> -- 
> 2.7.4
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-07-05 17:16   ` Yann E. MORIN
@ 2016-07-06 13:47     ` Adam Duskett
  2016-07-06 14:42       ` Adam Duskett
  0 siblings, 1 reply; 22+ messages in thread
From: Adam Duskett @ 2016-07-06 13:47 UTC (permalink / raw)
  To: buildroot

Hey! Sorry about not getting back to you sooner; I will look into this
right away!

On Tue, Jul 5, 2016 at 1:16 PM, Yann E. MORIN <yann.morin.1998@free.fr> wrote:
> Adam, All,
>
> On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
>> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
>> ---
> [--SNIP--]
>> diff --git a/package/audit/audit.mk b/package/audit/audit.mk
>> index 1fbc623..937244d 100644
>> --- a/package/audit/audit.mk
>> +++ b/package/audit/audit.mk
>> @@ -4,7 +4,7 @@
>>  #
>>  ################################################################################
>>
>> -AUDIT_VERSION = 2.4.4
>> +AUDIT_VERSION = 2.6
>
> This is causing a bunch of autobuilder failures:
>     http://autobuild.buildroot.org/?reason=audit-2.6.2
>
> Care to have a look at it, please?
>
> Regards,
> Yann E. MORIN.
>
>>  AUDIT_SITE = http://people.redhat.com/sgrubb/audit
>>  AUDIT_LICENSE = GPLv2
>>  AUDIT_LICENSE_FILES = COPYING
>> --
>> 2.7.4
>>
>> _______________________________________________
>> buildroot mailing list
>> buildroot at busybox.net
>> http://lists.busybox.net/mailman/listinfo/buildroot
>
> --
> .-----------------.--------------------.------------------.--------------------.
> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
> | +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
> '------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-07-06 13:47     ` Adam Duskett
@ 2016-07-06 14:42       ` Adam Duskett
  2016-07-06 20:43         ` Yann E. MORIN
  0 siblings, 1 reply; 22+ messages in thread
From: Adam Duskett @ 2016-07-06 14:42 UTC (permalink / raw)
  To: buildroot

All;

I think this is a bug in Audit actually.

Audit 2.6.x checks for AUDIT_FEATURE_VERSION to be defined in
include/linux/audit.h (this define was introduced in kernel version
3.13) and then blindly assumes that struct audit_status has
feature_bitmap.
However this looks like a problem as feature_bitmap wasn't introduced
until kernel 3.19, even though the requirements for audit state >
2.6.30 (http://people.redhat.com/sgrubb/audit/)

This causes a compile error when attempting to compile audit 2.6.x
against kernel headers younger than 3.19.

For the mean time i could add a conditional to require header versions
> 3.19, although I am going to submit a bug report to the audit team
as well.

Thoughts?

Adam


On Wed, Jul 6, 2016 at 9:47 AM, Adam Duskett <aduskett@gmail.com> wrote:
> Hey! Sorry about not getting back to you sooner; I will look into this
> right away!
>
> On Tue, Jul 5, 2016 at 1:16 PM, Yann E. MORIN <yann.morin.1998@free.fr> wrote:
>> Adam, All,
>>
>> On 2016-06-26 18:39 -0400, Adam Duskett spake thusly:
>>> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
>>> ---
>> [--SNIP--]
>>> diff --git a/package/audit/audit.mk b/package/audit/audit.mk
>>> index 1fbc623..937244d 100644
>>> --- a/package/audit/audit.mk
>>> +++ b/package/audit/audit.mk
>>> @@ -4,7 +4,7 @@
>>>  #
>>>  ################################################################################
>>>
>>> -AUDIT_VERSION = 2.4.4
>>> +AUDIT_VERSION = 2.6
>>
>> This is causing a bunch of autobuilder failures:
>>     http://autobuild.buildroot.org/?reason=audit-2.6.2
>>
>> Care to have a look at it, please?
>>
>> Regards,
>> Yann E. MORIN.
>>
>>>  AUDIT_SITE = http://people.redhat.com/sgrubb/audit
>>>  AUDIT_LICENSE = GPLv2
>>>  AUDIT_LICENSE_FILES = COPYING
>>> --
>>> 2.7.4
>>>
>>> _______________________________________________
>>> buildroot mailing list
>>> buildroot at busybox.net
>>> http://lists.busybox.net/mailman/listinfo/buildroot
>>
>> --
>> .-----------------.--------------------.------------------.--------------------.
>> |  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
>> | +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
>> | +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
>> | http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
>> '------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6
  2016-07-06 14:42       ` Adam Duskett
@ 2016-07-06 20:43         ` Yann E. MORIN
  0 siblings, 0 replies; 22+ messages in thread
From: Yann E. MORIN @ 2016-07-06 20:43 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2016-07-06 10:42 -0400, Adam Duskett spake thusly:
> I think this is a bug in Audit actually.
> 
> Audit 2.6.x checks for AUDIT_FEATURE_VERSION to be defined in
> include/linux/audit.h (this define was introduced in kernel version
> 3.13) and then blindly assumes that struct audit_status has
> feature_bitmap.
> However this looks like a problem as feature_bitmap wasn't introduced
> until kernel 3.19, even though the requirements for audit state >
> 2.6.30 (http://people.redhat.com/sgrubb/audit/)
> 
> This causes a compile error when attempting to compile audit 2.6.x
> against kernel headers younger than 3.19.

Thanks for investigating and explaining! :-)

> For the mean time i could add a conditional to require header versions
> > 3.19, although I am going to submit a bug report to the audit team
> as well.

I was gonna reply with a "depend on linux >= 3.19" but Thomas already
sent a patch to fix it.

Regards,
Yann E. MORIN.

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 223 225 172 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 22+ messages in thread

* [Buildroot] [PATCH v6 4/6] libselinux: bump to version 2.5
  2016-06-26 22:26 [Buildroot] [PATCH 1/6] audit: bump to version 2.6 Adam Duskett
@ 2016-06-26 22:26 ` Adam Duskett
  0 siblings, 0 replies; 22+ messages in thread
From: Adam Duskett @ 2016-06-26 22:26 UTC (permalink / raw)
  To: buildroot

In addition, if a user is using glibc 2.22, the default CFLAG
D_FILE_OFFSET_BITS=64 will cause a compile error.  This flag is now
removed from the CFLAGS in the make file to ensure that toolchains
compiled against glibc 2.22 will build the new version of the package
properly.

Changes v3 - v6:
 - Patch series version bump.

Changes v2 -> v3:
 - Changed logic to use filter-out instead of specifying cflags manually.

Changes v1 -> v2:
 - Reverted depends on in the config file.
 - Added manual cflags.
---
 package/libselinux/libselinux.hash | 2 +-
 package/libselinux/libselinux.mk   | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/package/libselinux/libselinux.hash b/package/libselinux/libselinux.hash
index 861c327..a4c3440 100644
--- a/package/libselinux/libselinux.hash
+++ b/package/libselinux/libselinux.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 57aad47c06b7ec18a76e8d9870539277a84cb40109cfdcf70ed3260bdb04447a libselinux-2.1.13.tar.gz
+sha256 94c9e97706280bedcc288f784f67f2b9d3d6136c192b2c9f812115edba58514f libselinux-2.5.tar.gz
diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk
index d4b96c4..6f94173 100644
--- a/package/libselinux/libselinux.mk
+++ b/package/libselinux/libselinux.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSELINUX_VERSION = 2.1.13
-LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSELINUX_VERSION = 2.5
+LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSELINUX_LICENSE = Public Domain
 LIBSELINUX_LICENSE_FILES = LICENSE
 
@@ -13,8 +13,10 @@ LIBSELINUX_DEPENDENCIES = libsepol pcre
 
 LIBSELINUX_INSTALL_STAGING = YES
 
+# Filter out D_FILE_OFFSET_BITS=64. This fixes errors caused by glibc 2.22.
 LIBSELINUX_MAKE_OPTS = \
 	$(TARGET_CONFIGURE_OPTS) \
+	CFLAGS="$(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))" \
 	LDFLAGS="$(TARGET_LDFLAGS) -lpcre -lpthread" \
 	ARCH=$(KERNEL_ARCH)
 
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 22+ messages in thread

end of thread, other threads:[~2016-07-06 20:43 UTC | newest]

Thread overview: 22+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-06-26 22:39 [Buildroot] [PATCH v6 0/6] *** Update selinux libraries *** Adam Duskett
2016-06-26 22:39 ` [Buildroot] [PATCH v6 1/6] audit: bump to version 2.6 Adam Duskett
2016-06-29 19:42   ` Yann E. MORIN
2016-07-01  9:08   ` Thomas Petazzoni
2016-07-05 17:16   ` Yann E. MORIN
2016-07-06 13:47     ` Adam Duskett
2016-07-06 14:42       ` Adam Duskett
2016-07-06 20:43         ` Yann E. MORIN
2016-06-26 22:39 ` [Buildroot] [PATCH v6 2/6] libsemanage: bump to version 2.5 Adam Duskett
2016-06-29 20:32   ` Yann E. MORIN
2016-07-01  9:08   ` Thomas Petazzoni
2016-06-26 22:39 ` [Buildroot] [PATCH v6 3/6] checkpolicy: " Adam Duskett
2016-06-29 20:34   ` Yann E. MORIN
2016-07-01  9:10   ` Thomas Petazzoni
2016-06-26 22:39 ` [Buildroot] [PATCH v6 4/6] libselinux: " Adam Duskett
2016-06-30 22:38   ` Yann E. MORIN
2016-07-01  9:10   ` Thomas Petazzoni
2016-06-26 22:39 ` [Buildroot] [PATCH v6 5/6] libsepol: " Adam Duskett
2016-07-01  9:11   ` Thomas Petazzoni
2016-06-26 22:39 ` [Buildroot] [PATCH v6 6/6] setools: fix build with latest selinux libraries Adam Duskett
2016-07-01  9:11   ` Thomas Petazzoni
  -- strict thread matches above, loose matches on Subject: below --
2016-06-26 22:26 [Buildroot] [PATCH 1/6] audit: bump to version 2.6 Adam Duskett
2016-06-26 22:26 ` [Buildroot] [PATCH v6 4/6] libselinux: bump to version 2.5 Adam Duskett

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.