[PATCH] libsepol: cil: cil_strpool: Allow multiple strpool users.
From: dcashman cil_strpool currently provides an interface to a statically stored global data structure. This interface does not accomodate multiple consumers, however, as two calls to cil_strpool_init() will lead to a memory leak and a call to cil_strpool_destroy() by one consumer will remove data from use by others, and subsequently lead to a segfault on the next cil_strpool_destroy() invocation. Add a reference counter so that the strpool is only initialized once and protect the exported interface with a mutex. Tested by calling cil_db_init() on two cil_dbs and then calling cil_db_destroy() on each. Signed-off-by: Daniel Cashman --- libsepol/cil/src/cil_strpool.c | 28 1 file changed, 24 insertions(+), 4 deletions(-) diff --git a/libsepol/cil/src/cil_strpool.c b/libsepol/cil/src/cil_strpool.c index ad2a334..5b7df8c 100644 --- a/libsepol/cil/src/cil_strpool.c +++ b/libsepol/cil/src/cil_strpool.c @@ -27,6 +27,7 @@ * either expressed or implied, of Tresys Technology, LLC. */ +#include #include #include #include @@ -40,6 +41,8 @@ struct cil_strpool_entry { char *str; }; +static pthread_mutex_t cil_strpool_mutex = PTHREAD_MUTEX_INITIALIZER; +static unsigned int cil_strpool_readers = 0; static hashtab_t cil_strpool_tab = NULL; static unsigned int cil_strpool_hash(hashtab_t h, hashtab_key_t key) @@ -68,16 +71,21 @@ char *cil_strpool_add(const char *str) { struct cil_strpool_entry *strpool_ref = NULL; + pthread_mutex_lock(&cil_strpool_mutex); + strpool_ref = hashtab_search(cil_strpool_tab, (hashtab_key_t)str); if (strpool_ref == NULL) { strpool_ref = cil_malloc(sizeof(*strpool_ref)); strpool_ref->str = cil_strdup(str); int rc = hashtab_insert(cil_strpool_tab, (hashtab_key_t)strpool_ref->str, strpool_ref); if (rc != SEPOL_OK) { + pthread_mutex_unlock(&cil_strpool_mutex); (*cil_mem_error_handler)(); + pthread_mutex_lock(&cil_strpool_mutex); } } + pthread_mutex_unlock(&cil_strpool_mutex); return strpool_ref->str; } @@ -91,14 +99,26 @@ static int cil_strpool_entry_destroy(hashtab_key_t k __attribute__ ((unused)), h void cil_strpool_init(void) { - cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE); + pthread_mutex_lock(&cil_strpool_mutex); if (cil_strpool_tab == NULL) { - (*cil_mem_error_handler)(); + cil_strpool_tab = hashtab_create(cil_strpool_hash, cil_strpool_compare, CIL_STRPOOL_TABLE_SIZE); + if (cil_strpool_tab == NULL) { + pthread_mutex_unlock(&cil_strpool_mutex); + (*cil_mem_error_handler)(); + return; + } } + cil_strpool_readers++; + pthread_mutex_unlock(&cil_strpool_mutex); } void cil_strpool_destroy(void) { - hashtab_map(cil_strpool_tab, cil_strpool_entry_destroy, NULL); - hashtab_destroy(cil_strpool_tab); + pthread_mutex_lock(&cil_strpool_mutex); + cil_strpool_readers--; + if (cil_strpool_readers == 0) { + hashtab_map(cil_strpool_tab, cil_strpool_entry_destroy, NULL); + hashtab_destroy(cil_strpool_tab); + } + pthread_mutex_unlock(&cil_strpool_mutex); } -- 2.8.0.rc3.226.g39d4020 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
Re: [PATCH 0/7] libsepol/cil: Fix bugs found by Nicolas Looss with AFL
On 10/18/2016 02:58 PM, James Carter wrote: A series of patches to fix bugs found by Nicolas Looss while fuzzing secilc with AFL. Iooss, not Looss. Sorry, Nicolas. My brain cannot process your last name correctly. I will fix your name when I apply the series. Jim James Carter (7): libsepol/cil: Check for improper category range libsepol/cil: Use empty list for category expression evaluated as empty libsepol/cil: Use an empty list to represent an unknown permission libsepol/cil: Check if identifier is NULL when verifying name libsepol/cil: Check that permission is not an empty list libsepol/cil: Verify alias in aliasactual statement is really an alias libsepol/cil: Verify neither child nor parent in a bounds is an attribute libsepol/cil/src/cil_build_ast.c | 7 + libsepol/cil/src/cil_post.c| 13 libsepol/cil/src/cil_resolve_ast.c | 61 +++--- libsepol/cil/src/cil_verify.c | 8 - 4 files changed, 51 insertions(+), 38 deletions(-) -- James Carter National Security Agency ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 2/7] libsepol/cil: Use empty list for category expression evaluated as empty
Nicolas Looss found while fuzzing secilc with AFL that the following policy will cause a segfault. (category c0) (category c1) (categoryorder (c0 c1)) (sensitivity s0) (sensitivitycategory s0 (not (all))) The expression "(not (all))" is evaluated as containing no categories. There is a check for the resulting empty list and the category datum expression is set to NULL. The segfault occurs because the datum expression is assumed to be non-NULL after evaluation. Assign the list to the datum expression even if it is empty. Signed-off-by: James Carter --- libsepol/cil/src/cil_post.c | 8 +--- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c index caf3321..687962e 100644 --- a/libsepol/cil/src/cil_post.c +++ b/libsepol/cil/src/cil_post.c @@ -865,13 +865,7 @@ static int __evaluate_cat_expression(struct cil_cats *cats, struct cil_db *db) ebitmap_destroy(&bitmap); cil_list_destroy(&cats->datum_expr, CIL_FALSE); - if (new->head != NULL) { - cats->datum_expr = new; - } else { - /* empty list */ - cil_list_destroy(&new, CIL_FALSE); - cats->datum_expr = NULL; - } + cats->datum_expr = new; cats->evaluated = CIL_TRUE; -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 6/7] libsepol/cil: Verify alias in aliasactual statement is really an alias
Nicolas Looss found while fuzzing secilc with AFL that the statement "(sensitivityaliasactual SENS SENS)" will cause a segfault. The segfault occurs because when the aliasactual is resolved the first identifier is assumed to refer to an alias structure, but it is not. Add a check to verify that the datum retrieved is actually an alias and exit with an error if it is not. Signed-off-by: James Carter --- libsepol/cil/src/cil_resolve_ast.c | 13 + 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index f3f3e92..149e4f4 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -452,7 +452,7 @@ exit: return rc; } -int cil_resolve_aliasactual(struct cil_tree_node *current, void *extra_args, enum cil_flavor flavor) +int cil_resolve_aliasactual(struct cil_tree_node *current, void *extra_args, enum cil_flavor flavor, enum cil_flavor alias_flavor) { int rc = SEPOL_ERR; enum cil_sym_index sym_index; @@ -465,10 +465,15 @@ int cil_resolve_aliasactual(struct cil_tree_node *current, void *extra_args, enu if (rc != SEPOL_OK) { goto exit; } + rc = cil_resolve_name(current, aliasactual->alias_str, sym_index, extra_args, &alias_datum); if (rc != SEPOL_OK) { goto exit; } + if (NODE(alias_datum)->flavor != alias_flavor) { + cil_log(CIL_ERR, "%s is not an alias\n",alias_datum->name); + goto exit; + } rc = cil_resolve_name(current, aliasactual->actual_str, sym_index, extra_args, &actual_datum); if (rc != SEPOL_OK) { @@ -3365,13 +3370,13 @@ int __cil_resolve_ast_node(struct cil_tree_node *node, void *extra_args) case CIL_PASS_ALIAS1: switch (node->flavor) { case CIL_TYPEALIASACTUAL: - rc = cil_resolve_aliasactual(node, args, CIL_TYPE); + rc = cil_resolve_aliasactual(node, args, CIL_TYPE, CIL_TYPEALIAS); break; case CIL_SENSALIASACTUAL: - rc = cil_resolve_aliasactual(node, args, CIL_SENS); + rc = cil_resolve_aliasactual(node, args, CIL_SENS, CIL_SENSALIAS); break; case CIL_CATALIASACTUAL: - rc = cil_resolve_aliasactual(node, args, CIL_CAT); + rc = cil_resolve_aliasactual(node, args, CIL_CAT, CIL_CATALIAS); break; default: break; -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 5/7] libsepol/cil: Check that permission is not an empty list
Nicolas Looss found while fuzzing secilc with AFL that the statement "(class C (()))" will cause a segfault. CIL expects a list of permissions in the class declaration and "(())" is a valid list. Each item of the list is expected to be an identifier and as the list is processed each item is checked to see if it is a list. An error is given if it is a list, otherwise the item is assumed to be an identifier. Unfortunately, the check only works if the list is not empty. In this case, the item passes the check and is assumed to be an identifier and a NULL is passed as the string for name verification. If name verification assumes that a non-NULL value will be passed in, a segfault will occur. Add a check for an empty list when processing a permission list and improve the error handling for permissions when building the AST. Signed-off-by: James Carter --- libsepol/cil/src/cil_build_ast.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c index ee283b5..e4a0539 100644 --- a/libsepol/cil/src/cil_build_ast.c +++ b/libsepol/cil/src/cil_build_ast.c @@ -482,6 +482,10 @@ int cil_gen_perm(struct cil_db *db, struct cil_tree_node *parse_current, struct cil_perm_init(&perm); key = parse_current->data; + if (key == NULL) { + cil_log(CIL_ERR, "Bad permission\n"); + goto exit; + } rc = cil_gen_node(db, ast_node, (struct cil_symtab_datum*)perm, (hashtab_key_t)key, CIL_SYM_PERMS, flavor); if (rc != SEPOL_OK) { @@ -529,6 +533,7 @@ int cil_gen_perm_nodes(struct cil_db *db, struct cil_tree_node *current_perm, st rc = cil_gen_perm(db, current_perm, new_ast, flavor, num_perms); if (rc != SEPOL_OK) { + cil_tree_node_destroy(&new_ast); goto exit; } @@ -546,6 +551,8 @@ int cil_gen_perm_nodes(struct cil_db *db, struct cil_tree_node *current_perm, st exit: cil_log(CIL_ERR, "Bad permissions\n"); + cil_tree_children_destroy(ast_node); + cil_clear_node(ast_node); return rc; } -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 1/7] libsepol/cil: Check for improper category range
Nicolas Looss found while fuzzing secilc with AFL that the following policy will cause a segfault. (category c0) (category c1) (categoryorder (c0 c1)) (sensitivity s0) (sensitivitycategory s0 (range c1 c0)) The category range "(range c1 c0)" is invalid because c1 comes after c0 in order. The invalid range is evaluated as containing no categories. There is a check for the resulting empty list and the category datum expression is set to NULL. The segfault occurs because the datum expression is assumed to be non-NULL after evaluation. Add a check for an invalid range when evaluating category ranges. Signed-off-by: James Carter --- libsepol/cil/src/cil_post.c | 5 + 1 file changed, 5 insertions(+) diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c index f8447c9..caf3321 100644 --- a/libsepol/cil/src/cil_post.c +++ b/libsepol/cil/src/cil_post.c @@ -952,6 +952,11 @@ static int __cil_cat_expr_range_to_bitmap_helper(struct cil_list_item *i1, struc c2 = alias->actual; } + if (c1->value > c2->value) { + cil_log(CIL_ERR, "Invalid category range\n"); + goto exit; + } + for (i = c1->value; i <= c2->value; i++) { if (ebitmap_set_bit(bitmap, i, 1)) { cil_log(CIL_ERR, "Failed to set cat bit\n"); -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 7/7] libsepol/cil: Verify neither child nor parent in a bounds is an attribute
Nicolas Looss found while fuzzing secilc with AFL that using an attribute as a child in a typebounds statement will cause a segfault. This happens because the child datum is assumed to be part of a cil_type struct when it is really part of a cil_typeattribute struct. The check to verify that it is a type and not an attribute comes after it is used. This bug effects user and role bounds as well because they do not check whether a datum refers to an attribute or not. Add checks to verify that neither the child nor the parent datum refer to an attribute before using them in user, role, and type bounds. Signed-off-by: James Carter --- libsepol/cil/src/cil_resolve_ast.c | 44 -- 1 file changed, 18 insertions(+), 26 deletions(-) diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index 149e4f4..ec547d3 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -2468,7 +2468,7 @@ exit: } -int cil_resolve_bounds(struct cil_tree_node *current, void *extra_args, enum cil_flavor flavor) +int cil_resolve_bounds(struct cil_tree_node *current, void *extra_args, enum cil_flavor flavor, enum cil_flavor attr_flavor) { int rc = SEPOL_ERR; struct cil_bounds *bounds = current->data; @@ -2485,19 +2485,29 @@ int cil_resolve_bounds(struct cil_tree_node *current, void *extra_args, enum cil if (rc != SEPOL_OK) { goto exit; } + if (NODE(parent_datum)->flavor == attr_flavor) { + cil_log(CIL_ERR, "Bounds parent %s is an attribute\n", bounds->parent_str); + rc = SEPOL_ERR; + goto exit; + } + rc = cil_resolve_name(current, bounds->child_str, index, extra_args, &child_datum); if (rc != SEPOL_OK) { goto exit; } + if (NODE(child_datum)->flavor == attr_flavor) { + cil_log(CIL_ERR, "Bounds child %s is an attribute\n", bounds->child_str); + rc = SEPOL_ERR; + goto exit; + } switch (flavor) { case CIL_USER: { struct cil_user *user = (struct cil_user *)child_datum; if (user->bounds != NULL) { - struct cil_tree_node *node = user->bounds->datum.nodes->head->data; - cil_tree_log(node, CIL_ERR, "User %s already bound by parent", bounds->child_str); + cil_tree_log(NODE(user->bounds), CIL_ERR, "User %s already bound by parent", bounds->child_str); rc = SEPOL_ERR; goto exit; } @@ -2509,8 +2519,7 @@ int cil_resolve_bounds(struct cil_tree_node *current, void *extra_args, enum cil struct cil_role *role = (struct cil_role *)child_datum; if (role->bounds != NULL) { - struct cil_tree_node *node = role->bounds->datum.nodes->head->data; - cil_tree_log(node, CIL_ERR, "Role %s already bound by parent", bounds->child_str); + cil_tree_log(NODE(role->bounds), CIL_ERR, "Role %s already bound by parent", bounds->child_str); rc = SEPOL_ERR; goto exit; } @@ -2520,26 +2529,9 @@ int cil_resolve_bounds(struct cil_tree_node *current, void *extra_args, enum cil } case CIL_TYPE: { struct cil_type *type = (struct cil_type *)child_datum; - struct cil_tree_node *node = NULL; if (type->bounds != NULL) { - node = ((struct cil_symtab_datum *)type->bounds)->nodes->head->data; - cil_tree_log(node, CIL_ERR, "Type %s already bound by parent", bounds->child_str); - cil_tree_log(current, CIL_ERR, "Now being bound to parent %s", bounds->parent_str); - rc = SEPOL_ERR; - goto exit; - } - - node = parent_datum->nodes->head->data; - if (node->flavor == CIL_TYPEATTRIBUTE) { - cil_log(CIL_ERR, "Bounds parent %s is an attribute\n", bounds->parent_str); - rc = SEPOL_ERR; - goto exit; - } - - node = child_datum->nodes->head->data; - if (node->flavor == CIL_TYPEATTRIBUTE) { - cil_log(CIL_ERR, "Bounds child %s is an attribute\n", bounds->child_str); + cil_tree_log(NODE(type->bounds), CIL_ERR, "Type %s already bound by parent", bounds->child_str); rc = SEPOL_ERR; goto exit; } @@ -3445,7 +3437,7 @@ int __cil_resolve_ast_node(struct cil_tree_node *node, void *extra_args) rc = cil_resolve_typeattributeset(node, args); break; case CIL_TYPEBOUNDS: -
[PATCH 3/7] libsepol/cil: Use an empty list to represent an unknown permission
Nicolas Looss found while fuzzing secilc with AFL that the statement "(classpermissionset CPERM (CLASS (and unknow PERM)))" will cause a segfault. In order to support a policy module package using a permission that does not exist on the system it is loaded on, CIL will only give a warning when it fails to resolve an unknown permission. CIL itself will just ignore the unknown permission. This means that an expression like "(and UNKNOWN p1)" will look like "(and p1)" to CIL, but, since syntax checking has already been done, CIL won't know that the expression is not well-formed. When the expression is evaluated a segfault will occur because all expressions are assumed to be well-formed at evaluation time. Use an empty list to represent an unknown permission so that expressions will continue to be well-formed and expression evaluation will work but the unknown permission will still be ignored. Signed-off-by: James Carter --- libsepol/cil/src/cil_resolve_ast.c | 4 1 file changed, 4 insertions(+) diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index c403545..f3f3e92 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -131,7 +131,11 @@ static int __cil_resolve_perms(symtab_t *class_symtab, symtab_t *common_symtab, } } if (rc != SEPOL_OK) { + struct cil_list *empty_list; cil_log(CIL_WARN, "Failed to resolve permission %s\n", (char*)curr->data); + /* Use an empty list to represent unknown perm */ + cil_list_init(&empty_list, perm_strs->flavor); + cil_list_append(*perm_datums, CIL_LIST, empty_list); } else { cil_list_append(*perm_datums, CIL_DATUM, perm_datum); } -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 4/7] libsepol/cil: Check if identifier is NULL when verifying name
Nicolas Looss found while fuzzing secilc with AFL that the statement "(class C (()))" will cause a segfault. When CIL checks the syntax of the class statement it sees "(())" as a valid permission list, but since "()" is not an identifier a NULL is passed as the string for name verification. A segfault occurs because name verification assumes that the string being checked is non-NULL. Check if identifier is NULL when verifying name. Signed-off-by: James Carter --- libsepol/cil/src/cil_verify.c | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/libsepol/cil/src/cil_verify.c b/libsepol/cil/src/cil_verify.c index 038f77a..47dcfaa 100644 --- a/libsepol/cil/src/cil_verify.c +++ b/libsepol/cil/src/cil_verify.c @@ -50,9 +50,15 @@ int __cil_verify_name(const char *name) { int rc = SEPOL_ERR; - int len = strlen(name); + int len; int i = 0; + if (name == NULL) { + cil_log(CIL_ERR, "Name is NULL\n"); + goto exit; + } + + len = strlen(name); if (len >= CIL_MAX_NAME_LENGTH) { cil_log(CIL_ERR, "Name length greater than max name length of %d", CIL_MAX_NAME_LENGTH); -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
[PATCH 0/7] libsepol/cil: Fix bugs found by Nicolas Looss with AFL
A series of patches to fix bugs found by Nicolas Looss while fuzzing secilc with AFL. James Carter (7): libsepol/cil: Check for improper category range libsepol/cil: Use empty list for category expression evaluated as empty libsepol/cil: Use an empty list to represent an unknown permission libsepol/cil: Check if identifier is NULL when verifying name libsepol/cil: Check that permission is not an empty list libsepol/cil: Verify alias in aliasactual statement is really an alias libsepol/cil: Verify neither child nor parent in a bounds is an attribute libsepol/cil/src/cil_build_ast.c | 7 + libsepol/cil/src/cil_post.c| 13 libsepol/cil/src/cil_resolve_ast.c | 61 +++--- libsepol/cil/src/cil_verify.c | 8 - 4 files changed, 51 insertions(+), 38 deletions(-) -- 2.7.4 ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
Re: [PATCH 8/8] libselinux: add booleans.c to ANDROID_HOST=y recipe
On 10/17/2016 04:24 PM, william.c.robe...@intel.com wrote: > From: William Roberts > > We build booleans.c with DISABLE_BOOL set on Android host > and target. Add that file to the upstream Makefile. > > Signed-off-by: William Roberts Thanks, applied the series. > --- > libselinux/src/Makefile | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile > index 7a1ae05..ccd8442 100644 > --- a/libselinux/src/Makefile > +++ b/libselinux/src/Makefile > @@ -100,7 +100,7 @@ DISABLE_FLAGS+= -DNO_MEDIA_BACKEND -DNO_DB_BACKEND > -DNO_X_BACKEND \ > -DBUILD_HOST > SRCS= callbacks.c freecon.c label.c label_file.c \ > label_backends_android.c regex.c label_support.c \ > - matchpathcon.c setrans_client.c sha1.c > + matchpathcon.c setrans_client.c sha1.c booleans.c > else > DISABLE_FLAGS+= -DNO_ANDROID_BACKEND > SRCS:= $(filter-out label_backends_android.c, $(SRCS)) > ___ Selinux mailing list Selinux@tycho.nsa.gov To unsubscribe, send email to selinux-le...@tycho.nsa.gov. To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
Re: [PATCH 6/8] libselinux: support ANDROID_HOST=1 on Mac
On Oct 18, 2016 08:41, "Stephen Smalley" wrote: > > On 10/17/2016 04:24 PM, william.c.robe...@intel.com wrote: > > From: William Roberts > > > > To build on mac, first build libsepol with > > DISABLE_CIL=y and no DESTDIR set. > > DISABLE_CIL=y isn't required after the earlier patches, right? Correct libsepol builds, I forgot to edit the commit message. I'm flying, so if that's your only issue could you please rewrite the message? > > > > > Secondly, build libselinux with ANDROID_HOST=y > > > > This configuration can be used to test the Android > > host build on Mac. > > > > Signed-off-by: William Roberts > > --- > > libselinux/Makefile | 10 ++ > > libselinux/src/Makefile | 36 ++-- > > libselinux/utils/Makefile | 29 + > > 3 files changed, 57 insertions(+), 18 deletions(-) > > > > diff --git a/libselinux/Makefile b/libselinux/Makefile > > index baa0db3..ef971f4 100644 > > --- a/libselinux/Makefile > > +++ b/libselinux/Makefile > > @@ -27,6 +27,16 @@ else > > endif > > export PCRE_CFLAGS PCRE_LDFLAGS > > > > +OS := $(shell uname) > > +export OS > > + > > +ifeq ($(shell $(CC) -v 2>&1 | grep "clang"),) > > +COMPILER := gcc > > +else > > +COMPILER := clang > > +endif > > +export COMPILER > > + > > all install relabel clean distclean indent: > > @for subdir in $(SUBDIRS); do \ > > (cd $$subdir && $(MAKE) $@) || exit 1; \ > > diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile > > index 13501cd..7a1ae05 100644 > > --- a/libselinux/src/Makefile > > +++ b/libselinux/src/Makefile > > @@ -48,23 +48,39 @@ OBJS= $(patsubst %.c,%.o,$(SRCS)) > > LOBJS= $(patsubst %.c,%.lo,$(SRCS)) > > CFLAGS ?= -O -Wall -W -Wundef -Wformat-y2k -Wformat-security -Winit-self -Wmissing-include-dirs \ > >-Wunused -Wunknown-pragmas -Wstrict-aliasing -Wshadow -Wpointer-arith \ > > - -Wbad-function-cast -Wcast-align -Wwrite-strings -Wlogical-op -Waggregate-return \ > > + -Wbad-function-cast -Wcast-align -Wwrite-strings -Waggregate-return \ > >-Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes \ > >-Wmissing-declarations -Wmissing-noreturn -Wmissing-format-attribute \ > >-Wredundant-decls -Wnested-externs -Winline -Winvalid-pch -Wvolatile-register-var \ > > - -Wdisabled-optimization -Wbuiltin-macro-redefined -Wpacked-bitfield-compat \ > > - -Wsync-nand -Wattributes -Wcoverage-mismatch -Wmultichar -Wcpp \ > > + -Wdisabled-optimization -Wbuiltin-macro-redefined \ > > + -Wattributes -Wmultichar \ > >-Wdeprecated-declarations -Wdiv-by-zero -Wdouble-promotion -Wendif-labels -Wextra \ > > - -Wformat-contains-nul -Wformat-extra-args -Wformat-zero-length -Wformat=2 -Wmultichar \ > > - -Wnormalized=nfc -Woverflow -Wpointer-to-int-cast -Wpragmas -Wsuggest-attribute=const \ > > - -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure -Wtrampolines \ > > - -Wno-missing-field-initializers -Wno-sign-compare -Wjump-misses-init \ > > - -Wno-format-nonliteral -Wframe-larger-than=$(MAX_STACK_SIZE) -Wp,-D_FORTIFY_SOURCE=2 \ > > + -Wformat-extra-args -Wformat-zero-length -Wformat=2 -Wmultichar \ > > + -Woverflow -Wpointer-to-int-cast -Wpragmas \ > > + -Wno-missing-field-initializers -Wno-sign-compare \ > > + -Wno-format-nonliteral -Wframe-larger-than=$(MAX_STACK_SIZE) \ > >-fstack-protector-all --param=ssp-buffer-size=4 -fexceptions \ > >-fasynchronous-unwind-tables -fdiagnostics-show-option -funit-at-a-time \ > > - -fipa-pure-const -Wno-suggest-attribute=pure -Wno-suggest-attribute=const \ > >-Werror -Wno-aggregate-return -Wno-redundant-decls > > > > +LD_SONAME_FLAGS=-soname,$(LIBSO),-z,defs,-z,relro > > + > > +ifeq ($(COMPILER), gcc) > > +override CFLAGS += -fipa-pure-const -Wlogical-op -Wpacked-bitfield-compat -Wsync-nand \ > > + -Wcoverage-mismatch -Wcpp -Wformat-contains-nul -Wnormalized=nfc -Wsuggest-attribute=const \ > > + -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure -Wtrampolines -Wjump-misses-init \ > > + -Wno-suggest-attribute=pure -Wno-suggest-attribute=const -Wp,-D_FORTIFY_SOURCE=2 > > +else > > +override CFLAGS += -Wunused-command-line-argument > > +override LDFLAGS += -L/opt/local/lib -undefined dynamic_lookup > > +LD_SONAME_FLAGS=-install_name,$(LIBSO) > > +endif > > + > > +ifeq ($(OS), Darwin) > > +override CFLAGS += -I/opt/local/include > > +override LDFLAGS += -L/opt/local/lib -undefined dynamic_lookup > > +endif > > + > > PCRE_LDFLAGS ?= -lpcre > > > > override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE $(DISABLE_FLAGS) $(PCRE_CFLAGS) > > @@ -117,7 +133,7 @@ $(LIBA): $(OBJS) > > $(RANLIB) $@ > > > > $(LIBSO): $(LOBJS) > > - $(CC) $(CFLAGS) -shared -o $@ $^ $(PCRE_LDFLAGS) -ldl $(LDFLAGS) -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro >
Re: [PATCH 6/8] libselinux: support ANDROID_HOST=1 on Mac
On 10/17/2016 04:24 PM, william.c.robe...@intel.com wrote: > From: William Roberts > > To build on mac, first build libsepol with > DISABLE_CIL=y and no DESTDIR set. DISABLE_CIL=y isn't required after the earlier patches, right? > > Secondly, build libselinux with ANDROID_HOST=y > > This configuration can be used to test the Android > host build on Mac. > > Signed-off-by: William Roberts > --- > libselinux/Makefile | 10 ++ > libselinux/src/Makefile | 36 ++-- > libselinux/utils/Makefile | 29 + > 3 files changed, 57 insertions(+), 18 deletions(-) > > diff --git a/libselinux/Makefile b/libselinux/Makefile > index baa0db3..ef971f4 100644 > --- a/libselinux/Makefile > +++ b/libselinux/Makefile > @@ -27,6 +27,16 @@ else > endif > export PCRE_CFLAGS PCRE_LDFLAGS > > +OS := $(shell uname) > +export OS > + > +ifeq ($(shell $(CC) -v 2>&1 | grep "clang"),) > +COMPILER := gcc > +else > +COMPILER := clang > +endif > +export COMPILER > + > all install relabel clean distclean indent: > @for subdir in $(SUBDIRS); do \ > (cd $$subdir && $(MAKE) $@) || exit 1; \ > diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile > index 13501cd..7a1ae05 100644 > --- a/libselinux/src/Makefile > +++ b/libselinux/src/Makefile > @@ -48,23 +48,39 @@ OBJS= $(patsubst %.c,%.o,$(SRCS)) > LOBJS= $(patsubst %.c,%.lo,$(SRCS)) > CFLAGS ?= -O -Wall -W -Wundef -Wformat-y2k -Wformat-security -Winit-self > -Wmissing-include-dirs \ >-Wunused -Wunknown-pragmas -Wstrict-aliasing -Wshadow > -Wpointer-arith \ > - -Wbad-function-cast -Wcast-align -Wwrite-strings -Wlogical-op > -Waggregate-return \ > + -Wbad-function-cast -Wcast-align -Wwrite-strings > -Waggregate-return \ >-Wstrict-prototypes -Wold-style-definition -Wmissing-prototypes \ >-Wmissing-declarations -Wmissing-noreturn > -Wmissing-format-attribute \ >-Wredundant-decls -Wnested-externs -Winline -Winvalid-pch > -Wvolatile-register-var \ > - -Wdisabled-optimization -Wbuiltin-macro-redefined > -Wpacked-bitfield-compat \ > - -Wsync-nand -Wattributes -Wcoverage-mismatch -Wmultichar -Wcpp \ > + -Wdisabled-optimization -Wbuiltin-macro-redefined \ > + -Wattributes -Wmultichar \ >-Wdeprecated-declarations -Wdiv-by-zero -Wdouble-promotion > -Wendif-labels -Wextra \ > - -Wformat-contains-nul -Wformat-extra-args -Wformat-zero-length > -Wformat=2 -Wmultichar \ > - -Wnormalized=nfc -Woverflow -Wpointer-to-int-cast -Wpragmas > -Wsuggest-attribute=const \ > - -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure > -Wtrampolines \ > - -Wno-missing-field-initializers -Wno-sign-compare > -Wjump-misses-init \ > - -Wno-format-nonliteral -Wframe-larger-than=$(MAX_STACK_SIZE) > -Wp,-D_FORTIFY_SOURCE=2 \ > + -Wformat-extra-args -Wformat-zero-length -Wformat=2 -Wmultichar \ > + -Woverflow -Wpointer-to-int-cast -Wpragmas \ > + -Wno-missing-field-initializers -Wno-sign-compare \ > + -Wno-format-nonliteral -Wframe-larger-than=$(MAX_STACK_SIZE) \ >-fstack-protector-all --param=ssp-buffer-size=4 -fexceptions \ >-fasynchronous-unwind-tables -fdiagnostics-show-option > -funit-at-a-time \ > - -fipa-pure-const -Wno-suggest-attribute=pure > -Wno-suggest-attribute=const \ >-Werror -Wno-aggregate-return -Wno-redundant-decls > > +LD_SONAME_FLAGS=-soname,$(LIBSO),-z,defs,-z,relro > + > +ifeq ($(COMPILER), gcc) > +override CFLAGS += -fipa-pure-const -Wlogical-op -Wpacked-bitfield-compat > -Wsync-nand \ > + -Wcoverage-mismatch -Wcpp -Wformat-contains-nul -Wnormalized=nfc > -Wsuggest-attribute=const \ > + -Wsuggest-attribute=noreturn -Wsuggest-attribute=pure -Wtrampolines > -Wjump-misses-init \ > + -Wno-suggest-attribute=pure -Wno-suggest-attribute=const > -Wp,-D_FORTIFY_SOURCE=2 > +else > +override CFLAGS += -Wunused-command-line-argument > +override LDFLAGS += -L/opt/local/lib -undefined dynamic_lookup > +LD_SONAME_FLAGS=-install_name,$(LIBSO) > +endif > + > +ifeq ($(OS), Darwin) > +override CFLAGS += -I/opt/local/include > +override LDFLAGS += -L/opt/local/lib -undefined dynamic_lookup > +endif > + > PCRE_LDFLAGS ?= -lpcre > > override CFLAGS += -I../include -I$(INCLUDEDIR) -D_GNU_SOURCE > $(DISABLE_FLAGS) $(PCRE_CFLAGS) > @@ -117,7 +133,7 @@ $(LIBA): $(OBJS) > $(RANLIB) $@ > > $(LIBSO): $(LOBJS) > - $(CC) $(CFLAGS) -shared -o $@ $^ $(PCRE_LDFLAGS) -ldl $(LDFLAGS) > -L$(LIBDIR) -Wl,-soname,$(LIBSO),-z,defs,-z,relro > + $(CC) $(CFLAGS) -shared -o $@ $^ $(PCRE_LDFLAGS) -ldl $(LDFLAGS) > -L$(LIBDIR) -Wl,$(LD_SONAME_FLAGS) > ln -sf $@ $(TARGET) > > $(LIBPC): $(LIBPC).in ../VERSION > diff --git a/libselinux/utils/Makefile b/libselinux/utils/Makefile > index e56a953..a4f9903 100644 > --- a/libselinux/utils/Makefile >