As discussed in https://github.com/SELinuxProject/selinux/issues/64,
semodule_deps has apparently been broken for a very long time for
binary modules and is completely irrelevant for CIL modules. If there
are any users of it, they ought to be rewritten anyway since it is
not producing correct dependency information, and the ultimate goal
is to stop using binary modules altogether so it is not worth fixing.
Remove it to avoid any further broken usage.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
There were several places in the makefiles where LDLIBS or CFLAGS were
supposed to include options to build. They were missing the override
keyword so would be skipped if these vars were set on the make cmdline.
Add the override directive to fix this.
Signed-off-by: Jason Zaman <jason@perfinion.com>
The toolchain automatically handles them and they break cross compiling.
LDFLAGS should also come before object files, some flags (eg,
-Wl,as-needed) can break things if they are in the wrong place)
Gentoo-Bug: https://bugs.gentoo.org/500674
Signed-off-by: Jason Zaman <jason@perfinion.com>
When using -u and -s options, semodule_package's main() allocates
user_extra and seusers to hold the argument values. These allocated
memory blocks are not freed when main() exits, which leads gcc's Address
Sanitizer to report a memory leak. This occurs for example when building
refpolicy base.pp module.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
generate_requires() may use a non-freable strings, BASE_NAME, as key in
a hashtable. The compiler complains about this small abuse of
hashtab_insert() interface (because its argument key is char* without
"const"). Nevertheless this is all right because the hashtab keys are
never freed directly (this behavior is documented in a comment in
free_requires()).
Therefore, hide the compiler warning by casting BASE_NAME to char*.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Even though "hashtab_key_t" is an alias for "char *", "const
hashtab_key_t" is not an alias for "(const char) *" but means "(char *)
const".
Introduce const_hashtab_key_t to map "(const char) *" and use it in
hashtab_search() and hashtab key comparison functions.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
After libsepol is modified (for example while developing new features or
fixing bugs), running "make install" in the top-level directory does not
update the programs which use libsepol.a. Add this static library to the
target dependencies in order to force their updates. This makes "make"
use libsepol.a in the linking command without using LDLIBS.
While at it, copy what commit 14d7064348 ("libselinux: Allow
overriding libsepol.a location during build") introduced in libselinux
Makefile by using a new LIBSEPOLA variable in all Makefiles.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
