From 05eb6e0b2a93f46ed099ed001a80d9b51d734163 Mon Sep 17 00:00:00 2001 From: Petr Lautrbach Date: Wed, 18 Dec 2024 15:04:38 +0100 Subject: [PATCH] SELinux userspace 3.8-rc3 release Resolves: RHEL-69451 --- .gitignore | 2 + ...-drop-reachable-assert-in-sefcontext.patch | 54 ------------------- changelog | 3 ++ libselinux.spec | 11 ++-- sources | 4 +- 5 files changed, 12 insertions(+), 62 deletions(-) delete mode 100644 0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch diff --git a/.gitignore b/.gitignore index eae1565..94c426e 100644 --- a/.gitignore +++ b/.gitignore @@ -236,3 +236,5 @@ libselinux-2.0.96.tgz /libselinux-3.7.tar.gz.asc /libselinux-3.8-rc1.tar.gz /libselinux-3.8-rc1.tar.gz.asc +/libselinux-3.8-rc3.tar.gz +/libselinux-3.8-rc3.tar.gz.asc diff --git a/0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch b/0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch deleted file mode 100644 index c0b23c1..0000000 --- a/0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch +++ /dev/null @@ -1,54 +0,0 @@ -From ac0fc6d50077a6f33df9859322e13a2434070d4c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 3 Dec 2024 16:54:48 +0100 -Subject: [PATCH] libselinux/utils: drop reachable assert in sefcontext_compile -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit -Content-type: text/plain - -The two asserts following qsort(3) where useful during development to -ensure the comparison function and the corresponding pointer handling -were correct. They however do not take into account an empty file -context definition file containing no definitions and thus `stab->nel` -being NULL. Drop the two asserts. - -Also return early to not depend on whether calloc(3) called with a size -of zero returns NULL or a special value. - -Reported-by: Petr Lautrbach -Closes: https://lore.kernel.org/selinux/87jzchqck5.fsf@redhat.com/ -Fixes: 92306daf ("libselinux: rework selabel_file(5) database") -Signed-off-by: Christian Göttsche -Tested-by: Petr Lautrbach -Acked-by: James Carter ---- - libselinux/utils/sefcontext_compile.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c -index 23d312744016..e5da51ea12df 100644 ---- a/libselinux/utils/sefcontext_compile.c -+++ b/libselinux/utils/sefcontext_compile.c -@@ -188,6 +188,9 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab) - if (len != 1) - return -1; - -+ if (stab->nel == 0) -+ return 0; -+ - /* sort entries by id */ - sids = calloc(stab->nel, sizeof(*sids)); - if (!sids) -@@ -203,8 +206,6 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab) - } - assert(index == stab->nel); - qsort(sids, stab->nel, sizeof(struct security_id), security_id_compare); -- assert(sids[0].id == 1); -- assert(sids[stab->nel - 1].id == stab->nel); - - /* write raw contexts sorted by id */ - for (uint32_t i = 0; i < stab->nel; i++) { --- -2.47.0 - diff --git a/changelog b/changelog index e8d2e33..3cbb7f2 100644 --- a/changelog +++ b/changelog @@ -1,3 +1,6 @@ +* Wed Dec 18 2024 Petr Lautrbach - 3.8-0.rc3.1 +- SELinux userspace 3.8-rc3 release + * Wed Dec 04 2024 Petr Lautrbach - 3.8-0.rc1.2 - libselinux/utils: drop reachable assert in sefcontext_compile diff --git a/libselinux.spec b/libselinux.spec index fbce7c0..9f7cf8e 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -1,14 +1,14 @@ %define ruby_inc %(pkg-config --cflags ruby) -%define libsepolver 3.8-0 +%define libsepolver 3.8-0.rc3 Summary: SELinux library and simple utilities Name: libselinux Version: 3.8 -Release: 0.rc1.2%{?dist} +Release: 0.rc3.1%{?dist} License: LicenseRef-Fedora-Public-Domain # https://github.com/SELinuxProject/selinux/wiki/Releases -Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz -Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz.asc +Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz +Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz.asc Source2: https://github.com/bachradsusi.gpg Source3: selinuxconlist.8 Source4: selinuxdefcon.8 @@ -20,7 +20,6 @@ Url: https://github.com/SELinuxProject/selinux/wiki # $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done # Patch list start Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch -Patch0002: 0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch # Patch list end BuildRequires: gcc make BuildRequires: ruby-devel ruby libsepol-static >= %{libsepolver} swig pcre2-devel @@ -93,7 +92,7 @@ needed for developing SELinux applications. %prep %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' -%autosetup -p 2 -n libselinux-%{version}-rc1 +%autosetup -p 2 -n libselinux-%{version}-rc3 %build export DISABLE_RPM="y" diff --git a/sources b/sources index 1fbbc90..6cce4ab 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (libselinux-3.8-rc1.tar.gz) = 16fbc4d903061f696b5396690da69b7bc18f158742c789ef70d543d51fe5015abc73d9205e3b147cec0d293a1448735e2b9e39edd562690156c946a0f53dcb38 -SHA512 (libselinux-3.8-rc1.tar.gz.asc) = 52e0fbf7e61fe6c67cfa2ca214bbf2cae94f016feeb3b317e8c4f6bffb9c2f3b93cfd425669c1c9fc97b35cdb77b2f153b11f9daa654817565aa40d76dc936f2 +SHA512 (libselinux-3.8-rc3.tar.gz) = 1c524441b5a1f9cadb68756f1453d6a89d8ea31d12228d4c5d38c791b734fb5013bdd7cae32a8ff7a1eefddaf07a9242773bdafa8deddd74c687bd3b43f85909 +SHA512 (libselinux-3.8-rc3.tar.gz.asc) = 7704fc74f51506fce16c89cad77ecee46f2523bd647ea6ac491cb60181dba7c9b4edc5a8783f77f50d71091c076ba2d8d2dbdf54cbd144f63ce4dc582a367f6a