rpms/checkpolicy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import checkpolicy-3.2-4.el9

Browse Source
This commit is contained in:
CentOS Sources 2021-11-02 22:10:47 -04:00 committed by Stepan Oksanichenko
commit a81e6314c6
19 changed files with 2112 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.checkpolicy.metadata Normal file
View File

@ -0,0 +1 @@
71262b34fd4147bbe34ba00433cfd74850c645b0 SOURCES/checkpolicy-3.2.tar.gz

1
.gitignore vendored Normal file
View File

@ -0,0 +1 @@
SOURCES/checkpolicy-3.2.tar.gz

78
SOURCES/0001-libsepol-checkpolicy-Set-user-roles-using-role-value.patch Normal file
View File

@ -0,0 +1,78 @@
From dcd07fdcbf3ba9fc47aef924b9b9f81bdefcb18b Mon Sep 17 00:00:00 2001
From: James Carter <jwcart2@gmail.com>
Date: Mon, 8 Mar 2021 15:49:23 -0500
Subject: [PATCH] libsepol/checkpolicy: Set user roles using role value instead
of dominance
Roles in an optional block have two datums, one in the global block
and one in the avrule_decl where it is declared. The datum in the
global block does not have its dominace set. This is a problem because
the function set_user_role() sets the user's roles based on the global
datum's dominance ebitmap. If a user is declared with an associated role
that was declared in an optional block, then it will not have any roles
set for it because the dominance ebitmap is empty.
Example/
# handle_unknown deny
class CLASS1
sid kernel
class CLASS1 { PERM1 }
type TYPE1;
allow TYPE1 self:CLASS1 PERM1;
role ROLE1;
role ROLE1 types { TYPE1 };
optional {
require {
class CLASS1 { PERM1 };
}
role ROLE1A;
user USER1A roles ROLE1A;
}
user USER1 roles ROLE1;
sid kernel USER1:ROLE1:TYPE1
In this example, USER1A would not have ROLE1A associated with it.
Instead of using dominance, which has been deprecated anyway, just
set the bit corresponding to the role's value in the user's roles
ebitmap in set_user_role().
Signed-off-by: James Carter <jwcart2@gmail.com>
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
[N.I: added spaces around "-" operator]
---
checkpolicy/policy_define.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index c9286f7733c5..16234f31bbc3 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -4088,8 +4088,6 @@ cond_expr_t *define_cond_expr(uint32_t expr_type, void *arg1, void *arg2)
static int set_user_roles(role_set_t * set, char *id)
{
role_datum_t *r;
- unsigned int i;
- ebitmap_node_t *node;
if (strcmp(id, "*") == 0) {
free(id);
@@ -4115,12 +4113,9 @@ static int set_user_roles(role_set_t * set, char *id)
return -1;
}
- /* set the role and every role it dominates */
- ebitmap_for_each_positive_bit(&r->dominates, node, i) {
- if (ebitmap_set_bit(&set->roles, i, TRUE))
- goto oom;
- }
free(id);
+ if (ebitmap_set_bit(&set->roles, r->s.value - 1, TRUE))
+ goto oom;
return 0;
oom:
yyerror("out of memory");
--
2.32.0

97
SOURCES/0002-checkpolicy-Do-not-automatically-upgrade-when-using-.patch Normal file
View File

@ -0,0 +1,97 @@
From 750cc1136d054b77e84cd55be5fbe0e8ad0174e8 Mon Sep 17 00:00:00 2001
From: James Carter <jwcart2@gmail.com>
Date: Mon, 15 Mar 2021 11:09:37 -0400
Subject: [PATCH] checkpolicy: Do not automatically upgrade when using "-b"
flag
When reading a binary policy, do not automatically change the version
to the max policy version supported by libsepol or, if specified, the
value given using the "-c" flag.
If the binary policy version is less than or equal to version 23
(POLICYDB_VERSION_PERMISSIVE) than do not automatically upgrade the
policy and if a policy version is specified by the "-c" flag, only set
the binary policy to the specified version if it is lower than the
current version.
If the binary policy version is greater than version 23 than it should
be set to the maximum version supported by libsepol or, if specified,
the value given by the "-c" flag.
The reason for this change is that policy versions 20
(POLICYDB_VERSION_AVTAB) to 23 have a more primitive support for type
attributes where the datums are not written out, but they exist in the
type_attr_map. This means that when the binary policy is read by
libsepol, there will be gaps in the type_val_to_struct and
p_type_val_to_name arrays and policy rules can refer to those gaps.
Certain libsepol functions like sepol_kernel_policydb_to_conf() and
sepol_kernel_policydb_to_cil() do not support this behavior and need
to be able to identify these policies. Policies before version 20 do not
support attributes at all and can be handled by all libsepol functions.
Signed-off-by: James Carter <jwcart2@gmail.com>
---
checkpolicy/checkpolicy.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 5841c5c4c196..acf1eac41559 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -106,7 +106,7 @@ static int handle_unknown = SEPOL_DENY_UNKNOWN;
static const char *txtfile = "policy.conf";
static const char *binfile = "policy";
-unsigned int policyvers = POLICYDB_VERSION_MAX;
+unsigned int policyvers = 0;
static __attribute__((__noreturn__)) void usage(const char *progname)
{
@@ -515,7 +515,8 @@ int main(int argc, char **argv)
}
if (show_version) {
- printf("%d (compatibility range %d-%d)\n", policyvers,
+ printf("%d (compatibility range %d-%d)\n",
+ policyvers ? policyvers : POLICYDB_VERSION_MAX ,
POLICYDB_VERSION_MAX, POLICYDB_VERSION_MIN);
exit(0);
}
@@ -588,6 +589,16 @@ int main(int argc, char **argv)
exit(1);
}
}
+
+ if (policydbp->policyvers <= POLICYDB_VERSION_PERMISSIVE) {
+ if (policyvers > policydbp->policyvers) {
+ fprintf(stderr, "Binary policies with version <= %u cannot be upgraded\n", POLICYDB_VERSION_PERMISSIVE);
+ } else if (policyvers) {
+ policydbp->policyvers = policyvers;
+ }
+ } else {
+ policydbp->policyvers = policyvers ? policyvers : POLICYDB_VERSION_MAX;
+ }
} else {
if (conf) {
fprintf(stderr, "Can only generate policy.conf from binary policy\n");
@@ -629,6 +640,8 @@ int main(int argc, char **argv)
policydb_destroy(policydbp);
policydbp = &policydb;
}
+
+ policydbp->policyvers = policyvers ? policyvers : POLICYDB_VERSION_MAX;
}
if (policydb_load_isids(&policydb, &sidtab))
@@ -654,8 +667,6 @@ int main(int argc, char **argv)
}
}
- policydb.policyvers = policyvers;
-
if (!cil) {
if (!conf) {
policydb.policy_type = POLICY_KERN;
--
2.32.0

48
SOURCES/0003-checkpolicy-silence-Wextra-semi-stmt-warning.patch Normal file
View File

@ -0,0 +1,48 @@
From ed7e3348d18bb00bcfcb3da6d4265307425bb882 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Sat, 3 Jul 2021 16:31:20 +0200
Subject: [PATCH] checkpolicy: silence -Wextra-semi-stmt warning
On Ubuntu 20.04, when building with clang -Werror -Wextra-semi-stmt
(which is not the default build configuration), the compiler reports:
checkpolicy.c:740:33: error: empty expression statement has no
effect; remove unnecessary ';' to silence this warning
[-Werror,-Wextra-semi-stmt]
FGETS(ans, sizeof(ans), stdin);
^
Introduce "do { } while (0)" blocks to silence such warnings.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
checkpolicy/checkpolicy.c | 13 ++++++++-----
1 file changed, 8 insertions(+), 5 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index acf1eac41559..8af31db5c6b7 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -119,11 +119,14 @@ static __attribute__((__noreturn__)) void usage(const char *progname)
}
#define FGETS(out, size, in) \
-if (fgets(out,size,in)==NULL) { \
- fprintf(stderr, "fgets failed at line %d: %s\n", __LINE__,\
- strerror(errno)); \
- exit(1);\
-}
+do { \
+ if (fgets(out,size,in)==NULL) { \
+ fprintf(stderr, "fgets failed at line %d: %s\n", __LINE__, \
+ strerror(errno)); \
+ exit(1);\
+ } \
+} while (0)
+
static int print_sid(sepol_security_id_t sid,
context_struct_t * context
__attribute__ ((unused)), void *data
--
2.32.0

54
SOURCES/0004-checkpolicy-pass-CFLAGS-at-link-stage.patch Normal file
View File

@ -0,0 +1,54 @@
From 40e2f98519ba3fc6a4a0f2b4a2b8b0e1d864fd9e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:21 +0200
Subject: [PATCH] checkpolicy: pass CFLAGS at link stage
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Pass CFLAGS when invoking CC at link time, it might contain optimization
or sanitizer flags required for linking.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/Makefile | 4 ++--
checkpolicy/test/Makefile | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/checkpolicy/Makefile b/checkpolicy/Makefile
index 0d282ef93d14..be63c0182682 100644
--- a/checkpolicy/Makefile
+++ b/checkpolicy/Makefile
@@ -30,10 +30,10 @@ all: $(TARGETS)
$(MAKE) -C test
checkpolicy: $(CHECKPOLOBJS) $(LIBSEPOLA)
- $(CC) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA)
+ $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA)
checkmodule: $(CHECKMODOBJS) $(LIBSEPOLA)
- $(CC) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA)
+ $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) $(LDLIBS_LIBSEPOLA)
%.o: %.c
$(CC) $(CFLAGS) -o $@ -c $<
diff --git a/checkpolicy/test/Makefile b/checkpolicy/test/Makefile
index 89e7557c7aa6..e2a332b5a079 100644
--- a/checkpolicy/test/Makefile
+++ b/checkpolicy/test/Makefile
@@ -13,10 +13,10 @@ endif
all: dispol dismod
dispol: dispol.o $(LIBSEPOLA)
- $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA)
dismod: dismod.o $(LIBSEPOLA)
- $(CC) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA)
+ $(CC) $(CFLAGS) $(LDFLAGS) -o $@ $^ $(LDLIBS_LIBSEPOLA)
clean:
-rm -f dispol dismod *.o
--
2.32.0

49
SOURCES/0005-checkpolicy-drop-pipe-compile-option.patch Normal file
View File

@ -0,0 +1,49 @@
From 02678b9d40f7de5cae1840f3d7ceedf1499c84a8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:22 +0200
Subject: [PATCH] checkpolicy: drop -pipe compile option
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The compiler option -pipe does not affect the generated code; it affects
whether the compiler uses temporary files or pipes. As the benefit might
vary from system to system usually its up to the packager or build
framework to set it.
Also these are the only places where the flag is used.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/Makefile | 2 +-
checkpolicy/test/Makefile | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/checkpolicy/Makefile b/checkpolicy/Makefile
index be63c0182682..f9e1fc7cecd4 100644
--- a/checkpolicy/Makefile
+++ b/checkpolicy/Makefile
@@ -10,7 +10,7 @@ TARGETS = checkpolicy checkmodule
LEX = flex
YACC = bison -y
-CFLAGS ?= -g -Wall -Werror -Wshadow -O2 -pipe -fno-strict-aliasing
+CFLAGS ?= -g -Wall -Werror -Wshadow -O2 -fno-strict-aliasing
# If no specific libsepol.a is specified, fall back on LDFLAGS search path
# Otherwise, as $(LIBSEPOLA) already appears in the dependencies, there
diff --git a/checkpolicy/test/Makefile b/checkpolicy/test/Makefile
index e2a332b5a079..8e5d16b3c5f0 100644
--- a/checkpolicy/test/Makefile
+++ b/checkpolicy/test/Makefile
@@ -1,7 +1,7 @@
#
# Makefile for building the dispol program
#
-CFLAGS ?= -g -Wall -W -Werror -O2 -pipe
+CFLAGS ?= -g -Wall -W -Werror -O2
# If no specific libsepol.a is specified, fall back on LDFLAGS search path
# Otherwise, as $(LIBSEPOLA) already appears in the dependencies, there
--
2.32.0

42
SOURCES/0006-checkpolicy-simplify-assignment.patch Normal file
View File

@ -0,0 +1,42 @@
From 7cdb2a8fd2af0a063d6e505fd1250ca10ebbea11 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:23 +0200
Subject: [PATCH] checkpolicy: simplify assignment
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
checkpolicy.c:504:20: style: The statement 'if (policyvers!=n) policyvers=n' is logically equivalent to 'policyvers=n'. [duplicateConditionalAssign]
if (policyvers != n)
^
checkpolicy.c:505:17: note: Assignment 'policyvers=n'
policyvers = n;
^
checkpolicy.c:504:20: note: Condition 'policyvers!=n' is redundant
if (policyvers != n)
^
Found by Cppcheck
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/checkpolicy.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 8af31db5c6b7..b52595a87b29 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -504,8 +504,7 @@ int main(int argc, char **argv)
usage(argv[0]);
exit(1);
}
- if (policyvers != n)
- policyvers = n;
+ policyvers = n;
break;
}
case 'E':
--
2.32.0

47
SOURCES/0007-checkpolicy-drop-dead-condition.patch Normal file
View File

@ -0,0 +1,47 @@
From db674bf2186b34a3712e2069c769131503dcb9ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:24 +0200
Subject: [PATCH] checkpolicy: drop dead condition
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The variable `id` is guaranteed to be non-NULL due to the preceding
while condition.
policy_define.c:1171:7: style: Condition '!id' is always false [knownConditionTrueFalse]
if (!id) {
^
policy_define.c:1170:13: note: Assuming that condition 'id=queue_remove(id_queue)' is not redundant
while ((id = queue_remove(id_queue))) {
^
policy_define.c:1171:7: note: Condition '!id' is always false
if (!id) {
^
Found by Cppcheck.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/policy_define.c | 5 -----
1 file changed, 5 deletions(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 16234f31bbc3..7eff747adacf 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -1168,11 +1168,6 @@ int expand_attrib(void)
ebitmap_init(&attrs);
while ((id = queue_remove(id_queue))) {
- if (!id) {
- yyerror("No attribute name for expandattribute statement?");
- goto exit;
- }
-
if (!is_id_in_scope(SYM_TYPES, id)) {
yyerror2("attribute %s is not within scope", id);
goto exit;
--
2.32.0

52
SOURCES/0008-checkpolicy-use-correct-format-specifier-for-unsigne.patch Normal file
View File

@ -0,0 +1,52 @@
From babc3d53518b7f9f01b83b9c997f9233a58af92b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:25 +0200
Subject: [PATCH] checkpolicy: use correct format specifier for unsigned
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
test/dispol.c:288:4: warning: %d in format string (no. 1) requires 'int' but the argument type is 'unsigned int'. [invalidPrintfArgType_sint]
snprintf(buf, sizeof(buf), "unknown (%d)", i);
^
test/dismod.c:830:4: warning: %d in format string (no. 1) requires 'int' but the argument type is 'unsigned int'. [invalidPrintfArgType_sint]
snprintf(buf, sizeof(buf), "unknown (%d)", i);
^
Found by Cppcheck.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/test/dismod.c | 2 +-
checkpolicy/test/dispol.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index 3408e9b6b767..fadbc8d16695 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -827,7 +827,7 @@ static void display_policycaps(policydb_t * p, FILE * fp)
ebitmap_for_each_positive_bit(&p->policycaps, node, i) {
capname = sepol_polcap_getname(i);
if (capname == NULL) {
- snprintf(buf, sizeof(buf), "unknown (%d)", i);
+ snprintf(buf, sizeof(buf), "unknown (%u)", i);
capname = buf;
}
fprintf(fp, "\t%s\n", capname);
diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
index 8785b7252824..37f71842c9e6 100644
--- a/checkpolicy/test/dispol.c
+++ b/checkpolicy/test/dispol.c
@@ -285,7 +285,7 @@ static void display_policycaps(policydb_t * p, FILE * fp)
ebitmap_for_each_positive_bit(&p->policycaps, node, i) {
capname = sepol_polcap_getname(i);
if (capname == NULL) {
- snprintf(buf, sizeof(buf), "unknown (%d)", i);
+ snprintf(buf, sizeof(buf), "unknown (%u)", i);
capname = buf;
}
fprintf(fp, "\t%s\n", capname);
--
2.32.0

75
SOURCES/0009-checkpolicy-follow-declaration-after-statement.patch Normal file
View File

@ -0,0 +1,75 @@
From 79e7724930d49cc8cdac4c7d4e80b1fafd22d1d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:26 +0200
Subject: [PATCH] checkpolicy: follow declaration-after-statement
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Follow the project style of no declaration after statement.
Found by the GCC warning -Wdeclaration-after-statement.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/checkmodule.c | 6 ++++--
checkpolicy/policy_define.c | 3 ++-
checkpolicy/test/dismod.c | 2 +-
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/checkpolicy/checkmodule.c b/checkpolicy/checkmodule.c
index 40d0ec9924e9..316b289865e1 100644
--- a/checkpolicy/checkmodule.c
+++ b/checkpolicy/checkmodule.c
@@ -288,14 +288,16 @@ int main(int argc, char **argv)
}
if (policy_type != POLICY_BASE && outfile) {
+ char *out_name;
+ char *separator;
char *mod_name = modpolicydb.name;
char *out_path = strdup(outfile);
if (out_path == NULL) {
fprintf(stderr, "%s: out of memory\n", argv[0]);
exit(1);
}
- char *out_name = basename(out_path);
- char *separator = strrchr(out_name, '.');
+ out_name = basename(out_path);
+ separator = strrchr(out_name, '.');
if (separator) {
*separator = '\0';
}
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 7eff747adacf..049df55f8468 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -1904,9 +1904,10 @@ int avrule_read_ioctls(struct av_ioctl_range_list **rangehead)
{
char *id;
struct av_ioctl_range_list *rnew, *r = NULL;
- *rangehead = NULL;
uint8_t omit = 0;
+ *rangehead = NULL;
+
/* read in all the ioctl commands */
while ((id = queue_remove(id_queue))) {
if (strcmp(id,"~") == 0) {
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index fadbc8d16695..b1b96115e79e 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -697,8 +697,8 @@ int display_avblock(int field, policydb_t * policy,
{
avrule_block_t *block = policydb.global;
while (block != NULL) {
- fprintf(out_fp, "--- begin avrule block ---\n");
avrule_decl_t *decl = block->branch_list;
+ fprintf(out_fp, "--- begin avrule block ---\n");
while (decl != NULL) {
if (display_avdecl(decl, field, policy, out_fp)) {
return -1;
--
2.32.0

43
SOURCES/0010-checkpolicy-remove-dead-assignments.patch Normal file
View File

@ -0,0 +1,43 @@
From 7723180fa09b0c483c07a76a4678f2c2cd51bff6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:27 +0200
Subject: [PATCH] checkpolicy: remove dead assignments
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The variable `cladatum` is otherwise always assigned before used, so
these two assignments without a follow up usages are not needed.
Found by clang-analyzer.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/checkpolicy.c | 4 ----
1 file changed, 4 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index b52595a87b29..58edcc34e8cc 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -1179,8 +1179,6 @@ int main(int argc, char **argv)
printf("\nNo such class.\n");
break;
}
- cladatum =
- policydb.class_val_to_struct[tclass - 1];
} else {
ans[strlen(ans) - 1] = 0;
cladatum =
@@ -1232,8 +1230,6 @@ int main(int argc, char **argv)
printf("\nNo such class.\n");
break;
}
- cladatum =
- policydb.class_val_to_struct[tclass - 1];
} else {
ans[strlen(ans) - 1] = 0;
cladatum =
--
2.32.0

43
SOURCES/0011-checkpolicy-check-before-potential-NULL-dereference.patch Normal file
View File

@ -0,0 +1,43 @@
From 5a10f05f53ef78c48ebce3d512960c71100073d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:28 +0200
Subject: [PATCH] checkpolicy: check before potential NULL dereference
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
policy_define.c: In function define_te_avtab_extended_perms:
policy_define.c:1946:17: error: potential null pointer dereference [-Werror=null-dereference]
1946 | r->omit = omit;
| ^
In the case of `r` being NULL, avrule_read_ioctls() would return
with its parameter `rangehead` being a pointer to NULL, which is
considered a failure in its caller `avrule_ioctl_ranges`.
So it is not necessary to alter the return value.
Found by GCC 11 with LTO enabled.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/policy_define.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 049df55f8468..887857851504 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -1943,7 +1943,9 @@ int avrule_read_ioctls(struct av_ioctl_range_list **rangehead)
}
}
r = *rangehead;
- r->omit = omit;
+ if (r) {
+ r->omit = omit;
+ }
return 0;
error:
yyerror("out of memory");
--
2.32.0

62
SOURCES/0012-checkpolicy-avoid-potential-use-of-uninitialized-var.patch Normal file
View File

@ -0,0 +1,62 @@
From 5218bf4b262ae6c3aa0ec72c5116a73bbdb7806f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:29 +0200
Subject: [PATCH] checkpolicy: avoid potential use of uninitialized variable
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
checkpolicy.c: In function main:
checkpolicy.c:1000:25: error: tsid may be used uninitialized in this function [-Werror=maybe-uninitialized]
1000 | printf("if_sid %d default_msg_sid %d\n", ssid, tsid);
| ^
checkpolicy.c: In function main:
checkpolicy.c:971:25: error: tsid may be used uninitialized in this function [-Werror=maybe-uninitialized]
971 | printf("fs_sid %d default_file_sid %d\n", ssid, tsid);
| ^
Found by GCC 11 with LTO enabled.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/checkpolicy.c | 16 ++++++++++++----
1 file changed, 12 insertions(+), 4 deletions(-)
diff --git a/checkpolicy/checkpolicy.c b/checkpolicy/checkpolicy.c
index 58edcc34e8cc..e6cfd3372022 100644
--- a/checkpolicy/checkpolicy.c
+++ b/checkpolicy/checkpolicy.c
@@ -970,8 +970,12 @@ int main(int argc, char **argv)
printf("fs kdevname? ");
FGETS(ans, sizeof(ans), stdin);
ans[strlen(ans) - 1] = 0;
- sepol_fs_sid(ans, &ssid, &tsid);
- printf("fs_sid %d default_file_sid %d\n", ssid, tsid);
+ ret = sepol_fs_sid(ans, &ssid, &tsid);
+ if (ret) {
+ printf("unknown fs kdevname\n");
+ } else {
+ printf("fs_sid %d default_file_sid %d\n", ssid, tsid);
+ }
break;
case '9':
printf("protocol? ");
@@ -999,8 +1003,12 @@ int main(int argc, char **argv)
printf("netif name? ");
FGETS(ans, sizeof(ans), stdin);
ans[strlen(ans) - 1] = 0;
- sepol_netif_sid(ans, &ssid, &tsid);
- printf("if_sid %d default_msg_sid %d\n", ssid, tsid);
+ ret = sepol_netif_sid(ans, &ssid, &tsid);
+ if (ret) {
+ printf("unknown name\n");
+ } else {
+ printf("if_sid %d default_msg_sid %d\n", ssid, tsid);
+ }
break;
case 'b':{
char *p;
--
2.32.0

31
SOURCES/0013-checkpolicy-drop-redundant-cast-to-the-same-type.patch Normal file
View File

@ -0,0 +1,31 @@
From 4e3d0990c6be73419df3c32b7de98c992797e3ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:30 +0200
Subject: [PATCH] checkpolicy: drop redundant cast to the same type
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Found by clang-tidy.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/policy_define.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 887857851504..efe3a1a26315 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -1796,7 +1796,7 @@ int define_bool_tunable(int is_tunable)
return -1;
}
- datum->state = (int)(bool_value[0] == 'T') ? 1 : 0;
+ datum->state = (bool_value[0] == 'T') ? 1 : 0;
free(bool_value);
return 0;
cleanup:
--
2.32.0

28
SOURCES/0014-checkpolicy-parse_util-drop-unused-declaration.patch Normal file
View File

@ -0,0 +1,28 @@
From 47f4cbd357fa0b0dc46e2e95ce10fc2d9a586061 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:31 +0200
Subject: [PATCH] checkpolicy: parse_util drop unused declaration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/parse_util.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/checkpolicy/parse_util.c b/checkpolicy/parse_util.c
index f2809b483be3..1795e93c31e4 100644
--- a/checkpolicy/parse_util.c
+++ b/checkpolicy/parse_util.c
@@ -28,7 +28,6 @@ extern int yyparse(void);
extern void yyrestart(FILE *);
extern queue_t id_queue;
extern unsigned int policydb_errors;
-extern unsigned long policydb_lineno;
extern policydb_t *policydbp;
extern int mlspol;
extern void set_source_file(const char *name);
--
2.32.0

282
SOURCES/0015-checkpolicy-test-mark-file-local-functions-static.patch Normal file
View File

@ -0,0 +1,282 @@
From b306cd5b90979a4d6e1a85b842835deb77272873 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:32 +0200
Subject: [PATCH] checkpolicy/test: mark file local functions static
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/test/dismod.c | 36 ++++++++++++++++++------------------
checkpolicy/test/dispol.c | 22 +++++++++++-----------
2 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/checkpolicy/test/dismod.c b/checkpolicy/test/dismod.c
index b1b96115e79e..90c293186afd 100644
--- a/checkpolicy/test/dismod.c
+++ b/checkpolicy/test/dismod.c
@@ -111,7 +111,7 @@ static void display_id(policydb_t * p, FILE * fp, uint32_t symbol_type,
}
}
-int display_type_set(type_set_t * set, uint32_t flags, policydb_t * policy,
+static int display_type_set(type_set_t * set, uint32_t flags, policydb_t * policy,
FILE * fp)
{
unsigned int i, num_types;
@@ -175,7 +175,7 @@ int display_type_set(type_set_t * set, uint32_t flags, policydb_t * policy,
return 0;
}
-int display_mod_role_set(role_set_t * roles, policydb_t * p, FILE * fp)
+static int display_mod_role_set(role_set_t * roles, policydb_t * p, FILE * fp)
{
unsigned int i, num = 0;
@@ -210,7 +210,7 @@ int display_mod_role_set(role_set_t * roles, policydb_t * p, FILE * fp)
}
-int display_avrule(avrule_t * avrule, policydb_t * policy,
+static int display_avrule(avrule_t * avrule, policydb_t * policy,
FILE * fp)
{
class_perm_node_t *cur;
@@ -313,7 +313,7 @@ int display_avrule(avrule_t * avrule, policydb_t * policy,
return 0;
}
-int display_type_callback(hashtab_key_t key, hashtab_datum_t datum, void *data)
+static int display_type_callback(hashtab_key_t key, hashtab_datum_t datum, void *data)
{
type_datum_t *type;
FILE *fp;
@@ -355,14 +355,14 @@ int display_type_callback(hashtab_key_t key, hashtab_datum_t datum, void *data)
return 0;
}
-int display_types(policydb_t * p, FILE * fp)
+static int display_types(policydb_t * p, FILE * fp)
{
if (hashtab_map(p->p_types.table, display_type_callback, fp))
return -1;
return 0;
}
-int display_users(policydb_t * p, FILE * fp)
+static int display_users(policydb_t * p, FILE * fp)
{
unsigned int i, j;
ebitmap_t *bitmap;
@@ -381,7 +381,7 @@ int display_users(policydb_t * p, FILE * fp)
return 0;
}
-int display_bools(policydb_t * p, FILE * fp)
+static int display_bools(policydb_t * p, FILE * fp)
{
unsigned int i;
@@ -392,7 +392,7 @@ int display_bools(policydb_t * p, FILE * fp)
return 0;
}
-void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
+static void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
{
cond_expr_t *cur;
@@ -427,14 +427,14 @@ void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
}
}
-void display_policycon(FILE * fp)
+static void display_policycon(FILE * fp)
{
/* There was an attempt to implement this at one time. Look through
* git history to find it. */
fprintf(fp, "Sorry, not implemented\n");
}
-void display_initial_sids(policydb_t * p, FILE * fp)
+static void display_initial_sids(policydb_t * p, FILE * fp)
{
ocontext_t *cur;
char *user, *role, *type;
@@ -459,7 +459,7 @@ void display_initial_sids(policydb_t * p, FILE * fp)
#endif
}
-void display_class_set(ebitmap_t *classes, policydb_t *p, FILE *fp)
+static void display_class_set(ebitmap_t *classes, policydb_t *p, FILE *fp)
{
unsigned int i, num = 0;
@@ -482,7 +482,7 @@ void display_class_set(ebitmap_t *classes, policydb_t *p, FILE *fp)
fprintf(fp, " }");
}
-void display_role_trans(role_trans_rule_t * tr, policydb_t * p, FILE * fp)
+static void display_role_trans(role_trans_rule_t * tr, policydb_t * p, FILE * fp)
{
for (; tr; tr = tr->next) {
fprintf(fp, "role transition ");
@@ -495,7 +495,7 @@ void display_role_trans(role_trans_rule_t * tr, policydb_t * p, FILE * fp)
}
}
-void display_role_allow(role_allow_rule_t * ra, policydb_t * p, FILE * fp)
+static void display_role_allow(role_allow_rule_t * ra, policydb_t * p, FILE * fp)
{
for (; ra; ra = ra->next) {
fprintf(fp, "role allow ");
@@ -517,7 +517,7 @@ static void display_filename_trans(filename_trans_rule_t * tr, policydb_t * p, F
}
}
-int role_display_callback(hashtab_key_t key __attribute__((unused)),
+static int role_display_callback(hashtab_key_t key __attribute__((unused)),
hashtab_datum_t datum, void *data)
{
role_datum_t *role;
@@ -611,7 +611,7 @@ int change_bool(char *name, int state, policydb_t * p, FILE * fp)
}
#endif
-int display_avdecl(avrule_decl_t * decl, int field,
+static int display_avdecl(avrule_decl_t * decl, int field,
policydb_t * policy, FILE * out_fp)
{
fprintf(out_fp, "decl %u:%s\n", decl->decl_id,
@@ -692,7 +692,7 @@ int display_avdecl(avrule_decl_t * decl, int field,
return 0; /* should never get here */
}
-int display_avblock(int field, policydb_t * policy,
+static int display_avblock(int field, policydb_t * policy,
FILE * out_fp)
{
avrule_block_t *block = policydb.global;
@@ -710,7 +710,7 @@ int display_avblock(int field, policydb_t * policy,
return 0;
}
-int display_handle_unknown(policydb_t * p, FILE * out_fp)
+static int display_handle_unknown(policydb_t * p, FILE * out_fp)
{
if (p->handle_unknown == ALLOW_UNKNOWN)
fprintf(out_fp, "Allow unknown classes and perms\n");
@@ -834,7 +834,7 @@ static void display_policycaps(policydb_t * p, FILE * fp)
}
}
-int menu(void)
+static int menu(void)
{
printf("\nSelect a command:\n");
printf("1) display unconditional AVTAB\n");
diff --git a/checkpolicy/test/dispol.c b/checkpolicy/test/dispol.c
index 37f71842c9e6..8ddefb04ac89 100644
--- a/checkpolicy/test/dispol.c
+++ b/checkpolicy/test/dispol.c
@@ -42,7 +42,7 @@ static __attribute__((__noreturn__)) void usage(const char *progname)
exit(1);
}
-int render_access_mask(uint32_t mask, avtab_key_t * key, policydb_t * p,
+static int render_access_mask(uint32_t mask, avtab_key_t * key, policydb_t * p,
FILE * fp)
{
char *perm;
@@ -54,13 +54,13 @@ int render_access_mask(uint32_t mask, avtab_key_t * key, policydb_t * p,
return 0;
}
-int render_type(uint32_t type, policydb_t * p, FILE * fp)
+static int render_type(uint32_t type, policydb_t * p, FILE * fp)
{
fprintf(fp, "%s", p->p_type_val_to_name[type - 1]);
return 0;
}
-int render_key(avtab_key_t * key, policydb_t * p, FILE * fp)
+static int render_key(avtab_key_t * key, policydb_t * p, FILE * fp)
{
char *stype, *ttype, *tclass;
stype = p->p_type_val_to_name[key->source_type - 1];
@@ -84,7 +84,7 @@ int render_key(avtab_key_t * key, policydb_t * p, FILE * fp)
#define RENDER_DISABLED 0x0004
#define RENDER_CONDITIONAL (RENDER_ENABLED|RENDER_DISABLED)
-int render_av_rule(avtab_key_t * key, avtab_datum_t * datum, uint32_t what,
+static int render_av_rule(avtab_key_t * key, avtab_datum_t * datum, uint32_t what,
policydb_t * p, FILE * fp)
{
if (!(what & RENDER_UNCONDITIONAL)) {
@@ -163,7 +163,7 @@ int render_av_rule(avtab_key_t * key, avtab_datum_t * datum, uint32_t what,
return 0;
}
-int display_avtab(avtab_t * a, uint32_t what, policydb_t * p, FILE * fp)
+static int display_avtab(avtab_t * a, uint32_t what, policydb_t * p, FILE * fp)
{
unsigned int i;
avtab_ptr_t cur;
@@ -178,7 +178,7 @@ int display_avtab(avtab_t * a, uint32_t what, policydb_t * p, FILE * fp)
return 0;
}
-int display_bools(policydb_t * p, FILE * fp)
+static int display_bools(policydb_t * p, FILE * fp)
{
unsigned int i;
@@ -189,7 +189,7 @@ int display_bools(policydb_t * p, FILE * fp)
return 0;
}
-void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
+static void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
{
cond_expr_t *cur;
@@ -224,7 +224,7 @@ void display_expr(policydb_t * p, cond_expr_t * exp, FILE * fp)
}
}
-int display_cond_expressions(policydb_t * p, FILE * fp)
+static int display_cond_expressions(policydb_t * p, FILE * fp)
{
cond_node_t *cur;
cond_av_list_t *av_cur;
@@ -249,7 +249,7 @@ int display_cond_expressions(policydb_t * p, FILE * fp)
return 0;
}
-int display_handle_unknown(policydb_t * p, FILE * out_fp)
+static int display_handle_unknown(policydb_t * p, FILE * out_fp)
{
if (p->handle_unknown == ALLOW_UNKNOWN)
fprintf(out_fp, "Allow unknown classes and permissions\n");
@@ -260,7 +260,7 @@ int display_handle_unknown(policydb_t * p, FILE * out_fp)
return 0;
}
-int change_bool(char *name, int state, policydb_t * p, FILE * fp)
+static int change_bool(char *name, int state, policydb_t * p, FILE * fp)
{
cond_bool_datum_t *bool;
@@ -368,7 +368,7 @@ static void display_filename_trans(policydb_t *p, FILE *fp)
hashtab_map(p->filename_trans, filenametr_display, &args);
}
-int menu(void)
+static int menu(void)
{
printf("\nSelect a command:\n");
printf("1) display unconditional AVTAB\n");
--
2.32.0

81
SOURCES/0016-checkpolicy-mark-read-only-parameters-in-policy-defi.patch Normal file
View File

@ -0,0 +1,81 @@
From 1711757378d1ff1e7437fd7d5ddf263272284641 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Tue, 6 Jul 2021 19:54:33 +0200
Subject: [PATCH] checkpolicy: mark read-only parameters in policy define const
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Make it more obvious which parameters are read-only and not being
modified and allow callers to pass const pointers.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
checkpolicy/policy_define.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index efe3a1a26315..75a67d5c8a7c 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -77,7 +77,7 @@ extern int yyerror(const char *msg);
#define ERRORMSG_LEN 255
static char errormsg[ERRORMSG_LEN + 1] = {0};
-static int id_has_dot(char *id);
+static int id_has_dot(const char *id);
static int parse_security_context(context_struct_t *c);
/* initialize all of the state variables for the scanner/parser */
@@ -141,7 +141,7 @@ int insert_id(const char *id, int push)
/* If the identifier has a dot within it and that its first character
is not a dot then return 1, else return 0. */
-static int id_has_dot(char *id)
+static int id_has_dot(const char *id)
{
if (strchr(id, '.') >= id + 1) {
return 1;
@@ -2172,7 +2172,7 @@ void avrule_xperm_setrangebits(uint16_t low, uint16_t high,
}
}
-int avrule_xperms_used(av_extended_perms_t *xperms)
+int avrule_xperms_used(const av_extended_perms_t *xperms)
{
unsigned int i;
@@ -2347,7 +2347,7 @@ unsigned int xperms_for_each_bit(unsigned int *bit, av_extended_perms_t *xperms)
return 0;
}
-int avrule_cpy(avrule_t *dest, avrule_t *src)
+int avrule_cpy(avrule_t *dest, const avrule_t *src)
{
class_perm_node_t *src_perms;
class_perm_node_t *dest_perms, *dest_tail;
@@ -2395,7 +2395,7 @@ int avrule_cpy(avrule_t *dest, avrule_t *src)
return 0;
}
-int define_te_avtab_ioctl(avrule_t *avrule_template)
+int define_te_avtab_ioctl(const avrule_t *avrule_template)
{
avrule_t *avrule;
struct av_ioctl_range_list *rangelist;
@@ -3444,9 +3444,10 @@ bad:
return -1;
}
-static constraint_expr_t *constraint_expr_clone(constraint_expr_t * expr)
+static constraint_expr_t *constraint_expr_clone(const constraint_expr_t * expr)
{
- constraint_expr_t *h = NULL, *l = NULL, *e, *newe;
+ constraint_expr_t *h = NULL, *l = NULL, *newe;
+ const constraint_expr_t *e;
for (e = expr; e; e = e->next) {
newe = malloc(sizeof(*newe));
if (!newe)
--
2.32.0

998
SPECS/checkpolicy.spec Normal file
View File

@ -0,0 +1,998 @@
%define libselinuxver 3.2-5
%define libsepolver 3.2-3
Summary: SELinux policy compiler
Name: checkpolicy
Version: 3.2
Release: 4%{?dist}
License: GPLv2
Source0: https://github.com/SELinuxProject/selinux/releases/download/3.2/checkpolicy-3.2.tar.gz
# $ git clone https://github.com/fedora-selinux/selinux.git
# $ cd selinux
# $ git format-patch -N 3.2 -- checkpolicy
# $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
# Patch list start
Patch0001: 0001-libsepol-checkpolicy-Set-user-roles-using-role-value.patch
Patch0002: 0002-checkpolicy-Do-not-automatically-upgrade-when-using-.patch
Patch0003: 0003-checkpolicy-silence-Wextra-semi-stmt-warning.patch
Patch0004: 0004-checkpolicy-pass-CFLAGS-at-link-stage.patch
Patch0005: 0005-checkpolicy-drop-pipe-compile-option.patch
Patch0006: 0006-checkpolicy-simplify-assignment.patch
Patch0007: 0007-checkpolicy-drop-dead-condition.patch
Patch0008: 0008-checkpolicy-use-correct-format-specifier-for-unsigne.patch
Patch0009: 0009-checkpolicy-follow-declaration-after-statement.patch
Patch0010: 0010-checkpolicy-remove-dead-assignments.patch
Patch0011: 0011-checkpolicy-check-before-potential-NULL-dereference.patch
Patch0012: 0012-checkpolicy-avoid-potential-use-of-uninitialized-var.patch
Patch0013: 0013-checkpolicy-drop-redundant-cast-to-the-same-type.patch
Patch0014: 0014-checkpolicy-parse_util-drop-unused-declaration.patch
Patch0015: 0015-checkpolicy-test-mark-file-local-functions-static.patch
Patch0016: 0016-checkpolicy-mark-read-only-parameters-in-policy-defi.patch
# Patch list end
BuildRequires: gcc
BuildRequires: make
BuildRequires: byacc bison flex flex-static libsepol-static >= %{libsepolver} libselinux-devel >= %{libselinuxver}
%description
Security-enhanced Linux is a feature of the Linux® kernel and a number
of utilities with enhanced security functionality designed to add
mandatory access controls to Linux. The Security-enhanced Linux
kernel contains new architectural components originally developed to
improve the security of the Flask operating system. These
architectural components provide general support for the enforcement
of many kinds of mandatory access control policies, including those
based on the concepts of Type Enforcement®, Role-based Access
Control, and Multi-level Security.
This package contains checkpolicy, the SELinux policy compiler.
Only required for building policies.
%prep
%autosetup -p 2 -n checkpolicy-%{version}
%build
%set_build_flags
%make_build LIBDIR="%{_libdir}"
cd test
%make_build LIBDIR="%{_libdir}"
%install
mkdir -p ${RPM_BUILD_ROOT}%{_bindir}
%make_install LIBDIR="%{_libdir}"
install test/dismod ${RPM_BUILD_ROOT}%{_bindir}/sedismod
install test/dispol ${RPM_BUILD_ROOT}%{_bindir}/sedispol
%files
%{!?_licensedir:%global license %%doc}
%license COPYING
%{_bindir}/checkpolicy
%{_bindir}/checkmodule
%{_mandir}/man8/checkpolicy.8.gz
%{_mandir}/man8/checkmodule.8.gz
%{_mandir}/ru/man8/checkpolicy.8.gz
%{_mandir}/ru/man8/checkmodule.8.gz
%{_bindir}/sedismod
%{_bindir}/sedispol
%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.2-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Wed Jul 28 2021 Petr Lautrbach <plautrba@redhat.com> - 3.2-3
- Rebase on upstream commit 32611aea6543
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 3.2-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Mar 8 2021 Petr Lautrbach <plautrba@redhat.com> - 3.2-1
- SELinux userspace 3.2 release
* Fri Feb 5 2021 Petr Lautrbach <plautrba@redhat.com> - 3.2-0.rc2.1
- SELinux userspace 3.2-rc2 release
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2-0.rc1.1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Jan 21 2021 Petr Lautrbach <plautrba@redhat.com> - 3.2-0.rc1.1
- SELinux userspace 3.2-rc1 release
* Sun Nov 1 2020 Petr Lautrbach <plautrba@redhat.com> - 3.1-4
- Fix signed overflow caused by using (1 << 31) - 1
- Optimize storage of filename transitions
- Rebuild with libsepol.so.2
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jul 13 2020 Tom Stellard <tstellar@redhat.com> - 3.1-2
- Use make macros
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
* Fri Jul 10 2020 Petr Lautrbach <plautrba@redhat.com> - 3.1-1
- SELinux userspace 3.1 release
* Tue Jan 28 2020 Petr Lautrbach <plautrba@redhat.com> - 3.0-3
- Fix -fno-common issues discovered by GCC 10
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Dec 6 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-1
- SELinux userspace 3.0 release
* Mon Nov 11 2019 Petr Lautrbach <plautrba@redhat.com> - 3.0-0.rc1.1
- SELinux userspace 3.0-rc1 release candidate
* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
* Mon Mar 18 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-1
- SELinux userspace 2.9 release
* Mon Mar 11 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-0.rc2.1
- SELinux userspace 2.9-rc2 release
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.9-0.rc1.1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Fri Jan 25 2019 Petr Lautrbach <plautrba@redhat.com> - 2.9-0.rc1.1
- SELinux userspace 2.9-rc1 release
* Mon Jan 21 2019 Petr Lautrbach <plautrba@redhat.com> - 2.8-3
- Check the result value of hashtable_search
- Destroy the class datum if it fails to initialize
* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Fri May 25 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-1
- SELinux userspace 2.8 release
* Tue May 15 2018 Petr Lautrbach <plautrba@workstation> - 2.8-0.rc3.1
- SELinux userspace 2.8-rc3 release candidate
* Mon Apr 23 2018 Petr Lautrbach <plautrba@redhat.com> - 2.8-0.rc1.1
- SELinux userspace 2.8-rc1 release candidate
* Wed Mar 21 2018 Petr Lautrbach <plautrba@redhat.com> - 2.7-7
- Add support for the SCTP portcon keyword
* Tue Mar 13 2018 Petr Lautrbach <plautrba@redhat.com> - 2.7-6
- build: follow standard semantics for DESTDIR and PREFIX
* Thu Feb 22 2018 Florian Weimer <fweimer@redhat.com> - 2.7-5
- Use LDFLAGS from redhat-rpm-config
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.7-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Wed Nov 22 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-3
- Rebuild with libsepol-2.7-3 and libselinux-2.7-6
* Fri Oct 20 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-2
- Rebuilt with libsepol-2.7-2
* Mon Aug 07 2017 Petr Lautrbach <plautrba@redhat.com> - 2.7-1
- Update to upstream release 2017-08-04
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
* Wed Feb 15 2017 Petr Lautrbach <plautrba@redhat.com> - 2.6-1
- Update to upstream release 2016-10-14
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.5-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
* Mon Oct 03 2016 Petr Lautrbach <plautrba@redhat.com> 2.5-8
- Add types associated to a role in the current scope when parsing
* Mon Aug 01 2016 Petr Lautrbach <plautrba@redhat.com> 2.5-7
- Extend checkpolicy pathname matching
- Rebuilt with libsepol-2.5-9
* Mon Jun 27 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-6
- Fix typos in sedispol
* Thu Jun 23 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-5
- Set flex as default lexer
- Fix checkmodule output message
* Wed May 11 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-4
- Rebuilt with libsepol-2.5-6
* Fri Apr 29 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-3
- Build policy on systems not supporting DCCP protocol
- Fail if module name different than output base filename
* Fri Apr 08 2016 Petr Lautrbach <plautrba@redhat.com> - 2.5-2
- Add support for portcon dccp protocol
* Tue Feb 23 2016 Petr Lautrbach <plautrba@redhat.com> 2.5-1
- Update to upstream release 2016-02-23
* Sun Feb 21 2016 Petr Lautrbach <plautrba@redhat.com> 2.5-0.1.rc1
- Update to upstream rc1 release 2016-01-07
* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.4-2.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
* Tue Jul 21 2015 Petr Lautrbach <plautrba@redhat.com> 2.4-1.1
- Update to 2.4 release
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Fri Jul 11 2014 Tom Callaway <spot@fedoraproject.org> - 2.3-3
- fix license handling
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Tue May 6 2014 Dan Walsh <dwalsh@redhat.com> - 2.3-1
- Update to upstream
* Add Android support for building dispol.
* Report source file and line information for neverallow failures.
* Prevent incompatible option combinations for checkmodule.
* Drop -lselinux from LDLIBS for test programs; not used.
* Add debug feature to display constraints/validatetrans from Richard Haines.
* Thu Oct 31 2013 Dan Walsh <dwalsh@redhat.com> - 2.2-1
- Update to upstream
* Fix hyphen usage in man pages from Laurent Bigonville.
* handle-unknown / -U required argument fix from Laurent Bigonville.
* Support overriding Makefile PATH and LIBDIR from Laurent Bigonville.
* Support space and : in filenames from Dan Walsh.
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.12-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
* Tue Jul 16 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-4
- Fix a segmentation fault if the --handle-unknown option was set without
arguments.
- Thanks to Alexandre Rebert and his team at Carnegie Mellon University
for detecting this crash.
* Tue Mar 19 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-3
- ":" should be allowed for file trans names
* Tue Mar 12 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-2
- Space should be allowed for file trans names
* Thu Feb 7 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-1
- Update to upstream
* Fix errors found by coverity
* implement default type policy syntax
* Free allocated memory when clean up / exit.
* Sat Jan 5 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.11-3
- Update to latest patches from eparis/Upstream
- checkpolicy: libsepol: implement default type policy syntax
-
- We currently have a mechanism in which the default user, role, and range
- can be picked up from the source or the target object. This implements
- the same thing for types. The kernel will override this with type
- transition rules and similar. This is just the default if nothing
- specific is given.
* Wed Sep 19 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-2
- Rebuild with fixed libsepol
* Thu Sep 13 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.11-1
- Update to upstream
* fd leak reading policy
* check return code on ebitmap_set_bit
* Mon Jul 30 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-4
- Rebuild to grab latest libsepol
* Tue Jul 24 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-3
- Rebuild to grab latest libsepol
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.10-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
* Wed Jul 4 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.10-1
- Update to upstream
* sepolgen: We need to support files that have a + in them
* Android/MacOS X build support
* Mon Apr 23 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-4
- Rebuild to get latest libsepol which fixes the file_name transition problems
* Tue Apr 17 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-3
- Recompile with libsepol that has support for ptrace_child
* Tue Apr 3 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-2
- Allow checkpolicy to use + in a file name
* Thu Mar 29 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.9-1
- Update to upstream
* implement new default labeling behaviors for usr, role, range
* Fix dead links to www.nsa.gov/selinux
* Mon Jan 16 2012 Dan Walsh <dwalsh@redhat.com> - 2.1.8-3
- Fix man page to link to www.nsa.giv/research/selinux
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.1.8-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Wed Dec 21 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.8-1
-Update to upstream
* add ignoredirs config for genhomedircon
* Fallback_user_level can be NULL if you are not using MLS
* Wed Dec 21 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.7-3
- default_rules should be optional
* Thu Dec 15 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.7-2
- Rebuild with latest libsepol
* Tue Dec 6 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.7-1
- Upgrade to upstream
* dis* fixed signed vs unsigned errors
* dismod: fix unused parameter errors
* test: Makefile: include -W and -Werror
* allow ~ in filename transition rules
- Allow policy to specify the source of target for generating the default user,role
- or mls label for a new target.
* Mon Nov 14 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.6-2
- Allow ~ in a filename
* Fri Nov 4 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.6-1
- Upgrade to upstream
* Revert "checkpolicy: Redo filename/filesystem syntax to support filename trans rules"
* drop libsepol dynamic link in checkpolicy
* Tue Sep 20 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.5-2
- Fix checkpolicy to ignore '"' in filename trans rules
* Mon Sep 19 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.5-1
-Update to upstream
* Separate tunable from boolean during compile.
* Tue Aug 30 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.4-0
-Update to upstream
* checkpolicy: fix spacing in output message
* Thu Aug 18 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.3-0
* add missing ; to attribute_role_def
*Redo filename/filesystem syntax to support filename trans
* Wed Aug 3 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.2-0
-Update to upstream
* .gitignore changes
* dispol output of role trans
* man page update: build a module with an older policy version
* Thu Jul 28 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.1-0
-Update to upstream
* Minor updates to filename trans rule output in dis{mod,pol}
* Thu Jul 28 2011 Dan Walsh <dwalsh@redhat.com> - 2.1.0-1
-Update to upstream
* Mon May 23 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.26-1
-Update to upstream
* Wrap file names in filename transitions with quotes by Steve Lawrence.
* Allow filesystem names to start with a digit by James Carter.
* Add support for using the last path compnent in type transitions by Eric
* Thu Apr 21 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-2
* Fixes for new role_transition class field by Eric Paris.
* Fri Apr 15 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-2
- Add "-" as a file type
* Tue Apr 12 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.24-1
-Update to upstream
* Add new class field in role_transition by Harry Ciao.
* Mon Apr 11 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.23-5
- Fix type_transition to allow all files
* Tue Mar 29 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.23-4
- Patches from Eric Paris
We just use random numbers to make menu selections. Use #defines and
names that make some sense instead.
This patch adds support for using the last path component as part of the
information in making labeling decisions for new objects. A example
rule looks like so:
type_transition unconfined_t etc_t:file system_conf_t eric;
This rule says if unconfined_t creates a file in a directory labeled
etc_t and the last path component is "eric" (no globbing, no matching
magic, just exact strcmp) it should be labeled system_conf_t.
The kernel and policy representation does not have support for such
rules in conditionals, and thus policy explicitly notes that fact if
such a rule is added to a conditional.
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.23-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Wed Jan 12 2011 Dan Walsh <dwalsh@redhat.com> - 2.0.23-2
- Add James Carters Patch
*This patch is needed because some filesystem names (such as 9p) start
with a digit.
* Tue Dec 21 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.23-1
- Latest update from NSA
* Remove unused variables to fix compliation under GCC 4.6 by Justin Mattock
* Wed Dec 8 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.22-2
- Rebuild to make sure it will build in Fedora
* Wed Jun 16 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.22-1
- Latest update from NSA
* Update checkmodule man page and usage by Daniel Walsh and Steve Lawrence
- Allow policy version to be one number
* Mon May 3 2010 Dan Walsh <dwalsh@redhat.com> - 2.0.21-2
- Fix checkmodule man page and usage statements
* Sun Nov 1 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.21-1
- Latest update from NSA
* Add support for building Xen policies from Paul Nuzzi.
* Add long options to checkpolicy and checkmodule by Guido
Trentalancia <guido@trentalancia.com>
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.19-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
* Mon Feb 23 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.0.19-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
* Wed Feb 18 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.19-1
- Latest update from NSA
* Fix alias field in module format, caused by boundary format change
from Caleb Case.
* Fri Jan 30 2009 Dan Walsh <dwalsh@redhat.com> - 2.0.18-1
- Latest update from NSA
* Properly escape regex symbols in the lexer from Stephen Smalley.
* Add bounds support from KaiGai Kohei.
* Tue Oct 28 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.16-4
* Mon Jul 7 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.16-3
- Rebuild with new libsepol
* Wed May 28 2008 Tom "spot" Callaway <tcallawa@redhat.com> 2.0.16-2
- fix license tag
* Wed May 28 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.16-1
- Latest update from NSA
* Update checkpolicy for user and role mapping support from Joshua Brindle.
* Fri May 2 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.15-1
- Latest update from NSA
* Fix for policy module versions that look like IPv4 addresses from Jim Carter.
Resolves bug 444451.
* Fri May 2 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.14-2
- Allow modules with 4 sections or more
* Thu Mar 27 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.14-1
- Latest update from NSA
* Add permissive domain support from Eric Paris.
* Thu Mar 13 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.13-1
- Latest update from NSA
* Split out non-grammar parts of policy_parse.yacc into
policy_define.c and policy_define.h from Todd C. Miller.
* Initialize struct policy_file before using it, from Todd C. Miller.
* Remove unused define, move variable out of .y file, simplify COND_ERR, from Todd C. Miller.
* Thu Feb 28 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.10-1
- Latest update from NSA
* Use yyerror2() where appropriate from Todd C. Miller.
- Build against latest libsepol
* Fri Feb 22 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.9-2
- Start shipping sedismod and sedispol
* Mon Feb 4 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.9-1
- Latest update from NSA
* Update dispol for libsepol avtab changes from Stephen Smalley.
* Fri Jan 25 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.8-1
- Latest update from NSA
* Deprecate role dominance in parser.
* Mon Jan 21 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.7-2
- Update to use libsepol-static library
* Fri Jan 11 2008 Dan Walsh <dwalsh@redhat.com> - 2.0.7-1
- Latest update from NSA
* Added support for policy capabilities from Todd Miller.
* Thu Nov 15 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.6-1
- Latest update from NSA
* Initialize the source file name from the command line argument so that checkpolicy/checkmodule report something more useful than "unknown source".
* Merged remove use of REJECT and trailing context in lex rules; make ipv4 address parsing like ipv6 from James Carter.
* Tue Sep 18 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.4-1
* Merged handle unknown policydb flag support from Eric Paris.
Adds new command line options -U {allow, reject, deny} for selecting
the flag when a base module or kernel policy is built.
* Tue Aug 28 2007 Fedora Release Engineering <rel-eng at fedoraproject dot org> - 2.0.3-3
- Rebuild for selinux ppc32 issue.
* Mon Jun 18 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.3-2
- Rebuild with the latest libsepol
* Sun Jun 17 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.3-1
- Latest update from NSA
* Merged fix for segfault on duplicate require of sensitivity from Caleb Case.
* Merged fix for dead URLs in checkpolicy man pages from Dan Walsh.
* Thu Apr 12 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.2-1
- Latest update from NSA
* Merged checkmodule man page fix from Dan Walsh.
* Fri Mar 30 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.1-3
- Rebuild with new libsepol
* Wed Mar 28 2007 Dan Walsh <dwalsh@redhat.com> - 2.0.1-2
- Rebuild with new libsepol
* Mon Nov 20 2006 Dan Walsh <dwalsh@redhat.com> - 2.0.1-1
- Latest update from NSA
* Merged patch to allow dots in class identifiers from Caleb Case.
* Tue Nov 14 2006 Dan Walsh <dwalsh@redhat.com> - 2.0.0-1
- Latest update from NSA
* Merged patch to use new libsepol error codes by Karl MacMillan.
* Updated version for stable branch.
* Tue Nov 14 2006 Dan Walsh <dwalsh@redhat.com> - 1.33.1-2
- Rebuild for new libraries
* Tue Nov 14 2006 Dan Walsh <dwalsh@redhat.com> - 1.33.1-1
- Latest update from NSA
* Collapse user identifiers and identifiers together.
* Tue Oct 17 2006 Dan Walsh <dwalsh@redhat.com> - 1.32-1
- Latest update from NSA
* Updated version for release.
* Thu Sep 28 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.12-1
- Latest update from NSA
* Merged user and range_transition support for modules from
Darrel Goeddel
* Wed Sep 6 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.11-1
- Latest update from NSA
* merged range_transition enhancements and user module format
changes from Darrel Goeddel
* Merged symtab datum patch from Karl MacMillan.
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.30.9-1.1
- rebuild
* Tue Jul 4 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.8-1
- Latest upgrade from NSA
* Lindent.
* Merged patch to remove TE rule conflict checking from the parser
from Joshua Brindle. This can only be done properly by the
expander.
* Merged patch to make checkpolicy/checkmodule handling of
duplicate/conflicting TE rules the same as the expander
from Joshua Brindle.
* Merged optionals in base take 2 patch set from Joshua Brindle.
* Tue May 23 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.5-1
- Latest upgrade from NSA
* Merged compiler cleanup patch from Karl MacMillan.
* Merged fix warnings patch from Karl MacMillan.
* Wed Apr 5 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.4-1
- Latest upgrade from NSA
* Changed require_class to reject permissions that have not been
declared if building a base module.
* Tue Mar 28 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.3-1
- Latest upgrade from NSA
* Fixed checkmodule to call link_modules prior to expand_module
to handle optionals.
* Fixed require_class to avoid shadowing permissions already defined
in an inherited common definition.
* Mon Mar 27 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.1-2
- Rebuild with new libsepol
* Thu Mar 23 2006 Dan Walsh <dwalsh@redhat.com> - 1.30.1-1
- Latest upgrade from NSA
* Moved processing of role and user require statements to 2nd pass.
* Fri Mar 17 2006 Dan Walsh <dwalsh@redhat.com> - 1.30-1
- Latest upgrade from NSA
* Updated version for release.
* Fixed bug in role dominance (define_role_dom).
* Fri Feb 17 2006 Dan Walsh <dwalsh@redhat.com> - 1.29.4-1
- Latest upgrade from NSA
* Added a check for failure to declare each sensitivity in
a level definition.
* Changed to clone level data for aliased sensitivities to
avoid double free upon sens_destroy. Bug reported by Kevin
Carr of Tresys Technology.
* Mon Feb 13 2006 Dan Walsh <dwalsh@redhat.com> - 1.29.2-1
- Latest upgrade from NSA
* Merged optionals in base patch from Joshua Brindle.
* Mon Feb 13 2006 Dan Walsh <dwalsh@redhat.com> - 1.29.1-1.2
- Need to build againi
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.29.1-1.1
- bump again for double-long bug on ppc(64)
* Tue Feb 07 2006 Dan Walsh <dwalsh@redhat.com> 1.29.1-1
- Latest upgrade from NSA
* Merged sepol_av_to_string patch from Joshua Brindle.
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.28-5.1
- rebuilt for new gcc4.1 snapshot and glibc changes
* Fri Jan 13 2006 Dan Walsh <dwalsh@redhat.com> 1.28-5
- Rebuild to get latest libsepol
* Fri Jan 13 2006 Dan Walsh <dwalsh@redhat.com> 1.28-5
- Rebuild to get latest libsepol
* Thu Jan 5 2006 Dan Walsh <dwalsh@redhat.com> 1.28-4
- Rebuild to get latest libsepol
* Wed Jan 4 2006 Dan Walsh <dwalsh@redhat.com> 1.28-3
- Rebuild to get latest libsepol
* Fri Dec 16 2005 Dan Walsh <dwalsh@redhat.com> 1.28-2
- Rebuild to get latest libsepol
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com>
- rebuilt
* Fri Dec 9 2005 Dan Walsh <dwalsh@redhat.com> 1.28-1
- Latest upgrade from NSA
* Sun Dec 4 2005 Dan Walsh <dwalsh@redhat.com> 1.27.20-1
- Latest upgrade from NSA
* Merged checkmodule man page from Dan Walsh, and edited it.
* Thu Dec 1 2005 Dan Walsh <dwalsh@redhat.com> 1.27.19-1
- Latest upgrade from NSA
* Added error checking of all ebitmap_set_bit calls for out of
memory conditions.
* Merged removal of compatibility handling of netlink classes
(requirement that policies with newer versions include the
netlink class definitions, remapping of fine-grained netlink
classes in newer source policies to single netlink class when
generating older policies) from George Coker.
* Tue Nov 8 2005 Dan Walsh <dwalsh@redhat.com> 1.27.17-7
- Rebuild to get latest libsepol
* Tue Oct 25 2005 Dan Walsh <dwalsh@redhat.com> 1.27.17-1
- Latest upgrade from NSA
* Merged dismod fix from Joshua Brindle.
* Thu Oct 20 2005 Dan Walsh <dwalsh@redhat.com> 1.27.16-1
- Latest upgrade from NSA
* Removed obsolete cond_check_type_rules() function and call and
cond_optimize_lists() call from checkpolicy.c; these are handled
during parsing and expansion now.
* Updated calls to expand_module for interface change.
* Changed checkmodule to verify that expand_module succeeds
when building base modules.
* Merged module compiler fixes from Joshua Brindle.
* Removed direct calls to hierarchy_check_constraints() and
check_assertions() from checkpolicy since they are now called
internally by expand_module().
* Tue Oct 18 2005 Dan Walsh <dwalsh@redhat.com> 1.27.11-1
- Latest upgrade from NSA
* Updated for changes to sepol policydb_index_others interface.
* Tue Oct 18 2005 Dan Walsh <dwalsh@redhat.com> 1.27.10-1
- Latest upgrade from NSA
* Updated for changes to sepol expand_module and link_modules interfaces.
* Sat Oct 15 2005 Dan Walsh <dwalsh@redhat.com> 1.27.9-2
- Rebuild to get latest libsepol
* Fri Oct 14 2005 Dan Walsh <dwalsh@redhat.com> 1.27.9-1
- Latest upgrade from NSA
* Merged support for require blocks inside conditionals from
Joshua Brindle (Tresys).
* Wed Oct 12 2005 Karsten Hopp <karsten@redhat.de> 1.27.8-2
- add buildrequirement for libselinux-devel for dispol
* Mon Oct 10 2005 Dan Walsh <dwalsh@redhat.com> 1.27.8-1
- Latest upgrade from NSA
* Updated for changes to libsepol.
* Fri Oct 7 2005 Dan Walsh <dwalsh@redhat.com> 1.27.7-2
- Rebuild to get latest libsepol
* Thu Oct 6 2005 Dan Walsh <dwalsh@redhat.com> 1.27.7-1
- Latest upgrade from NSA
* Merged several bug fixes from Joshua Brindle (Tresys).
* Tue Oct 4 2005 Dan Walsh <dwalsh@redhat.com> 1.27.6-1
- Latest upgrade from NSA
* Merged MLS in modules patch from Joshua Brindle (Tresys).
* Mon Oct 3 2005 Dan Walsh <dwalsh@redhat.com> 1.27.5-2
- Rebuild to get latest libsepol
* Wed Sep 28 2005 Dan Walsh <dwalsh@redhat.com> 1.27.5-1
- Latest upgrade from NSA
* Merged error handling improvement in checkmodule from Karl MacMillan (Tresys).
* Tue Sep 27 2005 Dan Walsh <dwalsh@redhat.com> 1.27.4-1
- Latest upgrade from NSA
* Merged bugfix for dup role transition error messages from
Karl MacMillan (Tresys).
* Fri Sep 23 2005 Dan Walsh <dwalsh@redhat.com> 1.27.3-1
- Latest upgrade from NSA
* Merged policyver/modulever patches from Joshua Brindle (Tresys).
* Wed Sep 21 2005 Dan Walsh <dwalsh@redhat.com> 1.27.2-2
- Rebuild to get latest libsepol
* Wed Sep 21 2005 Dan Walsh <dwalsh@redhat.com> 1.27.2-1
- Latest upgrade from NSA
* Fixed parse_categories handling of undefined category.
* Tue Sep 20 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-2
- Rebuild to get latest libsepol
* Sat Sep 17 2005 Dan Walsh <dwalsh@redhat.com> 1.27.1-1
- Latest upgrade from NSA
* Merged bug fix for role dominance handling from Darrel Goeddel (TCS).
* Wed Sep 14 2005 Dan Walsh <dwalsh@redhat.com> 1.26-2
- Rebuild to get latest libsepol
* Mon Sep 12 2005 Dan Walsh <dwalsh@redhat.com> 1.26-1
- Latest upgrade from NSA
* Updated version for release.
- Rebuild to get latest libsepol
* Thu Sep 1 2005 Dan Walsh <dwalsh@redhat.com> 1.25.12-3
- Rebuild to get latest libsepol
* Mon Aug 29 2005 Dan Walsh <dwalsh@redhat.com> 1.25.12-2
- Rebuild to get latest libsepol
* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.12-1
- Update to NSA Release
* Fixed handling of validatetrans constraint expressions.
Bug reported by Dan Walsh for checkpolicy -M.
* Mon Aug 22 2005 Dan Walsh <dwalsh@redhat.com> 1.25.11-2
- Fix mls crash
* Fri Aug 19 2005 Dan Walsh <dwalsh@redhat.com> 1.25.11-1
- Update to NSA Release
* Merged use-after-free fix from Serge Hallyn (IBM).
Bug found by Coverity.
* Sun Aug 14 2005 Dan Walsh <dwalsh@redhat.com> 1.25.10-1
- Update to NSA Release
* Fixed further memory leaks found by valgrind.
* Changed checkpolicy to destroy the policydbs prior to exit
to allow leak detection.
* Fixed several memory leaks found by valgrind.
* Sun Aug 14 2005 Dan Walsh <dwalsh@redhat.com> 1.25.8-3
- Rebuild to get latest libsepol changes
* Sat Aug 13 2005 Dan Walsh <dwalsh@redhat.com> 1.25.8-2
- Rebuild to get latest libsepol changes
* Thu Aug 11 2005 Dan Walsh <dwalsh@redhat.com> 1.25.8-1
- Update to NSA Release
* Updated checkpolicy and dispol for the new avtab format.
Converted users of ebitmaps to new inline operators.
Note: The binary policy format version has been incremented to
version 20 as a result of these changes. To build a policy
for a kernel that does not yet include these changes, use
the -c 19 option to checkpolicy.
* Merged patch to prohibit use of "self" as a type name from Jason Tang (Tresys).
* Merged patch to fix dismod compilation from Joshua Brindle (Tresys).
* Wed Aug 10 2005 Dan Walsh <dwalsh@redhat.com> 1.25.5-1
- Update to NSA Release
* Fixed call to hierarchy checking code to pass the right policydb.
* Merged patch to update dismod for the relocation of the
module read/write code from libsemanage to libsepol, and
to enable build of test subdirectory from Jason Tang (Tresys).
* Thu Jul 28 2005 Dan Walsh <dwalsh@redhat.com> 1.25.3-1
- Update to NSA Release
* Merged hierarchy check fix from Joshua Brindle (Tresys).
* Thu Jul 7 2005 Dan Walsh <dwalsh@redhat.com> 1.25.2-1
- Update to NSA Release
* Merged loadable module support from Tresys Technology.
* Merged patch to prohibit the use of * and ~ in type sets
(other than in neverallow statements) and in role sets
from Joshua Brindle (Tresys).
* Updated version for release.
* Fri May 20 2005 Dan Walsh <dwalsh@redhat.com> 1.23-4-1
- Update to NSA Release
* Merged cleanup patch from Dan Walsh.
* Thu May 19 2005 Dan Walsh <dwalsh@redhat.com> 1.23-3-1
- Update to NSA Release
* Added sepol_ prefix to Flask types to avoid namespace
collision with libselinux.
* Sat May 7 2005 Dan Walsh <dwalsh@redhat.com> 1.23-2-1
- Update to NSA Release
* Merged identifier fix from Joshua Brindle (Tresys).
* Thu Apr 14 2005 Dan Walsh <dwalsh@redhat.com> 1.23,1-1
* Merged hierarchical type/role patch from Tresys Technology.
* Merged MLS fixes from Darrel Goeddel of TCS.
* Thu Mar 10 2005 Dan Walsh <dwalsh@redhat.com> 1.22-1
- Update to NSA Release
* Tue Mar 1 2005 Dan Walsh <dwalsh@redhat.com> 1.21.4-2
- Rebuild for FC4
* Thu Feb 17 2005 Dan Walsh <dwalsh@redhat.com> 1.21.4-1
* Merged define_user() cleanup patch from Darrel Goeddel (TCS).
* Moved genpolusers utility to libsepol.
* Merged range_transition support from Darrel Goeddel (TCS).
* Thu Feb 10 2005 Dan Walsh <dwalsh@redhat.com> 1.21.2-1
- Latest from NSA
* Changed relabel Makefile target to use restorecon.
* Mon Feb 7 2005 Dan Walsh <dwalsh@redhat.com> 1.21.1-1
- Latest from NSA
* Merged enhanced MLS support from Darrel Goeddel (TCS).
* Fri Jan 7 2005 Dan Walsh <dwalsh@redhat.com> 1.20.1-1
- Update for version increase at NSA
* Mon Dec 20 2004 Dan Walsh <dwalsh@redhat.com> 1.19.2-1
- Latest from NSA
* Merged typeattribute statement patch from Darrel Goeddel of TCS.
* Changed genpolusers to handle multiple user config files.
* Merged nodecon ordering patch from Chad Hanson of TCS.
* Thu Nov 11 2004 Dan Walsh <dwalsh@redhat.com> 1.19.1-1
- Latest from NSA
* Merged nodecon ordering patch from Chad Hanson of TCS.
* Thu Nov 4 2004 Dan Walsh <dwalsh@redhat.com> 1.18.1-1
- Latest from NSA
* MLS build fix.
* Sat Sep 4 2004 Dan Walsh <dwalsh@redhat.com> 1.17.5-1
- Latest from NSA
* Fixed Makefile dependencies (Chris PeBenito).
* Sat Sep 4 2004 Dan Walsh <dwalsh@redhat.com> 1.17.4-1
- Latest from NSA
* Fixed Makefile dependencies (Chris PeBenito).
* Sat Sep 4 2004 Dan Walsh <dwalsh@redhat.com> 1.17.3-1
- Latest from NSA
* Merged fix for role dominance ordering issue from Chad Hanson of TCS.
* Mon Aug 30 2004 Dan Walsh <dwalsh@redhat.com> 1.17.2-1
- Latest from NSA
* Thu Aug 26 2004 Dan Walsh <dwalsh@redhat.com> 1.16.3-1
- Fix NSA package to not include y.tab files.
* Tue Aug 24 2004 Dan Walsh <dwalsh@redhat.com> 1.16.2-1
- Latest from NSA
- Allow port ranges to overlap
* Sun Aug 22 2004 Dan Walsh <dwalsh@redhat.com> 1.16.1-1
- Latest from NSA
* Mon Aug 16 2004 Dan Walsh <dwalsh@redhat.com> 1.15.6-1
- Latest from NSA
* Fri Aug 13 2004 Dan Walsh <dwalsh@redhat.com> 1.15.5-1
- Latest from NSA
* Wed Aug 11 2004 Dan Walsh <dwalsh@redhat.com> 1.15.4-1
- Latest from NSA
* Sat Aug 7 2004 Dan Walsh <dwalsh@redhat.com> 1.15.3-1
- Latest from NSA
* Wed Aug 4 2004 Dan Walsh <dwalsh@redhat.com> 1.15.2-1
- Latest from NSA
* Sat Jul 31 2004 Dan Walsh <dwalsh@redhat.com> 1.15.1-1
- Latest from NSA
* Tue Jul 27 2004 Dan Walsh <dwalsh@redhat.com> 1.14.2-1
- Latest from NSA
* Wed Jun 30 2004 Dan Walsh <dwalsh@redhat.com> 1.14.1-1
- Latest from NSA
* Fri Jun 18 2004 Dan Walsh <dwalsh@redhat.com> 1.12.2-1
- Latest from NSA
* Thu Jun 17 2004 Dan Walsh <dwalsh@redhat.com> 1.12.1-1
- Update to latest from NSA
* Wed Jun 16 2004 Dan Walsh <dwalsh@redhat.com> 1.12-1
- Update to latest from NSA
* Wed Jun 16 2004 Dan Walsh <dwalsh@redhat.com> 1.10-5
- Add nlclass patch
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Fri Jun 4 2004 Dan Walsh <dwalsh@redhat.com> 1.10-3
- Add BuildRequires flex
* Thu Apr 8 2004 Dan Walsh <dwalsh@redhat.com> 1.10-2
- Add BuildRequires byacc
* Thu Apr 8 2004 Dan Walsh <dwalsh@redhat.com> 1.10-1
- Upgrade to the latest from NSA
* Mon Mar 15 2004 Dan Walsh <dwalsh@redhat.com> 1.8-1
- Upgrade to the latest from NSA
* Tue Feb 24 2004 Dan Walsh <dwalsh@redhat.com> 1.6-1
- Upgrade to the latest from NSA
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
* Tue Jan 20 2004 Dan Walsh <dwalsh@redhat.com> 1.4-6
- Add typealias patch
* Tue Jan 20 2004 Dan Walsh <dwalsh@redhat.com> 1.4-5
- Update excludetypes with negset-final patch
* Wed Jan 14 2004 Dan Walsh <dwalsh@redhat.com> 1.4-4
- Add excludetypes patch
* Wed Jan 14 2004 Dan Walsh <dwalsh@redhat.com> 1.4-3
- Add Colin Walter's lineno patch
* Wed Jan 7 2004 Dan Walsh <dwalsh@redhat.com> 1.4-2
- Remove check for roles transition
* Sat Dec 6 2003 Dan Walsh <dwalsh@redhat.com> 1.4-1
- upgrade to 1.4
* Wed Oct 1 2003 Dan Walsh <dwalsh@redhat.com> 1.2-1
- upgrade to 1.2
* Thu Aug 28 2003 Dan Walsh <dwalsh@redhat.com> 1.1-2
- upgrade to 1.1
* Mon Jun 2 2003 Dan Walsh <dwalsh@redhat.com> 1.0-1
- Initial version