Date   

insmod - huawei E3372h kernel module

Zoltan Kerenyi Nagy
 

Hi Folks,

I bitbaked a Huawei E3372h driver into the distro with this recipe file:

SUMMARY = "Huawei Stick kernel module"
LICENSE = "CLOSED"

inherit module

SRC_URI = "file://Makefile \
           file://huawei_cdc_ncm.c \
          "

S = "${WORKDIR}"

The makefile looks like this:

obj-m := huawei_cdc_ncm.o

SRC := $(shell pwd)

all:
$(MAKE) -C $(KERNEL_SRC) M=$(SRC)

modules_install:
$(MAKE) -C $(KERNEL_SRC) M=$(SRC) modules_install

clean:
rm -f *.o *~ core .depend .*.cmd *.ko *.mod.c
rm -f Module.markers Module.symvers modules.order
rm -rf .tmp_versions Modules.symvers

The source file is the one that matches the kernel:


I included this into the conf file:
KERNEL_MODULE_AUTOLOAD += "lte"KERNEL_MODULE_PROBECONF += "lte"huawei_cdc_ncm = "options lte iProduct=E3372h iManufacturer=Huawei"

Bitbake runs without error, however when I insert the SD card into the hardware ( barix ipam 400)
and boot the hardware this is the error message:

root@barix-ipam400:~# insmod /lib/modules/4.10.0/extra/huawei_cdc_ncm.ko
insmod: can't insert '/lib/modules/4.10.0/extra/huawei_cdc_ncm.ko': unknown symbol in module, or unknown parameter

To me it looks like that there was an error during the bitbake, or the header files included in the driver doesn't match the kernel.

Do you have any idea how to procede?

Thanks,



--
Zolee


Re: How to select Linux kernel version?

Quentin Schulz
 

Hi,

On Thu, Jan 07, 2021 at 09:07:58PM +1100, JH wrote:
Thanks kapllaj.

On meta-freescale, you find this on
meta-freescale-distro/conf/distro/include/fsl-base.inc:
Yes I use imx6ull, I've looked those config files, nothing set to run 4.19.

Now, go to meta-freescale/recipes-kernel/linux folder, and take a look to
see what kernels are available for your machine. Note that the linux-imx
kernel provides currently on master branch the 5.4 version!
For you to select the 5.10 (assuming you are on master branch) you should
set:

PREFERRED_PROVIDER_virtual/kernel = "linux-fslc"
I setup PREFERRED_PROVIDER_virtual/kernel = "linux-yocto", I have to
say, it has been running for a year for 4.19 kernel.

Yocto will automatically select the highest available version, but if you
would also like to fix the version, provide also that information:
PREFERRED_VERSION_linux-fslc = "5.%"
I know iit should automatically select the highest available version 5.10.

I set up following in local.conf:

PREFERRED_PROVIDER_virtual/kernel="linux-yocto"
PREFERRED_VERSION_linux-yocto="5.10.%"
So we can stop half guessing and help you can you give us the output of:
bitbake -e virtual/kernel | grep -e "^PREFERRED_PROVIDER_"
bitbake -e virtual/kernel | grep -e "^PREFERRED_VERSION_"
bitbake -e virtual/kernel | grep -e "^OVERRIDES="
bitbake-layers show-recipes linux-yocto linux-fslc

Thanks,
Quentin


Re: How to select Linux kernel version?

JH
 

Thanks kapllaj.

On meta-freescale, you find this on
meta-freescale-distro/conf/distro/include/fsl-base.inc:
Yes I use imx6ull, I've looked those config files, nothing set to run 4.19.

Now, go to meta-freescale/recipes-kernel/linux folder, and take a look to
see what kernels are available for your machine. Note that the linux-imx
kernel provides currently on master branch the 5.4 version!
For you to select the 5.10 (assuming you are on master branch) you should
set:

PREFERRED_PROVIDER_virtual/kernel = "linux-fslc"
I setup PREFERRED_PROVIDER_virtual/kernel = "linux-yocto", I have to
say, it has been running for a year for 4.19 kernel.

Yocto will automatically select the highest available version, but if you
would also like to fix the version, provide also that information:
PREFERRED_VERSION_linux-fslc = "5.%"
I know iit should automatically select the highest available version 5.10.

I set up following in local.conf:

PREFERRED_PROVIDER_virtual/kernel="linux-yocto"
PREFERRED_VERSION_linux-yocto="5.10.%"

But it was still running 4.19, the question is why didn't the Yocto
ignore the setting?

Thank you.

- j


Re: How to select Linux kernel version?

kapllaj.elvis@...
 

Hi, it actually shouldn't be that hard to set the kernel.

IMX_DEFAULT_KERNEL is a variable that sets the kernel name (the recipe) and not the version. I don't know on which yocto version you are working, and also on which CPU.

On meta-freescale, you find this on meta-freescale-distro/conf/distro/include/fsl-base.inc:

# Handle default kernel
IMX_DEFAULT_KERNEL = "linux-imx"
IMX_DEFAULT_KERNEL_mxs = "linux-fslc"
IMX_DEFAULT_KERNEL_mx5 = "linux-fslc"
IMX_DEFAULT_KERNEL_mx6 = "linux-fslc-imx"
IMX_DEFAULT_KERNEL_mx7 = "linux-fslc-imx"
IMX_DEFAULT_KERNEL_mx8 = "linux-imx"
IMX_DEFAULT_KERNEL_mx7ulp = "linux-imx"
IMX_DEFAULT_KERNEL_mx6sll = "linux-imx"
IMX_DEFAULT_KERNEL_mx6ul = "linux-fslc-imx"
IMX_DEFAULT_KERNEL_mx6ull = "linux-fslc-imx"
IMX_DEFAULT_KERNEL_use-mainline-bsp = "linux-fslc"
 
PREFERRED_PROVIDER_virtual/kernel ??= "${IMX_DEFAULT_KERNEL}"

That variable is only used if "PREFERRED_PROVIDER_virtual/kernel" variable was never set (note the ??= assignment). And what this does is: if there was not specified a kernel for this machine, set it to linux-imx (and note that it is also overridden for different cpus!). For example, it selects linux-fslc-imx for imx6 cpu.

Now, go to meta-freescale/recipes-kernel/linux folder, and take a look to see what kernels are available for your machine. Note that the linux-imx kernel provides currently on master branch the 5.4 version!
For you to select the 5.10 (assuming you are on master branch) you should set:

PREFERRED_PROVIDER_virtual/kernel = "linux-fslc"

Yocto will automatically select the highest available version, but if you would also like to fix the version, provide also that information:
PREFERRED_VERSION_linux-fslc = "5.%"


Unable to extract tar file #dunfell #yocto

Vijay Rakesh Munganda
 

Hi All,

I'm trying to install the Tokbox library into the build, but the tar file is not getting extracted into the folder. Here is my recipe code, kindly please help me where I went wrong.
Recipe:

DESCRIPTION = "libopentok for arm64"
HOMEPAGE = "https://tokbox.com"
 
 
SRC_URI = "https://s3.amazonaws.com/artifact.tokbox.com/rel/opentok-linux-sdk/libopentok_linux_llvm_arm64-2.18.1.tgz"
SRC_URI[sha256sum] = "7ae2b85940a4e16299a4ec5f4341b6b92c71abdb5ef6949508873bd8a2f53abc"
 
S= "${WORKDIR}/tokbox"
 
inherit cmake
Error: 
CMake Error: The source directory "/home/test/target/bsp/tmp/work/aarch64-poky-linux/tokbox/1.0-r0/tokbox" does not appear to contain CMakeLists.txt.

Thanks & Regards,
Vijay Rakesh


Re: How to select Linux kernel version?

JH
 

Thanks kapllaj,

It also may be overridden by some conf file. For example, if you are using a
i.MX cpus, you may have some conf file on meta-freescale that override this
variable with something like: PREFERRED_PROVIDER_virtual/kernel_imx = "some
kernel"
It has linux-imx and ${IMX_DEFAULT_KERNEL}, but I could not find what
is defined for ${IMX_DEFAULT_KERNEL}

I defined IMX_DEFAULT_KERNEL = "5.10.%" in local.conf, still download 4.19,

I had a situation like this on a imx6 xpu, and had to specify the "_imx"
override in order to make it work.

"bitbake - e virtual/kernel | grep PREFERRED_PROVIDER_virtual/kernel" is
your friend.
It will show you the current variable selected, and also the different
overrides available.
Yes, I've done many times, there is no decisive definition for it, a
little bit weird.

Did not know it is that hard to just define a kernel version in Yocto ??


Thank you.

Kind regards,

- j


[meta-selinux][PATCH 17/17] semodule-utils: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/semodule-utils_3.0.bb | 7 -------
recipes-security/selinux/semodule-utils_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/semodule-utils_3.0.bb
create mode 100644 recipes-security/selinux/semodule-utils_3.1.bb

diff --git a/recipes-security/selinux/semodule-utils_3.0.bb b/recipes-security/selinux/semodule-utils_3.0.bb
deleted file mode 100644
index bccc707..0000000
--- a/recipes-security/selinux/semodule-utils_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "58b0e4b85695dad6aff70c69f7a417fd"
-SRC_URI[sha256sum] = "14ee2db21f36766ffbbb65770f8e7236d21675db9f0f5d40f50974711da598cf"
diff --git a/recipes-security/selinux/semodule-utils_3.1.bb b/recipes-security/selinux/semodule-utils_3.1.bb
new file mode 100644
index 0000000..02a63f8
--- /dev/null
+++ b/recipes-security/selinux/semodule-utils_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "d9520d0cdef3d1be412155dc72ec2936"
+SRC_URI[sha256sum] = "0cc37f9cec751d9c2abb5f2b228b060567e973cb47c19b53b8a4a7378baaa853"
--
2.25.1


[meta-selinux][PATCH 16/17] selinux-gui: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/selinux-gui_3.0.bb | 7 -------
recipes-security/selinux/selinux-gui_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/selinux-gui_3.0.bb
create mode 100644 recipes-security/selinux/selinux-gui_3.1.bb

diff --git a/recipes-security/selinux/selinux-gui_3.0.bb b/recipes-security/selinux/selinux-gui_3.0.bb
deleted file mode 100644
index e937836..0000000
--- a/recipes-security/selinux/selinux-gui_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "988a564eccc01feb8cc6fa49630efc6d"
-SRC_URI[sha256sum] = "e9e9b599950a30857b0954bf10853ea50efb7de68a5ae756a27b8d03ccc44348"
diff --git a/recipes-security/selinux/selinux-gui_3.1.bb b/recipes-security/selinux/selinux-gui_3.1.bb
new file mode 100644
index 0000000..3038ebc
--- /dev/null
+++ b/recipes-security/selinux/selinux-gui_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "1e0ea65dfb2b5408969bbe55f6f9d04e"
+SRC_URI[sha256sum] = "40775eaef965259ca2f8ad49c23b03ff2c8f70808a9e0587b1075970b2509c3d"
--
2.25.1


[meta-selinux][PATCH 15/17] selinux-sandbox: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/selinux-sandbox_3.0.bb | 7 -------
recipes-security/selinux/selinux-sandbox_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/selinux-sandbox_3.0.bb
create mode 100644 recipes-security/selinux/selinux-sandbox_3.1.bb

diff --git a/recipes-security/selinux/selinux-sandbox_3.0.bb b/recipes-security/selinux/selinux-sandbox_3.0.bb
deleted file mode 100644
index a60f52c..0000000
--- a/recipes-security/selinux/selinux-sandbox_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "81447c46bf4cae9a5fa38c5fb8dc923e"
-SRC_URI[sha256sum] = "66fb4ea3a9e3d1e6004f13666b8390be751dd226a8496b995ed0332788758d0a"
diff --git a/recipes-security/selinux/selinux-sandbox_3.1.bb b/recipes-security/selinux/selinux-sandbox_3.1.bb
new file mode 100644
index 0000000..8a95044
--- /dev/null
+++ b/recipes-security/selinux/selinux-sandbox_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "d38fda12b028c06f751be9c25e309c6b"
+SRC_URI[sha256sum] = "c79b958e2f64570a59e60638fd13c15fd77c7c2bbac31c7ad4afb03718432b84"
--
2.25.1


[meta-selinux][PATCH 14/17] selinux-dbus: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/selinux-dbus_3.0.bb | 7 -------
recipes-security/selinux/selinux-dbus_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/selinux-dbus_3.0.bb
create mode 100644 recipes-security/selinux/selinux-dbus_3.1.bb

diff --git a/recipes-security/selinux/selinux-dbus_3.0.bb b/recipes-security/selinux/selinux-dbus_3.0.bb
deleted file mode 100644
index afae77b..0000000
--- a/recipes-security/selinux/selinux-dbus_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "775f058ea19f424d99ce3bd13297234c"
-SRC_URI[sha256sum] = "95d75603444c3eeaebf25da3de6febb6e1567d5f5d93cde5a4b73c88ef6c4f28"
diff --git a/recipes-security/selinux/selinux-dbus_3.1.bb b/recipes-security/selinux/selinux-dbus_3.1.bb
new file mode 100644
index 0000000..04e7565
--- /dev/null
+++ b/recipes-security/selinux/selinux-dbus_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "b6ad8b3d8497782c6ed480514dfc8ee8"
+SRC_URI[sha256sum] = "61f936d200ff8302c513883c67bb7c4c496513e78122954cbd33db62086a06f2"
--
2.25.1


[meta-selinux][PATCH 13/17] selinux-python: upgrade to 3.1 (20200710)

Yi Zhao
 

Refresh patch:
fix-sepolicy-install-path.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
.../selinux-python/fix-sepolicy-install-path.patch | 12 ++++++------
recipes-security/selinux/selinux-python_3.0.bb | 7 -------
recipes-security/selinux/selinux-python_3.1.bb | 7 +++++++
3 files changed, 13 insertions(+), 13 deletions(-)
delete mode 100644 recipes-security/selinux/selinux-python_3.0.bb
create mode 100644 recipes-security/selinux/selinux-python_3.1.bb

diff --git a/recipes-security/selinux/selinux-python/fix-sepolicy-install-path.patch b/recipes-security/selinux/selinux-python/fix-sepolicy-install-path.patch
index 527e02c..4e91df7 100644
--- a/recipes-security/selinux/selinux-python/fix-sepolicy-install-path.patch
+++ b/recipes-security/selinux/selinux-python/fix-sepolicy-install-path.patch
@@ -1,7 +1,7 @@
-From e8fdfdf96a84209118deff7782cf82f8187af6c5 Mon Sep 17 00:00:00 2001
+From df40fadfb251cc2aebdbd2e216f99a8ae7da7763 Mon Sep 17 00:00:00 2001
From: Xin Ouyang <Xin.Ouyang@...>
Date: Mon, 23 Sep 2013 21:17:59 +0800
-Subject: [PATCH] policycoreutils: fix install path for new pymodule sepolicy
+Subject: [PATCH] sepolicy: fix install path for new pymodule sepolicy

Upstream-Status: Inappropriate [embedded specific]

@@ -13,18 +13,18 @@ Signed-off-by: Yi Zhao <yi.zhao@...>
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sepolicy/Makefile b/sepolicy/Makefile
-index 69f29fa..b474d80 100644
+index 3361be4..5842321 100644
--- a/sepolicy/Makefile
+++ b/sepolicy/Makefile
@@ -27,7 +27,7 @@ test:
@$(PYTHON) test_sepolicy.py -v

install:
-- $(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)`
-+ $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR) --no-compile
+- $(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)` $(PYTHON_SETUP_ARGS)
++ $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR) --no-compile $(PYTHON_SETUP_ARGS)
[ -d $(DESTDIR)$(BINDIR) ] || mkdir -p $(DESTDIR)$(BINDIR)
install -m 755 sepolicy.py $(DESTDIR)$(BINDIR)/sepolicy
(cd $(DESTDIR)$(BINDIR); ln -sf sepolicy sepolgen)
--
-2.7.4
+2.17.1

diff --git a/recipes-security/selinux/selinux-python_3.0.bb b/recipes-security/selinux/selinux-python_3.0.bb
deleted file mode 100644
index 8222d28..0000000
--- a/recipes-security/selinux/selinux-python_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "aa018c9b1b26034f84f3f427adac08be"
-SRC_URI[sha256sum] = "43c08fa881ccc64251d396b1ac6c56b354bf98421b4ec937d54a8db190135494"
diff --git a/recipes-security/selinux/selinux-python_3.1.bb b/recipes-security/selinux/selinux-python_3.1.bb
new file mode 100644
index 0000000..a0555d2
--- /dev/null
+++ b/recipes-security/selinux/selinux-python_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "ec75687b680e0dd63e3ded05bd41cb5a"
+SRC_URI[sha256sum] = "f4d0a1a030bc291a6af498b26e0676b745075dd289a8ba16cdec86c3ea8f2f02"
--
2.25.1


[meta-selinux][PATCH 12/17] restorecond: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/restorecond.inc | 14 +++++++++++++-
recipes-security/selinux/restorecond_3.0.bb | 7 -------
recipes-security/selinux/restorecond_3.1.bb | 7 +++++++
3 files changed, 20 insertions(+), 8 deletions(-)
delete mode 100644 recipes-security/selinux/restorecond_3.0.bb
create mode 100644 recipes-security/selinux/restorecond_3.1.bb

diff --git a/recipes-security/selinux/restorecond.inc b/recipes-security/selinux/restorecond.inc
index d168303..a5b1635 100644
--- a/recipes-security/selinux/restorecond.inc
+++ b/recipes-security/selinux/restorecond.inc
@@ -15,10 +15,22 @@ inherit systemd update-rc.d

DEPENDS += "libsepol libselinux libpcre dbus-glib glib-2.0 pkgconfig-native"

+EXTRA_OEMAKE += "SYSTEMDSYSTEMUNITDIR=${systemd_system_unitdir} \
+ SYSTEMDUSERUNITDIR=${systemd_user_unitdir} \
+ "
+
FILES_${PN} += "${datadir}/dbus-1/services/org.selinux.Restorecond.service \
-"
+ ${systemd_user_unitdir}/* \
+ "

SYSTEMD_SERVICE_restorecond = "restorecond.service"
INITSCRIPT_PACKAGES = "restorecond"
INITSCRIPT_NAME_restorecond = "restorecond"
INITSCRIPT_PARAMS_restorecond = "defaults"
+
+do_install_append() {
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'false', 'true', d)}; then
+ # remove /usr/lib/systemd/user
+ rm -rf ${D}${nonarch_libdir}
+ fi
+}
diff --git a/recipes-security/selinux/restorecond_3.0.bb b/recipes-security/selinux/restorecond_3.0.bb
deleted file mode 100644
index 8c840c9..0000000
--- a/recipes-security/selinux/restorecond_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "f32edbd8a1f724ef1e4fa70bf9e22685"
-SRC_URI[sha256sum] = "32a92c9f4bf48c613f9f467ced58d8c369eec8892239cd44d5d0e139b41926dc"
diff --git a/recipes-security/selinux/restorecond_3.1.bb b/recipes-security/selinux/restorecond_3.1.bb
new file mode 100644
index 0000000..d4e0d06
--- /dev/null
+++ b/recipes-security/selinux/restorecond_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "8daf761739a150a7a29bb491726a6cd9"
+SRC_URI[sha256sum] = "82ca45099685a45d718f11f8859963c1ba83d98e510312cbf0b7dc5664c60ad0"
--
2.25.1


[meta-selinux][PATCH 11/17] mcstrans: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/mcstrans.inc | 6 ++++--
recipes-security/selinux/mcstrans_3.0.bb | 7 -------
recipes-security/selinux/mcstrans_3.1.bb | 7 +++++++
3 files changed, 11 insertions(+), 9 deletions(-)
delete mode 100644 recipes-security/selinux/mcstrans_3.0.bb
create mode 100644 recipes-security/selinux/mcstrans_3.1.bb

diff --git a/recipes-security/selinux/mcstrans.inc b/recipes-security/selinux/mcstrans.inc
index b9c670b..52b95c6 100644
--- a/recipes-security/selinux/mcstrans.inc
+++ b/recipes-security/selinux/mcstrans.inc
@@ -14,8 +14,10 @@ inherit systemd update-rc.d

DEPENDS += "libsepol libselinux libcap"

-# We do not need "${D}/" as a prefix anymore.
-EXTRA_OEMAKE += "SBINDIR=${base_sbindir} INITDIR=${sysconfdir}/init.d"
+EXTRA_OEMAKE += "SBINDIR=${base_sbindir} \
+ INITDIR=${sysconfdir}/init.d \
+ SYSTEMDDIR=${systemd_unitdir} \
+ "

do_install_append() {
install -d ${D}${sbindir}
diff --git a/recipes-security/selinux/mcstrans_3.0.bb b/recipes-security/selinux/mcstrans_3.0.bb
deleted file mode 100644
index 27ddfce..0000000
--- a/recipes-security/selinux/mcstrans_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
-
-SRC_URI[md5sum] = "0edc58a4d65425ffa5d58d32bf412352"
-SRC_URI[sha256sum] = "0992b8e7c4de1ba5f98a82547b02418370be5a5f588fc6d5f1cd2c7824bda87e"
diff --git a/recipes-security/selinux/mcstrans_3.1.bb b/recipes-security/selinux/mcstrans_3.1.bb
new file mode 100644
index 0000000..26bb299
--- /dev/null
+++ b/recipes-security/selinux/mcstrans_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f"
+
+SRC_URI[md5sum] = "18b7bf8193dd2360bc60f0e2639009ab"
+SRC_URI[sha256sum] = "cc918576c17340fc944849d785e2a7400b269ef079a36b871c140504164d6a45"
--
2.25.1


[meta-selinux][PATCH 10/17] policycoreutils: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/policycoreutils_3.0.bb | 7 -------
recipes-security/selinux/policycoreutils_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/policycoreutils_3.0.bb
create mode 100644 recipes-security/selinux/policycoreutils_3.1.bb

diff --git a/recipes-security/selinux/policycoreutils_3.0.bb b/recipes-security/selinux/policycoreutils_3.0.bb
deleted file mode 100644
index a4e0287..0000000
--- a/recipes-security/selinux/policycoreutils_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "7e95941f1ac00b25b69c7157d49a375f"
-SRC_URI[sha256sum] = "3379c9bd722e36be9bf8856c6fa373bfa9b33305ac9da5fc807cfe7fa605f489"
diff --git a/recipes-security/selinux/policycoreutils_3.1.bb b/recipes-security/selinux/policycoreutils_3.1.bb
new file mode 100644
index 0000000..f56d1c3
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "3097ac2c83e47af130452f10399282cb"
+SRC_URI[sha256sum] = "c889f62ee80f8b6a369469a9b8af51f5b797975aeaa291f5c5960cc12eed1934"
--
2.25.1


[meta-selinux][PATCH 09/17] secilc: upgrade to 3.1 (20200710)

Yi Zhao
 

Signed-off-by: Yi Zhao <yi.zhao@...>
---
recipes-security/selinux/secilc_3.0.bb | 7 -------
recipes-security/selinux/secilc_3.1.bb | 7 +++++++
2 files changed, 7 insertions(+), 7 deletions(-)
delete mode 100644 recipes-security/selinux/secilc_3.0.bb
create mode 100644 recipes-security/selinux/secilc_3.1.bb

diff --git a/recipes-security/selinux/secilc_3.0.bb b/recipes-security/selinux/secilc_3.0.bb
deleted file mode 100644
index 71b6cff..0000000
--- a/recipes-security/selinux/secilc_3.0.bb
+++ /dev/null
@@ -1,7 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=c7e802b9a3b0c2c852669864c08b9138"
-
-SRC_URI[md5sum] = "be7ec221b874053a843ef90e49daa5cf"
-SRC_URI[sha256sum] = "78fafc4a8a8a212663d3d1e181047f5605430f0a0577ff772a4bb7fecd2b42b0"
diff --git a/recipes-security/selinux/secilc_3.1.bb b/recipes-security/selinux/secilc_3.1.bb
new file mode 100644
index 0000000..c1fb36b
--- /dev/null
+++ b/recipes-security/selinux/secilc_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=c7e802b9a3b0c2c852669864c08b9138"
+
+SRC_URI[md5sum] = "f9743e405a8de331c249b723c09c6c3f"
+SRC_URI[sha256sum] = "86117246fec3017af710a9ff7c1dae3ed1cd571e232a86cff3e2a3de2d6aa65c"
--
2.25.1


[meta-selinux][PATCH 08/17] checkpolicy: upgrade to 3.0 (20191204)

Yi Zhao
 

Drop backported patch:
0001-checkpolicy-remove-unused-te_assertions.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...ckpolicy-remove-unused-te_assertions.patch | 45 -------------------
recipes-security/selinux/checkpolicy_3.0.bb | 11 -----
recipes-security/selinux/checkpolicy_3.1.bb | 7 +++
3 files changed, 7 insertions(+), 56 deletions(-)
delete mode 100644 recipes-security/selinux/checkpolicy/0001-checkpolicy-remove-unused-te_assertions.patch
delete mode 100644 recipes-security/selinux/checkpolicy_3.0.bb
create mode 100644 recipes-security/selinux/checkpolicy_3.1.bb

diff --git a/recipes-security/selinux/checkpolicy/0001-checkpolicy-remove-unused-te_assertions.patch b/recipes-security/selinux/checkpolicy/0001-checkpolicy-remove-unused-te_assertions.patch
deleted file mode 100644
index 61c301e..0000000
--- a/recipes-security/selinux/checkpolicy/0001-checkpolicy-remove-unused-te_assertions.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From 95d8f16ece96829109eb75a605b1459a25b5a6be Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@...>
-Date: Thu, 23 Jan 2020 13:57:15 +0100
-Subject: [PATCH] checkpolicy: remove unused te_assertions
-
-This variable is declared in a header file, but never defined or used.
-The te_assert structure definition is only used in this declaration, so
-remove both.
-
-Upstream-Status: Backport [https://github.com/SELinuxProject/selinux/commit/4d330d0d3155211f119b3082f728ae42dcc01e96]
-
-Signed-off-by: Ondrej Mosnacek <omosnace@...>
-Signed-off-by: Mingli Yu <mingli.yu@...>
----
- checkpolicy/checkpolicy.h | 14 --------------
- 1 file changed, 14 deletions(-)
-
-diff --git a/checkpolicy.h b/checkpolicy.h
-index 3868f1fa023b..f127687e72a6 100644
---- a/checkpolicy.h
-+++ b/checkpolicy.h
-@@ -1,20 +1,6 @@
- #ifndef _CHECKPOLICY_H_
- #define _CHECKPOLICY_H_
-
--#include <sepol/policydb/ebitmap.h>
--
--typedef struct te_assert {
-- ebitmap_t stypes;
-- ebitmap_t ttypes;
-- ebitmap_t tclasses;
-- int self;
-- sepol_access_vector_t *avp;
-- unsigned long line;
-- struct te_assert *next;
--} te_assert_t;
--
--te_assert_t *te_assertions;
--
- extern unsigned int policyvers;
-
- #endif
---
-2.24.1
-
diff --git a/recipes-security/selinux/checkpolicy_3.0.bb b/recipes-security/selinux/checkpolicy_3.0.bb
deleted file mode 100644
index 50d6217..0000000
--- a/recipes-security/selinux/checkpolicy_3.0.bb
+++ /dev/null
@@ -1,11 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
-
-SRC_URI[md5sum] = "b7c5547b95ce855bcdc10cb8adba8223"
-SRC_URI[sha256sum] = "c88c719a141dd5c1202d49c378c7f063349d630522d5e04dc6e0c53da81aa4f8"
-
-SRC_URI += "\
- file://0001-checkpolicy-remove-unused-te_assertions.patch \
-"
diff --git a/recipes-security/selinux/checkpolicy_3.1.bb b/recipes-security/selinux/checkpolicy_3.1.bb
new file mode 100644
index 0000000..71045b8
--- /dev/null
+++ b/recipes-security/selinux/checkpolicy_3.1.bb
@@ -0,0 +1,7 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=393a5ca445f6965873eca0259a17f833"
+
+SRC_URI[md5sum] = "1302676cd8853f740a963fd6d5bb4172"
+SRC_URI[sha256sum] = "dfc7707070520c93b14fbbdfdbe081364d806bf28e3e79e10318c2594c77bbb2"
--
2.25.1


[meta-selinux][PATCH 07/17] libsemanage: upgrade to 3.1 (20200710)

Yi Zhao
 

* Drop obsolete patch:
libsemanage-drop-Wno-unused-but-set-variable.patch

* Refresh patch:
libsemanage-allow-to-disable-audit-support.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...anage-allow-to-disable-audit-support.patch | 12 ++++----
...age-drop-Wno-unused-but-set-variable.patch | 28 -------------------
...{libsemanage_3.0.bb => libsemanage_3.1.bb} | 7 ++---
3 files changed, 9 insertions(+), 38 deletions(-)
delete mode 100644 recipes-security/selinux/libsemanage/libsemanage-drop-Wno-unused-but-set-variable.patch
rename recipes-security/selinux/{libsemanage_3.0.bb => libsemanage_3.1.bb} (60%)

diff --git a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
index c588b61..ff5cb00 100644
--- a/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
+++ b/recipes-security/selinux/libsemanage/libsemanage-allow-to-disable-audit-support.patch
@@ -1,4 +1,4 @@
-From 1633f72579e3b79d055759256b71e4169627889b Mon Sep 17 00:00:00 2001
+From e76867515be3bc296174aeb26c7996a0939a2a8c Mon Sep 17 00:00:00 2001
From: Wenzong Fan <wenzong.fan@...>
Date: Mon, 20 Jan 2014 03:53:48 -0500
Subject: [PATCH] libsemanage: allow to disable audit support
@@ -13,11 +13,11 @@ Signed-off-by: Wenzong Fan <wenzong.fan@...>
3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/src/Makefile b/src/Makefile
-index 3bd1e20..483e818 100644
+index a0eb374..afc4437 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -26,6 +26,14 @@ ifeq ($(DEBUG),1)
- export LDFLAGS = -g
+ export LDFLAGS ?= -g
endif

+DISABLE_AUDIT ?= n
@@ -31,7 +31,7 @@ index 3bd1e20..483e818 100644
LEX = flex
LFLAGS = -s
YACC = bison
-@@ -88,7 +96,7 @@ $(LIBA): $(OBJS)
+@@ -89,7 +97,7 @@ $(LIBA): $(OBJS)
$(RANLIB) $@

$(LIBSO): $(LOBJS)
@@ -41,7 +41,7 @@ index 3bd1e20..483e818 100644

$(LIBPC): $(LIBPC).in ../VERSION
diff --git a/src/seusers_local.c b/src/seusers_local.c
-index 3e2761c..8bc6b83 100644
+index 6508ec0..1b26956 100644
--- a/src/seusers_local.c
+++ b/src/seusers_local.c
@@ -8,7 +8,11 @@ typedef struct semanage_seuser record_t;
@@ -122,5 +122,5 @@ index 69f49a3..f914492 100644
OBJECTS = $(SOURCES:.c=.o)
POLICIES = $(CILS:.cil=.policy)
--
-2.7.4
+2.17.1

diff --git a/recipes-security/selinux/libsemanage/libsemanage-drop-Wno-unused-but-set-variable.patch b/recipes-security/selinux/libsemanage/libsemanage-drop-Wno-unused-but-set-variable.patch
deleted file mode 100644
index c9b052c..0000000
--- a/recipes-security/selinux/libsemanage/libsemanage-drop-Wno-unused-but-set-variable.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 90a2459d1683e53f4a896b977e6b396db562c903 Mon Sep 17 00:00:00 2001
-From: Randy MacLeod <Randy.MacLeod@...>
-Date: Tue, 30 Apr 2013 23:15:57 -0400
-Subject: [PATCH] libselinux: drop flag: -Wno-unused-but-set-variable
-
-Upstream-Status: Inappropriate [older compilers only]
-
-Signed-off-by: Randy MacLeod <Randy.MacLeod@...>
----
- src/Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/Makefile b/src/Makefile
-index e029f09..8240c3a 100644
---- a/src/Makefile
-+++ b/src/Makefile
-@@ -55,7 +55,7 @@ OBJS= $(patsubst %.c,%.o,$(SRCS)) conf-scan.o conf-parse.o
- LOBJS= $(patsubst %.c,%.lo,$(SRCS)) conf-scan.lo conf-parse.lo
- CFLAGS ?= -Werror -Wall -W -Wundef -Wshadow -Wmissing-noreturn -Wmissing-format-attribute
-
--SWIG_CFLAGS += -Wno-error -Wno-unused-but-set-variable -Wno-unused-variable -Wno-shadow \
-+SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-shadow \
- -Wno-unused-parameter
-
- override CFLAGS += -I../include -D_GNU_SOURCE
---
-2.7.4
-
diff --git a/recipes-security/selinux/libsemanage_3.0.bb b/recipes-security/selinux/libsemanage_3.1.bb
similarity index 60%
rename from recipes-security/selinux/libsemanage_3.0.bb
rename to recipes-security/selinux/libsemanage_3.1.bb
index 450675b..8e6781f 100644
--- a/recipes-security/selinux/libsemanage_3.0.bb
+++ b/recipes-security/selinux/libsemanage_3.1.bb
@@ -1,14 +1,13 @@
-require selinux_20191204.inc
+require selinux_20200710.inc
require ${BPN}.inc

LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"

-SRC_URI[md5sum] = "17a2fc780af0a36f2cf27ab7c4e85946"
-SRC_URI[sha256sum] = "a497b0720d54eac427f1f3f618eed417e50ed8f4e47ed0f7a1d391bd416e84cf"
+SRC_URI[md5sum] = "d16eee8c1dc8cf43f59957d575d6bd29"
+SRC_URI[sha256sum] = "22d6c75526e40d1781c30bcf29abf97171bdfe6780923f11c8e1c76a75a21ff8"

SRC_URI += "\
file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \
- file://libsemanage-drop-Wno-unused-but-set-variable.patch \
file://libsemanage-define-FD_CLOEXEC-as-necessary.patch \
file://libsemanage-allow-to-disable-audit-support.patch \
file://libsemanage-disable-expand-check-on-policy-load.patch \
--
2.25.1


[meta-selinux][PATCH 06/17] libselinux-python: upgrade to 3.1 (20200710)

Yi Zhao
 

Refresh patches:
0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
0001-Makefile-fix-python-modules-install-path-for-multili.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...linux-python_3.0.bb => libselinux-python_3.1.bb} | 13 ++++++++-----
...-PYCEXT-and-rely-on-the-installed-file-nam.patch | 12 ++++++------
...ix-python-modules-install-path-for-multili.patch | 12 ++++++------
3 files changed, 20 insertions(+), 17 deletions(-)
rename recipes-security/selinux/{libselinux-python_3.0.bb => libselinux-python_3.1.bb} (66%)

diff --git a/recipes-security/selinux/libselinux-python_3.0.bb b/recipes-security/selinux/libselinux-python_3.1.bb
similarity index 66%
rename from recipes-security/selinux/libselinux-python_3.0.bb
rename to recipes-security/selinux/libselinux-python_3.1.bb
index 2b5438d..9493083 100644
--- a/recipes-security/selinux/libselinux-python_3.0.bb
+++ b/recipes-security/selinux/libselinux-python_3.1.bb
@@ -1,4 +1,4 @@
-SELINUX_RELEASE = "20191204"
+SELINUX_RELEASE = "20200710"

SRC_URI = "https://github.com/SELinuxProject/selinux/releases/download/${SELINUX_RELEASE}/libselinux-${PV}.tar.gz"

@@ -6,16 +6,19 @@ require ${BPN}.inc

LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"

-SRC_URI[md5sum] = "b387a66f087b6d97713570e85ec89d89"
-SRC_URI[sha256sum] = "2ea2b30f671dae9d6b1391cbe8fb2ce5d36a3ee4fb1cd3c32f0d933c31b82433"
+SRC_URI[md5sum] = "693680c021feb69a4b258b0370021461"
+SRC_URI[sha256sum] = "ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7"

SRC_URI += "\
- file://libselinux-drop-Wno-unused-but-set-variable.patch \
file://libselinux-make-O_CLOEXEC-optional.patch \
file://libselinux-make-SOCK_CLOEXEC-optional.patch \
file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
- file://0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch \
file://0001-Makefile-fix-python-modules-install-path-for-multili.patch \
file://0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch \
"
+
+SRC_URI_append_libc-musl = " \
+ file://0001-libselinux-do-not-define-gettid-for-musl.patch \
+ "
+
S = "${WORKDIR}/libselinux-${PV}"
diff --git a/recipes-security/selinux/libselinux/0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch b/recipes-security/selinux/libselinux/0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
index b7cd59d..0fafcef 100644
--- a/recipes-security/selinux/libselinux/0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
+++ b/recipes-security/selinux/libselinux/0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch
@@ -1,4 +1,4 @@
-From 0d4da8093bc2ef92b7c6f7fd1f4804f6ebc6cb56 Mon Sep 17 00:00:00 2001
+From 1542c79660484a2f2e24ee0593586dba35c3ad13 Mon Sep 17 00:00:00 2001
From: Thomas Petazzoni <thomas.petazzoni@...>
Date: Fri, 25 Oct 2019 13:37:14 +0200
Subject: [PATCH] Do not use PYCEXT, and rely on the installed file name
@@ -27,20 +27,20 @@ Signed-off-by: Changqing Li <changqing.li@...>
1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/Makefile b/src/Makefile
-index a384a10..82adf82 100644
+index dcdeb10..da6f719 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -15,7 +15,6 @@ INCLUDEDIR ?= $(PREFIX)/include
PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX))
PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; print(get_python_lib(plat_specific=1, prefix='$(PREFIX)'))")
--PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t in imp.get_suffixes() if t == imp.C_EXTENSION][0])')
+-PYCEXT ?= $(shell $(PYTHON) -c 'import importlib.machinery;print(importlib.machinery.EXTENSION_SUFFIXES[0])')
RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" + RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
RUBYINSTALL ?= $(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]')
-@@ -175,7 +174,7 @@ install: all
+@@ -176,7 +175,7 @@ install: all
install-pywrap: pywrap
- $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR)
+ $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR) $(PYTHON_SETUP_ARGS)
install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
- ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux$(PYCEXT) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)
+ ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux*.so $(DESTDIR)$(PYTHONLIBDIR)/
@@ -48,5 +48,5 @@ index a384a10..82adf82 100644
install-rubywrap: rubywrap
test -d $(DESTDIR)$(RUBYINSTALL) || install -m 755 -d $(DESTDIR)$(RUBYINSTALL)
--
-2.24.1
+2.17.1

diff --git a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
index f0fee23..9dfd8d4 100644
--- a/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
+++ b/recipes-security/selinux/libselinux/0001-Makefile-fix-python-modules-install-path-for-multili.patch
@@ -1,4 +1,4 @@
-From 930514c1b93335ccf6d70adf46ca7e3f8183603d Mon Sep 17 00:00:00 2001
+From 41540f5c4e3552a2806097613f016d1a2fd4754a Mon Sep 17 00:00:00 2001
From: Yi Zhao <yi.zhao@...>
Date: Mon, 13 Apr 2020 12:44:23 +0800
Subject: [PATCH] Makefile: fix python modules install path for multilib
@@ -11,18 +11,18 @@ Signed-off-by: Yi Zhao <yi.zhao@...>
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Makefile b/src/Makefile
-index b0ce2c8..a384a10 100644
+index 190016e..dcdeb10 100644
--- a/src/Makefile
+++ b/src/Makefile
-@@ -173,7 +173,7 @@ install: all
+@@ -174,7 +174,7 @@ install: all
ln -sf --relative $(DESTDIR)$(SHLIBDIR)/$(LIBSO) $(DESTDIR)$(LIBDIR)/$(TARGET)

install-pywrap: pywrap
-- $(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)`
-+ $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR)
+- $(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && echo --root $(DESTDIR)` $(PYTHON_SETUP_ARGS)
++ $(PYTHON) setup.py install --prefix=$(PREFIX) --root=$(DESTDIR) --install-lib=$(PYTHONLIBDIR) $(PYTHON_SETUP_ARGS)
install -m 644 $(SWIGPYOUT) $(DESTDIR)$(PYTHONLIBDIR)/selinux/__init__.py
ln -sf --relative $(DESTDIR)$(PYTHONLIBDIR)/selinux/_selinux$(PYCEXT) $(DESTDIR)$(PYTHONLIBDIR)/_selinux$(PYCEXT)

--
-2.7.4
+2.17.1

--
2.25.1


[meta-selinux][PATCH 05/17] libselinux: upgrade to 3.1 (20200710)

Yi Zhao
 

Drop backported and obsolete patches:
0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch
libselinux-drop-Wno-unused-but-set-variable.patch

Add patch to fix build on musl:
0001-libselinux-do-not-define-gettid-for-musl.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...ainst-musl-and-uClibc-libc-libraries.patch | 38 ---------------
...elinux-do-not-define-gettid-for-musl.patch | 47 +++++++++++++++++++
...nux-drop-Wno-unused-but-set-variable.patch | 26 ----------
recipes-security/selinux/libselinux_3.0.bb | 15 ------
recipes-security/selinux/libselinux_3.1.bb | 17 +++++++
5 files changed, 64 insertions(+), 79 deletions(-)
delete mode 100644 recipes-security/selinux/libselinux/0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch
create mode 100644 recipes-security/selinux/libselinux/0001-libselinux-do-not-define-gettid-for-musl.patch
delete mode 100644 recipes-security/selinux/libselinux/libselinux-drop-Wno-unused-but-set-variable.patch
delete mode 100644 recipes-security/selinux/libselinux_3.0.bb
create mode 100644 recipes-security/selinux/libselinux_3.1.bb

diff --git a/recipes-security/selinux/libselinux/0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch b/recipes-security/selinux/libselinux/0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch
deleted file mode 100644
index 8308553..0000000
--- a/recipes-security/selinux/libselinux/0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-From 61bfcbffce32be51d712040c3f84293b78428184 Mon Sep 17 00:00:00 2001
-From: Adam Duskett <Aduskett@...>
-Date: Tue, 7 Apr 2020 13:53:05 -0700
-Subject: [PATCH] Fix building against musl and uClibc libc libraries.
-
-Currently, the src/Makefile provides the FTS_LDLIBS when building against musl
-or uClibc. However, this is missing from utils/Makefile, which causes linking
-to fail.
-
-Add the FTS_LDLIBS variable to the LDLIBS variable in utils/Makefile to fix
-compiling against uClibc and musl.
-
-Signed-off-by: Adam Duskett <Aduskett@...>
-
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/aa40067b7b86d5e4c951fccae1aa98baff148613]
-
-Signed-off-by: Yi Zhao <yi.zhao@...>
----
- utils/Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/utils/Makefile b/utils/Makefile
-index 3615063..a5632b7 100644
---- a/utils/Makefile
-+++ b/utils/Makefile
-@@ -45,7 +45,7 @@ endif
-
- override CFLAGS += -I../include -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
- override LDFLAGS += -L../src
--override LDLIBS += -lselinux
-+override LDLIBS += -lselinux $(FTS_LDLIBS)
- PCRE_LDLIBS ?= -lpcre
-
- ifeq ($(ANDROID_HOST),y)
---
-2.7.4
-
diff --git a/recipes-security/selinux/libselinux/0001-libselinux-do-not-define-gettid-for-musl.patch b/recipes-security/selinux/libselinux/0001-libselinux-do-not-define-gettid-for-musl.patch
new file mode 100644
index 0000000..5d6e409
--- /dev/null
+++ b/recipes-security/selinux/libselinux/0001-libselinux-do-not-define-gettid-for-musl.patch
@@ -0,0 +1,47 @@
+From 5f6f4a095bc82b29c3871d4d8a15d9c16cef39ef Mon Sep 17 00:00:00 2001
+From: Yi Zhao <yi.zhao@...>
+Date: Wed, 6 Jan 2021 10:42:11 +0800
+Subject: [PATCH] libselinux: do not define gettid() for musl
+
+The musl has implemented gettid() function:
+http://git.musl-libc.org/cgit/musl/commit/?id=d49cf07541bb54a5ac7aec1feec8514db33db8ea
+
+Fixes:
+procattr.c:38:14: error: static declaration of 'gettid' follows non-static declaration
+ 38 | static pid_t gettid(void)
+ | ^~~~~~
+In file included from procattr.c:2:
+/build/tmp/work/core2-32-poky-linux-musl/libselinux/3.1-r0/recipe-sysroot/usr/include/unistd.h:194:7:
+note: previous declaration of 'gettid' was here
+ 194 | pid_t gettid(void);
+ | ^~~~~~
+
+Upstream-Status: Pending
+
+Signed-off-by: Yi Zhao <yi.zhao@...>
+---
+ src/procattr.c | 8 +-------
+ 1 file changed, 1 insertion(+), 7 deletions(-)
+
+diff --git a/src/procattr.c b/src/procattr.c
+index 926ee54..519e515 100644
+--- a/src/procattr.c
++++ b/src/procattr.c
+@@ -24,13 +24,7 @@ static __thread char destructor_initialized;
+
+ /* Bionic and glibc >= 2.30 declare gettid() system call wrapper in unistd.h and
+ * has a definition for it */
+-#ifdef __BIONIC__
+- #define OVERRIDE_GETTID 0
+-#elif !defined(__GLIBC_PREREQ)
+- #define OVERRIDE_GETTID 1
+-#elif !__GLIBC_PREREQ(2,30)
+- #define OVERRIDE_GETTID 1
+-#else
++#if !defined(__GLIBC_)
+ #define OVERRIDE_GETTID 0
+ #endif
+
+--
+2.17.1
+
diff --git a/recipes-security/selinux/libselinux/libselinux-drop-Wno-unused-but-set-variable.patch b/recipes-security/selinux/libselinux/libselinux-drop-Wno-unused-but-set-variable.patch
deleted file mode 100644
index 688b4e3..0000000
--- a/recipes-security/selinux/libselinux/libselinux-drop-Wno-unused-but-set-variable.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 865b8c40b331235ce2c9df1fcbbb3876c9b79338 Mon Sep 17 00:00:00 2001
-From: Randy MacLeod <Randy.MacLeod@...>
-Date: Tue, 30 Apr 2013 17:28:34 -0400
-Subject: [PATCH] libselinux: drop flag: -Wno-unused-but-set-variable
-
-Upstream status: Inappropriate [older compilers only]
-
-Signed-off-by: Randy MacLeod <Randy.MacLeod@...>
-
----
- src/Makefile | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/Makefile b/src/Makefile
-index 2408fae..a89c0f7 100644
---- a/src/Makefile
-+++ b/src/Makefile
-@@ -96,7 +96,7 @@ PCRE_LDLIBS ?= -lpcre
-
- override CFLAGS += -I../include -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS)
-
--SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-but-set-variable -Wno-unused-parameter \
-+SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-parameter \
- -Wno-shadow -Wno-uninitialized -Wno-missing-prototypes -Wno-missing-declarations
-
- RANLIB ?= ranlib
diff --git a/recipes-security/selinux/libselinux_3.0.bb b/recipes-security/selinux/libselinux_3.0.bb
deleted file mode 100644
index 05d2346..0000000
--- a/recipes-security/selinux/libselinux_3.0.bb
+++ /dev/null
@@ -1,15 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
-
-SRC_URI[md5sum] = "b387a66f087b6d97713570e85ec89d89"
-SRC_URI[sha256sum] = "2ea2b30f671dae9d6b1391cbe8fb2ce5d36a3ee4fb1cd3c32f0d933c31b82433"
-
-SRC_URI += "\
- file://libselinux-drop-Wno-unused-but-set-variable.patch \
- file://libselinux-make-O_CLOEXEC-optional.patch \
- file://libselinux-make-SOCK_CLOEXEC-optional.patch \
- file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
- file://0001-Fix-building-against-musl-and-uClibc-libc-libraries.patch \
- "
diff --git a/recipes-security/selinux/libselinux_3.1.bb b/recipes-security/selinux/libselinux_3.1.bb
new file mode 100644
index 0000000..9d1cda5
--- /dev/null
+++ b/recipes-security/selinux/libselinux_3.1.bb
@@ -0,0 +1,17 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://LICENSE;md5=84b4d2c6ef954a2d4081e775a270d0d0"
+
+SRC_URI[md5sum] = "693680c021feb69a4b258b0370021461"
+SRC_URI[sha256sum] = "ea5dcbb4d859e3f999c26a13c630da2f16dff9462e3cc8cb7b458ac157d112e7"
+
+SRC_URI += "\
+ file://libselinux-make-O_CLOEXEC-optional.patch \
+ file://libselinux-make-SOCK_CLOEXEC-optional.patch \
+ file://libselinux-define-FD_CLOEXEC-as-necessary.patch \
+ "
+
+SRC_URI_append_libc-musl = " \
+ file://0001-libselinux-do-not-define-gettid-for-musl.patch \
+ "
--
2.25.1


[meta-selinux][PATCH 04/17] libsepol: upgrade to 3.1 (20200710)

Yi Zhao
 

Drop backported patches:
0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch

Signed-off-by: Yi Zhao <yi.zhao@...>
---
...IL_KEY_-build-errors-with-fno-common.patch | 530 ------------------
...e-leftovers-of-cil_mem_error_handler.patch | 65 ---
recipes-security/selinux/libsepol_3.0.bb | 12 -
recipes-security/selinux/libsepol_3.1.bb | 8 +
4 files changed, 8 insertions(+), 607 deletions(-)
delete mode 100644 recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
delete mode 100644 recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch
delete mode 100644 recipes-security/selinux/libsepol_3.0.bb
create mode 100644 recipes-security/selinux/libsepol_3.1.bb

diff --git a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch b/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
deleted file mode 100644
index 46c56a4..0000000
--- a/recipes-security/selinux/libsepol/0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch
+++ /dev/null
@@ -1,530 +0,0 @@
-From a96e8c59ecac84096d870b42701a504791a8cc8c Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@...>
-Date: Thu, 23 Jan 2020 13:57:13 +0100
-Subject: [PATCH] libsepol: fix CIL_KEY_* build errors with -fno-common
-
-GCC 10 comes with -fno-common enabled by default - fix the CIL_KEY_*
-global variables to be defined only once in cil.c and declared in the
-header file correctly with the 'extern' keyword, so that other units
-including the file don't generate duplicate definitions.
-
-Signed-off-by: Ondrej Mosnacek <omosnace@...>
-
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/a96e8c59ecac84096d870b42701a504791a8cc8c]
-
-Signed-off-by: Yi Zhao <yi.zhao@...>
----
- cil/src/cil.c | 162 ++++++++++++++++
- cil/src/cil_internal.h | 322 ++++++++++++++++----------------
- 2 files changed, 323 insertions(+), 161 deletions(-)
-
-diff --git a/cil/src/cil.c b/cil/src/cil.c
-index de729cf8..d222ad3a 100644
---- a/cil/src/cil.c
-+++ b/cil/src/cil.c
-@@ -77,6 +77,168 @@ int cil_sym_sizes[CIL_SYM_ARRAY_NUM][CIL_SYM_NUM] = {
- {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1}
- };
-
-+char *CIL_KEY_CONS_T1;
-+char *CIL_KEY_CONS_T2;
-+char *CIL_KEY_CONS_T3;
-+char *CIL_KEY_CONS_R1;
-+char *CIL_KEY_CONS_R2;
-+char *CIL_KEY_CONS_R3;
-+char *CIL_KEY_CONS_U1;
-+char *CIL_KEY_CONS_U2;
-+char *CIL_KEY_CONS_U3;
-+char *CIL_KEY_CONS_L1;
-+char *CIL_KEY_CONS_L2;
-+char *CIL_KEY_CONS_H1;
-+char *CIL_KEY_CONS_H2;
-+char *CIL_KEY_AND;
-+char *CIL_KEY_OR;
-+char *CIL_KEY_NOT;
-+char *CIL_KEY_EQ;
-+char *CIL_KEY_NEQ;
-+char *CIL_KEY_CONS_DOM;
-+char *CIL_KEY_CONS_DOMBY;
-+char *CIL_KEY_CONS_INCOMP;
-+char *CIL_KEY_CONDTRUE;
-+char *CIL_KEY_CONDFALSE;
-+char *CIL_KEY_SELF;
-+char *CIL_KEY_OBJECT_R;
-+char *CIL_KEY_STAR;
-+char *CIL_KEY_TCP;
-+char *CIL_KEY_UDP;
-+char *CIL_KEY_DCCP;
-+char *CIL_KEY_SCTP;
-+char *CIL_KEY_AUDITALLOW;
-+char *CIL_KEY_TUNABLEIF;
-+char *CIL_KEY_ALLOW;
-+char *CIL_KEY_DONTAUDIT;
-+char *CIL_KEY_TYPETRANSITION;
-+char *CIL_KEY_TYPECHANGE;
-+char *CIL_KEY_CALL;
-+char *CIL_KEY_TUNABLE;
-+char *CIL_KEY_XOR;
-+char *CIL_KEY_ALL;
-+char *CIL_KEY_RANGE;
-+char *CIL_KEY_GLOB;
-+char *CIL_KEY_FILE;
-+char *CIL_KEY_DIR;
-+char *CIL_KEY_CHAR;
-+char *CIL_KEY_BLOCK;
-+char *CIL_KEY_SOCKET;
-+char *CIL_KEY_PIPE;
-+char *CIL_KEY_SYMLINK;
-+char *CIL_KEY_ANY;
-+char *CIL_KEY_XATTR;
-+char *CIL_KEY_TASK;
-+char *CIL_KEY_TRANS;
-+char *CIL_KEY_TYPE;
-+char *CIL_KEY_ROLE;
-+char *CIL_KEY_USER;
-+char *CIL_KEY_USERATTRIBUTE;
-+char *CIL_KEY_USERATTRIBUTESET;
-+char *CIL_KEY_SENSITIVITY;
-+char *CIL_KEY_CATEGORY;
-+char *CIL_KEY_CATSET;
-+char *CIL_KEY_LEVEL;
-+char *CIL_KEY_LEVELRANGE;
-+char *CIL_KEY_CLASS;
-+char *CIL_KEY_IPADDR;
-+char *CIL_KEY_MAP_CLASS;
-+char *CIL_KEY_CLASSPERMISSION;
-+char *CIL_KEY_BOOL;
-+char *CIL_KEY_STRING;
-+char *CIL_KEY_NAME;
-+char *CIL_KEY_SOURCE;
-+char *CIL_KEY_TARGET;
-+char *CIL_KEY_LOW;
-+char *CIL_KEY_HIGH;
-+char *CIL_KEY_LOW_HIGH;
-+char *CIL_KEY_GLBLUB;
-+char *CIL_KEY_HANDLEUNKNOWN;
-+char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
-+char *CIL_KEY_HANDLEUNKNOWN_DENY;
-+char *CIL_KEY_HANDLEUNKNOWN_REJECT;
-+char *CIL_KEY_MACRO;
-+char *CIL_KEY_IN;
-+char *CIL_KEY_MLS;
-+char *CIL_KEY_DEFAULTRANGE;
-+char *CIL_KEY_BLOCKINHERIT;
-+char *CIL_KEY_BLOCKABSTRACT;
-+char *CIL_KEY_CLASSORDER;
-+char *CIL_KEY_CLASSMAPPING;
-+char *CIL_KEY_CLASSPERMISSIONSET;
-+char *CIL_KEY_COMMON;
-+char *CIL_KEY_CLASSCOMMON;
-+char *CIL_KEY_SID;
-+char *CIL_KEY_SIDCONTEXT;
-+char *CIL_KEY_SIDORDER;
-+char *CIL_KEY_USERLEVEL;
-+char *CIL_KEY_USERRANGE;
-+char *CIL_KEY_USERBOUNDS;
-+char *CIL_KEY_USERPREFIX;
-+char *CIL_KEY_SELINUXUSER;
-+char *CIL_KEY_SELINUXUSERDEFAULT;
-+char *CIL_KEY_TYPEATTRIBUTE;
-+char *CIL_KEY_TYPEATTRIBUTESET;
-+char *CIL_KEY_EXPANDTYPEATTRIBUTE;
-+char *CIL_KEY_TYPEALIAS;
-+char *CIL_KEY_TYPEALIASACTUAL;
-+char *CIL_KEY_TYPEBOUNDS;
-+char *CIL_KEY_TYPEPERMISSIVE;
-+char *CIL_KEY_RANGETRANSITION;
-+char *CIL_KEY_USERROLE;
-+char *CIL_KEY_ROLETYPE;
-+char *CIL_KEY_ROLETRANSITION;
-+char *CIL_KEY_ROLEALLOW;
-+char *CIL_KEY_ROLEATTRIBUTE;
-+char *CIL_KEY_ROLEATTRIBUTESET;
-+char *CIL_KEY_ROLEBOUNDS;
-+char *CIL_KEY_BOOLEANIF;
-+char *CIL_KEY_NEVERALLOW;
-+char *CIL_KEY_TYPEMEMBER;
-+char *CIL_KEY_SENSALIAS;
-+char *CIL_KEY_SENSALIASACTUAL;
-+char *CIL_KEY_CATALIAS;
-+char *CIL_KEY_CATALIASACTUAL;
-+char *CIL_KEY_CATORDER;
-+char *CIL_KEY_SENSITIVITYORDER;
-+char *CIL_KEY_SENSCAT;
-+char *CIL_KEY_CONSTRAIN;
-+char *CIL_KEY_MLSCONSTRAIN;
-+char *CIL_KEY_VALIDATETRANS;
-+char *CIL_KEY_MLSVALIDATETRANS;
-+char *CIL_KEY_CONTEXT;
-+char *CIL_KEY_FILECON;
-+char *CIL_KEY_IBPKEYCON;
-+char *CIL_KEY_IBENDPORTCON;
-+char *CIL_KEY_PORTCON;
-+char *CIL_KEY_NODECON;
-+char *CIL_KEY_GENFSCON;
-+char *CIL_KEY_NETIFCON;
-+char *CIL_KEY_PIRQCON;
-+char *CIL_KEY_IOMEMCON;
-+char *CIL_KEY_IOPORTCON;
-+char *CIL_KEY_PCIDEVICECON;
-+char *CIL_KEY_DEVICETREECON;
-+char *CIL_KEY_FSUSE;
-+char *CIL_KEY_POLICYCAP;
-+char *CIL_KEY_OPTIONAL;
-+char *CIL_KEY_DEFAULTUSER;
-+char *CIL_KEY_DEFAULTROLE;
-+char *CIL_KEY_DEFAULTTYPE;
-+char *CIL_KEY_ROOT;
-+char *CIL_KEY_NODE;
-+char *CIL_KEY_PERM;
-+char *CIL_KEY_ALLOWX;
-+char *CIL_KEY_AUDITALLOWX;
-+char *CIL_KEY_DONTAUDITX;
-+char *CIL_KEY_NEVERALLOWX;
-+char *CIL_KEY_PERMISSIONX;
-+char *CIL_KEY_IOCTL;
-+char *CIL_KEY_UNORDERED;
-+char *CIL_KEY_SRC_INFO;
-+char *CIL_KEY_SRC_CIL;
-+char *CIL_KEY_SRC_HLL;
-+
- static void cil_init_keys(void)
- {
- /* Initialize CIL Keys into strpool */
-diff --git a/cil/src/cil_internal.h b/cil/src/cil_internal.h
-index 30fab649..9bdcbdd0 100644
---- a/cil/src/cil_internal.h
-+++ b/cil/src/cil_internal.h
-@@ -74,167 +74,167 @@ enum cil_pass {
- /*
- Keywords
- */
--char *CIL_KEY_CONS_T1;
--char *CIL_KEY_CONS_T2;
--char *CIL_KEY_CONS_T3;
--char *CIL_KEY_CONS_R1;
--char *CIL_KEY_CONS_R2;
--char *CIL_KEY_CONS_R3;
--char *CIL_KEY_CONS_U1;
--char *CIL_KEY_CONS_U2;
--char *CIL_KEY_CONS_U3;
--char *CIL_KEY_CONS_L1;
--char *CIL_KEY_CONS_L2;
--char *CIL_KEY_CONS_H1;
--char *CIL_KEY_CONS_H2;
--char *CIL_KEY_AND;
--char *CIL_KEY_OR;
--char *CIL_KEY_NOT;
--char *CIL_KEY_EQ;
--char *CIL_KEY_NEQ;
--char *CIL_KEY_CONS_DOM;
--char *CIL_KEY_CONS_DOMBY;
--char *CIL_KEY_CONS_INCOMP;
--char *CIL_KEY_CONDTRUE;
--char *CIL_KEY_CONDFALSE;
--char *CIL_KEY_SELF;
--char *CIL_KEY_OBJECT_R;
--char *CIL_KEY_STAR;
--char *CIL_KEY_TCP;
--char *CIL_KEY_UDP;
--char *CIL_KEY_DCCP;
--char *CIL_KEY_SCTP;
--char *CIL_KEY_AUDITALLOW;
--char *CIL_KEY_TUNABLEIF;
--char *CIL_KEY_ALLOW;
--char *CIL_KEY_DONTAUDIT;
--char *CIL_KEY_TYPETRANSITION;
--char *CIL_KEY_TYPECHANGE;
--char *CIL_KEY_CALL;
--char *CIL_KEY_TUNABLE;
--char *CIL_KEY_XOR;
--char *CIL_KEY_ALL;
--char *CIL_KEY_RANGE;
--char *CIL_KEY_GLOB;
--char *CIL_KEY_FILE;
--char *CIL_KEY_DIR;
--char *CIL_KEY_CHAR;
--char *CIL_KEY_BLOCK;
--char *CIL_KEY_SOCKET;
--char *CIL_KEY_PIPE;
--char *CIL_KEY_SYMLINK;
--char *CIL_KEY_ANY;
--char *CIL_KEY_XATTR;
--char *CIL_KEY_TASK;
--char *CIL_KEY_TRANS;
--char *CIL_KEY_TYPE;
--char *CIL_KEY_ROLE;
--char *CIL_KEY_USER;
--char *CIL_KEY_USERATTRIBUTE;
--char *CIL_KEY_USERATTRIBUTESET;
--char *CIL_KEY_SENSITIVITY;
--char *CIL_KEY_CATEGORY;
--char *CIL_KEY_CATSET;
--char *CIL_KEY_LEVEL;
--char *CIL_KEY_LEVELRANGE;
--char *CIL_KEY_CLASS;
--char *CIL_KEY_IPADDR;
--char *CIL_KEY_MAP_CLASS;
--char *CIL_KEY_CLASSPERMISSION;
--char *CIL_KEY_BOOL;
--char *CIL_KEY_STRING;
--char *CIL_KEY_NAME;
--char *CIL_KEY_SOURCE;
--char *CIL_KEY_TARGET;
--char *CIL_KEY_LOW;
--char *CIL_KEY_HIGH;
--char *CIL_KEY_LOW_HIGH;
--char *CIL_KEY_GLBLUB;
--char *CIL_KEY_HANDLEUNKNOWN;
--char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
--char *CIL_KEY_HANDLEUNKNOWN_DENY;
--char *CIL_KEY_HANDLEUNKNOWN_REJECT;
--char *CIL_KEY_MACRO;
--char *CIL_KEY_IN;
--char *CIL_KEY_MLS;
--char *CIL_KEY_DEFAULTRANGE;
--char *CIL_KEY_BLOCKINHERIT;
--char *CIL_KEY_BLOCKABSTRACT;
--char *CIL_KEY_CLASSORDER;
--char *CIL_KEY_CLASSMAPPING;
--char *CIL_KEY_CLASSPERMISSIONSET;
--char *CIL_KEY_COMMON;
--char *CIL_KEY_CLASSCOMMON;
--char *CIL_KEY_SID;
--char *CIL_KEY_SIDCONTEXT;
--char *CIL_KEY_SIDORDER;
--char *CIL_KEY_USERLEVEL;
--char *CIL_KEY_USERRANGE;
--char *CIL_KEY_USERBOUNDS;
--char *CIL_KEY_USERPREFIX;
--char *CIL_KEY_SELINUXUSER;
--char *CIL_KEY_SELINUXUSERDEFAULT;
--char *CIL_KEY_TYPEATTRIBUTE;
--char *CIL_KEY_TYPEATTRIBUTESET;
--char *CIL_KEY_EXPANDTYPEATTRIBUTE;
--char *CIL_KEY_TYPEALIAS;
--char *CIL_KEY_TYPEALIASACTUAL;
--char *CIL_KEY_TYPEBOUNDS;
--char *CIL_KEY_TYPEPERMISSIVE;
--char *CIL_KEY_RANGETRANSITION;
--char *CIL_KEY_USERROLE;
--char *CIL_KEY_ROLETYPE;
--char *CIL_KEY_ROLETRANSITION;
--char *CIL_KEY_ROLEALLOW;
--char *CIL_KEY_ROLEATTRIBUTE;
--char *CIL_KEY_ROLEATTRIBUTESET;
--char *CIL_KEY_ROLEBOUNDS;
--char *CIL_KEY_BOOLEANIF;
--char *CIL_KEY_NEVERALLOW;
--char *CIL_KEY_TYPEMEMBER;
--char *CIL_KEY_SENSALIAS;
--char *CIL_KEY_SENSALIASACTUAL;
--char *CIL_KEY_CATALIAS;
--char *CIL_KEY_CATALIASACTUAL;
--char *CIL_KEY_CATORDER;
--char *CIL_KEY_SENSITIVITYORDER;
--char *CIL_KEY_SENSCAT;
--char *CIL_KEY_CONSTRAIN;
--char *CIL_KEY_MLSCONSTRAIN;
--char *CIL_KEY_VALIDATETRANS;
--char *CIL_KEY_MLSVALIDATETRANS;
--char *CIL_KEY_CONTEXT;
--char *CIL_KEY_FILECON;
--char *CIL_KEY_IBPKEYCON;
--char *CIL_KEY_IBENDPORTCON;
--char *CIL_KEY_PORTCON;
--char *CIL_KEY_NODECON;
--char *CIL_KEY_GENFSCON;
--char *CIL_KEY_NETIFCON;
--char *CIL_KEY_PIRQCON;
--char *CIL_KEY_IOMEMCON;
--char *CIL_KEY_IOPORTCON;
--char *CIL_KEY_PCIDEVICECON;
--char *CIL_KEY_DEVICETREECON;
--char *CIL_KEY_FSUSE;
--char *CIL_KEY_POLICYCAP;
--char *CIL_KEY_OPTIONAL;
--char *CIL_KEY_DEFAULTUSER;
--char *CIL_KEY_DEFAULTROLE;
--char *CIL_KEY_DEFAULTTYPE;
--char *CIL_KEY_ROOT;
--char *CIL_KEY_NODE;
--char *CIL_KEY_PERM;
--char *CIL_KEY_ALLOWX;
--char *CIL_KEY_AUDITALLOWX;
--char *CIL_KEY_DONTAUDITX;
--char *CIL_KEY_NEVERALLOWX;
--char *CIL_KEY_PERMISSIONX;
--char *CIL_KEY_IOCTL;
--char *CIL_KEY_UNORDERED;
--char *CIL_KEY_SRC_INFO;
--char *CIL_KEY_SRC_CIL;
--char *CIL_KEY_SRC_HLL;
-+extern char *CIL_KEY_CONS_T1;
-+extern char *CIL_KEY_CONS_T2;
-+extern char *CIL_KEY_CONS_T3;
-+extern char *CIL_KEY_CONS_R1;
-+extern char *CIL_KEY_CONS_R2;
-+extern char *CIL_KEY_CONS_R3;
-+extern char *CIL_KEY_CONS_U1;
-+extern char *CIL_KEY_CONS_U2;
-+extern char *CIL_KEY_CONS_U3;
-+extern char *CIL_KEY_CONS_L1;
-+extern char *CIL_KEY_CONS_L2;
-+extern char *CIL_KEY_CONS_H1;
-+extern char *CIL_KEY_CONS_H2;
-+extern char *CIL_KEY_AND;
-+extern char *CIL_KEY_OR;
-+extern char *CIL_KEY_NOT;
-+extern char *CIL_KEY_EQ;
-+extern char *CIL_KEY_NEQ;
-+extern char *CIL_KEY_CONS_DOM;
-+extern char *CIL_KEY_CONS_DOMBY;
-+extern char *CIL_KEY_CONS_INCOMP;
-+extern char *CIL_KEY_CONDTRUE;
-+extern char *CIL_KEY_CONDFALSE;
-+extern char *CIL_KEY_SELF;
-+extern char *CIL_KEY_OBJECT_R;
-+extern char *CIL_KEY_STAR;
-+extern char *CIL_KEY_TCP;
-+extern char *CIL_KEY_UDP;
-+extern char *CIL_KEY_DCCP;
-+extern char *CIL_KEY_SCTP;
-+extern char *CIL_KEY_AUDITALLOW;
-+extern char *CIL_KEY_TUNABLEIF;
-+extern char *CIL_KEY_ALLOW;
-+extern char *CIL_KEY_DONTAUDIT;
-+extern char *CIL_KEY_TYPETRANSITION;
-+extern char *CIL_KEY_TYPECHANGE;
-+extern char *CIL_KEY_CALL;
-+extern char *CIL_KEY_TUNABLE;
-+extern char *CIL_KEY_XOR;
-+extern char *CIL_KEY_ALL;
-+extern char *CIL_KEY_RANGE;
-+extern char *CIL_KEY_GLOB;
-+extern char *CIL_KEY_FILE;
-+extern char *CIL_KEY_DIR;
-+extern char *CIL_KEY_CHAR;
-+extern char *CIL_KEY_BLOCK;
-+extern char *CIL_KEY_SOCKET;
-+extern char *CIL_KEY_PIPE;
-+extern char *CIL_KEY_SYMLINK;
-+extern char *CIL_KEY_ANY;
-+extern char *CIL_KEY_XATTR;
-+extern char *CIL_KEY_TASK;
-+extern char *CIL_KEY_TRANS;
-+extern char *CIL_KEY_TYPE;
-+extern char *CIL_KEY_ROLE;
-+extern char *CIL_KEY_USER;
-+extern char *CIL_KEY_USERATTRIBUTE;
-+extern char *CIL_KEY_USERATTRIBUTESET;
-+extern char *CIL_KEY_SENSITIVITY;
-+extern char *CIL_KEY_CATEGORY;
-+extern char *CIL_KEY_CATSET;
-+extern char *CIL_KEY_LEVEL;
-+extern char *CIL_KEY_LEVELRANGE;
-+extern char *CIL_KEY_CLASS;
-+extern char *CIL_KEY_IPADDR;
-+extern char *CIL_KEY_MAP_CLASS;
-+extern char *CIL_KEY_CLASSPERMISSION;
-+extern char *CIL_KEY_BOOL;
-+extern char *CIL_KEY_STRING;
-+extern char *CIL_KEY_NAME;
-+extern char *CIL_KEY_SOURCE;
-+extern char *CIL_KEY_TARGET;
-+extern char *CIL_KEY_LOW;
-+extern char *CIL_KEY_HIGH;
-+extern char *CIL_KEY_LOW_HIGH;
-+extern char *CIL_KEY_GLBLUB;
-+extern char *CIL_KEY_HANDLEUNKNOWN;
-+extern char *CIL_KEY_HANDLEUNKNOWN_ALLOW;
-+extern char *CIL_KEY_HANDLEUNKNOWN_DENY;
-+extern char *CIL_KEY_HANDLEUNKNOWN_REJECT;
-+extern char *CIL_KEY_MACRO;
-+extern char *CIL_KEY_IN;
-+extern char *CIL_KEY_MLS;
-+extern char *CIL_KEY_DEFAULTRANGE;
-+extern char *CIL_KEY_BLOCKINHERIT;
-+extern char *CIL_KEY_BLOCKABSTRACT;
-+extern char *CIL_KEY_CLASSORDER;
-+extern char *CIL_KEY_CLASSMAPPING;
-+extern char *CIL_KEY_CLASSPERMISSIONSET;
-+extern char *CIL_KEY_COMMON;
-+extern char *CIL_KEY_CLASSCOMMON;
-+extern char *CIL_KEY_SID;
-+extern char *CIL_KEY_SIDCONTEXT;
-+extern char *CIL_KEY_SIDORDER;
-+extern char *CIL_KEY_USERLEVEL;
-+extern char *CIL_KEY_USERRANGE;
-+extern char *CIL_KEY_USERBOUNDS;
-+extern char *CIL_KEY_USERPREFIX;
-+extern char *CIL_KEY_SELINUXUSER;
-+extern char *CIL_KEY_SELINUXUSERDEFAULT;
-+extern char *CIL_KEY_TYPEATTRIBUTE;
-+extern char *CIL_KEY_TYPEATTRIBUTESET;
-+extern char *CIL_KEY_EXPANDTYPEATTRIBUTE;
-+extern char *CIL_KEY_TYPEALIAS;
-+extern char *CIL_KEY_TYPEALIASACTUAL;
-+extern char *CIL_KEY_TYPEBOUNDS;
-+extern char *CIL_KEY_TYPEPERMISSIVE;
-+extern char *CIL_KEY_RANGETRANSITION;
-+extern char *CIL_KEY_USERROLE;
-+extern char *CIL_KEY_ROLETYPE;
-+extern char *CIL_KEY_ROLETRANSITION;
-+extern char *CIL_KEY_ROLEALLOW;
-+extern char *CIL_KEY_ROLEATTRIBUTE;
-+extern char *CIL_KEY_ROLEATTRIBUTESET;
-+extern char *CIL_KEY_ROLEBOUNDS;
-+extern char *CIL_KEY_BOOLEANIF;
-+extern char *CIL_KEY_NEVERALLOW;
-+extern char *CIL_KEY_TYPEMEMBER;
-+extern char *CIL_KEY_SENSALIAS;
-+extern char *CIL_KEY_SENSALIASACTUAL;
-+extern char *CIL_KEY_CATALIAS;
-+extern char *CIL_KEY_CATALIASACTUAL;
-+extern char *CIL_KEY_CATORDER;
-+extern char *CIL_KEY_SENSITIVITYORDER;
-+extern char *CIL_KEY_SENSCAT;
-+extern char *CIL_KEY_CONSTRAIN;
-+extern char *CIL_KEY_MLSCONSTRAIN;
-+extern char *CIL_KEY_VALIDATETRANS;
-+extern char *CIL_KEY_MLSVALIDATETRANS;
-+extern char *CIL_KEY_CONTEXT;
-+extern char *CIL_KEY_FILECON;
-+extern char *CIL_KEY_IBPKEYCON;
-+extern char *CIL_KEY_IBENDPORTCON;
-+extern char *CIL_KEY_PORTCON;
-+extern char *CIL_KEY_NODECON;
-+extern char *CIL_KEY_GENFSCON;
-+extern char *CIL_KEY_NETIFCON;
-+extern char *CIL_KEY_PIRQCON;
-+extern char *CIL_KEY_IOMEMCON;
-+extern char *CIL_KEY_IOPORTCON;
-+extern char *CIL_KEY_PCIDEVICECON;
-+extern char *CIL_KEY_DEVICETREECON;
-+extern char *CIL_KEY_FSUSE;
-+extern char *CIL_KEY_POLICYCAP;
-+extern char *CIL_KEY_OPTIONAL;
-+extern char *CIL_KEY_DEFAULTUSER;
-+extern char *CIL_KEY_DEFAULTROLE;
-+extern char *CIL_KEY_DEFAULTTYPE;
-+extern char *CIL_KEY_ROOT;
-+extern char *CIL_KEY_NODE;
-+extern char *CIL_KEY_PERM;
-+extern char *CIL_KEY_ALLOWX;
-+extern char *CIL_KEY_AUDITALLOWX;
-+extern char *CIL_KEY_DONTAUDITX;
-+extern char *CIL_KEY_NEVERALLOWX;
-+extern char *CIL_KEY_PERMISSIONX;
-+extern char *CIL_KEY_IOCTL;
-+extern char *CIL_KEY_UNORDERED;
-+extern char *CIL_KEY_SRC_INFO;
-+extern char *CIL_KEY_SRC_CIL;
-+extern char *CIL_KEY_SRC_HLL;
-
- /*
- Symbol Table Array Indices
---
-2.17.1
-
diff --git a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch b/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch
deleted file mode 100644
index 674fddd..0000000
--- a/recipes-security/selinux/libsepol/0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From 3d32fc24d6aff360a538c63dad08ca5c957551b0 Mon Sep 17 00:00:00 2001
-From: Ondrej Mosnacek <omosnace@...>
-Date: Thu, 23 Jan 2020 13:57:14 +0100
-Subject: [PATCH] libsepol: remove leftovers of cil_mem_error_handler
-
-Commit 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function
-pointer") replaced cil_mem_error_handler usage with inline contents of
-the default handler. However, it left over the header declaration and
-two callers. Convert these as well and remove the header declaration.
-
-This also fixes a build failure with -fno-common.
-
-Fixes: 4459d635b8f1 ("libsepol: Remove cil_mem_error_handler() function pointer")
-Signed-off-by: Ondrej Mosnacek <omosnace@...>
-
-Upstream-Status: Backport
-[https://github.com/SELinuxProject/selinux/commit/3d32fc24d6aff360a538c63dad08ca5c957551b0]
-
-Signed-off-by: Yi Zhao <yi.zhao@...>
----
- cil/src/cil_mem.h | 1 -
- cil/src/cil_strpool.c | 8 ++++----
- 2 files changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/cil/src/cil_mem.h b/cil/src/cil_mem.h
-index 902ce131..794f02a3 100644
---- a/cil/src/cil_mem.h
-+++ b/cil/src/cil_mem.h
-@@ -36,7 +36,6 @@ void *cil_calloc(size_t num_elements, size_t element_size);
- void *cil_realloc(void *ptr, size_t size);
- char *cil_strdup(const char *str);
- int cil_asprintf(char **strp, const char *fmt, ...);
--void (*cil_mem_error_handler)(void);
-
- #endif /* CIL_MEM_H_ */
-
-diff --git a/cil/src/cil_strpool.c b/cil/src/cil_strpool.c
-index 97d4c4b9..2598bbf3 100644
---- a/cil/src/cil_strpool.c
-+++ b/cil/src/cil_strpool.c
-@@ -80,8 +80,8 @@ char *cil_strpool_add(const char *str)
- int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref);
- if (rc != SEPOL_OK) {
- pthread_mutex_unlock(&cil_strpool_mutex);
-- (*cil_mem_error_handler)();
-- pthread_mutex_lock(&cil_strpool_mutex);
-+ cil_log(CIL_ERR, "Failed to allocate memory\n");
-+ exit(1);
- }
- }
-
-@@ -104,8 +104,8 @@ void cil_strpool_init(void)
- cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE);
- if (cil_strpool_tab == NULL) {
- pthread_mutex_unlock(&cil_strpool_mutex);
-- (*cil_mem_error_handler)();
-- return;
-+ cil_log(CIL_ERR, "Failed to allocate memory\n");
-+ exit(1);
- }
- }
- cil_strpool_readers++;
---
-2.17.1
-
diff --git a/recipes-security/selinux/libsepol_3.0.bb b/recipes-security/selinux/libsepol_3.0.bb
deleted file mode 100644
index 58559d7..0000000
--- a/recipes-security/selinux/libsepol_3.0.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-require selinux_20191204.inc
-require ${BPN}.inc
-
-LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
-
-SRC_URI[md5sum] = "22ddb9994910cb9cfff5cb9663cb7ae7"
-SRC_URI[sha256sum] = "5b7ae1881909f1048b06f7a0c364c5c8a86ec12e0ec76e740fe9595a6033eb79"
-
-SRC_URI += "\
- file://0001-libsepol-fix-CIL_KEY_-build-errors-with-fno-common.patch \
- file://0001-libsepol-remove-leftovers-of-cil_mem_error_handler.patch \
- "
diff --git a/recipes-security/selinux/libsepol_3.1.bb b/recipes-security/selinux/libsepol_3.1.bb
new file mode 100644
index 0000000..1568025
--- /dev/null
+++ b/recipes-security/selinux/libsepol_3.1.bb
@@ -0,0 +1,8 @@
+require selinux_20200710.inc
+require ${BPN}.inc
+
+LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343"
+
+SRC_URI[md5sum] = "b56dc01b76b97dcb730ab4e2fd1c9dea"
+SRC_URI[sha256sum] = "ae6778d01443fdd38cd30eeee846494e19f4d407b09872580372f4aa4bf8a3cc"
+
--
2.25.1

5901 - 5920 of 57790