libselinux-3.7-3

- restorecon: Include <selinux/label.h> - Fix integer comparison issues when compiling for 32-bit Resolves: RHEL-53852
2024-08-09 17:52:55 +02:00 · 2024-08-09 17:52:55 +02:00 · ff3f9cdc7d
commit ff3f9cdc7d
parent 56d14e8006
3 changed files with 117 additions and 1 deletions
--- a/0003-libselinux-restorecon-Include-selinux-label.h.patch
+++ b/0003-libselinux-restorecon-Include-selinux-label.h.patch
@ -0,0 +1,48 @@
 From b0d8e4c5d6f1652cb103305f773ad5fae8a91304 Mon Sep 17 00:00:00 2001
 From: Vit Mojzis <vmojzis@redhat.com>
 Date: Fri, 26 Jul 2024 17:59:15 +0200
 Subject: [PATCH] libselinux/restorecon: Include <selinux/label.h>
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 restorecon.h uses types defined in label.h, so it needs to include
 label.h (or code using restorecon.h also needs to include label.h,
 which is not practical).
 Fixes:
  $ make DESTDIR=~/obj install > make.out
 In file included from semanage_store.c:39:
 /home/sdsmall/obj/usr/include/selinux/restorecon.h:137:52: error:
 ‘struct selabel_handle’ declared inside parameter list will not be
 visible outside of this definition or declaration [-Werror]
  137 | extern void selinux_restorecon_set_sehandle(struct
 selabel_handle *hndl);
      |                                                    ^~~~~~~~~~~~~~
 cc1: all warnings being treated as errors
 make[2]: *** [Makefile:111: semanage_store.o] Error 1
 make[1]: *** [Makefile:15: install] Error 2
 make: *** [Makefile:40: install] Error 1
 Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
 Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
 ---
 libselinux/include/selinux/restorecon.h | 2 ++
 1 file changed, 2 insertions(+)
 diff --git a/libselinux/include/selinux/restorecon.h b/libselinux/include/selinux/restorecon.h
 index 8df47445..210f65fd 100644
 --- a/libselinux/include/selinux/restorecon.h
 +++ b/libselinux/include/selinux/restorecon.h
@@ -1,6 +1,8 @@
 #ifndef _RESTORECON_H_
 #define _RESTORECON_H_
 +#include <selinux/label.h>
 +
 #include <sys/types.h>
 #include <stddef.h>
 #include <stdarg.h>
 -- 
 2.45.2
--- a/0004-libselinux-Fix-integer-comparison-issues-when-compil.patch
+++ b/0004-libselinux-Fix-integer-comparison-issues-when-compil.patch
@ -0,0 +1,62 @@
 From c89965eb2854db11b7b484b171beae092476ef0b Mon Sep 17 00:00:00 2001
 From: James Carter <jwcart2@gmail.com>
 Date: Mon, 1 Jul 2024 14:27:32 -0400
 Subject: [PATCH] libselinux: Fix integer comparison issues when compiling for
 32-bit
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
 Trying to compile libselinux for 32-bit produces the following error:
 selinux_restorecon.c:1194:31: error: comparison of integer expressions of different signedness: ‘__fsword_t’ {aka ‘int’} and ‘unsigned int’ [-Werror=sign-compare]
 1194 |         if (state.sfsb.f_type == RAMFS_MAGIC || state.sfsb.f_type == TMPFS_MAGIC ||
      |                               ^~
 Since RAMFS_MAGIC = 0x858458f6 == 2240043254, which > 2^31, but < 2^32,
 cast both as uint32_t for the comparison.
 Reported-by: Daniel Schepler
 Signed-off-by: James Carter <jwcart2@gmail.com>
 Reviewed-by: Christian Göttsche <cgzones@googlemail.com>
 Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
 ---
 libselinux/src/selinux_restorecon.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)
 diff --git a/libselinux/src/selinux_restorecon.c b/libselinux/src/selinux_restorecon.c
 index 2422b415..93bd7779 100644
 --- a/libselinux/src/selinux_restorecon.c
 +++ b/libselinux/src/selinux_restorecon.c
@@ -1191,8 +1191,8 @@ static int selinux_restorecon_common(const char *pathname_orig,
 	}
 	/* Skip digest on in-memory filesystems and /sys */
 -	if (state.sfsb.f_type == RAMFS_MAGIC || state.sfsb.f_type == TMPFS_MAGIC ||
 -	    state.sfsb.f_type == SYSFS_MAGIC)
 +	if ((uint32_t)state.sfsb.f_type == (uint32_t)RAMFS_MAGIC ||
 +		state.sfsb.f_type == TMPFS_MAGIC || state.sfsb.f_type == SYSFS_MAGIC)
 		state.setrestorecondigest = false;
 	if (state.flags.set_xdev)
@@ -1490,7 +1490,7 @@ int selinux_restorecon_xattr(const char *pathname, unsigned int xattr_flags,
 	if (!recurse) {
 		if (statfs(pathname, &sfsb) == 0) {
 -			if (sfsb.f_type == RAMFS_MAGIC ||
 +			if ((uint32_t)sfsb.f_type == (uint32_t)RAMFS_MAGIC ||
 			    sfsb.f_type == TMPFS_MAGIC)
 				return 0;
 		}
@@ -1525,7 +1525,7 @@ int selinux_restorecon_xattr(const char *pathname, unsigned int xattr_flags,
 			continue;
 		case FTS_D:
 			if (statfs(ftsent->fts_path, &sfsb) == 0) {
 -				if (sfsb.f_type == RAMFS_MAGIC ||
 +				if ((uint32_t)sfsb.f_type == (uint32_t)RAMFS_MAGIC ||
 				    sfsb.f_type == TMPFS_MAGIC)
 					continue;
 			}
 -- 
 2.45.2
--- a/libselinux.spec
+++ b/libselinux.spec
@ -4,7 +4,7 @@
 Summary: SELinux library and simple utilities
 Name: libselinux
 Version: 3.7
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: LicenseRef-Fedora-Public-Domain
 # https://github.com/SELinuxProject/selinux/wiki/Releases
 Source0: https://github.com/SELinuxProject/selinux/releases/download/3.7/libselinux-3.7.tar.gz
@ -21,6 +21,8 @@ Url: https://github.com/SELinuxProject/selinux/wiki
 # Patch list start
 Patch0001: 0001-Use-SHA-2-instead-of-SHA-1.patch
 Patch0002: 0002-libselinux-set-free-d-data-to-NULL.patch
 Patch0003: 0003-libselinux-restorecon-Include-selinux-label.h.patch
 Patch0004: 0004-libselinux-Fix-integer-comparison-issues-when-compil.patch
 # Patch list end
 BuildRequires: gcc make
 BuildRequires: ruby-devel ruby libsepol-static >= %{libsepolver} swig pcre2-devel
@ -219,4 +221,8 @@ rm -f %{buildroot}%{_mandir}/man8/togglesebool*
 %{ruby_vendorarchdir}/selinux.so
 %changelog
 * Fri Aug 09 2024 Vit Mojzis <vmojzis@redhat.com> - 3.7-3
 - restorecon: Include <selinux/label.h> (RHEL-53852)
 - Fix integer comparison issues when compiling for 32-bit
 %autochangelog