Do not include private/android_filesystem_config.h
for libselinux_vendor.
Test: mma -j
Test: BOARD_VNDK_VERSION=current mma -j
Bug: 33241851
Change-Id: I4f4328dceaa8609d1891b4b7129669ad7040865a
Merged-In: I4f4328dceaa8609d1891b4b7129669ad7040865a
On full Treble devices, servicemanager should only
host services served from processes on /system; don't load
nonplat_service_contexts.
Bug: 36866029
Test: builds, boot Taimen, boot Sailfish
Change-Id: Ia093c4c6b342335e35648db35e340e2df54fdcf3
Merged-In: Ia093c4c6b342335e35648db35e340e2df54fdcf3
(cherry picked from commit e3ab0e6086)
There are two problems with lookup_common() and therefore
selabel_lookup() and related functions that this patch fixes:
1) A race with the lazy compilation of regexes. Since the struct
regex_data is allocated and assigned immediately to the parent struct
spec, it's possible for a second thread to see that this pointer is
non-NULL before the regex compilation has finished. This typically
results in a -1 return from selabel_lookup() with ENOENT as errno.
This is fixed by adding synchronization in compile_regex().
2) A race with PCRE2 regex_match(). A struct pcre2_match_data is
created once and used for all regex matches for a given regex. This
is problematic if two threads are attempting to evaluate the same
regex simultaneously. This typically results in a successful return
from selabel_lookup() but with an erroneous selabel.
This is fixed by adding a pthread_mutex within regex_match() for
PCRE2. Note, on my system, creating new matchdata takes roughly an
order of magnitude more time than locking a non-contended
pthread_mutex. I don't believe programs will have enough contention
on this lock to justify that cost.
Bug: 63861738
Test: ueventd unit tests
Change-Id: I13bf782d81d0a0b896d444e396f307ad0dbacb6a
Change 1df580a30 incorrectly modified the file_contexts file name.
Fix it.
Bug: 63636472
Test: dimitrysh to test
Change-Id: I669d1f627eb9e52b8090da14976f10e151739902
(cherry picked from commit c62f2ae838)
LOG_EVENT_STRING is not defined for liblog.vendor. Don't use it
for libselinux_vendor.
Test: mma -j
Test: BOARD_VNDK_VERSION=current mma -j
Bug: 63034227
Merged-In: Ibb653dac74da1ad678ccd5fabba97ab9bd0f0c38
(cherry picked from commit 09dff7c3a5)
Change-Id: Ia4cd612333c35b375c03dd68d586e6f167eb26c2
The following functions are exported in libselinux_vendor, but
simply returns an error:
selinux_android_prop_context_handle
selinux_android_restorecon
Bug: 62886649
Test: BOARD_VNDK_VERSION=current m libselinux_vendor -j
Test: m libselinux_vendor -j
Test: device boots
Change-Id: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
Merged-In: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
(cherry picked from commit 1e8760189d)
LOG_EVENT_STRING is not defined for liblog.vendor. Don't use it
for libselinux_vendor.
Test: mma -j
Test: BOARD_VNDK_VERSION=current mma -j
Bug: 63034227
Change-Id: Ibb653dac74da1ad678ccd5fabba97ab9bd0f0c38
(cherry picked from commit 09dff7c3a5)
The following functions are exported in libselinux_vendor, but
simply returns an error:
selinux_android_prop_context_handle
selinux_android_restorecon
Bug: 62886649
Test: BOARD_VNDK_VERSION=current m libselinux_vendor -j
Test: m libselinux_vendor -j
Test: device boots
Change-Id: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
Merged-In: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
(cherry picked from commit 1e8760189d)
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
(cherry-pick from commit 554b7e4e82)
Change-Id: I19183fa192afb29ea75f40c0abf1e684b5550d2a
Merged-In: I49259c6cd6543329fe399fc92e07f16dc54c6395
Also make sure regex.c is compiled for all targets that libselinux is
built for.
Bug: 37919668
Bug: 37343404
Test: Build and boot
(cherry-pick from commit a1b5897b8b)
Change-Id: I7eaf2733cdc0f8c72239fa6186e21bacc18b6d2f
Merged-In: Ie73cf85aeffcccb1a8bd1fcfafdd555678f9badc
Removed dependency on libpackageparser
Retained dependency on libpcre2
android_seapp.c = non-vendor functions
android.c = functions common to vendor and non-vendor
exported_vendor.map contains map for libselinux_vendor
(cherry-picked from commit cc1666de05)
Bug: 37343404
Test: Build vndservicemanager, libselinux.so and libselinux_vendor.so
Verify normal boot on sailfish and pass CTS Security
Change-Id: I3421d73b0f51bd714b5889fc3eef5b161dea9bac
Merged-In: I0ffc621ceb53b3531df458611f1322ebecd2da20
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
(cherry-pick from commit 554b7e4e82)
Change-Id: I19183fa192afb29ea75f40c0abf1e684b5550d2a
Merged-In: I49259c6cd6543329fe399fc92e07f16dc54c6395
Also make sure regex.c is compiled for all targets that libselinux is
built for.
Bug: 37919668
Bug: 37343404
Test: Build and boot
(cherry-pick from commit a1b5897b8b)
Change-Id: I7eaf2733cdc0f8c72239fa6186e21bacc18b6d2f
Merged-In: Ie73cf85aeffcccb1a8bd1fcfafdd555678f9badc
Removed dependency on libpackageparser
Retained dependency on libpcre2
android_seapp.c = non-vendor functions
android.c = functions common to vendor and non-vendor
exported_vendor.map contains map for libselinux_vendor
(cherry-picked from commit cc1666de05)
Bug: 37343404
Test: Build vndservicemanager, libselinux.so and libselinux_vendor.so
Verify normal boot on sailfish and pass CTS Security
Change-Id: I3421d73b0f51bd714b5889fc3eef5b161dea9bac
Merged-In: I0ffc621ceb53b3531df458611f1322ebecd2da20
The following functions are exported in libselinux_vendor, but
simply returns an error:
selinux_android_prop_context_handle
selinux_android_restorecon
Bug: 62886649
Test: BOARD_VNDK_VERSION=current m libselinux_vendor -j
Test: m libselinux_vendor -j
Test: device boots
Change-Id: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
Merged-In: If42b6cb1bf9ffb3dd04f557279efdc37e1ac259a
(cherry picked from commit 1e8760189d)
This is used by vndservicemanager, which will only
have access to the vndservice_contexts on the vendor
partition.
Bug: 36052864
Test: vndservicemanager can load the context
(cherry-pick from commit 69e45cdfee)
Change-Id: I26ebf40906d6c56a3cfa4a20b731e101614fe6e6
Merged-In: Ifd5caa4f74236184ef970ce39a8be227c50b48d4
Also make sure regex.c is compiled for all targets that libselinux is
built for.
Bug: 37919668
Bug: 37343404
Test: Build and boot
(cherry-pick from commit a1b5897b8b)
Change-Id: Ie73cf85aeffcccb1a8bd1fcfafdd555678f9badc
Merged-In: I6bcced2d3675899cf976ad3cd30e591539d2aaa1
Also make sure label_file.c is compiled in all targets that libselinux
is built for.
Bug: 37343404
Bug: 37919668
Test: Build and boot
(cherry-pick from commit 554b7e4e82)
Change-Id: I49259c6cd6543329fe399fc92e07f16dc54c6395
Merged-In: I7e06ad6cad13d157ba1fb6bfd23ce9ceddf3ba79
Removed dependency on libpackageparser
Retained dependency on libpcre2
android_seapp.c = non-vendor functions
android.c = functions common to vendor and non-vendor
exported_vendor.map contains map for libselinux_vendor
(cherry-picked from commit cc1666de05)
Bug: 37343404
Test: Build vndservicemanager, libselinux.so and libselinux_vendor.so
Verify normal boot on sailfish and pass CTS Security
Merged-In: I020b1333ad4628b831c94a27f07d880f73dbde7a
Change-Id: I0ffc621ceb53b3531df458611f1322ebecd2da20
The RUBYLIBS definition introduced by commit f5b9bc2a06
("libselinux,libsemanage: link Ruby wrappers with -lruby") did
not work on Debian. Fix it based on a patch by Nicolas Iooss.
Reported-by: Laurent Bigonville <bigon@debian.org>
Suggested-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Two makefiles of ours pass `-D_FORTIFY_SOURCE=2` directly to the
preprocessor. While this does not pose any problems when the value has
not been previously set, it can break the build if it is part of the
standard build flags.
The issue can easily be fixed by instead defining `_FORTIFY_SOURCE`
without specifying a concrete value. In this case, gcc will not error
out and simply keep using the previously defined value. On the other
hand, if no value has been defined, we will now compile with
`_FORTIFY_SOURCE=1`. From feature_test_macros(7):
If _FORTIFY_SOURCE is set to 1, with compiler optimization level 1
(gcc -O1) and above, checks that shouldn't change the behavior of
conforming programs are performed. With _FORTIFY_SOURCE set to 2,
some more checking is added, but some conforming programs might
fail.
While this leaves us with less checks for buffer overflows, it will only
enable checks that should not change behaviour of conforming programs.
With _FORTIFY_SOURCE=2, the compiler may even unintentionally change
behaviour of conforming programs. So in fact, one could even argue that
we should only be setting the value to 1 anyway to avoid surprising side
effects.
So this patch changes our CFLAGS to only pass `-D_FORTIFY_SOURCE`
without any concrete value, fixing the build issue.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
As reported by Nicolas Iooss, there are still some inconsistencies
in the definitions and usage of Makefile variables related to bin
and sbin directories. Since we need to still support non-usrmerge
systems, we cannot completely synchronize them, but we can eliminate
unnecessary differences, remove unused variables, and drop the
USRSBINDIR variables.
Before:
$ find . -name Makefile -exec cat {} + |grep '^[A-Z_]*BINDIR' |sort -u
BINDIR=$(PREFIX)/bin
BINDIR ?= $(PREFIX)/bin
BINDIR ?= $(PREFIX)/sbin
SBINDIR ?= $(DESTDIR)/sbin
SBINDIR ?= $(PREFIX)/sbin
USRSBINDIR ?= $(PREFIX)/sbin
After:
$ find . -name Makefile -exec cat {} + | grep '^[A-Z_]*BINDIR' | sort -u
BINDIR ?= $(PREFIX)/bin
SBINDIR ?= $(DESTDIR)/sbin
SBINDIR ?= $(PREFIX)/sbin
This does not change the actual install location of any file.
It does drop the legacy symlink from /usr/sbin/load_policy to
/sbin/load_policy; packagers can create that separately if
desired.
Reported-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
the utils dir link to libselinux.so which was just built, if LDFLAGS or
LDLIBS were specificed on the make commandline then the search path is
not appended. Add the override directive to fix this.
Gentoo-Bug: https://bugs.gentoo.org/621762
Signed-off-by: Jason Zaman <jason@perfinion.com>
