From patchwork Thu May 19 18:54:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dominick Grift X-Patchwork-Id: 1633476 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: bilbo.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=LCEWRjzE; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=defensec.nl header.i=@defensec.nl header.a=rsa-sha256 header.s=default header.b=sTYemQI2; dkim-atps=neutral Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4L3zdt4kmrz9sGY for ; Fri, 20 May 2022 04:58:26 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:References:In-Reply-To: Message-Id:Date:Subject:Cc:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=A7lrv7MgFx34YvtLupK0qh6u70ZTZJMlUEHvpo3oe6E=; b=LCEWRjzELNkIl+ lOx9OU4xqLSh4dmiawC68HsZIcIbuh0qlTv70wTgDGU83QtOqEda51qK/Untak5P4foK68mBbIomu hyBmZsSnGOM2F3Mm6xCMb2ukYcmTcYhN9w9TAmxhG0Xi9yq6JcvE+O9adq0Qc3B3NDY5lG7IFYILj 4mqlmvHfx+EYvhVFpwXcshz45tzCRY0+gbyJ6JTSPFVDdl0luJW+UKq3Dy21dB2eunurjzb0TPl4u UIWvM8oCQlC+GcxfsY8tmeVa5WeHlIaPOzOd2sVJuNcc9IN/Z5ER/UrvhFTujVi48Ho5nmvj1MLCR N1ItfCSzv9GOuYDlW+ww==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1nrlIf-0090Da-OO; Thu, 19 May 2022 18:55:05 +0000 Received: from markus.defensec.nl ([45.80.168.93]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1nrlIP-00908l-N9 for openwrt-devel@lists.openwrt.org; Thu, 19 May 2022 18:54:51 +0000 Received: from brutus.. (brutus.lan [IPv6:2a10:3781:2099::438]) by markus.defensec.nl (Postfix) with ESMTPSA id 6833BFC0940; Thu, 19 May 2022 20:54:42 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=defensec.nl; s=default; t=1652986482; bh=MaadTRJ49xvhUZ7SEPf0s+axsGQFwWWu9lXCIqwZOZU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=sTYemQI20HlAV724UsVxKD29KWAUBaMcNMbwCgYe1TdHCJX2kMidIpNPfz/jd9VQY Bm+/V1aVtG8J+Fnjlh3Bz9+h2+jvdAlhgcOan//Le0Db1OY2RNdKfQq6gbLSFeY/0s w06CT6/PcVj0xzrAXGJkNBmZhdzfOtqZR+jzLtXw= From: Dominick Grift To: openwrt-devel@lists.openwrt.org Cc: daniel@makrotopia.org, Dominick Grift Subject: [PATCH 2/8] libselinux: update to version 3.4 Date: Thu, 19 May 2022 20:54:14 +0200 Message-Id: <20220519185418.168937-3-dominick.grift@defensec.nl> X-Mailer: git-send-email 2.36.1 In-Reply-To: <20220519185418.168937-1-dominick.grift@defensec.nl> References: <20220519185418.168937-1-dominick.grift@defensec.nl> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220519_115449_953847_D31EB088 X-CRM114-Status: UNSURE ( 6.66 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -0.9 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: libselinux depends on pcre2 instead of pcre as of version 3.4 0a8c177d Update VERSIONs to 3.4 for release. 822ad96c libselinux: update man page of setfilecon(3) family about context parameter 0c407c3f libselinux/utils: print errno on failure 88d43a8d libselinux: [...] Content analysis details: (-0.9 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.7 RCVD_IN_DNSWL_LOW RBL: Sender listed at https://www.dnswl.org/, low trust [45.80.168.93 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org libselinux depends on pcre2 instead of pcre as of version 3.4 0a8c177d Update VERSIONs to 3.4 for release. 822ad96c libselinux: update man page of setfilecon(3) family about context parameter 0c407c3f libselinux/utils: print errno on failure 88d43a8d libselinux: preserve errno in selinux_log() 8266fd94 libselinux: free memory in error branch 7e979b56 libselinux: restorecon: pin file to avoid TOCTOU issues aaa49aca libselinux: restorecon: forward error if not ENOENT 657420d6 libselinux: restorecon: misc tweaks a782abf2 libselinux: emulate O_PATH support in fgetfilecon/fsetfilecon 9df28c24 Update VERSIONs to 3.4-rc3 for release. 0b691d1a selinux_restorecon: introduce SELINUX_RESTORECON_COUNT_ERRORS 2a167d11 Update VERSIONs to 3.4-rc2 for release. e1761979 libselinux: correctly hash specfiles larger than 4G b9a4d13a libselinux: free memory on selabel_open(3) failure 63df12fe libselinux: correct parameter type in selabel_open(3) 0aa974a4 libselinux: limit has buffer size 1020a5a2 libselinux/utils: check for valid contexts to improve error causes 73562de8 Update VERSIONs to 3.4-rc1 for release. c1a8da6e libselinux: Close leaked FILEs 4bab3ecc libselinux: Strip spaces before values in config e0da140d libselinux: use PCRE2 by default 4bafb8eb libselinux: Fix selinux_restorecon_parallel symbol version 02f302fc selinux_restorecon: introduce selinux_restorecon_parallel(3) a578d1ce selinux_restorecon: add a global mutex to synchronize progress output 78bdce9c libselinux: make is_context_customizable() thread-safe a3516ec6 libselinux: make selinux_log() thread-safe 46427054 selinux_restorecon: protect file_spec list with a mutex 43dc50fc selinux_restorecon: simplify fl_head allocation by using calloc() abe410aa label_file: fix a data race 85982d83 libselinux: use valid address to silence glibc 2.34 warnings Signed-off-by: Dominick Grift --- package/libs/libselinux/Makefile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/package/libs/libselinux/Makefile b/package/libs/libselinux/Makefile index 6bda72b5de..9a485157b8 100644 --- a/package/libs/libselinux/Makefile +++ b/package/libs/libselinux/Makefile @@ -6,19 +6,19 @@ include $(TOPDIR)/rules.mk PKG_NAME:=libselinux -PKG_VERSION:=3.3 -PKG_RELEASE:=2 +PKG_VERSION:=3.4 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/SELinuxProject/selinux/releases/download/$(PKG_VERSION) -PKG_HASH:=acfdee27633d2496508c28727c3d41d3748076f66d42fccde2e6b9f3463a7057 -HOST_BUILD_DEPENDS:=libsepol/host pcre/host +PKG_HASH:=77c294a927e6795c2e98f74b5c3adde9c8839690e9255b767c5fca6acff9b779 +HOST_BUILD_DEPENDS:=libsepol/host pcre2/host PKG_LICENSE:=libselinux-1.0 PKG_LICENSE_FILES:=LICENSE PKG_MAINTAINER:=Thomas Petazzoni -HOST_BUILD_DEPENDS:=libsepol/host musl-fts/host pcre/host +HOST_BUILD_DEPENDS:=libsepol/host musl-fts/host pcre2/host include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/host-build.mk @@ -71,7 +71,7 @@ define Package/libselinux $(call Package/libselinux/Default) SECTION:=libs CATEGORY:=Libraries - DEPENDS:=+libsepol +libpcre +USE_MUSL:musl-fts + DEPENDS:=+libsepol +libpcre2 +USE_MUSL:musl-fts endef define Package/libselinux/description @@ -103,7 +103,7 @@ endef $(foreach a,$(LIBSELINUX_UTILS),$(eval $(call GenUtilPkg,libselinux-$(a),$(a)))) # Needed to link libselinux utilities, which link against -# libselinux.so, which indirectly depends on libpcre.so, installed in +# libselinux.so, which indirectly depends on libpcre2.so, installed in # $(STAGING_DIR_HOSTPKG). HOST_LDFLAGS += -Wl,-rpath="$(STAGING_DIR_HOSTPKG)/lib"