diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 88e4778..5042570 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -695,14 +695,86 @@ index 2d7369e..2a00807 100644 } diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c -index 6c5b45a..0a0dd3e 100644 +index 6c5b45a..f6b896e 100644 --- a/libselinux/src/procattr.c +++ b/libselinux/src/procattr.c -@@ -257,6 +257,7 @@ out: +@@ -9,13 +9,15 @@ + #include "selinux_internal.h" + #include "policy.h" + ++#define UNSET (const security_context_t) -1 ++ + static __thread pid_t cpid; + static __thread pid_t tid; +-static __thread security_context_t prev_current; +-static __thread security_context_t prev_exec; +-static __thread security_context_t prev_fscreate; +-static __thread security_context_t prev_keycreate; +-static __thread security_context_t prev_sockcreate; ++static __thread security_context_t prev_current = UNSET; ++static __thread security_context_t prev_exec = UNSET; ++static __thread security_context_t prev_fscreate = UNSET; ++static __thread security_context_t prev_keycreate = UNSET; ++static __thread security_context_t prev_sockcreate = UNSET; + + static pthread_once_t once = PTHREAD_ONCE_INIT; + static pthread_key_t destructor_key; +@@ -29,11 +31,16 @@ static pid_t gettid(void) + + static void procattr_thread_destructor(void __attribute__((unused)) *unused) + { +- free(prev_current); +- free(prev_exec); +- free(prev_fscreate); +- free(prev_keycreate); +- free(prev_sockcreate); ++ if (prev_current != UNSET) ++ free(prev_current); ++ if (prev_exec != UNSET) ++ free(prev_exec); ++ if (prev_fscreate != UNSET) ++ free(prev_fscreate); ++ if (prev_keycreate != UNSET) ++ free(prev_keycreate); ++ if (prev_sockcreate != UNSET) ++ free(prev_sockcreate); + } + + static void free_procattr(void) +@@ -41,7 +48,7 @@ static void free_procattr(void) + procattr_thread_destructor(NULL); + tid = 0; + cpid = getpid(); +- prev_current = prev_exec = prev_fscreate = prev_keycreate = prev_sockcreate = NULL; ++ prev_current = prev_exec = prev_fscreate = prev_keycreate = prev_sockcreate = UNSET; + } + + void __attribute__((destructor)) procattr_destructor(void); +@@ -131,7 +138,7 @@ static int getprocattrcon_raw(security_context_t * context, + return -1; + }; + +- if (prev_context) { ++ if (prev_context && prev_context != UNSET) { + *context = strdup(prev_context); + if (!(*context)) { + return -1; +@@ -230,7 +237,8 @@ static int setprocattrcon_raw(security_context_t context, + + if (!context && !*prev_context) + return 0; +- if (context && *prev_context && !strcmp(context, *prev_context)) ++ if (context && *prev_context && *prev_context != UNSET ++ && !strcmp(context, *prev_context)) + return 0; + + fd = openattr(pid, attr, O_RDWR); +@@ -257,6 +265,8 @@ out: free(context); return -1; } else { -+ free(*prev_context); ++ if (*prev_context != UNSET) ++ free(*prev_context); *prev_context = context; return 0; } diff --git a/libselinux.spec b/libselinux.spec index 48977ac..4a78de5 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -10,7 +10,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.1.13 -Release: 12%{?dist} +Release: 13%{?dist} License: Public Domain Group: System Environment/Libraries Source: %{name}-%{version}.tgz @@ -241,6 +241,9 @@ rm -rf %{buildroot} %{ruby_sitearch}/selinux.so %changelog +* Tue Apr 9 2013 Dan Walsh - 2.1.13-13 +- Add Eric Paris patch to fix procattr calls after a fork. + * Tue Mar 26 2013 Dan Walsh - 2.1.13-12 - Move secolor.conf.5 into mcstrans package and out of libselinux