Update to latest patches from eparis/Upstream

2013-01-25 09:35:30 -05:00 · 2013-01-25 09:35:30 -05:00 · 976da17c28
commit 976da17c28
parent 0a9b6f58d0
2 changed files with 80 additions and 21 deletions
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@ -6258,7 +6258,7 @@ index 79bf923..e11ccf8 100644
 	if ((fp = fopen(path, "r")) == NULL)
 		return -1;
 diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
-index 02b3cd2..7f140dd 100644
+index 02b3cd2..5f697f3 100644
 --- a/libselinux/src/label_file.c
 +++ b/libselinux/src/label_file.c
@@ -8,6 +8,7 @@
@ -6282,7 +6282,7 @@ index 02b3cd2..7f140dd 100644
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <unistd.h>
-@@ -229,6 +235,176 @@ static int process_line(struct selabel_handle *rec,
+@@ -229,6 +235,190 @@ static int process_line(struct selabel_handle *rec,
 	return 0;
 }
 
@ -6296,6 +6296,7 @@ index 02b3cd2..7f140dd 100644
 +	char *addr;
 +	size_t len;
 +	int stem_map_len, *stem_map;
+	struct mmap_area *mmap_area;
 +
 +	uint32_t *magic;
 +	uint32_t *section_len;
@ -6332,13 +6333,26 @@ index 02b3cd2..7f140dd 100644
 +	len += (sysconf(_SC_PAGE_SIZE) - 1);
 +	len &= ~(sysconf(_SC_PAGE_SIZE) - 1);
 +
+	mmap_area = malloc(sizeof(*mmap_area));
+	if (!mmap_area) {
+		close(mmapfd);
+		return -1;
+	}
+
 +	addr = mmap(NULL, len, PROT_READ, MAP_PRIVATE, mmapfd, 0);
 +	close(mmapfd);
 +	if (addr == MAP_FAILED) {
+		free(mmap_area);
 +		perror("mmap");
 +		return -1;
 +	}
 +
+	/* save where we mmap'd the file to cleanup on close() */
+	mmap_area->addr = addr;
+	mmap_area->len = len;
+	mmap_area->next = data->mmap_areas;
+	data->mmap_areas = mmap_area;
+
 +	/* check if this looks like an fcontext file */
 +	magic = (uint32_t *)addr;
 +	if (*magic != SELINUX_MAGIC_COMPILED_FCONTEXT)
@ -6459,7 +6473,7 @@ index 02b3cd2..7f140dd 100644
 static int process_file(const char *path, const char *suffix, struct selabel_handle *rec, const char *prefix)
 {
 	FILE *fp;
-@@ -261,6 +437,10 @@ static int process_file(const char *path, const char *suffix, struct selabel_han
+@@ -261,6 +451,10 @@ static int process_file(const char *path, const char *suffix, struct selabel_han
 		return -1;
 	}
 
@ -6470,7 +6484,7 @@ index 02b3cd2..7f140dd 100644
 	/*
 	 * The do detailed validation of the input and fill the spec array
 	 */
-@@ -270,6 +450,7 @@ static int process_file(const char *path, const char *suffix, struct selabel_han
+@@ -270,6 +464,7 @@ static int process_file(const char *path, const char *suffix, struct selabel_han
 		if (rc)
 			return rc;
 	}
@ -6478,16 +6492,29 @@ index 02b3cd2..7f140dd 100644
 	free(line_buf);
 	fclose(fp);
 
-@@ -357,6 +538,8 @@ static void closef(struct selabel_handle *rec)
+@@ -351,16 +546,19 @@ finish:
+ static void closef(struct selabel_handle *rec)
+ {
+ 	struct saved_data *data = (struct saved_data *)rec->data;
+	struct mmap_area *area, *last_area;
+ 	struct spec *spec;
+ 	struct stem *stem;
+ 	unsigned int i;
 
 	for (i = 0; i < data->nspec; i++) {
 		spec = &data->spec_arr[i];
+		free(spec->lr.ctx_trans);
+		free(spec->lr.ctx_raw);
 +		if (spec->from_mmap)
 +			continue;
 		free(spec->regex_str);
 		free(spec->type_str);
- 		free(spec->lr.ctx_raw);
-@@ -369,6 +552,8 @@ static void closef(struct selabel_handle *rec)
+-		free(spec->lr.ctx_raw);
+-		free(spec->lr.ctx_trans);
+ 		if (spec->regcomp) {
+ 			pcre_free(spec->regex);
+ 			pcre_free_study(spec->sd);
+@@ -369,6 +567,8 @@ static void closef(struct selabel_handle *rec)
 
 	for (i = 0; i < (unsigned int)data->num_stems; i++) {
 		stem = &data->stem_arr[i];
@ -6496,11 +6523,27 @@ index 02b3cd2..7f140dd 100644
 		free(stem->buf);
 	}
 
+@@ -376,7 +576,14 @@ static void closef(struct selabel_handle *rec)
+ 		free(data->spec_arr);
+ 	if (data->stem_arr)
+ 		free(data->stem_arr);
+-	
+
+	area = data->mmap_areas;
+	while (area) {
+		munmap(area->addr, area->len);
+		last_area = area;
+		area = area->next;
+		free(last_area);
+	}
+ 	free(data);
+ }
+ 
 diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
-index cb5633b..9799bbb 100644
+index cb5633b..bf0c9e2 100644
 --- a/libselinux/src/label_file.h
 +++ b/libselinux/src/label_file.h
-@@ -5,24 +5,32 @@
+@@ -5,24 +5,39 @@
 
 #include "label_internal.h"
 
@ -6531,10 +6574,22 @@ index cb5633b..9799bbb 100644
 	char *buf;
 	int len;
 +	char from_mmap;
+};
+
+/* Where we map the file in during selabel_open() */
+struct mmap_area {
+	void *addr;
+	size_t len;
+	struct mmap_area *next;
 };
 
 /* Our stored configuration */
-@@ -45,7 +53,10 @@ struct saved_data {
+@@ -41,11 +56,15 @@ struct saved_data {
+ 	struct stem *stem_arr;
+ 	int num_stems;
+ 	int alloc_stems;
+	struct mmap_area *mmap_areas;
+ };
 
 static inline pcre_extra *get_pcre_extra(struct spec *spec)
 {
@ -6700,7 +6755,7 @@ index 2d7369e..2a00807 100644
 }
 
 diff --git a/libselinux/src/procattr.c b/libselinux/src/procattr.c
-index 83381e4..c1d4990 100644
+index 83381e4..6c5b45a 100644
 --- a/libselinux/src/procattr.c
 +++ b/libselinux/src/procattr.c
@@ -1,6 +1,7 @@
@ -6711,7 +6766,7 @@ index 83381e4..c1d4990 100644
 #include <string.h>
 #include <stdlib.h>
 #include <stdio.h>
-@@ -8,33 +9,135 @@
+@@ -8,32 +9,137 @@
 #include "selinux_internal.h"
 #include "policy.h"
 
@ -6776,7 +6831,7 @@ index 83381e4..c1d4990 100644
 +	}
 +}
 +
-+static int openattr(pid_t pid, const char *attr, int flags) 
+static int openattr(pid_t pid, const char *attr, int flags)
 {
 -	char *path, *buf;
 -	size_t size;
@ -6785,6 +6840,9 @@ index 83381e4..c1d4990 100644
 -	pid_t tid;
 -	int errno_hold;
 +	char *path;
+
+	if (cpid != getpid())
+		free_procattr();
 
 	if (pid > 0)
 		rc = asprintf(&path, "/proc/%d/attr/%s", pid, attr);
@ -6798,9 +6856,8 @@ index 83381e4..c1d4990 100644
 		return -1;
 
 -	fd = open(path, O_RDONLY);
-+	fd = open(path, flags);
+	fd = open(path, flags | O_CLOEXEC);
 	free(path);
-	if (fd < 0)
 +	return fd;
 +}
 +
@ -6851,13 +6908,12 @@ index 83381e4..c1d4990 100644
 +		}
 +		return 0;
 +	}
-+		
+
 +	fd = openattr(pid, attr, O_RDONLY);
-+	if (fd < 0) 
+ 	if (fd < 0)
 		return -1;
 
- 	size = selinux_page_size;
-@@ -90,40 +193,70 @@ static int getprocattrcon(security_context_t * context,
+@@ -90,40 +196,70 @@ static int getprocattrcon(security_context_t * context,
 static int setprocattrcon_raw(security_context_t context,
 			      pid_t pid, const char *attr)
 {
--- a/libselinux.spec
+++ b/libselinux.spec
@ -4,13 +4,13 @@

 %define ruby_inc %(pkg-config --cflags ruby)
 %define ruby_sitearch %(ruby -rrbconfig -e "puts RbConfig::CONFIG['vendorarchdir']")
-%define libsepolver 2.1.8-6
+%define libsepolver 2.1.8-7
 %{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib(1)")}

 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 2.1.12
-Release: 18%{?dist}
+Release: 19%{?dist}
 License: Public Domain
 Group: System Environment/Libraries
 Source: %{name}-%{version}.tgz
@ -241,6 +241,9 @@ rm -rf %{buildroot}
 %{ruby_sitearch}/selinux.so

 %changelog
+* Fri Jan 25 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18
+- Update to latest patches from eparis/Upstream
+
 * Wed Jan 23 2013 Dan Walsh <dwalsh@redhat.com> - 2.1.12-18
 - Try procatt speedup patch again