SELinux userspace 3.8-rc3 release

Resolves: RHEL-69451
2024-12-18 15:04:38 +01:00 · 2024-12-18 15:04:38 +01:00 · 05eb6e0b2a
commit 05eb6e0b2a
parent daf7971d4c
5 changed files with 12 additions and 62 deletions
--- a/.gitignore
+++ b/.gitignore
@ -236,3 +236,5 @@ libselinux-2.0.96.tgz
 /libselinux-3.7.tar.gz.asc
 /libselinux-3.8-rc1.tar.gz
 /libselinux-3.8-rc1.tar.gz.asc
 /libselinux-3.8-rc3.tar.gz
 /libselinux-3.8-rc3.tar.gz.asc
--- a/0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch
+++ b/0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch
@ -1,54 +0,0 @@
 From ac0fc6d50077a6f33df9859322e13a2434070d4c Mon Sep 17 00:00:00 2001
 From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
 Date: Tue, 3 Dec 2024 16:54:48 +0100
 Subject: [PATCH] libselinux/utils: drop reachable assert in sefcontext_compile
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Content-type: text/plain
 The two asserts following qsort(3) where useful during development to
 ensure the comparison function and the corresponding pointer handling
 were correct.  They however do not take into account an empty file
 context definition file containing no definitions and thus `stab->nel`
 being NULL.  Drop the two asserts.
 Also return early to not depend on whether calloc(3) called with a size
 of zero returns NULL or a special value.
 Reported-by: Petr Lautrbach <lautrbach@redhat.com>
 Closes: https://lore.kernel.org/selinux/87jzchqck5.fsf@redhat.com/
 Fixes: 92306daf ("libselinux: rework selabel_file(5) database")
 Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
 Tested-by: Petr Lautrbach <lautrbach@redhat.com>
 Acked-by: James Carter <jwcart2@gmail.com>
 ---
 libselinux/utils/sefcontext_compile.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
 diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c
 index 23d312744016..e5da51ea12df 100644
 --- a/libselinux/utils/sefcontext_compile.c
 +++ b/libselinux/utils/sefcontext_compile.c
@@ -188,6 +188,9 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab)
 	if (len != 1)
 		return -1;
 +	if (stab->nel == 0)
 +		return 0;
 +
 	/* sort entries by id */
 	sids = calloc(stab->nel, sizeof(*sids));
 	if (!sids)
@@ -203,8 +206,6 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab)
 	}
 	assert(index == stab->nel);
 	qsort(sids, stab->nel, sizeof(struct security_id), security_id_compare);
 -	assert(sids[0].id == 1);
 -	assert(sids[stab->nel - 1].id == stab->nel);
 	/* write raw contexts sorted by id */
 	for (uint32_t i = 0; i < stab->nel; i++) {
 -- 
 2.47.0
--- a/3
+++ b/3
@ -1,3 +1,6 @@
 * Wed Dec 18 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.8-0.rc3.1
 - SELinux userspace 3.8-rc3 release
 * Wed Dec 04 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.8-0.rc1.2
 - libselinux/utils: drop reachable assert in sefcontext_compile
--- a/libselinux.spec
+++ b/libselinux.spec
@ -1,14 +1,14 @@
 %define ruby_inc %(pkg-config --cflags ruby)
-%define libsepolver 3.8-0
+%define libsepolver 3.8-0.rc3
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 3.8
-Release: 0.rc1.2%{?dist}
+Release: 0.rc3.1%{?dist}
 License: LicenseRef-Fedora-Public-Domain
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz
+Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz
-Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc1/libselinux-%{version}-rc1.tar.gz.asc
+Source1: https://github.com/SELinuxProject/selinux/releases/download/%{version}-rc3/libselinux-%{version}-rc3.tar.gz.asc
 Source2: https://github.com/bachradsusi.gpg
 Source3: selinuxconlist.8
 Source4: selinuxdefcon.8
@ -20,7 +20,6 @@ Url: https://github.com/SELinuxProject/selinux/wiki
 # $ i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
 # Patch list start
 Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch
 Patch0002: 0002-libselinux-utils-drop-reachable-assert-in-sefcontext.patch
 # Patch list end
 BuildRequires: gcc make
 BuildRequires: ruby-devel ruby libsepol-static >= %{libsepolver} swig pcre2-devel
@ -93,7 +92,7 @@ needed for developing SELinux applications.
 %prep
 %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'
-%autosetup -p 2 -n libselinux-%{version}-rc1
+%autosetup -p 2 -n libselinux-%{version}-rc3
 %build
 export DISABLE_RPM="y"
--- a/4
+++ b/4
@ -1,2 +1,2 @@
-SHA512 (libselinux-3.8-rc1.tar.gz) = 16fbc4d903061f696b5396690da69b7bc18f158742c789ef70d543d51fe5015abc73d9205e3b147cec0d293a1448735e2b9e39edd562690156c946a0f53dcb38
+SHA512 (libselinux-3.8-rc3.tar.gz) = 1c524441b5a1f9cadb68756f1453d6a89d8ea31d12228d4c5d38c791b734fb5013bdd7cae32a8ff7a1eefddaf07a9242773bdafa8deddd74c687bd3b43f85909
-SHA512 (libselinux-3.8-rc1.tar.gz.asc) = 52e0fbf7e61fe6c67cfa2ca214bbf2cae94f016feeb3b317e8c4f6bffb9c2f3b93cfd425669c1c9fc97b35cdb77b2f153b11f9daa654817565aa40d76dc936f2
+SHA512 (libselinux-3.8-rc3.tar.gz.asc) = 7704fc74f51506fce16c89cad77ecee46f2523bd647ea6ac491cb60181dba7c9b4edc5a8783f77f50d71091c076ba2d8d2dbdf54cbd144f63ce4dc582a367f6a
`@ -1,2 +1,2 @@`
	`SHA512 (libselinux-3.8-rc1.tar.gz) = 16fbc4d903061f696b5396690da69b7bc18f158742c789ef70d543d51fe5015abc73d9205e3b147cec0d293a1448735e2b9e39edd562690156c946a0f53dcb38`	`SHA512 (libselinux-3.8-rc3.tar.gz) = 1c524441b5a1f9cadb68756f1453d6a89d8ea31d12228d4c5d38c791b734fb5013bdd7cae32a8ff7a1eefddaf07a9242773bdafa8deddd74c687bd3b43f85909`
	`SHA512 (libselinux-3.8-rc1.tar.gz.asc) = 52e0fbf7e61fe6c67cfa2ca214bbf2cae94f016feeb3b317e8c4f6bffb9c2f3b93cfd425669c1c9fc97b35cdb77b2f153b11f9daa654817565aa40d76dc936f2`	`SHA512 (libselinux-3.8-rc3.tar.gz.asc) = 7704fc74f51506fce16c89cad77ecee46f2523bd647ea6ac491cb60181dba7c9b4edc5a8783f77f50d71091c076ba2d8d2dbdf54cbd144f63ce4dc582a367f6a`