* changes:
sefcontext_compile: migrate to soong
move file_context APIs out of libselinux_vendor
Do not use PCRE2 in libselinux_vendor
move selinux policy loading APIs to platform libselinux
refactor: move common parts of libselinux builds into defaults
Add libselinux_vendor
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
(cherry-pick from commit 554b7e4e82)
Change-Id: I19183fa192afb29ea75f40c0abf1e684b5550d2a
Merged-In: I49259c6cd6543329fe399fc92e07f16dc54c6395
Also make sure regex.c is compiled for all targets that libselinux is
built for.
Bug: 37919668
Bug: 37343404
Test: Build and boot
(cherry-pick from commit a1b5897b8b)
Change-Id: I7eaf2733cdc0f8c72239fa6186e21bacc18b6d2f
Merged-In: Ie73cf85aeffcccb1a8bd1fcfafdd555678f9badc
Removed dependency on libpackageparser
Retained dependency on libpcre2
android_seapp.c = non-vendor functions
android.c = functions common to vendor and non-vendor
exported_vendor.map contains map for libselinux_vendor
(cherry-picked from commit cc1666de05)
Bug: 37343404
Test: Build vndservicemanager, libselinux.so and libselinux_vendor.so
Verify normal boot on sailfish and pass CTS Security
Change-Id: I3421d73b0f51bd714b5889fc3eef5b161dea9bac
Merged-In: I0ffc621ceb53b3531df458611f1322ebecd2da20
The following functions are exported in libselinux_vendor, but
simply returns an error:
selinux_android_prop_context_handle
selinux_android_restorecon
Bug: 62886649
Test: BOARD_VNDK_VERSION=current m libselinux_vendor -j
Test: m libselinux_vendor -j
Test: device boots
Change-Id: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
Merged-In: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
(cherry picked from commit 1e8760189d)
This is used by vndservicemanager, which will only
have access to the vndservice_contexts on the vendor
partition.
Bug: 36052864
Test: vndservicemanager can load the context
(cherry-pick from commit 69e45cdfee)
Change-Id: I26ebf40906d6c56a3cfa4a20b731e101614fe6e6
Merged-In: Ifd5caa4f74236184ef970ce39a8be227c50b48d4
Also make sure regex.c is compiled for all targets that libselinux is
built for.
Bug: 37919668
Bug: 37343404
Test: Build and boot
(cherry-pick from commit a1b5897b8b)
Change-Id: Ie73cf85aeffcccb1a8bd1fcfafdd555678f9badc
Merged-In: I6bcced2d3675899cf976ad3cd30e591539d2aaa1
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
(cherry-pick from commit 554b7e4e82)
Change-Id: I49259c6cd6543329fe399fc92e07f16dc54c6395
Merged-In: I7e06ad6cad13d157ba1fb6bfd23ce9ceddf3ba79
Removed dependency on libpackageparser
Retained dependency on libpcre2
android_seapp.c = non-vendor functions
android.c = functions common to vendor and non-vendor
exported_vendor.map contains map for libselinux_vendor
(cherry-picked from commit cc1666de05)
Bug: 37343404
Test: Build vndservicemanager, libselinux.so and libselinux_vendor.so
Verify normal boot on sailfish and pass CTS Security
Merged-In: I020b1333ad4628b831c94a27f07d880f73dbde7a
Change-Id: I0ffc621ceb53b3531df458611f1322ebecd2da20
PYTHONLIBDIR is currently also used in sepolgen but has a different
behaviour regarding DESTDIR. Let's try to make this consistant.
Signed-off-by: Laurent Bigonville <bigon@bigon.be>
Some Makefiles rely on adding values to variables like CFLAGS,
LDFLAGS, etc. For example doing "LDFLAGS += -L../src" does not work fine
when LDFLAGS is defined on the command line of "make".
Commits 297877ab88 ("libselinux utils: override LD{FLAGS, LIBS} for
libselinux.so in Makefile") and 15f2740733 ("Makefiles: override
*FLAGS and *LIBS") recently fixed such issues, by introducing keyword
"override" in the relevant Makefile statements.
In order to prevent the fixed issues from appearing again, add a test
case in Travis-CI configuration file. This case adds on make's command
line minimal definitions for CFLAGS and LDFLAGS and empty definitions
for CPPFLAGS and LDLIBS.
An example of build failure due to a missing override in a required
CPPFLAGS addition is provided on
https://travis-ci.org/fishilico/selinux/builds/245107609
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
A build toolchain may override CPPFLAGS on the command line of "make".
Doing so currently breaks libsepol/tests compilation, as it requires
"-I../include/ -I$(CHECKPOLICY)" to be provided in gcc's arguments.
This completes commit 15f2740733 ("Makefiles: override *FLAGS and
*LIBS").
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Travis-CI no longer provides Ruby 2.0 in its Trusty environment (it has
been updated according to
https://blog.travis-ci.com/2017-06-21-trusty-updates-2017-Q2-launch).
Remove this version from .travis.yml.
Moreover Python 3.6 and Ruby 3.4 are available. Test building with them.
Last by not least, pypy virtual environment directory has been renamed
pypy2 (/home/travis/virtualenv/pypy2 is a symbolic link to pypy2-5.6.0).
The updated .travis.yml file has been tested on
https://travis-ci.org/fishilico/selinux/builds/248126824
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
The RUBYLIBS definition introduced by commit f5b9bc2a06
("libselinux,libsemanage: link Ruby wrappers with -lruby") did
not work on Debian. Fix it based on a patch by Nicolas Iooss.
Reported-by: Laurent Bigonville <bigon@debian.org>
Suggested-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Added checks to wrapper scripts for selinux utils. Before running
commands, verify enviromental variables are set and that required files
exists. Return an error code in the event of failure.
Test: Verify audit2allow, audit2why, sediff, seinfo commands still run.
Test: Verify failure if prerequisites are not satisfied.
Change-Id: I3705a90e0a81704829aa5a5feedbfe22aec5fa55
Signed-off-by: Brian Murray <Brian@Clover.com>
