All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions
@ 2021-05-20 17:46 Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 Adam Duskett
                   ` (11 more replies)
  0 siblings, 12 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

The selinux project also now uses the respective package versions for the
release URL's, so we change that as well.

Adam Duskett (11):
  package/libsepol: bump to version 3.2
  package/libsepol/Config.in: Add policy version 33
  package/libsemanage: bump to version 3.2
  package/libselinux: bump to version 3.2
  package/policycoreutils: bump to version 3.2
  package/checkpolicy: bump to version 3.2
  package/restorecond: bump to version 3.2
  package/semodule-utils: bump to version 3.2
  package/selinux-python: bump to version 3.2
  package/setools: bump to version 4.4.0
  package/audit: bump to version 3.0.1

 ...0001-Fix-audispd-path-in-auditd.conf.patch |  32 -----
 ...tue-functions-for-strndupa-rawmemchr.patch | 133 ------------------
 ...ns-need-to-be-external-when-building.patch |  28 ----
 package/audit/audit.hash                      |   6 +-
 package/audit/audit.mk                        |   2 +-
 package/checkpolicy/checkpolicy.hash          |   2 +-
 package/checkpolicy/checkpolicy.mk            |   4 +-
 ...T-and-rely-on-the-installed-file-nam.patch |   2 +-
 ...d-to-something-which-never-conflicts.patch |  71 ----------
 package/libselinux/libselinux.hash            |   2 +-
 package/libselinux/libselinux.mk              |   4 +-
 package/libsemanage/libsemanage.hash          |   2 +-
 package/libsemanage/libsemanage.mk            |   4 +-
 package/libsepol/Config.in                    |   4 +-
 package/libsepol/libsepol.hash                |   4 +-
 package/libsepol/libsepol.mk                  |   4 +-
 ...-all-paths-that-use-an-absolute-path.patch |  11 +-
 .../0002-Add-PREFIX-to-host-paths.patch       |  36 +++--
 package/policycoreutils/policycoreutils.hash  |   2 +-
 package/policycoreutils/policycoreutils.mk    |   6 +-
 package/restorecond/restorecond.hash          |   2 +-
 package/restorecond/restorecond.mk            |   4 +-
 package/selinux-python/selinux-python.hash    |   2 +-
 package/selinux-python/selinux-python.mk      |   4 +-
 package/semodule-utils/semodule-utils.hash    |   2 +-
 package/semodule-utils/semodule-utils.mk      |   4 +-
 ...-setools.InfoFlowAnalysis-and-setoo.patch} |  19 +--
 .../0001-remove-werror-flag-from-setup.patch  |  31 ----
 package/setools/setools.hash                  |   2 +-
 package/setools/setools.mk                    |   2 +-
 30 files changed, 69 insertions(+), 362 deletions(-)
 delete mode 100644 package/audit/0001-Fix-audispd-path-in-auditd.conf.patch
 delete mode 100644 package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch
 delete mode 100644 package/audit/0003-Header-definitions-need-to-be-external-when-building.patch
 delete mode 100644 package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch
 rename package/setools/{0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch => 0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch} (88%)
 delete mode 100644 package/setools/0001-remove-werror-flag-from-setup.patch

-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 20:02   ` [Buildroot] [External] " Weber, Matthew L Collins
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 02/11] package/libsepol/Config.in: Add policy version 33 Adam Duskett
                   ` (10 subsequent siblings)
  11 siblings, 1 reply; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/libsepol/libsepol.hash | 4 ++--
 package/libsepol/libsepol.mk   | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/package/libsepol/libsepol.hash b/package/libsepol/libsepol.hash
index 1759d3ba04..b273f982b6 100644
--- a/package/libsepol/libsepol.hash
+++ b/package/libsepol/libsepol.hash
@@ -1,5 +1,5 @@
 # From: https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc  libsepol-3.1.tar.gz
+sha256  dfc7f662af8000116e56a01de6a0394ed79be1b34b999e551346233c5dd19508  libsepol-3.2.tar.gz
 
 # Hash for license file
-sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  COPYING
+sha256  6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  COPYING
diff --git a/package/libsepol/libsepol.mk b/package/libsepol/libsepol.mk
index a4398bdc42..55125f2203 100644
--- a/package/libsepol/libsepol.mk
+++ b/package/libsepol/libsepol.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSEPOL_VERSION = 3.1
-LIBSEPOL_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+LIBSEPOL_VERSION = 3.2
+LIBSEPOL_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(LIBSEPOL_VERSION)
 LIBSEPOL_LICENSE = LGPL-2.1+
 LIBSEPOL_LICENSE_FILES = COPYING
 LIBSEPOL_CPE_ID_VENDOR = selinuxproject
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 02/11] package/libsepol/Config.in: Add policy version 33
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 03/11] package/libsemanage: bump to version 3.2 Adam Duskett
                   ` (9 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Policy version 33 was added starting with kernel 5.8.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/libsepol/Config.in | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/package/libsepol/Config.in b/package/libsepol/Config.in
index 6c66809c9e..04af880e67 100644
--- a/package/libsepol/Config.in
+++ b/package/libsepol/Config.in
@@ -11,6 +11,7 @@ if BR2_PACKAGE_LIBSEPOL
 
 config BR2_PACKAGE_LIBSEPOL_POLICY_VERSION
 	int "Policy version"
+	default 33 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_8
 	default 32 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_5_5
 	default 31 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_13
 	default 30 if BR2_TOOLCHAIN_HEADERS_AT_LEAST_4_3
@@ -29,7 +30,8 @@ config BR2_PACKAGE_LIBSEPOL_POLICY_VERSION
 	  >= 3.14 < 4.3    29
 	  >= 4.3 < 4.13    30
 	  >= 4.13 < 5.5    31
-	  >= 5.5           32
+	  >= 5.5 < 5.8     32
+	  >= 5.8           33
 
 endif
 
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 03/11] package/libsemanage: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 02/11] package/libsepol/Config.in: Add policy version 33 Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 04/11] package/libselinux: " Adam Duskett
                   ` (8 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/libsemanage/libsemanage.hash | 2 +-
 package/libsemanage/libsemanage.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/libsemanage/libsemanage.hash b/package/libsemanage/libsemanage.hash
index a977ddabc6..117fd40d6a 100644
--- a/package/libsemanage/libsemanage.hash
+++ b/package/libsemanage/libsemanage.hash
@@ -1,5 +1,5 @@
 # From: https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8 libsemanage-3.1.tar.gz
+sha256 d722a55ca4fe2d4e2b30527720db657e6238b28079e69e2e4affeb8e733ee511 libsemanage-3.2.tar.gz
 
 # Hash for license file
 sha256 6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3 COPYING
diff --git a/package/libsemanage/libsemanage.mk b/package/libsemanage/libsemanage.mk
index 48e2bbbc8b..bbe976a2c9 100644
--- a/package/libsemanage/libsemanage.mk
+++ b/package/libsemanage/libsemanage.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSEMANAGE_VERSION = 3.1
-LIBSEMANAGE_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+LIBSEMANAGE_VERSION = 3.2
+LIBSEMANAGE_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(LIBSEMANAGE_VERSION)
 LIBSEMANAGE_LICENSE = LGPL-2.1+
 LIBSEMANAGE_LICENSE_FILES = COPYING
 LIBSEMANAGE_DEPENDENCIES = host-bison host-flex audit libselinux bzip2
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 04/11] package/libselinux: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (2 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 03/11] package/libsemanage: bump to version 3.2 Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 05/11] package/policycoreutils: " Adam Duskett
                   ` (7 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Also drop upstream patch
0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 ...T-and-rely-on-the-installed-file-nam.patch |  2 +-
 ...d-to-something-which-never-conflicts.patch | 71 -------------------
 package/libselinux/libselinux.hash            |  2 +-
 package/libselinux/libselinux.mk              |  4 +-
 4 files changed, 4 insertions(+), 75 deletions(-)
 delete mode 100644 package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch

diff --git a/package/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch b/package/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
index cbd98a61ad..18c79b3b4d 100644
--- a/package/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
+++ b/package/libselinux/0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
@@ -36,7 +36,7 @@ index 190016e2af34..7ee22fd35da3 100644
  RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
  RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" + RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
  RUBYINSTALL ?= $(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]')
-@@ -176,7 +175,7 @@ install: all
+@@ -184,7 +183,7 @@ install: all
  install-pywrap: pywrap
  	$(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)` $(PYTHON_SETUP_ARGS)
  	install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
diff --git a/package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch b/package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch
deleted file mode 100644
index 2a23e98f9b..0000000000
--- a/package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch
+++ /dev/null
@@ -1,71 +0,0 @@
-From 398d2ceef92cb1baac18e6b34a1a8e1bf41296cd Mon Sep 17 00:00:00 2001
-From: Nicolas Iooss <nicolas.iooss@m4x.org>
-Date: Tue, 16 Feb 2021 22:13:28 +0100
-Subject: [PATCH] libselinux: rename gettid() to something which never
- conflicts with the libc
-
-Musl recently added a wrapper for gettid() syscall. There is no way to
-detect this new version in a reliable way, so rename our gettid()
-wrapper to a non-conflicting name.
-
-Introduce a new function which, when using a libc known to provide a
-wrapper for gettid(), calls it, and which, otherwise, performs the
-syscall directly.
-
-Anyway this function is only used on systems where /proc/thread-self
-does not exist, which are therefore running Linux<3.17.
-
-Fixes: https://github.com/SELinuxProject/selinux/issues/282
-Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
-Acked-by: Petr Lautrbach <plautrba@redhat.com>
-[Retrieved from:
-https://github.com/SELinuxProject/selinux/commit/398d2ceef92cb1baac18e6b34a1a8e1bf41296cd]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- src/procattr.c | 18 ++++++++++--------
- 1 file changed, 10 insertions(+), 8 deletions(-)
-
-diff --git a/src/procattr.c b/src/procattr.c
-index 1aa67ac53..840570525 100644
---- a/src/procattr.c
-+++ b/src/procattr.c
-@@ -25,21 +25,23 @@ static __thread char destructor_initialized;
- /* Bionic and glibc >= 2.30 declare gettid() system call wrapper in unistd.h and
-  * has a definition for it */
- #ifdef __BIONIC__
--  #define OVERRIDE_GETTID 0
-+  #define HAVE_GETTID 1
- #elif !defined(__GLIBC_PREREQ)
--  #define OVERRIDE_GETTID 1
-+  #define HAVE_GETTID 0
- #elif !__GLIBC_PREREQ(2,30)
--  #define OVERRIDE_GETTID 1
-+  #define HAVE_GETTID 0
- #else
--  #define OVERRIDE_GETTID 0
-+  #define HAVE_GETTID 1
- #endif
- 
--#if OVERRIDE_GETTID
--static pid_t gettid(void)
-+static pid_t selinux_gettid(void)
- {
-+#if HAVE_GETTID
-+	return gettid();
-+#else
- 	return syscall(__NR_gettid);
--}
- #endif
-+}
- 
- static void procattr_thread_destructor(void __attribute__((unused)) *unused)
- {
-@@ -94,7 +96,7 @@ static int openattr(pid_t pid, const char *attr, int flags)
- 		if (fd >= 0 || errno != ENOENT)
- 			goto out;
- 		free(path);
--		tid = gettid();
-+		tid = selinux_gettid();
- 		rc = asprintf(&path, "/proc/self/task/%d/attr/%s", tid, attr);
- 	} else {
- 		errno = EINVAL;
diff --git a/package/libselinux/libselinux.hash b/package/libselinux/libselinux.hash
index 1101b40501..797b978ee1 100644
--- a/package/libselinux/libselinux.hash
+++ b/package/libselinux/libselinux.hash
@@ -1,5 +1,5 @@
 # From: https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7 libselinux-3.1.tar.gz
+sha256 df758ef1d9d4811051dd901ea6b029ae334ffd7c671c128beb16bce1e25ac161 libselinux-3.2.tar.gz
 
 # Hash for license file
 sha256 86657b4c0fe868d7cbd977cb04c63b6c667e08fa51595a7bc846ad4bed8fc364 LICENSE
diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk
index fdd13aa942..0f36db1cfd 100644
--- a/package/libselinux/libselinux.mk
+++ b/package/libselinux/libselinux.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSELINUX_VERSION = 3.1
-LIBSELINUX_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+LIBSELINUX_VERSION = 3.2
+LIBSELINUX_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(LIBSELINUX_VERSION)
 LIBSELINUX_LICENSE = Public Domain
 LIBSELINUX_LICENSE_FILES = LICENSE
 LIBSELINUX_CPE_ID_VENDOR = selinuxproject
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 05/11] package/policycoreutils: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (3 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 04/11] package/libselinux: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 06/11] package/checkpolicy: " Adam Duskett
                   ` (6 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Also refactor patches to apply cleanly.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 ...-all-paths-that-use-an-absolute-path.patch | 11 +++---
 .../0002-Add-PREFIX-to-host-paths.patch       | 36 +++++++++----------
 package/policycoreutils/policycoreutils.hash  |  2 +-
 package/policycoreutils/policycoreutils.mk    |  6 ++--
 4 files changed, 27 insertions(+), 28 deletions(-)

diff --git a/package/policycoreutils/0001-Add-DESTDIR-to-all-paths-that-use-an-absolute-path.patch b/package/policycoreutils/0001-Add-DESTDIR-to-all-paths-that-use-an-absolute-path.patch
index 57833d8176..aa75ca63c0 100644
--- a/package/policycoreutils/0001-Add-DESTDIR-to-all-paths-that-use-an-absolute-path.patch
+++ b/package/policycoreutils/0001-Add-DESTDIR-to-all-paths-that-use-an-absolute-path.patch
@@ -12,26 +12,27 @@ accomodate version 2.5
 
 Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
 Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
-Signed-off-by: Adam Duskett <aduskett@gmail.com>
 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 [Update for 2.8]
+Signed-off-by: Adam Duskett <aduskett@gmail.com>
+[Update for 3.2]
 ---
  setfiles/Makefile | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)
 
 diff --git a/setfiles/Makefile b/setfiles/Makefile
-index c08e2dd..36c0638 100644
+index a3bbbe1..df675cf 100644
 --- a/setfiles/Makefile
 +++ b/setfiles/Makefile
-@@ -3,7 +3,7 @@ PREFIX ?= $(DESTDIR)/usr
+@@ -3,7 +3,7 @@ LINGUAS ?= ru
  PREFIX ?= /usr
  SBINDIR ?= /sbin
  MANDIR = $(PREFIX)/share/man
 -AUDITH ?= $(shell test -f /usr/include/libaudit.h && echo y)
 +AUDITH ?= $(shell test -f $(DESTDIR)$(PREFIX)/include/libaudit.h && echo y)
  
- ABORT_ON_ERRORS=$(shell grep "^\#define ABORT_ON_ERRORS" setfiles.c | awk -S '{ print $$3 }')
- 
+ CFLAGS ?= -g -Werror -Wall -W
+ override LDLIBS += -lselinux -lsepol
 -- 
 2.13.6
 
diff --git a/package/policycoreutils/0002-Add-PREFIX-to-host-paths.patch b/package/policycoreutils/0002-Add-PREFIX-to-host-paths.patch
index ffe5fcbd44..2daed57c97 100644
--- a/package/policycoreutils/0002-Add-PREFIX-to-host-paths.patch
+++ b/package/policycoreutils/0002-Add-PREFIX-to-host-paths.patch
@@ -6,41 +6,39 @@ Subject: [PATCH] Add PREFIX to host paths
 Updates the remaining hardcoded host paths used in the build to be
 prefixed with a PREFIX path to allow cross compilation.
 
-Updated to work with version 2.5
+Updated to work with version 3.2
 
 Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
 Signed-off-by: Niranjan Reddy <niranjan.reddy@rockwellcollins.com>
-Signed-off-by: Adam Duskett <aduskett@gmail.com>
 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 [Update for 2.8]
+Signed-off-by: Adam Duskett <aduskett@gmail.com>
+[Update for 3.2]
 ---
- load_policy/Makefile | 2 +-
- newrole/Makefile     | 6 +++---
- run_init/Makefile    | 6 +++---
- 3 files changed, 7 insertions(+), 7 deletions(-)
+ newrole/Makefile  | 4 ++--
+ run_init/Makefile | 4 ++--
+ 2 files changed, 4 insertions(+), 4 deletions(-)
 
 diff --git a/newrole/Makefile b/newrole/Makefile
-index 196af92..896708f 100644
+index 0e7ebce..3188cec 100644
 --- a/newrole/Makefile
 +++ b/newrole/Makefile
-@@ -3,9 +3,9 @@ PREFIX ?= $(DESTDIR)/usr
+@@ -4,8 +4,8 @@ PREFIX ?= /usr
  BINDIR ?= $(PREFIX)/bin
  MANDIR ?= $(PREFIX)/share/man
  ETCDIR ?= /etc
- LOCALEDIR = $(DESTDIR)$(PREFIX)/share/locale
--PAMH ?= $(shell test -f /usr/include/security/pam_appl.h && echo y)
--AUDITH ?= $(shell test -f /usr/include/libaudit.h && echo y)
-+PAMH ?= $(shell test -f $(DESTDIR)$(PREFIX)/include/security/pam_appl.h && echo y)
-+AUDITH ?= $(shell test -f $(DESTDIR)$(PREFIX)/include/libaudit.h && echo y)
+-LOCALEDIR = $(DESTDIR)$(PREFIX)/share/locale
+-INCLUDEDIR ?= $(PREFIX)/include
++LOCALEDIR = $(DESTDIR)$(PREFIX)
++INCLUDEDIR ?= $(LOCALEDIR)/include
+ PAMH ?= $(shell test -f $(INCLUDEDIR)/security/pam_appl.h && echo y)
+ AUDITH ?= $(shell test -f $(INCLUDEDIR)/libaudit.h && echo y)
  # Enable capabilities to permit newrole to generate audit records.
- # This will make newrole a setuid root program.
- # The capabilities used are: CAP_AUDIT_WRITE.
 diff --git a/run_init/Makefile b/run_init/Makefile
-index 921f0b0..e1566fc 100644
+index e86364a..20a64d4 100644
 --- a/run_init/Makefile
 +++ b/run_init/Makefile
-@@ -4,9 +4,9 @@ PREFIX ?= $(DESTDIR)/usr
- SBINDIR ?= $(PREFIX)/sbin
+@@ -6,8 +6,8 @@ SBINDIR ?= $(PREFIX)/sbin
  MANDIR ?= $(PREFIX)/share/man
  ETCDIR ?= /etc
  LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
@@ -52,5 +50,5 @@ index 921f0b0..e1566fc 100644
  CFLAGS ?= -Werror -Wall -W
  override CFLAGS += -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" -DPACKAGE="\"policycoreutils\""
 -- 
-2.13.6
+2.31.1
 
diff --git a/package/policycoreutils/policycoreutils.hash b/package/policycoreutils/policycoreutils.hash
index 5dae18f17d..7d08636370 100644
--- a/package/policycoreutils/policycoreutils.hash
+++ b/package/policycoreutils/policycoreutils.hash
@@ -1,3 +1,3 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 c889f62ee80f8b6a369469a9b8af51f5b797975aeaa291f5c5960cc12eed1934 policycoreutils-3.1.tar.gz
+sha256 d1331c6fa766c547b071c491de90b9f343c8dbffdb119be8a5a7e491199b93a9 policycoreutils-3.2.tar.gz
 sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING
diff --git a/package/policycoreutils/policycoreutils.mk b/package/policycoreutils/policycoreutils.mk
index 0dfdc7af03..a486f8ddc3 100644
--- a/package/policycoreutils/policycoreutils.mk
+++ b/package/policycoreutils/policycoreutils.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-POLICYCOREUTILS_VERSION = 3.1
-POLICYCOREUTILS_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+POLICYCOREUTILS_VERSION = 3.2
+POLICYCOREUTILS_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(POLICYCOREUTILS_VERSION)
 POLICYCOREUTILS_LICENSE = GPL-2.0
 POLICYCOREUTILS_LICENSE_FILES = COPYING
 POLICYCOREUTILS_CPE_ID_VENDOR = selinuxproject
@@ -24,7 +24,7 @@ endif
 
 ifeq ($(BR2_PACKAGE_AUDIT),y)
 POLICYCOREUTILS_DEPENDENCIES += audit
-POLICYCOREUTILS_MAKE_OPTS += AUDIT_LOG_PRIV=y
+POLICYCOREUTILS_MAKE_OPTS += AUDIT_LOG_PRIV=y USE_AUDIT=y
 endif
 
 # Enable LSPP_PRIV if both audit and linux pam are enabled
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 06/11] package/checkpolicy: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (4 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 05/11] package/policycoreutils: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 07/11] package/restorecond: " Adam Duskett
                   ` (5 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/checkpolicy/checkpolicy.hash | 2 +-
 package/checkpolicy/checkpolicy.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/checkpolicy/checkpolicy.hash b/package/checkpolicy/checkpolicy.hash
index 55f4f09f76..c237913eaf 100644
--- a/package/checkpolicy/checkpolicy.hash
+++ b/package/checkpolicy/checkpolicy.hash
@@ -1,5 +1,5 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 dfc7707070520c93b14fbbdfdbe081364d806bf28e3e79e10318c2594c77bbb2  checkpolicy-3.1.tar.gz
+sha256 9b1c81fa86fe3867842164448d90c8e7ea94b2987497809c65d4caa87a5c5bc8  checkpolicy-3.2.tar.gz
 
 # Hash for license file
 sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994  COPYING
diff --git a/package/checkpolicy/checkpolicy.mk b/package/checkpolicy/checkpolicy.mk
index 86eaffccb1..f8ce48c175 100644
--- a/package/checkpolicy/checkpolicy.mk
+++ b/package/checkpolicy/checkpolicy.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-CHECKPOLICY_VERSION = 3.1
-CHECKPOLICY_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+CHECKPOLICY_VERSION = 3.2
+CHECKPOLICY_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(CHECKPOLICY_VERSION)
 CHECKPOLICY_LICENSE = GPL-2.0
 CHECKPOLICY_LICENSE_FILES = COPYING
 
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 07/11] package/restorecond: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (5 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 06/11] package/checkpolicy: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 08/11] package/semodule-utils: " Adam Duskett
                   ` (4 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/restorecond/restorecond.hash | 2 +-
 package/restorecond/restorecond.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/restorecond/restorecond.hash b/package/restorecond/restorecond.hash
index e30e62a812..1869100188 100644
--- a/package/restorecond/restorecond.hash
+++ b/package/restorecond/restorecond.hash
@@ -1,5 +1,5 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 82ca45099685a45d718f11f8859963c1ba83d98e510312cbf0b7dc5664c60ad0 restorecond-3.1.tar.gz
+sha256 471c17e64aa6d7226e861d4d0125d15fdf9b38892c542be32bd83d999e5e75f5 restorecond-3.2.tar.gz
 
 # Hash for license file
 sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING
diff --git a/package/restorecond/restorecond.mk b/package/restorecond/restorecond.mk
index 7ab7e978dd..d08e0a722e 100644
--- a/package/restorecond/restorecond.mk
+++ b/package/restorecond/restorecond.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-RESTORECOND_VERSION = 3.1
-RESTORECOND_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+RESTORECOND_VERSION = 3.2
+RESTORECOND_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(RESTORECOND_VERSION)
 RESTORECOND_LICENSE = GPL-2.0
 RESTORECOND_LICENSE_FILES = COPYING
 
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 08/11] package/semodule-utils: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (6 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 07/11] package/restorecond: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 09/11] package/selinux-python: " Adam Duskett
                   ` (3 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/semodule-utils/semodule-utils.hash | 2 +-
 package/semodule-utils/semodule-utils.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/semodule-utils/semodule-utils.hash b/package/semodule-utils/semodule-utils.hash
index d015205d53..595183924d 100644
--- a/package/semodule-utils/semodule-utils.hash
+++ b/package/semodule-utils/semodule-utils.hash
@@ -1,5 +1,5 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 0cc37f9cec751d9c2abb5f2b228b060567e973cb47c19b53b8a4a7378baaa853 semodule-utils-3.1.tar.gz
+sha256 be155654883c8dc4d05493e04a3eb9e56d28803009f1fdd721d42c68b878f757 semodule-utils-3.2.tar.gz
 
 # Hash for license file
 sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING
diff --git a/package/semodule-utils/semodule-utils.mk b/package/semodule-utils/semodule-utils.mk
index c89f28d60e..426dbdb7b6 100644
--- a/package/semodule-utils/semodule-utils.mk
+++ b/package/semodule-utils/semodule-utils.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-SEMODULE_UTILS_VERSION = 3.1
-SEMODULE_UTILS_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+SEMODULE_UTILS_VERSION = 3.2
+SEMODULE_UTILS_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(SEMODULE_UTILS_VERSION)
 SEMODULE_UTILS_LICENSE = GPL-2.0
 SEMODULE_UTILS_LICENSE_FILES = COPYING
 SEMODULE_UTILS_DEPENDENCIES = libsepol
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 09/11] package/selinux-python: bump to version 3.2
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (7 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 08/11] package/semodule-utils: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 10/11] package/setools: bump to version 4.4.0 Adam Duskett
                   ` (2 subsequent siblings)
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 package/selinux-python/selinux-python.hash | 2 +-
 package/selinux-python/selinux-python.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/selinux-python/selinux-python.hash b/package/selinux-python/selinux-python.hash
index f896168f7a..00c28b722c 100644
--- a/package/selinux-python/selinux-python.hash
+++ b/package/selinux-python/selinux-python.hash
@@ -1,5 +1,5 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 f4d0a1a030bc291a6af498b26e0676b745075dd289a8ba16cdec86c3ea8f2f02 selinux-python-3.1.tar.gz
+sha256 770855ea8120ef23007fdb9db94b1ed6e8cd77917b584ed8877bbee9c16e74fb selinux-python-3.2.tar.gz
 
 # Hash for license file
 sha256 204d8eff92f95aac4df6c8122bc1505f468f3a901e5a4cc08940e0ede1938994 COPYING
diff --git a/package/selinux-python/selinux-python.mk b/package/selinux-python/selinux-python.mk
index 3b1e15bdf8..61ec7eb595 100644
--- a/package/selinux-python/selinux-python.mk
+++ b/package/selinux-python/selinux-python.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-SELINUX_PYTHON_VERSION = 3.1
-SELINUX_PYTHON_SITE = https://github.com/SELinuxProject/selinux/releases/download/20200710
+SELINUX_PYTHON_VERSION = 3.2
+SELINUX_PYTHON_SITE = https://github.com/SELinuxProject/selinux/releases/download/$(SELINUX_PYTHON_VERSION)
 SELINUX_PYTHON_LICENSE = GPL-2.0
 SELINUX_PYTHON_LICENSE_FILES = COPYING
 SELINUX_PYTHON_DEPENDENCIES = python3
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 10/11] package/setools: bump to version 4.4.0
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (8 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 09/11] package/selinux-python: " Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1 Adam Duskett
  2021-05-21 10:06 ` [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Yann E. MORIN
  11 siblings, 0 replies; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

- Remove upstream patch 0001-remove-werror-flag-from-setup.patch
- Refactor Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch to apply
  to 4.4.0

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 ...-setools.InfoFlowAnalysis-and-setoo.patch} | 19 ++++++------
 .../0001-remove-werror-flag-from-setup.patch  | 31 -------------------
 package/setools/setools.hash                  |  2 +-
 package/setools/setools.mk                    |  2 +-
 4 files changed, 12 insertions(+), 42 deletions(-)
 rename package/setools/{0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch => 0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch} (88%)
 delete mode 100644 package/setools/0001-remove-werror-flag-from-setup.patch

diff --git a/package/setools/0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch b/package/setools/0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
similarity index 88%
rename from package/setools/0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
rename to package/setools/0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
index f9519a0790..3c3ae97dff 100644
--- a/package/setools/0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
+++ b/package/setools/0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch
@@ -15,6 +15,7 @@ sedta and seinfoflow to require python3-networkx
 Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
 [Refreshed for 4.3.0]
 Signed-off-by: Adam Duskett <aduskett@gmail.com>
+[Refreshed for 4.4.0]
 ---
  sedta                       | 3 ++-
  seinfoflow                  | 5 +++--
@@ -36,7 +37,7 @@ index 60861ca630a5..0056172a55e5 100755
 +import setools.dta
  
  
- def print_transition(trans):
+ def print_transition(trans: setools.DomainTransition) -> None:
 @@ -114,7 +115,7 @@ else:
  
  try:
@@ -58,7 +59,7 @@ index f10c39de4d8e..fe733bbd0787 100755
  import argparse
  import sys
  import logging
-@@ -101,8 +102,8 @@ elif args.booleans is not None:
+@@ -102,8 +103,8 @@ elif args.booleans is not None:
  try:
      p = setools.SELinuxPolicy(args.policy)
      m = setools.PermissionMap(args.map)
@@ -70,20 +71,20 @@ index f10c39de4d8e..fe733bbd0787 100755
      if args.shortest_path or args.all_paths:
          if args.shortest_path:
 diff --git a/setools/__init__.py b/setools/__init__.py
-index 26fa5aa34a19..9e9058a6bf90 100644
+index d72d343..4d5aaaa 100644
 --- a/setools/__init__.py
 +++ b/setools/__init__.py
-@@ -75,11 +75,11 @@ from .pcideviceconquery import PcideviceconQuery
+@@ -91,11 +91,11 @@ from .pcideviceconquery import PcideviceconQuery
  from .devicetreeconquery import DevicetreeconQuery
  
  # Information Flow Analysis
 -from .infoflow import InfoFlowAnalysis
 +# from .infoflow import InfoFlowAnalysis
- from .permmap import PermissionMap
+ from .permmap import PermissionMap, RuleWeight, Mapping
  
  # Domain Transition Analysis
--from .dta import DomainTransitionAnalysis
-+# from .dta import DomainTransitionAnalysis
+-from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
++# from .dta import DomainTransitionAnalysis, DomainEntrypoint, DomainTransition
  
  # Policy difference
  from .diff import PolicyDifference
@@ -91,7 +92,7 @@ diff --git a/setoolsgui/apol/dta.py b/setoolsgui/apol/dta.py
 index 4608b9dbf34e..2cde44c142e9 100644
 --- a/setoolsgui/apol/dta.py
 +++ b/setoolsgui/apol/dta.py
-@@ -23,7 +23,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
+@@ -24,7 +24,7 @@ from PyQt5.QtCore import pyqtSignal, Qt, QStringListModel, QThread
  from PyQt5.QtGui import QPalette, QTextCursor
  from PyQt5.QtWidgets import QCompleter, QHeaderView, QMessageBox, QProgressDialog, \
      QTreeWidgetItem
@@ -99,7 +100,7 @@ index 4608b9dbf34e..2cde44c142e9 100644
 +from setools.dta import DomainTransitionAnalysis
  
  from ..logtosignal import LogHandlerToSignal
- from .analysistab import AnalysisTab
+ from .analysistab import AnalysisSection, AnalysisTab
 diff --git a/setoolsgui/apol/infoflow.py b/setoolsgui/apol/infoflow.py
 index 7bca299d23fc..7fee2778f35f 100644
 --- a/setoolsgui/apol/infoflow.py
diff --git a/package/setools/0001-remove-werror-flag-from-setup.patch b/package/setools/0001-remove-werror-flag-from-setup.patch
deleted file mode 100644
index 0ab4006661..0000000000
--- a/package/setools/0001-remove-werror-flag-from-setup.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 8ab5a49247d870d92a8287db6134877ebf7a4379 Mon Sep 17 00:00:00 2001
-From: Adam Duskett <aduskett@gmail.com>
-Date: Thu, 12 Oct 2017 22:04:58 -0400
-Subject: [PATCH] remove werror flag from setup
-
-Compilers older than gcc6 will generate uninitialized variable warnings which
-will cause compiling to fail.
-
-Signed-off-by: Antoine Tenart <antoine.tenart@bootlin.com>
-[Refreshed for 4.3.0]
-Signed-off-by: Adam Duskett <aduskett@gmail.com>
----
- setup.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/setup.py b/setup.py
-index 457c83049ca5..4dcb30196abf 100644
---- a/setup.py
-+++ b/setup.py
-@@ -106,7 +106,7 @@ ext_py_mods = [Extension('setools.policyrep', ['setools/policyrep.pyx'],
-                          libraries=['selinux', 'sepol'],
-                          library_dirs=lib_dirs,
-                          define_macros=macros,
--                         extra_compile_args=['-Werror', '-Wextra',
-+                         extra_compile_args=['-Wextra',
-                                              '-Waggregate-return',
-                                              '-Wfloat-equal',
-                                              '-Wformat', '-Wformat=2',
--- 
-2.26.2
-
diff --git a/package/setools/setools.hash b/package/setools/setools.hash
index 689b20a357..74428a177c 100644
--- a/package/setools/setools.hash
+++ b/package/setools/setools.hash
@@ -1,5 +1,5 @@
 # Locally computed
-sha256	da2c1d23edd24c4aa17d01d78e86c9e5fb5bf3aa38c71d5d63f41c750f6ef26c setools-4.3.0.tar.gz
+sha256	202eac5f857475937bee8136cff278aa2b4a4b94a0dec63fbbbe18c9eb644a4e setools-4.4.0.tar.gz
 sha256  2f7547e10f76a382c24c053595f38a5cc6dda9347f508f254ca490e0046a9624 COPYING
 sha256  8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING.GPL
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
diff --git a/package/setools/setools.mk b/package/setools/setools.mk
index a07b1367a2..8e1c0d2cc6 100644
--- a/package/setools/setools.mk
+++ b/package/setools/setools.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-SETOOLS_VERSION = 4.3.0
+SETOOLS_VERSION = 4.4.0
 SETOOLS_SITE = $(call github,SELinuxProject,setools,$(SETOOLS_VERSION))
 SETOOLS_DEPENDENCIES = libselinux libsepol python-setuptools host-bison host-flex host-python-cython host-swig
 SETOOLS_INSTALL_STAGING = YES
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (9 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 10/11] package/setools: bump to version 4.4.0 Adam Duskett
@ 2021-05-20 17:46 ` Adam Duskett
  2021-05-23  3:30   ` Baruch Siach
  2021-05-21 10:06 ` [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Yann E. MORIN
  11 siblings, 1 reply; 17+ messages in thread
From: Adam Duskett @ 2021-05-20 17:46 UTC (permalink / raw)
  To: buildroot

Drop all upstream patches as they no longer are applicable.

Signed-off-by: Adam Duskett <aduskett@gmail.com>
---
 ...0001-Fix-audispd-path-in-auditd.conf.patch |  32 -----
 ...tue-functions-for-strndupa-rawmemchr.patch | 133 ------------------
 ...ns-need-to-be-external-when-building.patch |  28 ----
 package/audit/audit.hash                      |   6 +-
 package/audit/audit.mk                        |   2 +-
 5 files changed, 4 insertions(+), 197 deletions(-)
 delete mode 100644 package/audit/0001-Fix-audispd-path-in-auditd.conf.patch
 delete mode 100644 package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch
 delete mode 100644 package/audit/0003-Header-definitions-need-to-be-external-when-building.patch

diff --git a/package/audit/0001-Fix-audispd-path-in-auditd.conf.patch b/package/audit/0001-Fix-audispd-path-in-auditd.conf.patch
deleted file mode 100644
index ccf45db911..0000000000
--- a/package/audit/0001-Fix-audispd-path-in-auditd.conf.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From 6e1fd09f7bc131c8f16d9cc43e2455ba4650c651 Mon Sep 17 00:00:00 2001
-From: Carlos Santos <casantos@datacom.com.br>
-Date: Sat, 3 Nov 2018 08:25:58 -0300
-Subject: [PATCH] Fix audispd path in auditd.conf
-
-audispd is installed at /usr/sbin but the configuration file pointed
-to /sbin, causing auditd to fail on startup.
-
-This patch cannot be sent upstream because audispd does not exist
-anymore on the master branch (it was merged to auditd).
-
-Signed-off-by: Carlos Santos <casantos@datacom.com.br>
----
- init.d/auditd.conf | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/init.d/auditd.conf b/init.d/auditd.conf
-index 4dcda83..998904f 100644
---- a/init.d/auditd.conf
-+++ b/init.d/auditd.conf
-@@ -13,7 +13,7 @@ max_log_file = 8
- num_logs = 5
- priority_boost = 4
- disp_qos = lossy
--dispatcher = /sbin/audispd
-+dispatcher = /usr/sbin/audispd
- name_format = NONE
- ##name = mydomain
- max_log_file_action = ROTATE
--- 
-2.17.1
-
diff --git a/package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch b/package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch
deleted file mode 100644
index ac292c57d1..0000000000
--- a/package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch
+++ /dev/null
@@ -1,133 +0,0 @@
-From c39a071e7c021f6ff3554aca2758e97b47a9777c Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb@redhat.com>
-Date: Tue, 26 Feb 2019 18:33:33 -0500
-Subject: [PATCH] Add substitue functions for strndupa & rawmemchr
-
-(cherry picked from commit d579a08bb1cde71f939c13ac6b2261052ae9f77e)
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
----
- auparse/auparse.c   | 12 +++++++++++-
- auparse/interpret.c |  9 ++++++++-
- configure.ac        | 14 +++++++++++++-
- src/ausearch-lol.c  | 12 +++++++++++-
- 4 files changed, 43 insertions(+), 4 deletions(-)
-
-diff --git a/auparse/auparse.c b/auparse/auparse.c
-index 650db02..2e1c737 100644
---- a/auparse/auparse.c
-+++ b/auparse/auparse.c
-@@ -1,5 +1,5 @@
- /* auparse.c --
-- * Copyright 2006-08,2012-17 Red Hat Inc., Durham, North Carolina.
-+ * Copyright 2006-08,2012-19 Red Hat Inc., Durham, North Carolina.
-  * All Rights Reserved.
-  *
-  * This library is free software; you can redistribute it and/or
-@@ -1118,6 +1118,16 @@ static int str2event(char *s, au_event_t *e)
- 	return 0;
- }
- 
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+	size_t len = strnlen(old, n);
-+	char *tmp = alloca(len + 1);
-+	tmp[len] = 0;
-+	return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /* Returns 0 on success and 1 on error */
- static int extract_timestamp(const char *b, au_event_t *e)
- {
-diff --git a/auparse/interpret.c b/auparse/interpret.c
-index 51c4a5e..67b7b77 100644
---- a/auparse/interpret.c
-+++ b/auparse/interpret.c
-@@ -853,6 +853,13 @@ err_out:
- 		return print_escaped(id->val);
- }
- 
-+// rawmemchr is faster. Let's use it if we have it.
-+#ifdef HAVE_RAWMEMCHR
-+#define STRCHR rawmemchr
-+#else
-+#define STRCHR strchr
-+#endif
-+
- static const char *print_proctitle(const char *val)
- {
- 	char *out = (char *)print_escaped(val);
-@@ -863,7 +870,7 @@ static const char *print_proctitle(const char *val)
- 		// Proctitle has arguments separated by NUL bytes
- 		// We need to write over the NUL bytes with a space
- 		// so that we can see the arguments
--		while ((ptr  = rawmemchr(ptr, '\0'))) {
-+		while ((ptr  = STRCHR(ptr, '\0'))) {
- 			if (ptr >= end)
- 				break;
- 			*ptr = ' ';
-diff --git a/configure.ac b/configure.ac
-index 6e345f1..6f3007e 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -1,7 +1,7 @@
- dnl
- define([AC_INIT_NOTICE],
- [### Generated automatically using autoconf version] AC_ACVERSION [
--### Copyright 2005-18 Steve Grubb <sgrubb@redhat.com>
-+### Copyright 2005-19 Steve Grubb <sgrubb@redhat.com>
- ###
- ### Permission is hereby granted, free of charge, to any person obtaining a
- ### copy of this software and associated documentation files (the "Software"),
-@@ -72,6 +72,18 @@ dnl; posix_fallocate is used in audisp-remote
- AC_CHECK_FUNCS([posix_fallocate])
- dnl; signalfd is needed for libev
- AC_CHECK_FUNC([signalfd], [], [ AC_MSG_ERROR([The signalfd system call is necessary for auditd]) ])
-+dnl; check if rawmemchr is available
-+AC_CHECK_FUNCS([rawmemchr])
-+dnl; check if strndupa is available
-+AC_LINK_IFELSE(
-+  [AC_LANG_SOURCE(
-+    [[
-+      #define _GNU_SOURCE
-+      #include <string.h>
-+      int main() { (void) strndupa("test", 10); return 0; }]])],
-+ [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
-+ []
-+)
- 
- ALLWARNS=""
- ALLDEBUG="-g"
-diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
-index 5d17a72..758c33e 100644
---- a/src/ausearch-lol.c
-+++ b/src/ausearch-lol.c
-@@ -1,6 +1,6 @@
- /*
- * ausearch-lol.c - linked list of linked lists library
--* Copyright (c) 2008,2010,2014,2016 Red Hat Inc., Durham, North Carolina.
-+* Copyright (c) 2008,2010,2014,2016,2019 Red Hat Inc., Durham, North Carolina.
- * All Rights Reserved. 
- *
- * This software may be freely redistributed and/or modified under the
-@@ -152,6 +152,16 @@ static int compare_event_time(event *e1, event *e2)
- 	return 0;
- }
- 
-+#ifndef HAVE_STRNDUPA
-+static inline char *strndupa(const char *old, size_t n)
-+{
-+	size_t len = strnlen(old, n);
-+	char *tmp = alloca(len + 1);
-+	tmp[len] = 0;
-+	return memcpy(tmp, old, len);
-+}
-+#endif
-+
- /*
-  * This function will look at the line and pick out pieces of it.
-  */
--- 
-2.21.0
-
diff --git a/package/audit/0003-Header-definitions-need-to-be-external-when-building.patch b/package/audit/0003-Header-definitions-need-to-be-external-when-building.patch
deleted file mode 100644
index 9a546261df..0000000000
--- a/package/audit/0003-Header-definitions-need-to-be-external-when-building.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 017e6c6ab95df55f34e339d2139def83e5dada1f Mon Sep 17 00:00:00 2001
-From: Steve Grubb <sgrubb@redhat.com>
-Date: Fri, 10 Jan 2020 21:13:50 -0500
-Subject: [PATCH] Header definitions need to be external when building with
- -fno-common (which is default in GCC 10) - Tony Jones
-
-Patch taken from upstream: https://github.com/linux-audit/audit-userspace/commit/017e6c6ab95df55f34e339d2139def83e5dada1f
-Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
----
- src/ausearch-common.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/ausearch-common.h b/src/ausearch-common.h
-index 6669203..3040547 100644
---- a/src/ausearch-common.h
-+++ b/src/ausearch-common.h
-@@ -50,7 +50,7 @@ extern pid_t event_pid;
- extern int event_exact_match;
- extern uid_t event_uid, event_euid, event_loginuid;
- extern const char *event_tuid, *event_teuid, *event_tauid;
--slist *event_node_list;
-+extern slist *event_node_list;
- extern const char *event_comm;
- extern const char *event_filename;
- extern const char *event_hostname;
--- 
-2.20.1
-
diff --git a/package/audit/audit.hash b/package/audit/audit.hash
index 71e7df7dbc..4ef9a42b0d 100644
--- a/package/audit/audit.hash
+++ b/package/audit/audit.hash
@@ -1,4 +1,4 @@
 #Locally computed
-sha256 0e5d4103646e00f8d1981e1cd2faea7a2ae28e854c31a803e907a383c5e2ecb7 audit-2.8.5.tar.gz
-sha256 32b1062f7da84967e7019d01ab805935caa7ab7321a7ced0e30ebe75e5df1670 COPYING
-sha256 f18a0811fa0e220ccbc42f661545e77f0388631e209585ed582a1c693029c6aa COPYING.LIB
+sha256  994c4250d8fd43f3087a3c2ce73461832e30f1e9b278bf5bb03c3e07091155a5  audit-3.0.1.tar.gz
+sha256  32b1062f7da84967e7019d01ab805935caa7ab7321a7ced0e30ebe75e5df1670  COPYING
+sha256  f18a0811fa0e220ccbc42f661545e77f0388631e209585ed582a1c693029c6aa  COPYING.LIB
diff --git a/package/audit/audit.mk b/package/audit/audit.mk
index 05a16e6e31..df6650593d 100644
--- a/package/audit/audit.mk
+++ b/package/audit/audit.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AUDIT_VERSION = 2.8.5
+AUDIT_VERSION = 3.0.1
 AUDIT_SITE = http://people.redhat.com/sgrubb/audit
 AUDIT_LICENSE = GPL-2.0+ (programs), LGPL-2.1+ (libraries)
 AUDIT_LICENSE_FILES = COPYING COPYING.LIB
-- 
2.31.1

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [External] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 Adam Duskett
@ 2021-05-20 20:02   ` Weber, Matthew L Collins
  2021-05-20 21:04     ` Weber, Matthew L Collins
  0 siblings, 1 reply; 17+ messages in thread
From: Weber, Matthew L Collins @ 2021-05-20 20:02 UTC (permalink / raw)
  To: buildroot

Adam,

> From: Adam Duskett <aduskett@gmail.com>
> Sent: Thursday, May 20, 2021 12:46 PM
> To: buildroot at buildroot.org <buildroot@buildroot.org>
> Cc: Antoine Tenart <atenart@kernel.org>; Shotwell, Clayton L Collins <Clayton.Shotwell@collins.com>; Weber, Matthew L Collins <Matthew.Weber@collins.com>; Marcus Folkesson <marcus.folkesson@gmail.com>; Adam Duskett <aduskett@gmail.com>
> Subject: [External] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 
> ?
> Signed-off-by: Adam Duskett <aduskett@gmail.com>

I applied this series against NEXT and ran the following:
  ./support/testing/run-tests  tests.core.test_selinux.TestSELinuxPackage 

However, it failed.  

14:59:59 TestSELinuxPackage                       Starting
15:00:28 TestSELinuxPackage                       Cleaning up

======================================================================
ERROR: test_run (tests.core.test_selinux.TestSELinuxPackage)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 99, in expect_loop
    incoming = spawn.read_nonblocking(spawn.maxread, timeout)
  File "/usr/lib/python3/dist-packages/pexpect/pty_spawn.py", line 462, in read_nonblocking
    raise TIMEOUT('Timeout exceeded.')
pexpect.exceptions.TIMEOUT: Timeout exceeded.

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/accts/mlweber1/wip_patchwork/buildroot/support/testing/tests/core/test_selinux.py", line 76, in test_run
    out, ret = self.emulator.run("seinfo -t ntpd_t", 15)
  File "/accts/mlweber1/wip_patchwork/buildroot/support/testing/infra/emulator.py", line 110, in run
    self.qemu.expect("# ", timeout=timeout)
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 321, in expect
    timeout, searchwindowsize, async)
  File "/usr/lib/python3/dist-packages/pexpect/spawnbase.py", line 345, in expect_list
    return exp.expect_loop(timeout)
  File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 107, in expect_loop
    return self.timeout(e)
  File "/usr/lib/python3/dist-packages/pexpect/expect.py", line 70, in timeout
    raise TIMEOUT(msg)
pexpect.exceptions.TIMEOUT: Timeout exceeded.
<pexpect.pty_spawn.spawn object@0x7f7b9dc25d30>
command: /usr/bin/qemu-system-arm
args: [b'/usr/bin/qemu-system-arm', b'-serial', b'stdio', b'-display', b'none', b'-m', b'256', b'-initrd', b'/accts/mlweber1/wip_patchwork/buildroot/runtest/TestSELinuxPackage/images/rootfs.cpio', b'-dtb', b'/accts/mlweber1/vistajet/buildroot/dl/versatile-pb-4.19.dtb', b'-M', b'versatilepb', b'-device', b'virtio-rng-pci', b'-kernel', b'/accts/mlweber1/vistajet/buildroot/dl/kernel-versatile-4.19', b'-append', b'console=ttyAMA0']
buffer (last 100 chars): 'seinfo -t ntpd_t\r\r\n'
before (last 100 chars): 'seinfo -t ntpd_t\r\r\n'
after: <class 'pexpect.exceptions.TIMEOUT'>
match: None
match_index: None
exitstatus: None
flag_eof: False
pid: 34609
child_fd: 11
closed: False
timeout: 5
delimiter: <class 'pexpect.exceptions.EOF'>
logfile: None
logfile_read: <_io.TextIOWrapper name='/accts/mlweber1/wip_patchwork/buildroot/runtest/TestSELinuxPackage-run.log' mode='a+' encoding='UTF-8'>
logfile_send: None
maxread: 2000
ignorecase: False
searchwindowsize: None
delaybeforesend: 0.05
delayafterclose: 0.1
delayafterterminate: 0.1
searcher: searcher_re:
    0: re.compile("# ")

----------------------------------------------------------------------
Ran 1 test in 29.328s

FAILED (errors=1)



I'll see if I can get more details beyond this runtime output that looks like it tried to run.  Maybe the seinfo froze?

  $ tail runtest/TestSELinuxPackage-run.log 
  Running sysctl: OK
  Saving random seed: OK
  Starting network: OK
  
  Welcome to Buildroot
  buildroot login: root
  # dmesg -n 1
  # echo $?
  0
  # seinfo -t ntpd_t

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [External] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2
  2021-05-20 20:02   ` [Buildroot] [External] " Weber, Matthew L Collins
@ 2021-05-20 21:04     ` Weber, Matthew L Collins
  0 siblings, 0 replies; 17+ messages in thread
From: Weber, Matthew L Collins @ 2021-05-20 21:04 UTC (permalink / raw)
  To: buildroot

Adam,

> From: buildroot <buildroot-bounces@busybox.net> on behalf of Weber, Matthew L Collins via buildroot <buildroot@busybox.net>
> Sent: Thursday, May 20, 2021 3:02 PM
> To: Adam Duskett <aduskett@gmail.com>; buildroot at buildroot.org <buildroot@buildroot.org>
> Cc: Antoine Tenart <atenart@kernel.org>; Shotwell, Clayton L Collins <Clayton.Shotwell@collins.com>; Marcus Folkesson <marcus.folkesson@gmail.com>
> Subject: Re: [Buildroot] [External] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2
> ?
> Adam,
>
> > From: Adam Duskett <aduskett@gmail.com>
> > Sent: Thursday, May 20, 2021 12:46 PM
> > To: buildroot at buildroot.org <buildroot@buildroot.org>
> > Cc: Antoine Tenart <atenart@kernel.org>; Shotwell, Clayton L Collins <Clayton.Shotwell@collins.com>; Weber, Matthew L Collins <Matthew.Weber@collins.com>; Marcus Folkesson <marcus.folkesson@gmail.com>; Adam Duskett <aduskett@gmail.com>
> > Subject: [External] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2
> > ?
> > Signed-off-by: Adam Duskett <aduskett@gmail.com>
>
> I applied this series against NEXT and ran the following:
> ? ./support/testing/run-tests? tests.core.test_selinux.TestSELinuxPackage
>
> However, it failed.?

So it turns out my test run didn't have a good rng and it failed for timeout reasons.  I did some adjustments and the tests now pass for all 4 runtest use cases.

16:00:56 TestSELinuxExtraModulesDirs              Starting
16:00:56 TestSELinuxExtraModules                  Starting
16:01:43 TestSELinuxExtraModulesDirs              Cleaning up
.16:01:43 TestSELinuxCustomGit                     Starting
16:01:43 TestSELinuxCustomGit                     Cleaning up
.16:01:43 TestSELinuxPackage                       Starting
16:01:50 TestSELinuxExtraModules                  Cleaning up
.16:03:07 TestSELinuxPackage                       Cleaning up
.
----------------------------------------------------------------------
Ran 4 tests in 131.377s

OK

      1 776f05a270 (HEAD) package/audit: bump to version 3.0.1
      2 3551c17333 package/setools: bump to version 4.4.0
      3 6fffc6cc35 package/selinux-python: bump to version 3.2
      4 581eb0e524 package/semodule-utils: bump to version 3.2
      5 7671336b99 package/restorecond: bump to version 3.2
      6 c0a9412021 package/checkpolicy: bump to version 3.2
      7 0450bd2b6f package/policycoreutils: bump to version 3.2
      8 0ee7f07bfc package/libselinux: bump to version 3.2
      9 e79fc41939 package/libsemanage: bump to version 3.2
     10 29ee5a71f1 package/libsepol/Config.in: Add policy version 33
     11 419acd7f43 package/libsepol: bump to version 3.2
     12 abc110e362 (refs/remotes/upstream/next, refs/remotes/origin/next) package/gobject-introspection: bump to version 1.68.0

Tested-by: Matthew Weber <matthew.weber@collins.com>

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions
  2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
                   ` (10 preceding siblings ...)
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1 Adam Duskett
@ 2021-05-21 10:06 ` Yann E. MORIN
  2021-05-21 10:59   ` [Buildroot] [External] " Weber, Matthew L Collins
  11 siblings, 1 reply; 17+ messages in thread
From: Yann E. MORIN @ 2021-05-21 10:06 UTC (permalink / raw)
  To: buildroot

Adam, All,

On 2021-05-20 10:46 -0700, Adam Duskett spake thusly:
> The selinux project also now uses the respective package versions for the
> release URL's, so we change that as well.
> 
> Adam Duskett (11):
>   package/libsepol: bump to version 3.2
>   package/libsepol/Config.in: Add policy version 33
>   package/libsemanage: bump to version 3.2
>   package/libselinux: bump to version 3.2
>   package/policycoreutils: bump to version 3.2
>   package/checkpolicy: bump to version 3.2
>   package/restorecond: bump to version 3.2
>   package/semodule-utils: bump to version 3.2
>   package/selinux-python: bump to version 3.2
>   package/setools: bump to version 4.4.0
>   package/audit: bump to version 3.0.1

Entire series applied to next, thanks.

As discussed on IRC, could you look into either;

  - increasing the timeout of the selinux tests,

  - or, better, ensure that we start the qe;u instance with a proper
    virtual HWRNGmm as suggested by Matt and Khem;
    * start qemu with:
        -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0
    * ensure virtio-rng is built-in to the kernel we use

Thanks! :-)

Regards,
Yann E. MORIN.

>  ...0001-Fix-audispd-path-in-auditd.conf.patch |  32 -----
>  ...tue-functions-for-strndupa-rawmemchr.patch | 133 ------------------
>  ...ns-need-to-be-external-when-building.patch |  28 ----
>  package/audit/audit.hash                      |   6 +-
>  package/audit/audit.mk                        |   2 +-
>  package/checkpolicy/checkpolicy.hash          |   2 +-
>  package/checkpolicy/checkpolicy.mk            |   4 +-
>  ...T-and-rely-on-the-installed-file-nam.patch |   2 +-
>  ...d-to-something-which-never-conflicts.patch |  71 ----------
>  package/libselinux/libselinux.hash            |   2 +-
>  package/libselinux/libselinux.mk              |   4 +-
>  package/libsemanage/libsemanage.hash          |   2 +-
>  package/libsemanage/libsemanage.mk            |   4 +-
>  package/libsepol/Config.in                    |   4 +-
>  package/libsepol/libsepol.hash                |   4 +-
>  package/libsepol/libsepol.mk                  |   4 +-
>  ...-all-paths-that-use-an-absolute-path.patch |  11 +-
>  .../0002-Add-PREFIX-to-host-paths.patch       |  36 +++--
>  package/policycoreutils/policycoreutils.hash  |   2 +-
>  package/policycoreutils/policycoreutils.mk    |   6 +-
>  package/restorecond/restorecond.hash          |   2 +-
>  package/restorecond/restorecond.mk            |   4 +-
>  package/selinux-python/selinux-python.hash    |   2 +-
>  package/selinux-python/selinux-python.mk      |   4 +-
>  package/semodule-utils/semodule-utils.hash    |   2 +-
>  package/semodule-utils/semodule-utils.mk      |   4 +-
>  ...-setools.InfoFlowAnalysis-and-setoo.patch} |  19 +--
>  .../0001-remove-werror-flag-from-setup.patch  |  31 ----
>  package/setools/setools.hash                  |   2 +-
>  package/setools/setools.mk                    |   2 +-
>  30 files changed, 69 insertions(+), 362 deletions(-)
>  delete mode 100644 package/audit/0001-Fix-audispd-path-in-auditd.conf.patch
>  delete mode 100644 package/audit/0002-Add-substitue-functions-for-strndupa-rawmemchr.patch
>  delete mode 100644 package/audit/0003-Header-definitions-need-to-be-external-when-building.patch
>  delete mode 100644 package/libselinux/0003-libselinux-rename-gettid-to-something-which-never-conflicts.patch
>  rename package/setools/{0002-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch => 0001-Do-not-export-use-setools.InfoFlowAnalysis-and-setoo.patch} (88%)
>  delete mode 100644 package/setools/0001-remove-werror-flag-from-setup.patch
> 
> -- 
> 2.31.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [External] Re: [PATCH/NEXT: 00/11] selinux packages: bump versions
  2021-05-21 10:06 ` [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Yann E. MORIN
@ 2021-05-21 10:59   ` Weber, Matthew L Collins
  0 siblings, 0 replies; 17+ messages in thread
From: Weber, Matthew L Collins @ 2021-05-21 10:59 UTC (permalink / raw)
  To: buildroot

Yann,

> From: Yann E. MORIN <yann.morin.1998@free.fr>
> Sent: Friday, May 21, 2021 5:06 AM
> To: Adam Duskett <aduskett@gmail.com>
> Cc: buildroot at buildroot.org <buildroot@buildroot.org>; Marcus Folkesson <marcus.folkesson@gmail.com>; Antoine Tenart <atenart@kernel.org>; Shotwell, Clayton L Collins <Clayton.Shotwell@collins.com>; Weber, Matthew L Collins <Matthew.Weber@collins.com>
> Subject: [External] Re: [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions
> ?
> Adam, All,
>
> On 2021-05-20 10:46 -0700, Adam Duskett spake thusly:
> > The selinux project also now uses the respective package versions for the
> > release URL's, so we change that as well.
> >
> > Adam Duskett (11):
> >?? package/libsepol: bump to version 3.2
> >?? package/libsepol/Config.in: Add policy version 33
> >?? package/libsemanage: bump to version 3.2
> >?? package/libselinux: bump to version 3.2
> >?? package/policycoreutils: bump to version 3.2
> >?? package/checkpolicy: bump to version 3.2
> >?? package/restorecond: bump to version 3.2
> >?? package/semodule-utils: bump to version 3.2
> >?? package/selinux-python: bump to version 3.2
> >?? package/setools: bump to version 4.4.0
> >?? package/audit: bump to version 3.0.1
>
> Entire series applied to next, thanks.
>
> As discussed on IRC, could you look into either;
>
> ? - increasing the timeout of the selinux tests,
>
> ? - or, better, ensure that we start the qe;u instance with a proper
> ??? virtual HWRNGmm as suggested by Matt and Khem;
> ??? * start qemu with:
> ??????? -object rng-random,filename=/dev/urandom,id=rng0 -device virtio-rng-pci,rng=rng0
> ??? * ensure virtio-rng is built-in to the kernel we use

A pattern for this was merged in the docker compose test (a9219660d30).  However, this test uses the base test 'builtin" kernel. Update steps would roughly be:
1) Update to the qemu_cmd's for "builtin" kernels in support/testing/infra/emulator.py
2) Kernel rebuilds on "builtin" images to support (if CONFIG not already selected) as they are binary downloads for runtest use
3) Rerun of the whole test suite...

So maybe easier to go with option 1 and extend timeouts for now?

Matt

^ permalink raw reply	[flat|nested] 17+ messages in thread

* [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1
  2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1 Adam Duskett
@ 2021-05-23  3:30   ` Baruch Siach
  0 siblings, 0 replies; 17+ messages in thread
From: Baruch Siach @ 2021-05-23  3:30 UTC (permalink / raw)
  To: buildroot

Hi Adam,

On Thu, May 20 2021, Adam Duskett wrote:
> Drop all upstream patches as they no longer are applicable.

You can also drop AUTORECONF, I believe.

baruch

-- 
                                                     ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - baruch at tkos.co.il - tel: +972.52.368.4656, http://www.tkos.co.il -

^ permalink raw reply	[flat|nested] 17+ messages in thread

end of thread, other threads:[~2021-05-23  3:30 UTC | newest]

Thread overview: 17+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-20 17:46 [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 01/11] package/libsepol: bump to version 3.2 Adam Duskett
2021-05-20 20:02   ` [Buildroot] [External] " Weber, Matthew L Collins
2021-05-20 21:04     ` Weber, Matthew L Collins
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 02/11] package/libsepol/Config.in: Add policy version 33 Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 03/11] package/libsemanage: bump to version 3.2 Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 04/11] package/libselinux: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 05/11] package/policycoreutils: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 06/11] package/checkpolicy: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 07/11] package/restorecond: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 08/11] package/semodule-utils: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 09/11] package/selinux-python: " Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 10/11] package/setools: bump to version 4.4.0 Adam Duskett
2021-05-20 17:46 ` [Buildroot] [PATCH/NEXT: 11/11] package/audit: bump to version 3.0.1 Adam Duskett
2021-05-23  3:30   ` Baruch Siach
2021-05-21 10:06 ` [Buildroot] [PATCH/NEXT: 00/11] selinux packages: bump versions Yann E. MORIN
2021-05-21 10:59   ` [Buildroot] [External] " Weber, Matthew L Collins

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.