Re: [PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

On 09/26/2016 10:22 AM, Janis Danisevskis wrote: > The "-r" flag of sefcontext_compile now causes it to omit the > precompiled regular expressions from the output. The code itself looks ok, aside from William's suggestion. Experimenting with this a bit, I noticed the following difference in sizes

[PATCH 2/2] libselinux: add ifdef'ing for ANDROID and BUILD_HOST

From: William Roberts On Android, certain discrepancies arise for unused functionality or for dealing with the differences in Bionic libc. This patch includes all the "ifdef'ing" required and introduces the BUILD_HOST define. The BUILD_HOST define removes

[PATCH 1/2] libselinux: introduce configurable backends

From: William Roberts On Android for both the host build, and the target, certain backends are not needed: - X Backend - DB Backend - Media Backend Introduce the following defines for removing them from the built library: - NO_X_BACKEND - NO_DB_BACKEND -

Re: [PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

On Mon, Sep 26, 2016 at 10:43 AM, Stephen Smalley wrote: > On 09/26/2016 10:22 AM, Janis Danisevskis wrote: >> The "-r" flag of sefcontext_compile now causes it to omit the >> precompiled regular expressions from the output. > > The code itself looks ok, aside from William's

Re: [PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

On 09/26/2016 01:48 PM, William Roberts wrote: > On Mon, Sep 26, 2016 at 10:43 AM, Stephen Smalley wrote: >> On 09/26/2016 10:22 AM, Janis Danisevskis wrote: >>> The "-r" flag of sefcontext_compile now causes it to omit the >>> precompiled regular expressions from the output.

Re: Android Fork

On 09/26/2016 01:33 PM, william.c.robe...@intel.com wrote: > Below, are the last two majore patches to close the Android fork. > > Patch "libselinux: add ifdef'ing for ANDROID and BUILD_HOST" I > combined into 1 patch since some ANDROID and BUILD_HOST defines > are on the same line, I can split

Re: Android Fork

On Mon, Sep 26, 2016 at 10:33 AM, wrote: > Below, are the last two majore patches to close the Android fork. > > Patch "libselinux: add ifdef'ing for ANDROID and BUILD_HOST" I > combined into 1 patch since some ANDROID and BUILD_HOST defines > are on the same line, I

Re: [PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

On Mon, Sep 26, 2016 at 10:43 AM, Stephen Smalley wrote: > On 09/26/2016 10:22 AM, Janis Danisevskis wrote: >> The "-r" flag of sefcontext_compile now causes it to omit the >> precompiled regular expressions from the output. > > The code itself looks ok, aside from William's

Re: [PATCH 2/2] libselinux: add ifdef'ing for ANDROID and BUILD_HOST

On 09/26/2016 01:33 PM, william.c.robe...@intel.com wrote: > From: William Roberts > > On Android, certain discrepancies arise for unused functionality or > for dealing with the differences in Bionic libc. This patch includes > all the "ifdef'ing" required and

Re: [PATCH 1/3] libselinux: Add architecture string to file_context.bin

On Mon, Sep 26, 2016 at 7:22 AM, Janis Danisevskis wrote: > Serialized precompiled regular expressins are architecture > dependent when using PCRE2. This patch > - bumps the SELINUX_COMPILED_FCONTEXT version to 5 and > - adds a field to the output indicating the architecture >

Re: A question about booting process with SELinux.

On 09/26/2016 12:23 PM, Weiyuan (David, Euler) wrote: > Dear All: > >I have a question that is when and how the root“/”and files in it > are labeled? > > > > There are "/ u:object_r:rootfs:s0" in file_contexts, and "genfscon > rootfs / u:object_r:rootfs:s0" in genfs_contexts. > >

A question about booting process with SELinux.

Dear All: I have a question that is when and how the root"/"and files in it are labeled? There are "/ u:object_r:rootfs:s0" in file_contexts, and "genfscon rootfs / u:object_r:rootfs:s0" in genfs_contexts. My understanding is, First, kernel will load the initial_sid_contexts before

[PATCH v2] libselinux: add ANDROID_HOST=y build option

From: William Roberts To build the selinux host configuration, specify ANDROID_HOST=y on the Make command line. eg) make ANDROID_HOST=y Signed-off-by: William Roberts --- libselinux/Makefile | 8 +++- libselinux/src/Makefile

[PATCH] libselinux: add ANDROID_HOST=y build option

From: William Roberts To build the selinux host configuration, specify ANDROID_HOST=y on the Make command line. eg) make ANDROID_HOST=y Signed-off-by: William Roberts --- libselinux/Makefile | 13 ++--

Re: [PATCH v2] libselinux: add ANDROID_HOST=y build option

On Mon, Sep 26, 2016 at 1:53 PM, wrote: > From: William Roberts > > To build the selinux host configuration, specify > ANDROID_HOST=y on the Make command line. > > eg) > make ANDROID_HOST=y > > Signed-off-by: William Roberts

Re: Android Fork

On Mon, Sep 26, 2016 at 12:10 PM, Stephen Smalley wrote: > On 09/26/2016 01:33 PM, william.c.robe...@intel.com wrote: >> Below, are the last two majore patches to close the Android fork. >> >> Patch "libselinux: add ifdef'ing for ANDROID and BUILD_HOST" I >> combined into 1

[PATCH 3/3] libselinux: sefcontext_compile invert semantics of "-r" flag

The "-r" flag of sefcontext_compile now causes it to omit the precompiled regular expressions from the output. Signed-off-by: Janis Danisevskis --- libselinux/utils/sefcontext_compile.c | 12 +++- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git

[PATCH 2/3] libselinux: sefcontext_compile: Add "-i" flag

Adds the "-i" flag, which prints the version and architecture identifier of the regular expression back end. Signed-off-by: Janis Danisevskis --- libselinux/utils/sefcontext_compile.c | 11 ++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git