From 39e091adf3224a910195cd62f062cc14e6d2a9ed Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Nov 04 2011 12:55:31 +0000 Subject: Update to upstream * regenerate .pc on VERSION change * Move ebitmap_* functions from mcstrans to libsepol * expand: do filename_trans type comparison on mapped representation --- diff --git a/.gitignore b/.gitignore index bb3b6f0..a470c6c 100644 --- a/.gitignore +++ b/.gitignore @@ -156,3 +156,4 @@ libsepol-2.0.41.tgz /libsepol-2.1.1.tgz /libsepol-2.1.2.tgz /libsepol-2.1.3.tgz +/libsepol-2.1.4.tgz diff --git a/libsepol-rhat.patch b/libsepol-rhat.patch index 49a3346..e69de29 100644 --- a/libsepol-rhat.patch +++ b/libsepol-rhat.patch @@ -1,49 +0,0 @@ -diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c -index 2861776..493e478 100644 ---- a/libsepol/src/expand.c -+++ b/libsepol/src/expand.c -@@ -1329,6 +1329,8 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r - - cur_rule = rules; - while (cur_rule) { -+ uint32_t mapped_otype; -+ - ebitmap_init(&stypes); - ebitmap_init(&ttypes); - -@@ -1344,6 +1346,8 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r - return -1; - } - -+ mapped_otype = state->typemap[cur_rule->otype - 1]; -+ - ebitmap_for_each_bit(&stypes, snode, i) { - if (!ebitmap_node_get_bit(snode, i)) - continue; -@@ -1358,7 +1362,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r - (cur_trans->tclass == cur_rule->tclass) && - (!strcmp(cur_trans->name, cur_rule->name))) { - /* duplicate rule, who cares */ -- if (cur_trans->otype == cur_rule->otype) -+ if (cur_trans->otype == mapped_otype) - break; - - ERR(state->handle, "Conflicting filename trans rules %s %s %s : %s otype1:%s otype2:%s", -@@ -1367,7 +1371,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r - state->out->p_type_val_to_name[j], - state->out->p_class_val_to_name[cur_trans->tclass - 1], - state->out->p_type_val_to_name[cur_trans->otype - 1], -- state->out->p_type_val_to_name[state->typemap[cur_rule->otype - 1] - 1]); -+ state->out->p_type_val_to_name[mapped_otype - 1]); - - return -1; - } -@@ -1397,7 +1401,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r - new_trans->stype = i + 1; - new_trans->ttype = j + 1; - new_trans->tclass = cur_rule->tclass; -- new_trans->otype = state->typemap[cur_rule->otype - 1]; -+ new_trans->otype = mapped_otype; - } - } - diff --git a/libsepol.spec b/libsepol.spec index 17065f3..4cec45b 100644 --- a/libsepol.spec +++ b/libsepol.spec @@ -1,11 +1,11 @@ Summary: SELinux binary policy manipulation library Name: libsepol -Version: 2.1.3 -Release: 2%{?dist} +Version: 2.1.4 +Release: 1%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: http://www.nsa.gov/selinux/archives/libsepol-%{version}.tgz -Patch: libsepol-rhat.patch +#Patch: libsepol-rhat.patch URL: http://www.selinuxproject.org BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -45,7 +45,7 @@ needed for developing applications that manipulate binary policies. %prep %setup -q -%patch -p2 -b .rhat +#%patch -p2 -b .rhat # sparc64 is an -fPIC arch, so we need to fix it here %ifarch sparc64 @@ -99,6 +99,12 @@ exit 0 /%{_lib}/libsepol.so.1 %changelog +* Fri Nov 4 2011 Dan Walsh - 2.1.4-1 +- Update to upstream + * regenerate .pc on VERSION change + * Move ebitmap_* functions from mcstrans to libsepol + * expand: do filename_trans type comparison on mapped representation + * Mon Oct 31 2011 Dan Walsh - 2.1.3-2 -The filename_trans code had a bug where duplicate detection was being done between the unmapped type value of a new rule and the type value of diff --git a/sources b/sources index 46040cc..06e9d60 100644 --- a/sources +++ b/sources @@ -1 +1,2 @@ 8278689ecf9d5219887b72fc24ff66ff libsepol-2.1.3.tgz +5906915444f2d9e17fbdce7dd55e3d7d libsepol-2.1.4.tgz