rpms/strace
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Rebase to strace 5.18

Browse Source 
- Remove 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
   (v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)")
 - Remove 0150-filter_qualify-free-allocated-data-on-the-error-path.patch
   (v5.13-55-g6b2191f "filter_qualify: free allocated data on the error path exit of parse_poke_token")
 - Remove 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
   (v5.13-56-g80dc60c "macros: expand BIT macros, add MASK macros; add *_SAFE macros")
 - Remove 0152-trie-use-BIT-and-MASK-macros.patch
   (v5.13-58-g94ae5c2 "trie: use BIT* and MASK* macros")
 - Remove 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
   (v5.13-65-g41b753e "tee: rewrite num_params access in tee_fetch_buf_data")
 - Remove 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
   (v5.14~12 "tests: call setsockopt directly in sockopt-timestamp")
 - Remove 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
   (v5.15~1 "print_ifindex: fix IFNAME_QUOTED_SZ definition")
 - Remove 0168-m4-fix-st_SELINUX-check.patch
   (v5.15~18 "m4: fix st_SELINUX check")
 - Remove 0169-Implement-displaying-of-expected-context-upon-mismat.patch
   (v5.16~31 "Implement displaying of expected context upon mismatch")
 - Remove 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
   (v5.17~42 "tests/linkat: reset errno before SELinux context manipulation")
 - Remove 0171-tests-secontext-add-secontext-field-getters.patch
   (v5.17~41 "tests/secontext: add secontext field getters")
 - Remove 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
   (v5.17~40 "tests/linkat: provide fallback values for secontext fields changes")
 - Remove 0173-tests-secontext-eliminate-separate-secontext_format-.patch
   (v5.17~39 "tests/secontext: eliminate separate secontext_format declaration")
 - Remove 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
   (v5.17~38 "tests/linkat: reset context to the expected one if a mismatch has been detected")

* .gitignore (/strace-5.17.tar.xz): Remove.
(/strace-5.18.tar.xz): New record.
* 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch:
Remove.
* 0150-filter_qualify-free-allocated-data-on-the-error-path.patch:
Likewise.
* 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch:
Likewise.
* 0152-trie-use-BIT-and-MASK-macros.patch: Likewise.
* 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch:
Likewise.
* 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch:
Likewise.
* 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch: Likewise.
* 0168-m4-fix-st_SELINUX-check.patch: Likewise.
* 0169-Implement-displaying-of-expected-context-upon-mismat.patch:
Likewise.
* 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch:
Likewise.
* 0171-tests-secontext-add-secontext-field-getters.patch: Likewise.
* 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch:
Likewise.
* 0173-tests-secontext-eliminate-separate-secontext_format-.patch:
Likewise.
* 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch:
Likewise.
* sources (strace-5.13.tar.xz): Replace with...
(strace-5.18.tar.xz): ...this version.
* strace.spec (Version): Bump to 5.18.
(Release): Reset to 1.
(Patch141, Patch150, Patch151, Patch152, Patch153, Patch154, Patch167,
Patch168, Patch169, Patch170, Patch171, Patch172, Patch173, Patch174):
Remove.
(%prep): Do not apply them;  adjust man page date generation in accordance
with strace.spec.in changes.
(%changelog): New record about 5.18-1.

Resolves: #2084002
Signed-off-by: Eugene Syromiatnikov <esyr@redhat.com>
This commit is contained in:
Eugene Syromiatnikov 2022-06-23 17:24:35 +02:00
parent 4a389010ff
commit a9e8e0e54a
17 changed files with 47 additions and 9074 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
/strace-5.13.tar.xz
/strace-5.18.tar.xz

378
0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
View File

@ -1,378 +0,0 @@
From 9aada05f4c7f95220a5b16416f530419db6b4dff Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@strace.io>
Date: Fri, 23 Jul 2021 08:00:00 +0000
Subject: [PATCH] tests: change sockopt-timestamp test to use
syscall(__NR_recvmsg)
Since the glibc recvmsg wrapper became unsuitable for our needs,
invoke __NR_recvmsg syscall directly.
* tests/sockopt-timestamp.c: Include "scno.h" and <errno.h>,
conditionalize on __NR_recvmsg.
(TEST_OLD_SCM_TIMESTAMPS): Remove.
(k_recvmsg): New function.
(test_sockopt): Use it instead of recvmsg.
---
tests/sockopt-timestamp.c | 72 ++++++++++++++++++++++-------------------------
1 file changed, 34 insertions(+), 38 deletions(-)
diff --git a/tests/sockopt-timestamp.c b/tests/sockopt-timestamp.c
index 56627bb..ed73ca1 100644
--- a/tests/sockopt-timestamp.c
+++ b/tests/sockopt-timestamp.c
@@ -9,44 +9,45 @@
*/
#include "tests.h"
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/socket.h>
-
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
-# include <linux/time_types.h>
-#endif
+#include "scno.h"
-#include "kernel_timeval.h"
-#include "kernel_old_timespec.h"
+#ifdef __NR_recvmsg
-#define XLAT_MACROS_ONLY
-# include "xlat/sock_options.h"
-#undef XLAT_MACROS_ONLY
+# include <errno.h>
+# include <stdio.h>
+# include <string.h>
+# include <unistd.h>
+# include <sys/socket.h>
-#undef TEST_OLD_SCM_TIMESTAMPS
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
+# include <linux/time_types.h>
+# endif
-/*
- * Sadly, starting with commit
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
- * 32-bit architecture where 32-bit time_t support is enabled,
- * glibc mangles old scm timestamps.
- */
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
-# define TEST_OLD_SCM_TIMESTAMPS 0
-#endif
+# include "kernel_timeval.h"
+# include "kernel_old_timespec.h"
-#ifndef TEST_OLD_SCM_TIMESTAMPS
-# define TEST_OLD_SCM_TIMESTAMPS 1
-#endif
+# define XLAT_MACROS_ONLY
+# include "xlat/sock_options.h"
+# undef XLAT_MACROS_ONLY
-#if TEST_OLD_SCM_TIMESTAMPS \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
+static const char *errstr;
+
+static long
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+ const kernel_ulong_t arg1 = fill | fd;
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
+ const kernel_ulong_t arg3 = fill | flags;
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
+ if (rc && errno == ENOSYS)
+ perror_msg_and_skip("recvmsg");
+ errstr = sprintrc(rc);
+ return rc;
+}
-# if TEST_OLD_SCM_TIMESTAMPS
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
printf("{tv_sec=%lld, tv_nsec=%lld}",
(long long) ts.tv_sec, (long long) ts.tv_nsec);
}
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
static void
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
.msg_controllen = sizeof(control)
};
- if (recvmsg(sv[0], &mh, 0) != (int) size)
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
perror_msg_and_fail("recvmsg");
if (close(sv[0]))
perror_msg_and_fail("close recv");
@@ -210,10 +210,8 @@ main(void)
const char *str;
void (*fun)(const struct cmsghdr *);
} tests[] = {
-# if TEST_OLD_SCM_TIMESTAMPS
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
-# endif
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
# endif
@@ -235,8 +233,6 @@ main(void)
#else
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
#endif
diff --git a/tests-m32/sockopt-timestamp.c b/tests-m32/sockopt-timestamp.c
index 56627bb..ed73ca1 100644
--- a/tests-m32/sockopt-timestamp.c
+++ b/tests-m32/sockopt-timestamp.c
@@ -9,44 +9,45 @@
*/
#include "tests.h"
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/socket.h>
-
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
-# include <linux/time_types.h>
-#endif
+#include "scno.h"
-#include "kernel_timeval.h"
-#include "kernel_old_timespec.h"
+#ifdef __NR_recvmsg
-#define XLAT_MACROS_ONLY
-# include "xlat/sock_options.h"
-#undef XLAT_MACROS_ONLY
+# include <errno.h>
+# include <stdio.h>
+# include <string.h>
+# include <unistd.h>
+# include <sys/socket.h>
-#undef TEST_OLD_SCM_TIMESTAMPS
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
+# include <linux/time_types.h>
+# endif
-/*
- * Sadly, starting with commit
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
- * 32-bit architecture where 32-bit time_t support is enabled,
- * glibc mangles old scm timestamps.
- */
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
-# define TEST_OLD_SCM_TIMESTAMPS 0
-#endif
+# include "kernel_timeval.h"
+# include "kernel_old_timespec.h"
-#ifndef TEST_OLD_SCM_TIMESTAMPS
-# define TEST_OLD_SCM_TIMESTAMPS 1
-#endif
+# define XLAT_MACROS_ONLY
+# include "xlat/sock_options.h"
+# undef XLAT_MACROS_ONLY
-#if TEST_OLD_SCM_TIMESTAMPS \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
+static const char *errstr;
+
+static long
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+ const kernel_ulong_t arg1 = fill | fd;
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
+ const kernel_ulong_t arg3 = fill | flags;
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
+ if (rc && errno == ENOSYS)
+ perror_msg_and_skip("recvmsg");
+ errstr = sprintrc(rc);
+ return rc;
+}
-# if TEST_OLD_SCM_TIMESTAMPS
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
printf("{tv_sec=%lld, tv_nsec=%lld}",
(long long) ts.tv_sec, (long long) ts.tv_nsec);
}
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
static void
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
.msg_controllen = sizeof(control)
};
- if (recvmsg(sv[0], &mh, 0) != (int) size)
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
perror_msg_and_fail("recvmsg");
if (close(sv[0]))
perror_msg_and_fail("close recv");
@@ -210,10 +210,8 @@ main(void)
const char *str;
void (*fun)(const struct cmsghdr *);
} tests[] = {
-# if TEST_OLD_SCM_TIMESTAMPS
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
-# endif
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
# endif
@@ -235,8 +233,6 @@ main(void)
#else
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
#endif
diff --git a/tests-mx32/sockopt-timestamp.c b/tests-mx32/sockopt-timestamp.c
index 56627bb..ed73ca1 100644
--- a/tests-mx32/sockopt-timestamp.c
+++ b/tests-mx32/sockopt-timestamp.c
@@ -9,44 +9,45 @@
*/
#include "tests.h"
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/socket.h>
-
-#if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC
-# include <linux/time_types.h>
-#endif
+#include "scno.h"
-#include "kernel_timeval.h"
-#include "kernel_old_timespec.h"
+#ifdef __NR_recvmsg
-#define XLAT_MACROS_ONLY
-# include "xlat/sock_options.h"
-#undef XLAT_MACROS_ONLY
+# include <errno.h>
+# include <stdio.h>
+# include <string.h>
+# include <unistd.h>
+# include <sys/socket.h>
-#undef TEST_OLD_SCM_TIMESTAMPS
+# if defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL \
+ || defined HAVE_STRUCT___KERNEL_TIMESPEC
+# include <linux/time_types.h>
+# endif
-/*
- * Sadly, starting with commit
- * glibc-2.33.9000-707-g13c51549e2077f2f3bf84e8fd0b46d8b0c615912, on every
- * 32-bit architecture where 32-bit time_t support is enabled,
- * glibc mangles old scm timestamps.
- */
-#if GLIBC_PREREQ_GE(2, 33) && defined __TIMESIZE && __TIMESIZE != 64
-# define TEST_OLD_SCM_TIMESTAMPS 0
-#endif
+# include "kernel_timeval.h"
+# include "kernel_old_timespec.h"
-#ifndef TEST_OLD_SCM_TIMESTAMPS
-# define TEST_OLD_SCM_TIMESTAMPS 1
-#endif
+# define XLAT_MACROS_ONLY
+# include "xlat/sock_options.h"
+# undef XLAT_MACROS_ONLY
-#if TEST_OLD_SCM_TIMESTAMPS \
- || defined HAVE_STRUCT___KERNEL_TIMESPEC \
- || defined HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
+static const char *errstr;
+
+static long
+k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+ const kernel_ulong_t arg1 = fill | fd;
+ const kernel_ulong_t arg2 = (uintptr_t) ptr;
+ const kernel_ulong_t arg3 = fill | flags;
+ const long rc = syscall(__NR_recvmsg, arg1, arg2, arg3, bad, bad, bad);
+ if (rc && errno == ENOSYS)
+ perror_msg_and_skip("recvmsg");
+ errstr = sprintrc(rc);
+ return rc;
+}
-# if TEST_OLD_SCM_TIMESTAMPS
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -84,7 +85,6 @@ print_timestampns_old(const struct cmsghdr *c)
printf("{tv_sec=%lld, tv_nsec=%lld}",
(long long) ts.tv_sec, (long long) ts.tv_nsec);
}
-# endif /* TEST_OLD_SCM_TIMESTAMPS */
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
static void
@@ -162,7 +162,7 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
.msg_controllen = sizeof(control)
};
- if (recvmsg(sv[0], &mh, 0) != (int) size)
+ if (k_recvmsg(sv[0], &mh, 0) != (int) size)
perror_msg_and_fail("recvmsg");
if (close(sv[0]))
perror_msg_and_fail("close recv");
@@ -210,10 +210,8 @@ main(void)
const char *str;
void (*fun)(const struct cmsghdr *);
} tests[] = {
-# if TEST_OLD_SCM_TIMESTAMPS
{ SO_TIMESTAMP_OLD, "SO_TIMESTAMP_OLD", print_timestamp_old },
{ SO_TIMESTAMPNS_OLD, "SO_TIMESTAMPNS_OLD", print_timestampns_old },
-# endif
# ifdef HAVE_STRUCT___KERNEL_SOCK_TIMEVAL
{ SO_TIMESTAMP_NEW, "SO_TIMESTAMP_NEW", print_timestamp_new },
# endif
@@ -235,8 +233,6 @@ main(void)
#else
-SKIP_MAIN_UNDEFINED("TEST_OLD_SCM_TIMESTAMPS"
- " || HAVE_STRUCT___KERNEL_TIMESPEC"
- " || HAVE_STRUCT___KERNEL_SOCK_TIMEVAL")
+SKIP_MAIN_UNDEFINED("__NR_recvmsg")
#endif
--
2.1.4

77
0150-filter_qualify-free-allocated-data-on-the-error-path.patch
View File

@ -1,77 +0,0 @@
From a034f8a50cbe15d250457ed2eefbf9db059f724f Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Wed, 18 Aug 2021 21:48:38 +0200
Subject: [PATCH 147/150] filter_qualify: free allocated data on the error path
exit of parse_poke_token
While not terribly required due to the fact that issues with option
parsing lead to program termination, these changes avoid leaking data
allocated in the function's scope and not stored elsewhere, which might
come handy if it ever be used dynamically during the runtime.
This also has been reported as resource leaks by covscan, and these
changes should calm it.
* src/filter_qualify.c (parse_poke_token): Go to err label instead of
returning right away; free poke->data, poke, and str_tokenized before
returning false.
References: https://bugzilla.redhat.com/show_bug.cgi?id=1995509
---
src/filter_qualify.c | 18 ++++++++++++------
1 file changed, 12 insertions(+), 6 deletions(-)
diff --git a/src/filter_qualify.c b/src/filter_qualify.c
index df05496..a1a6471 100644
--- a/src/filter_qualify.c
+++ b/src/filter_qualify.c
@@ -169,34 +169,40 @@ parse_poke_token(const char *input, struct inject_opts *fopts, bool isenter)
poke->is_enter = isenter;
if ((val = STR_STRIP_PREFIX(token, "@arg")) == token)
- return false;
+ goto err;
if ((val[0] >= '1') && (val[0] <= '7')) {
poke->arg_no = val[0] - '0';
} else {
- return false;
+ goto err;
}
if (val[1] != '=')
- return false;
+ goto err;
val += 2;
data_len = strlen(val);
if ((data_len == 0) || (data_len % 2) || (data_len > 2048))
- return false;
+ goto err;
data_len /= 2;
poke->data_len = data_len;
poke->data = xmalloc(data_len);
for (size_t i = 0; i < data_len; i++)
if (sscanf(&val[2 * i], "%2hhx", &poke->data[i]) != 1)
- return false;
+ goto err;
if (poke_add(fopts->data.poke_idx, poke))
- return false;
+ goto err;
}
free(str_tokenized);
fopts->data.flags |= flag;
return true;
+
+err:
+ free(poke->data);
+ free(poke);
+ free(str_tokenized);
+ return false;
}
static bool
--
2.1.4

70
0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
View File

@ -1,70 +0,0 @@
From 3f3dd44f1964c54b55e8c84343579bd7c1924df5 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Wed, 18 Aug 2021 21:49:12 +0200
Subject: [PATCH 148/150] macros: expand BIT macros, add MASK macros; add
*_SAFE macros
These macros might make reading a code that often converts between powers
of 2 and values/masks a bit easier; moreover, the *_SAFE versions should
help in cases where the shift values are expected to be equal to the type
bit width (which lead to UB otherwise).
Switching from BIT to BIT32 should also clarify bitness, which may be somewhat
murky at times (cf. printxval, printflags, and printxvals).
* src/macros.h [!BIT] (BIT): Rename to...
[!BIT32] (BIT32): ...this.
[!BIT64] (BIT64): New macro.
[!MASK32] (MASK32): Likewise.
[!MASK64] (MASK64): Likewise.
(BIT32_SAFE, BIT64_SAFE, MASK32_SAFE, MASK64_SAFE): New macros.
(FLAG): Use BIT32.
---
src/macros.h | 30 +++++++++++++++++++++++++++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/src/macros.h b/src/macros.h
index 467f5d0..2d7a83d 100644
--- a/src/macros.h
+++ b/src/macros.h
@@ -78,10 +78,34 @@ is_filled(const char *ptr, char fill, size_t size)
# define IS_ARRAY_ZERO(arr_) \
is_filled((const char *) (arr_), 0, sizeof(arr_) + MUST_BE_ARRAY(arr_))
-# ifndef BIT
-# define BIT(x_) (1U << (x_))
+# ifndef BIT32
+# define BIT32(x_) (1U << (x_))
# endif
-# define FLAG(name_) name_ = BIT(name_##_BIT)
+# ifndef BIT64
+# define BIT64(x_) (1ULL << (x_))
+# endif
+
+# ifndef MASK32
+# define MASK32(x_) (BIT32(x_) - 1U)
+# endif
+
+# ifndef MASK64
+# define MASK64(x_) (BIT64(x_) - 1ULL)
+# endif
+
+/*
+ * "Safe" versions that avoid UB for values that are >= type bit size
+ * (the usually expected behaviour of the bit shift in that case is zero,
+ * but at least powerpc is notorious for returning the input value when shift
+ * by 64 bits is performed).
+ */
+
+# define BIT32_SAFE(x_) ((x_) < 32 ? BIT32(x_) : 0)
+# define BIT64_SAFE(x_) ((x_) < 64 ? BIT64(x_) : 0)
+# define MASK32_SAFE(x_) (BIT32_SAFE(x_) - 1U)
+# define MASK64_SAFE(x_) (BIT64_SAFE(x_) - 1ULL)
+
+# define FLAG(name_) name_ = BIT32(name_##_BIT)
#endif /* !STRACE_MACROS_H */
--
2.1.4

151
0152-trie-use-BIT-and-MASK-macros.patch
View File

@ -1,151 +0,0 @@
From 8ef5456338a947944cc03b95c22c837af5884ddc Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Wed, 18 Aug 2021 21:51:22 +0200
Subject: [PATCH 149/150] trie: use BIT* and MASK* macros
This makes reading the code a bit easier. It also solves some issues
where there is a hypothertical possibility of having bit shifts of size
64, by virtue of using the *_SAFE macros (that should silence some
reported "left shifting by more than 63 bits has undefined behavior"
covscan issues).
* src/trie.c (trie_create): Use BIT32, MASK64.
(trie_create_data_block): Use BIT32, change iterator variable type
to size_t.
(trie_get_node): Use BIT64, MASK64.
(trie_data_block_calc_pos): Use BIT32, MASK64, MASK64_SAFE.
(trie_iterate_keys_node): Use BIT64, MASK64, MASK64_SAFE.
(trie_free_node): Use BIT64.
---
src/trie.c | 34 +++++++++++++++++-----------------
1 file changed, 17 insertions(+), 17 deletions(-)
diff --git a/src/trie.c b/src/trie.c
index 586ff25..0a231e4 100644
--- a/src/trie.c
+++ b/src/trie.c
@@ -15,6 +15,7 @@
#include <stdio.h>
#include "trie.h"
+#include "macros.h"
#include "xmalloc.h"
static const uint8_t ptr_sz_lg = (sizeof(void *) == 8 ? 6 : 5);
@@ -87,7 +88,7 @@ trie_create(uint8_t key_size, uint8_t item_size_lg, uint8_t node_key_bits,
/ t->node_key_bits;
if (item_size_lg != 6)
- t->empty_value &= (((uint64_t) 1 << (1 << t->item_size_lg)) - 1);
+ t->empty_value &= MASK64(BIT32(t->item_size_lg));
return t;
}
@@ -96,8 +97,8 @@ static void *
trie_create_data_block(struct trie *t)
{
uint64_t fill_value = t->empty_value;
- for (int i = 1; i < 1 << (6 - t->item_size_lg); i++) {
- fill_value <<= (1 << t->item_size_lg);
+ for (size_t i = 1; i < BIT32(6 - t->item_size_lg); i++) {
+ fill_value <<= BIT32(t->item_size_lg);
fill_value |= t->empty_value;
}
@@ -105,7 +106,7 @@ trie_create_data_block(struct trie *t)
if (sz < 6)
sz = 6;
- size_t count = 1 << (sz - 6);
+ size_t count = BIT32(sz - 6);
uint64_t *data_block = xcalloc(count, 8);
for (size_t i = 0; i < count; i++)
@@ -119,7 +120,7 @@ trie_get_node(struct trie *t, uint64_t key, bool auto_create)
{
void **cur_node = &(t->data);
- if (t->key_size < 64 && key > (uint64_t) 1 << t->key_size)
+ if (t->key_size < 64 && key > MASK64(t->key_size))
return NULL;
for (uint8_t cur_depth = 0; cur_depth <= t->max_depth; cur_depth++) {
@@ -133,13 +134,13 @@ trie_get_node(struct trie *t, uint64_t key, bool auto_create)
if (cur_depth == t->max_depth)
*cur_node = trie_create_data_block(t);
else
- *cur_node = xcalloc(1 << sz, 1);
+ *cur_node = xcalloc(BIT64(sz), 1);
}
if (cur_depth == t->max_depth)
break;
- size_t pos = (key >> offs) & ((1 << (sz - ptr_sz_lg)) - 1);
+ size_t pos = (key >> offs) & MASK64(sz - ptr_sz_lg);
cur_node = (((void **) (*cur_node)) + pos);
}
@@ -152,7 +153,7 @@ trie_data_block_calc_pos(struct trie *t, uint64_t key,
{
uint64_t key_mask;
- key_mask = (1 << t->data_block_key_bits) - 1;
+ key_mask = MASK64(t->data_block_key_bits);
*pos = (key & key_mask) >> (6 - t->item_size_lg);
if (t->item_size_lg == 6) {
@@ -161,10 +162,10 @@ trie_data_block_calc_pos(struct trie *t, uint64_t key,
return;
}
- key_mask = (1 << (6 - t->item_size_lg)) - 1;
- *offs = (key & key_mask) * (1 << t->item_size_lg);
+ key_mask = MASK64(6 - t->item_size_lg);
+ *offs = (key & key_mask) << t->item_size_lg;
- *mask = (((uint64_t) 1 << (1 << t->item_size_lg)) - 1) << *offs;
+ *mask = MASK64_SAFE(BIT32(t->item_size_lg)) << *offs;
}
bool
@@ -211,7 +212,7 @@ trie_iterate_keys_node(struct trie *t,
return 0;
if (t->key_size < 64) {
- uint64_t key_max = ((uint64_t) 1 << t->key_size) - 1;
+ uint64_t key_max = MASK64(t->key_size);
if (end > key_max)
end = key_max;
}
@@ -228,15 +229,14 @@ trie_iterate_keys_node(struct trie *t,
t->key_size :
trie_get_node_bit_offs(t, depth - 1);
- uint64_t first_key_in_node = start &
- (uint64_t) -1 << parent_node_bit_off;
+ uint64_t first_key_in_node = start & ~MASK64_SAFE(parent_node_bit_off);
uint8_t node_bit_off = trie_get_node_bit_offs(t, depth);
uint8_t node_key_bits = parent_node_bit_off - node_bit_off;
- uint64_t mask = ((uint64_t) 1 << (node_key_bits)) - 1;
+ uint64_t mask = MASK64_SAFE(node_key_bits);
uint64_t start_index = (start >> node_bit_off) & mask;
uint64_t end_index = (end >> node_bit_off) & mask;
- uint64_t child_key_count = (uint64_t) 1 << node_bit_off;
+ uint64_t child_key_count = BIT64(node_bit_off);
uint64_t count = 0;
@@ -274,7 +274,7 @@ trie_free_node(struct trie *t, void *node, uint8_t depth)
if (depth >= t->max_depth)
goto free_node;
- size_t sz = 1 << (trie_get_node_size(t, depth) - ptr_sz_lg);
+ size_t sz = BIT64(trie_get_node_size(t, depth) - ptr_sz_lg);
for (size_t i = 0; i < sz; i++)
trie_free_node(t, ((void **) node)[i], depth + 1);
--
2.1.4

52
0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
View File

@ -1,52 +0,0 @@
From 3a68f90c2a5a208b475cc2014f85ae04541ec5b6 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Fri, 20 Aug 2021 21:31:01 +0200
Subject: [PATCH 150/150] tee: rewrite num_params access in tee_fetch_buf_data
Pointer to num_params field of the fetched structure is passed in a
separate function argument which provokes covscan complaints about
uninitialised accesses and also tingles my aliasing rules senses.
Rewrite to access it via the arg_struct argument which is fetched
earlier in the function flow.
* src/tee.c (TEE_FETCH_BUF_DATA): Change &arg_.num_params
to offsetof(typeof(arg_), num_params).
(tee_fetch_buf_data): Accept offset of the num_params field instead
of pointer to it; reconstruct the num_params pointer using it.
---
src/tee.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/tee.c b/src/tee.c
index f9eda52..d7e9b15 100644
--- a/src/tee.c
+++ b/src/tee.c
@@ -33,7 +33,7 @@ struct tee_ioctl_shm_register_fd_data {
#define TEE_FETCH_BUF_DATA(buf_, arg_, params_) \
tee_fetch_buf_data(tcp, arg, &buf_, sizeof(arg_), \
- &arg_, &arg_.num_params, \
+ &arg_, offsetof(typeof(arg_), num_params), \
params_)
/* session id is printed as 0x%x in libteec */
@@ -56,7 +56,7 @@ tee_fetch_buf_data(struct tcb *const tcp,
struct tee_ioctl_buf_data *buf,
size_t arg_size,
void *arg_struct,
- unsigned *num_params,
+ size_t num_params_offs,
uint64_t *params)
{
if (umove_or_printaddr(tcp, arg, buf))
@@ -69,6 +69,7 @@ tee_fetch_buf_data(struct tcb *const tcp,
tee_print_buf(buf);
return RVAL_IOCTL_DECODED;
}
+ uint32_t *num_params = (uint32_t *) (arg_struct + num_params_offs);
if (entering(tcp) &&
(arg_size + TEE_IOCTL_PARAM_SIZE(*num_params) != buf->buf_len)) {
/*
--
2.1.4

171
0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
View File

@ -1,171 +0,0 @@
From 719ccf8f4bf4263b02c686f16f579fd6119bb52c Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Mon, 23 Aug 2021 18:24:39 +0200
Subject: [PATCH] tests: call setsockopt directly in sockopt-timestamp
While commit v5.13-10-g0211fdc "tests: change sockopt-timestamp test to
use syscall(__NR_recvmsg)" has fixed issues with glibc-induced mangling
on newer kernels, the combination of an older kernel and new glibc still
causes issues, as glibc silently falls back to SO_TIMESTAMP{,NS}_OLD, as
implemented in glibc-2.34~294 "linux: Add fallback for 64-bit time_t
SO_TIMESTAMP{NS}". Avoid that by calling setsockopt directly as well.
* tests/sockopt-timestamp.c (SC_setsockopt): New macro constant.
(k_setsockopt): New function.
(test_sockopt): Call k_setsockopt instead of setsockopt.
Complements: v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
---
tests/sockopt-timestamp.c | 31 ++++++++++++++++++++++++++++++-
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/tests/sockopt-timestamp.c b/tests/sockopt-timestamp.c
index 34c4d89..4bd96fd 100644
--- a/tests/sockopt-timestamp.c
+++ b/tests/sockopt-timestamp.c
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
return rc;
}
+#define SC_setsockopt 14
+static long
+k_setsockopt(const unsigned int fd, const unsigned int level,
+ const unsigned int optname, const void *const optval,
+ const unsigned int len)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+#ifdef __NR_setsockopt
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+#endif
+
+ return syscall(
+#ifdef __NR_setsockopt
+ __NR_setsockopt,
+#else /* socketcall */
+ __NR_socketcall, SC_setsockopt,
+#endif
+ fill | fd , fill | level, fill | optname, optval, fill | len
+#ifdef __NR_setsockopt
+ , bad
+#endif
+ );
+}
+
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
perror_msg_and_skip(data);
const int opt_1 = 1;
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
+ /*
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
+ * in order to avoid unexpected recvmsg msg types.
+ */
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
perror(str);
return 0;
}
diff --git a/tests-m32/sockopt-timestamp.c b/tests-m32/sockopt-timestamp.c
index 34c4d89..4bd96fd 100644
--- a/tests-m32/sockopt-timestamp.c
+++ b/tests-m32/sockopt-timestamp.c
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
return rc;
}
+#define SC_setsockopt 14
+static long
+k_setsockopt(const unsigned int fd, const unsigned int level,
+ const unsigned int optname, const void *const optval,
+ const unsigned int len)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+#ifdef __NR_setsockopt
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+#endif
+
+ return syscall(
+#ifdef __NR_setsockopt
+ __NR_setsockopt,
+#else /* socketcall */
+ __NR_socketcall, SC_setsockopt,
+#endif
+ fill | fd , fill | level, fill | optname, optval, fill | len
+#ifdef __NR_setsockopt
+ , bad
+#endif
+ );
+}
+
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
perror_msg_and_skip(data);
const int opt_1 = 1;
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
+ /*
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
+ * in order to avoid unexpected recvmsg msg types.
+ */
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
perror(str);
return 0;
}
diff --git a/tests-mx32/sockopt-timestamp.c b/tests-mx32/sockopt-timestamp.c
index 34c4d89..4bd96fd 100644
--- a/tests-mx32/sockopt-timestamp.c
+++ b/tests-mx32/sockopt-timestamp.c
@@ -48,6 +48,30 @@ k_recvmsg(const unsigned int fd, const void *const ptr, const unsigned int flags
return rc;
}
+#define SC_setsockopt 14
+static long
+k_setsockopt(const unsigned int fd, const unsigned int level,
+ const unsigned int optname, const void *const optval,
+ const unsigned int len)
+{
+ const kernel_ulong_t fill = (kernel_ulong_t) 0xdefaced00000000ULL;
+#ifdef __NR_setsockopt
+ const kernel_ulong_t bad = (kernel_ulong_t) 0xbadc0dedbadc0dedULL;
+#endif
+
+ return syscall(
+#ifdef __NR_setsockopt
+ __NR_setsockopt,
+#else /* socketcall */
+ __NR_socketcall, SC_setsockopt,
+#endif
+ fill | fd , fill | level, fill | optname, optval, fill | len
+#ifdef __NR_setsockopt
+ , bad
+#endif
+ );
+}
+
static void
print_timestamp_old(const struct cmsghdr *c)
{
@@ -139,7 +163,12 @@ test_sockopt(int so_val, const char *str, void (*fun)(const struct cmsghdr *))
perror_msg_and_skip(data);
const int opt_1 = 1;
- if (setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
+ /*
+ * glibc-2.34~294 adds fallsback for SO_TIMESTAMP{,NS}_NEW that calls
+ * SO_TIMESTAMP{,NS}_OLD, so we have to call the setsockopt directly
+ * in order to avoid unexpected recvmsg msg types.
+ */
+ if (k_setsockopt(sv[0], SOL_SOCKET, so_val, &opt_1, sizeof(opt_1))) {
perror(str);
return 0;
}
--
2.1.4

55
0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
View File

@ -1,55 +0,0 @@
From e27b06773eaf5c0307bcc5637d7457be9be1e6ea Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Wed, 1 Dec 2021 17:11:02 +0100
Subject: [PATCH] print_ifindex: fix IFNAME_QUOTED_SZ definition
sizeof(IFNAMSIZ) instead of IFNAMSIZ was mistakenly used
for IFNAME_QUOTED_SZ initial definition in commit v4.23~87
"print_ifindex: respect xlat style settings".
* src/print_ifindex.c (IFNAME_QUOTED_SZ): Use IFNAMSIZ
instead of sizeof(IFNAMSIZ).
* NEWS: Mention it.
Reported-by: Paulo Andrade <pandrade@redhat.com>
Suggested-by: Paulo Andrade <pandrade@redhat.com>
Fixes: v4.23~87 "print_ifindex: respect xlat style settings"
References: https://bugzilla.redhat.com/show_bug.cgi?id=2028146
---
NEWS | 4 ++++
src/print_ifindex.c | 2 +-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/NEWS b/NEWS
index 9bab673..a3036b8 100644
--- a/NEWS
+++ b/NEWS
@@ -16,6 +16,12 @@ Noteworthy changes in release ?.?? (????-??-??)
PTRACE_*, RTM_*, RTPROT_*, TRAP_*, UFFD_*, UFFDIO_*, and V4L2_* constants.
* Updated lists of ioctl commands from Linux 5.13.
+ * Bug fixes
+ * Fixed insufficient buffer size used for network interface name printing,
+ that previously led to assertions on attempts of printing interface names
+ that require quoting, for example, names longer than 4 characters in -xx
+ mode (addresses RHBZ bug #2028146).
+
* Portability
* On powerpc and powerpc64, linux kernel >= 2.6.23 is required.
Older versions without a decent PTRACE_GETREGS support will not work.
diff --git a/src/print_ifindex.c b/src/print_ifindex.c
index ec48093..dc9d592 100644
--- a/src/print_ifindex.c
+++ b/src/print_ifindex.c
@@ -13,7 +13,7 @@
# define INI_PFX "if_nametoindex(\""
# define INI_SFX "\")"
-# define IFNAME_QUOTED_SZ (sizeof(IFNAMSIZ) * 4 + 3)
+# define IFNAME_QUOTED_SZ (IFNAMSIZ * 4 + 3)
const char *
get_ifname(const unsigned int ifindex)
--
2.1.4

208
0168-m4-fix-st_SELINUX-check.patch
View File

@ -1,208 +0,0 @@
From b8f375c2c8140e759122bca3e3469386d3ba5184 Mon Sep 17 00:00:00 2001
From: "Dmitry V. Levin" <ldv@strace.io>
Date: Mon, 29 Nov 2021 08:00:00 +0000
Subject: [PATCH 168/174] m4: fix st_SELINUX check
* m4/st_selinux.m4: Make sure selinux support is enabled only if
all expected functions are provided by libselinux.
Fixes: v5.12~49 "Implement --secontext[=full] option to display SELinux contexts"
---
m4/st_selinux.m4 | 36 ++++++++++++++++--------------------
1 file changed, 16 insertions(+), 20 deletions(-)
diff --git a/m4/st_selinux.m4 b/m4/st_selinux.m4
index da72a48..7b24eba 100644
--- a/m4/st_selinux.m4
+++ b/m4/st_selinux.m4
@@ -34,29 +34,25 @@ AS_IF([test "x$with_libselinux" != xno],
AS_IF([test "x$found_selinux_h" = xyes],
[saved_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS $libselinux_LDFLAGS"
- AC_CHECK_LIB([selinux],[getpidcon],
- [libselinux_LIBS="-lselinux"
- enable_secontext=yes
- ],
- [if test "x$with_libselinux" != xcheck; then
- AC_MSG_FAILURE([failed to find getpidcon in libselinux])
- fi
- ]
- )
- AC_CHECK_LIB([selinux],[getfilecon],
- [libselinux_LIBS="-lselinux"
- enable_secontext=yes
- ],
- [if test "x$with_libselinux" != xcheck; then
- AC_MSG_FAILURE([failed to find getfilecon in libselinux])
- fi
- ]
+ missing=
+ for func in getpidcon getfilecon; do
+ AC_CHECK_LIB([selinux], [$func], [:],
+ [missing="$missing $func"])
+ done
+ AS_IF([test "x$missing" = x],
+ [libselinux_LIBS="-lselinux"
+ enable_secontext=yes
+ ],
+ [AS_IF([test "x$with_libselinux" != xcheck],
+ [AC_MSG_FAILURE([failed to find in libselinux:$missing])]
+ )
+ ]
)
LDFLAGS="$saved_LDFLAGS"
],
- [if test "x$with_libselinux" != xcheck; then
- AC_MSG_FAILURE([failed to find selinux.h])
- fi
+ [AS_IF([test "x$with_libselinux" != xcheck],
+ [AC_MSG_FAILURE([failed to find selinux.h])]
+ )
]
)
]
--- old/configure 2022-02-07 20:17:58.364068436 +0100
+++ new/configure 2022-02-07 20:19:17.092067347 +0100
@@ -18437,9 +18437,12 @@
if test "x$found_selinux_h" = xyes; then :
saved_LDFLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS $libselinux_LDFLAGS"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getpidcon in -lselinux" >&5
-$as_echo_n "checking for getpidcon in -lselinux... " >&6; }
-if ${ac_cv_lib_selinux_getpidcon+:} false; then :
+ missing=
+ for func in getpidcon getfilecon; do
+ as_ac_Lib=`$as_echo "ac_cv_lib_selinux_$func" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $func in -lselinux" >&5
+$as_echo_n "checking for $func in -lselinux... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_check_lib_save_LIBS=$LIBS
@@ -18453,101 +18456,59 @@
#ifdef __cplusplus
extern "C"
#endif
-char getpidcon ();
+char $func ();
int
main ()
{
-return getpidcon ();
+return $func ();
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_selinux_getpidcon=yes
+ eval "$as_ac_Lib=yes"
else
- ac_cv_lib_selinux_getpidcon=no
+ eval "$as_ac_Lib=no"
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getpidcon" >&5
-$as_echo "$ac_cv_lib_selinux_getpidcon" >&6; }
-if test "x$ac_cv_lib_selinux_getpidcon" = xyes; then :
- libselinux_LIBS="-lselinux"
- enable_secontext=yes
-
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ :
else
- if test "x$with_libselinux" != xcheck; then
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
-$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "failed to find getpidcon in libselinux
-See \`config.log' for more details" "$LINENO" 5; }
- fi
-
-
+ missing="$missing $func"
fi
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for getfilecon in -lselinux" >&5
-$as_echo_n "checking for getfilecon in -lselinux... " >&6; }
-if ${ac_cv_lib_selinux_getfilecon+:} false; then :
- $as_echo_n "(cached) " >&6
-else
- ac_check_lib_save_LIBS=$LIBS
-LIBS="-lselinux $LIBS"
-cat confdefs.h - <<_ACEOF >conftest.$ac_ext
-/* end confdefs.h. */
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char getfilecon ();
-int
-main ()
-{
-return getfilecon ();
- ;
- return 0;
-}
-_ACEOF
-if ac_fn_c_try_link "$LINENO"; then :
- ac_cv_lib_selinux_getfilecon=yes
-else
- ac_cv_lib_selinux_getfilecon=no
-fi
-rm -f core conftest.err conftest.$ac_objext \
- conftest$ac_exeext conftest.$ac_ext
-LIBS=$ac_check_lib_save_LIBS
-fi
-{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_selinux_getfilecon" >&5
-$as_echo "$ac_cv_lib_selinux_getfilecon" >&6; }
-if test "x$ac_cv_lib_selinux_getfilecon" = xyes; then :
+ done
+ if test "x$missing" = x; then :
libselinux_LIBS="-lselinux"
- enable_secontext=yes
+ enable_secontext=yes
else
- if test "x$with_libselinux" != xcheck; then
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+ if test "x$with_libselinux" != xcheck; then :
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
-as_fn_error $? "failed to find getfilecon in libselinux
+as_fn_error $? "failed to find in libselinux:$missing
See \`config.log' for more details" "$LINENO" 5; }
- fi
-
fi
+
+fi
LDFLAGS="$saved_LDFLAGS"
else
- if test "x$with_libselinux" != xcheck; then
- { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+ if test "x$with_libselinux" != xcheck; then :
+ { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
as_fn_error $? "failed to find selinux.h
See \`config.log' for more details" "$LINENO" 5; }
- fi
+
+fi
fi
--
2.1.4

6958
0169-Implement-displaying-of-expected-context-upon-mismat.patch
View File

File diff suppressed because it is too large Load Diff

122
0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
View File

@ -1,122 +0,0 @@
From f5fd689e40322a7b08a97eb2d26f192610728230 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Tue, 18 Jan 2022 16:10:28 +0100
Subject: [PATCH 170/174] tests/linkat: reset errno before SELinux context
manipulation
To avoid printing a stale error information in case of mismatch check
failure.
* tests/linkat.c: Include <errno.h>.
(main): Add "errno = 0" before update_secontext_field calls.
---
tests/linkat.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/tests/linkat.c b/tests/linkat.c
index 1a869e3..c3e2ee4 100644
--- a/tests/linkat.c
+++ b/tests/linkat.c
@@ -10,6 +10,7 @@
#include "tests.h"
#include "scno.h"
+#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
@@ -91,6 +92,7 @@ main(void)
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
@@ -112,6 +114,7 @@ main(void)
free(sample_1_secontext);
#endif
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -142,6 +145,7 @@ main(void)
int dfd_old = get_dir_fd(".");
char *cwd = get_fd_path(dfd_old);
+ errno = 0;
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
--- a/tests-m32/linkat.c
+++ b/tests-m32/linkat.c
@@ -10,6 +10,7 @@
#include "tests.h"
#include "scno.h"
+#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
@@ -91,6 +92,7 @@ main(void)
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
@@ -112,6 +114,7 @@ main(void)
free(sample_1_secontext);
#endif
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -142,6 +145,7 @@ main(void)
int dfd_old = get_dir_fd(".");
char *cwd = get_fd_path(dfd_old);
+ errno = 0;
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
--- a/tests-mx32/linkat.c
+++ b/tests-mx32/linkat.c
@@ -10,6 +10,7 @@
#include "tests.h"
#include "scno.h"
+#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
@@ -91,6 +92,7 @@ main(void)
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
@@ -112,6 +114,7 @@ main(void)
free(sample_1_secontext);
#endif
+ errno = 0;
update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -142,6 +145,7 @@ main(void)
int dfd_old = get_dir_fd(".");
char *cwd = get_fd_path(dfd_old);
+ errno = 0;
update_secontext_field(".", SECONTEXT_TYPE, "default_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
--
2.1.4

356
0171-tests-secontext-add-secontext-field-getters.patch
View File

@ -1,356 +0,0 @@
From 4951286eb634c00c11883b851c91f3a21975eabd Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Tue, 18 Jan 2022 18:03:57 +0100
Subject: [PATCH 171/174] tests/secontext: add secontext field getters
* tests/secontext.h (get_secontext_field, get_secontext_field_file): New
declarations.
* tests/secontext.c (get_type_from_context): Rename to...
(get_secontext_field): ...this; remove "static" qualifier; add "field"
argument, use it.
(raw_expected_secontext_short_file, raw_secontext_short_pid): Replace
get_type_from_context call with get_secontext_field.
(get_secontext_field_file): New function.
(raw_secontext_short_file): Replace body with get_secontext_field_file
call.
---
tests/secontext.c | 27 +++++++++++++++------------
tests/secontext.h | 20 ++++++++++++++++++++
2 files changed, 35 insertions(+), 12 deletions(-)
diff --git a/tests/secontext.c b/tests/secontext.c
index 848eea9..52211ed 100644
--- a/tests/secontext.c
+++ b/tests/secontext.c
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
return context;
}
-static char *
-get_type_from_context(const char *full_context)
+char *
+get_secontext_field(const char *full_context, enum secontext_field field)
{
int saved_errno = errno;
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
char *context = NULL;
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
token; token = strtok_r(NULL, ":", &saveptr), i++) {
- if (i == 2) {
+ if (i == field) {
context = xstrdup(token);
break;
}
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
int saved_errno = errno;
char *ctx = raw_expected_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
return full_secontext;
}
-static char *
-raw_secontext_short_file(const char *filename)
+char *
+get_secontext_field_file(const char *file, enum secontext_field field)
{
- int saved_errno = errno;
-
- char *ctx = raw_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *ctx = raw_secontext_full_file(file);
+ char *type = get_secontext_field(ctx, field);
free(ctx);
- errno = saved_errno;
return type;
}
static char *
+raw_secontext_short_file(const char *filename)
+{
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
+}
+
+static char *
raw_secontext_full_pid(pid_t pid)
{
int saved_errno = errno;
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
int saved_errno = errno;
char *ctx = raw_secontext_full_pid(pid);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
diff --git a/tests/secontext.h b/tests/secontext.h
index 1d0251a..e5571d5 100644
--- a/tests/secontext.h
+++ b/tests/secontext.h
@@ -23,6 +23,15 @@ enum secontext_field {
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
+/**
+ * Parse a SELinux context string and return a specified field, duplicated
+ * in a separate string. The caller is responsible for freeing the memory
+ * pointed by the returned value.
+ */
+char *get_secontext_field(const char *full_context, enum secontext_field field);
+
+char *get_secontext_field_file(const char *file, enum secontext_field field);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
#else
+static inline char *
+get_secontext_field(const char *ctx, enum secontext_field field)
+{
+ return NULL;
+}
+static inline char *
+get_secontext_field_file(const char *file, enum secontext_field field)
+{
+ return NULL;
+}
+
static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
index 848eea9..52211ed 100644
--- a/tests-m32/secontext.c
+++ b/tests-m32/secontext.c
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
return context;
}
-static char *
-get_type_from_context(const char *full_context)
+char *
+get_secontext_field(const char *full_context, enum secontext_field field)
{
int saved_errno = errno;
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
char *context = NULL;
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
token; token = strtok_r(NULL, ":", &saveptr), i++) {
- if (i == 2) {
+ if (i == field) {
context = xstrdup(token);
break;
}
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
int saved_errno = errno;
char *ctx = raw_expected_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
return full_secontext;
}
-static char *
-raw_secontext_short_file(const char *filename)
+char *
+get_secontext_field_file(const char *file, enum secontext_field field)
{
- int saved_errno = errno;
-
- char *ctx = raw_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *ctx = raw_secontext_full_file(file);
+ char *type = get_secontext_field(ctx, field);
free(ctx);
- errno = saved_errno;
return type;
}
static char *
+raw_secontext_short_file(const char *filename)
+{
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
+}
+
+static char *
raw_secontext_full_pid(pid_t pid)
{
int saved_errno = errno;
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
int saved_errno = errno;
char *ctx = raw_secontext_full_pid(pid);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
diff --git a/tests-m32/secontext.h b/tests-m32/secontext.h
index 1d0251a..e5571d5 100644
--- a/tests-m32/secontext.h
+++ b/tests-m32/secontext.h
@@ -23,6 +23,15 @@ enum secontext_field {
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
+/**
+ * Parse a SELinux context string and return a specified field, duplicated
+ * in a separate string. The caller is responsible for freeing the memory
+ * pointed by the returned value.
+ */
+char *get_secontext_field(const char *full_context, enum secontext_field field);
+
+char *get_secontext_field_file(const char *file, enum secontext_field field);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
#else
+static inline char *
+get_secontext_field(const char *ctx, enum secontext_field field)
+{
+ return NULL;
+}
+static inline char *
+get_secontext_field_file(const char *file, enum secontext_field field)
+{
+ return NULL;
+}
+
static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
index 848eea9..52211ed 100644
--- a/tests-mx32/secontext.c
+++ b/tests-mx32/secontext.c
@@ -56,8 +56,8 @@ strip_trailing_newlines(char *context)
return context;
}
-static char *
-get_type_from_context(const char *full_context)
+char *
+get_secontext_field(const char *full_context, enum secontext_field field)
{
int saved_errno = errno;
@@ -72,7 +72,7 @@ get_type_from_context(const char *full_context)
char *context = NULL;
for (token = strtok_r(ctx_copy, ":", &saveptr), i = 0;
token; token = strtok_r(NULL, ":", &saveptr), i++) {
- if (i == 2) {
+ if (i == field) {
context = xstrdup(token);
break;
}
@@ -122,7 +122,7 @@ raw_expected_secontext_short_file(const char *filename)
int saved_errno = errno;
char *ctx = raw_expected_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
@@ -144,20 +144,23 @@ raw_secontext_full_file(const char *filename)
return full_secontext;
}
-static char *
-raw_secontext_short_file(const char *filename)
+char *
+get_secontext_field_file(const char *file, enum secontext_field field)
{
- int saved_errno = errno;
-
- char *ctx = raw_secontext_full_file(filename);
- char *type = get_type_from_context(ctx);
+ char *ctx = raw_secontext_full_file(file);
+ char *type = get_secontext_field(ctx, field);
free(ctx);
- errno = saved_errno;
return type;
}
static char *
+raw_secontext_short_file(const char *filename)
+{
+ return get_secontext_field_file(filename, SECONTEXT_TYPE);
+}
+
+static char *
raw_secontext_full_pid(pid_t pid)
{
int saved_errno = errno;
@@ -178,7 +181,7 @@ raw_secontext_short_pid(pid_t pid)
int saved_errno = errno;
char *ctx = raw_secontext_full_pid(pid);
- char *type = get_type_from_context(ctx);
+ char *type = get_secontext_field(ctx, SECONTEXT_TYPE);
free(ctx);
errno = saved_errno;
diff --git a/tests-mx32/secontext.h b/tests-mx32/secontext.h
index 1d0251a..e5571d5 100644
--- a/tests-mx32/secontext.h
+++ b/tests-mx32/secontext.h
@@ -23,6 +23,15 @@ enum secontext_field {
#if defined TEST_SECONTEXT && defined HAVE_SELINUX_RUNTIME
+/**
+ * Parse a SELinux context string and return a specified field, duplicated
+ * in a separate string. The caller is responsible for freeing the memory
+ * pointed by the returned value.
+ */
+char *get_secontext_field(const char *full_context, enum secontext_field field);
+
+char *get_secontext_field_file(const char *file, enum secontext_field field);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -48,6 +57,17 @@ void update_secontext_field(const char *file, enum secontext_field field,
#else
+static inline char *
+get_secontext_field(const char *ctx, enum secontext_field field)
+{
+ return NULL;
+}
+static inline char *
+get_secontext_field_file(const char *file, enum secontext_field field)
+{
+ return NULL;
+}
+
static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
--
2.1.4

181
0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
View File

@ -1,181 +0,0 @@
From 97e2742a7f1e6e113354911d04505ada3bfb5d70 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Tue, 18 Jan 2022 18:04:42 +0100
Subject: [PATCH 172/174] tests/linkat: provide fallback values for secontext
fields changes
* tests/linkat.c (mangle_secontext_field): New function.
(main): Replace calls to update_secontext_field
with mangle_secontext_field calls.
---
tests/linkat.c | 23 ++++++++++++++++++++---
1 file changed, 20 insertions(+), 3 deletions(-)
diff --git a/tests/linkat.c b/tests/linkat.c
index c3e2ee4..decb736 100644
--- a/tests/linkat.c
+++ b/tests/linkat.c
@@ -21,6 +21,20 @@
#include "secontext.h"
#include "xmalloc.h"
+static void
+mangle_secontext_field(const char *path, enum secontext_field field,
+ const char *new_val, const char *fallback_val)
+{
+ char *orig = get_secontext_field_file(path, field);
+ if (!orig)
+ return;
+
+ update_secontext_field(path, field,
+ strcmp(new_val, orig) ? new_val : fallback_val);
+
+ free(orig);
+}
+
int
main(void)
{
@@ -93,7 +107,8 @@ main(void)
#ifdef PRINT_SECONTEXT_MISMATCH
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
+ "unconfined_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
# ifdef PRINT_SECONTEXT_FULL
@@ -115,7 +130,8 @@ main(void)
#endif
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -146,7 +162,8 @@ main(void)
char *cwd = get_fd_path(dfd_old);
errno = 0;
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
#ifdef PRINT_SECONTEXT_MISMATCH
diff --git a/tests-m32/linkat.c b/tests-m32/linkat.c
index c3e2ee4..decb736 100644
--- a/tests-m32/linkat.c
+++ b/tests-m32/linkat.c
@@ -21,6 +21,20 @@
#include "secontext.h"
#include "xmalloc.h"
+static void
+mangle_secontext_field(const char *path, enum secontext_field field,
+ const char *new_val, const char *fallback_val)
+{
+ char *orig = get_secontext_field_file(path, field);
+ if (!orig)
+ return;
+
+ update_secontext_field(path, field,
+ strcmp(new_val, orig) ? new_val : fallback_val);
+
+ free(orig);
+}
+
int
main(void)
{
@@ -93,7 +107,8 @@ main(void)
#ifdef PRINT_SECONTEXT_MISMATCH
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
+ "unconfined_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
# ifdef PRINT_SECONTEXT_FULL
@@ -115,7 +130,8 @@ main(void)
#endif
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -146,7 +162,8 @@ main(void)
char *cwd = get_fd_path(dfd_old);
errno = 0;
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
#ifdef PRINT_SECONTEXT_MISMATCH
diff --git a/tests-mx32/linkat.c b/tests-mx32/linkat.c
index c3e2ee4..decb736 100644
--- a/tests-mx32/linkat.c
+++ b/tests-mx32/linkat.c
@@ -21,6 +21,20 @@
#include "secontext.h"
#include "xmalloc.h"
+static void
+mangle_secontext_field(const char *path, enum secontext_field field,
+ const char *new_val, const char *fallback_val)
+{
+ char *orig = get_secontext_field_file(path, field);
+ if (!orig)
+ return;
+
+ update_secontext_field(path, field,
+ strcmp(new_val, orig) ? new_val : fallback_val);
+
+ free(orig);
+}
+
int
main(void)
{
@@ -93,7 +107,8 @@ main(void)
#ifdef PRINT_SECONTEXT_MISMATCH
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_USER, "system_u");
+ mangle_secontext_field(sample_1, SECONTEXT_USER, "system_u",
+ "unconfined_u");
sample_1_secontext = SECONTEXT_FILE(sample_1);
# ifdef PRINT_SECONTEXT_FULL
@@ -115,7 +130,8 @@ main(void)
#endif
errno = 0;
- update_secontext_field(sample_1, SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(sample_1, SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
sample_1_secontext = SECONTEXT_FILE(sample_1);
sample_2_secontext = sample_1_secontext;
@@ -146,7 +162,8 @@ main(void)
char *cwd = get_fd_path(dfd_old);
errno = 0;
- update_secontext_field(".", SECONTEXT_TYPE, "default_t");
+ mangle_secontext_field(".", SECONTEXT_TYPE, "default_t",
+ "unconfined_t");
char *dfd_old_secontext = SECONTEXT_FILE(".");
#ifdef PRINT_SECONTEXT_MISMATCH
--
2.1.4

63
0173-tests-secontext-eliminate-separate-secontext_format-.patch
View File

@ -1,63 +0,0 @@
From 6e8aa3749cb7e11e9a59db996f79f036bf7ef263 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Tue, 18 Jan 2022 18:05:19 +0100
Subject: [PATCH 173/174] tests/secontext: eliminate separate secontext_format
declaration
* tests/secontext.c (secontext_format): Remove declaration, supply
the attributes to the definition.
---
tests/secontext.c | 5 +----
1 file changed, 1 insertion(+), 4 deletions(-)
diff --git a/tests/secontext.c b/tests/secontext.c
index 52211ed..ba271c8 100644
--- a/tests/secontext.c
+++ b/tests/secontext.c
@@ -23,10 +23,7 @@
# define TEST_SECONTEXT
# include "secontext.h"
-static char *
-secontext_format(char *context, const char *fmt)
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
-
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
static char *
secontext_format(char *context, const char *fmt)
{
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
index 52211ed..ba271c8 100644
--- a/tests-m32/secontext.c
+++ b/tests-m32/secontext.c
@@ -23,10 +23,7 @@
# define TEST_SECONTEXT
# include "secontext.h"
-static char *
-secontext_format(char *context, const char *fmt)
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
-
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
static char *
secontext_format(char *context, const char *fmt)
{
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
index 52211ed..ba271c8 100644
--- a/tests-mx32/secontext.c
+++ b/tests-mx32/secontext.c
@@ -23,10 +23,7 @@
# define TEST_SECONTEXT
# include "secontext.h"
-static char *
-secontext_format(char *context, const char *fmt)
- ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC;
-
+ATTRIBUTE_FORMAT((printf, 2, 0)) ATTRIBUTE_MALLOC
static char *
secontext_format(char *context, const char *fmt)
{
--
2.1.4

190
0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
View File

@ -1,190 +0,0 @@
From 78a81bcfb71ef3d9f6e8b1a32e123fbbc6112a60 Mon Sep 17 00:00:00 2001
From: Eugene Syromyatnikov <evgsyr@gmail.com>
Date: Tue, 18 Jan 2022 18:24:34 +0100
Subject: [PATCH 174/174] tests/linkat: reset context to the expected one if a
mismatch has been detected
* tests/secontext.h (reset_secontext_file): New declaration.
* tests/secontext.c (reset_secontext_file): New function.
* tests/linkat.c (main): Check that there is no initial mismatch
in the sample_1 context, reset it otherwise.
---
tests/linkat.c | 3 +++
tests/secontext.c | 7 +++++++
tests/secontext.h | 7 +++++++
3 files changed, 17 insertions(+)
diff --git a/tests/linkat.c b/tests/linkat.c
index decb736..781b85a 100644
--- a/tests/linkat.c
+++ b/tests/linkat.c
@@ -103,6 +103,9 @@ main(void)
if (close(fd_sample_2))
perror_msg_and_fail("close");
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
+ reset_secontext_file(sample_1);
+
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
diff --git a/tests/secontext.c b/tests/secontext.c
index ba271c8..94fadd4 100644
--- a/tests/secontext.c
+++ b/tests/secontext.c
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
}
+void reset_secontext_file(const char *file)
+{
+ char *proper_ctx = raw_expected_secontext_full_file(file);
+ (void) setfilecon(file, proper_ctx);
+ free(proper_ctx);
+}
+
void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
diff --git a/tests/secontext.h b/tests/secontext.h
index e5571d5..387263e 100644
--- a/tests/secontext.h
+++ b/tests/secontext.h
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
char *get_secontext_field_file(const char *file, enum secontext_field field);
+void reset_secontext_file(const char *file);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
}
static inline void
+reset_secontext_file(const char *file)
+{
+}
+
+static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
{
diff --git a/tests-m32/linkat.c b/tests-m32/linkat.c
index decb736..781b85a 100644
--- a/tests-m32/linkat.c
+++ b/tests-m32/linkat.c
@@ -103,6 +103,9 @@ main(void)
if (close(fd_sample_2))
perror_msg_and_fail("close");
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
+ reset_secontext_file(sample_1);
+
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
diff --git a/tests-m32/secontext.c b/tests-m32/secontext.c
index ba271c8..94fadd4 100644
--- a/tests-m32/secontext.c
+++ b/tests-m32/secontext.c
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
}
+void reset_secontext_file(const char *file)
+{
+ char *proper_ctx = raw_expected_secontext_full_file(file);
+ (void) setfilecon(file, proper_ctx);
+ free(proper_ctx);
+}
+
void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
diff --git a/tests-m32/secontext.h b/tests-m32/secontext.h
index e5571d5..387263e 100644
--- a/tests-m32/secontext.h
+++ b/tests-m32/secontext.h
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
char *get_secontext_field_file(const char *file, enum secontext_field field);
+void reset_secontext_file(const char *file);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
}
static inline void
+reset_secontext_file(const char *file)
+{
+}
+
+static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
{
diff --git a/tests-mx32/linkat.c b/tests-mx32/linkat.c
index decb736..781b85a 100644
--- a/tests-mx32/linkat.c
+++ b/tests-mx32/linkat.c
@@ -103,6 +103,9 @@ main(void)
if (close(fd_sample_2))
perror_msg_and_fail("close");
+ if (*sample_1_secontext && strstr(sample_1_secontext, "!!"))
+ reset_secontext_file(sample_1);
+
free(sample_1_secontext);
#ifdef PRINT_SECONTEXT_MISMATCH
diff --git a/tests-mx32/secontext.c b/tests-mx32/secontext.c
index ba271c8..94fadd4 100644
--- a/tests-mx32/secontext.c
+++ b/tests-mx32/secontext.c
@@ -235,6 +235,13 @@ secontext_short_pid(pid_t pid)
return FORMAT_SPACE_AFTER(raw_secontext_short_pid(pid));
}
+void reset_secontext_file(const char *file)
+{
+ char *proper_ctx = raw_expected_secontext_full_file(file);
+ (void) setfilecon(file, proper_ctx);
+ free(proper_ctx);
+}
+
void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
diff --git a/tests-mx32/secontext.h b/tests-mx32/secontext.h
index e5571d5..387263e 100644
--- a/tests-mx32/secontext.h
+++ b/tests-mx32/secontext.h
@@ -32,6 +32,8 @@ char *get_secontext_field(const char *full_context, enum secontext_field field);
char *get_secontext_field_file(const char *file, enum secontext_field field);
+void reset_secontext_file(const char *file);
+
void update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue);
@@ -69,6 +71,11 @@ get_secontext_field_file(const char *file, enum secontext_field field)
}
static inline void
+reset_secontext_file(const char *file)
+{
+}
+
+static inline void
update_secontext_field(const char *file, enum secontext_field field,
const char *newvalue)
{
--
2.1.4

2
sources
View File

@ -1 +1 @@
SHA512 (strace-5.13.tar.xz) = ba8b0eae396fa2b762bf17cbcdcd84b0660b2a5d5e7e9caf098ef3414a87fd28d4140dd10136483f35904560e5044e40be2bf6117462868a360306d62887c8ed
SHA512 (strace-5.18.tar.xz) = 99418b84a5e2049cb6fe32eed19ddcb61bbefb25220550c67d92cd7bc3d44ae5d87ac228b3e1c207166b9bfdae55c624a0f4e603004599fb7ea3143bbccc749e

85
strace.spec
View File

@ -1,7 +1,7 @@
Summary: Tracks and displays system calls associated with a running process
Name: strace
Version: 5.13
Release: 7%{?dist}
Version: 5.18
Release: 1%{?dist}
# The test suite is GPLv2+, all the rest is LGPLv2.1+.
License: LGPL-2.1+ and GPL-2.0+
# Some distros require Group tag to be present,
@ -42,30 +42,31 @@ BuildRequires: pkgconfig(bluez)
%{?!buildroot:BuildRoot: %_tmppath/buildroot-%name-%version-%release}
%define maybe_use_defattr %{?suse_version:%%defattr(-,root,root)}
# v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
Patch141: 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
# v5.13-55-g6b2191f "filter_qualify: free allocated data on the error path exit of parse_poke_token"
Patch150: 0150-filter_qualify-free-allocated-data-on-the-error-path.patch
# v5.13-56-g80dc60c "macros: expand BIT macros, add MASK macros; add *_SAFE macros"
Patch151: 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
# v5.13-58-g94ae5c2 "trie: use BIT* and MASK* macros"
Patch152: 0152-trie-use-BIT-and-MASK-macros.patch
# v5.13-65-g41b753e "tee: rewrite num_params access in tee_fetch_buf_data"
Patch153: 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
Patch154: 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
## v5.13-10-g0211fdc "tests: change sockopt-timestamp test to use syscall(__NR_recvmsg)"
#Patch141: 0141-tests-change-sockopt-timestamp-test-to-use-syscall-_.patch
## v5.13-55-g6b2191f "filter_qualify: free allocated data on the error path exit of parse_poke_token"
#Patch150: 0150-filter_qualify-free-allocated-data-on-the-error-path.patch
## v5.13-56-g80dc60c "macros: expand BIT macros, add MASK macros; add *_SAFE macros"
#Patch151: 0151-macros-expand-BIT-macros-add-MASK-macros-add-_SAFE-m.patch
## v5.13-58-g94ae5c2 "trie: use BIT* and MASK* macros"
#Patch152: 0152-trie-use-BIT-and-MASK-macros.patch
## v5.13-65-g41b753e "tee: rewrite num_params access in tee_fetch_buf_data"
#Patch153: 0153-tee-rewrite-num_params-access-in-tee_fetch_buf_data.patch
## v5.14~12 "tests: call setsockopt directly in sockopt-timestamp"
#Patch154: 0154-tests-call-setsockopt-directly-in-sockopt-timestamp.patch
# v5.15~1 "print_ifindex: fix IFNAME_QUOTED_SZ definition"
Patch167: 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
## v5.15~1 "print_ifindex: fix IFNAME_QUOTED_SZ definition"
#Patch167: 0167-print_ifindex-fix-IFNAME_QUOTED_SZ-definition.patch
# v5.15~18 "m4: fix st_SELINUX check"
Patch168: 0168-m4-fix-st_SELINUX-check.patch
# v5.16~31 "Implement displaying of expected context upon mismatch"
Patch169: 0169-Implement-displaying-of-expected-context-upon-mismat.patch
Patch170: 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
Patch171: 0171-tests-secontext-add-secontext-field-getters.patch
Patch172: 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
Patch173: 0173-tests-secontext-eliminate-separate-secontext_format-.patch
Patch174: 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
## v5.15~18 "m4: fix st_SELINUX check"
#Patch168: 0168-m4-fix-st_SELINUX-check.patch
## v5.16~31 "Implement displaying of expected context upon mismatch"
#Patch169: 0169-Implement-displaying-of-expected-context-upon-mismat.patch
#Patch170: 0170-tests-linkat-reset-errno-before-SELinux-context-mani.patch
#Patch171: 0171-tests-secontext-add-secontext-field-getters.patch
#Patch172: 0172-tests-linkat-provide-fallback-values-for-secontext-f.patch
#Patch173: 0173-tests-secontext-eliminate-separate-secontext_format-.patch
#Patch174: 0174-tests-linkat-reset-context-to-the-expected-one-if-a-.patch
# Fallback definitions for make_build/make_install macros
%{?!__make: %global __make %_bindir/make}
@ -86,26 +87,27 @@ received by a process.
%prep
%setup -q
%patch141 -p1
%patch150 -p1
%patch151 -p1
%patch152 -p1
%patch153 -p1
%patch154 -p1
#%patch141 -p1
#%patch150 -p1
#%patch151 -p1
#%patch152 -p1
#%patch153 -p1
#%patch154 -p1
%patch167 -p1
#%patch167 -p1
%patch168 -p1
%patch169 -p1
%patch170 -p1
%patch171 -p1
%patch172 -p1
%patch173 -p1
%patch174 -p1
#%patch168 -p1
#%patch169 -p1
#%patch170 -p1
#%patch171 -p1
#%patch172 -p1
#%patch173 -p1
#%patch174 -p1
echo -n %version-%release > .tarball-version
echo -n 2021 > .year
echo -n 2021-07-20 > doc/.strace.1.in.date
echo -n 2022 > .year
echo -n 2022-06-22 > doc/.strace.1.in.date
echo -n 2022-06-22 > doc/.strace-log-merge.1.in.date
%build
echo 'BEGIN OF BUILD ENVIRONMENT INFORMATION'
@ -159,6 +161,9 @@ echo 'END OF TEST SUITE INFORMATION'
%{_mandir}/man1/*
%changelog
* Wed Jun 22 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.18-1
- Rebase to v5.18; drop upstream patches on top of 5.13 (#2084002).
* Mon Feb 07 2022 Eugene Syromiatnikov <esyr@redhat.com> - 5.13-7
- Update tests-m32 and tests-mx32 with --secontext=mismatch option support
changes (#2046264).