Re: [PATCH V2] libsemanage: Allow tmp files to be kept if a compile fails

[William Roberts]

On Mon, Jan 22, 2018 at 8:38 AM, Richard Haines
 wrote:
> Allow the tmp build files to be kept for debugging when a policy
> build fails.
>
> Signed-off-by: Richard Haines 
> ---
> V2 Changes:
> Remove the retain-tmp flag and just keep tmp files on build errors.
>
>  libsemanage/src/direct_api.c | 54 
> ++--
>  libsemanage/src/handle.c |  2 ++
>  libsemanage/src/handle.h |  1 +
>  3 files changed, 40 insertions(+), 17 deletions(-)
>
> diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
> index a455612f..3d1cf1fe 100644
> --- a/libsemanage/src/direct_api.c
> +++ b/libsemanage/src/direct_api.c
> @@ -323,26 +323,44 @@ static void semanage_direct_destroy(semanage_handle_t * 
> sh
> /* do nothing */
>  }
>
> -static int semanage_direct_disconnect(semanage_handle_t * sh)
> +static int semanage_remove_tmps(semanage_handle_t *sh)
>  {
> -   /* destroy transaction */
> -   if (sh->is_in_transaction) {
> -   /* destroy sandbox */
> -   if (semanage_remove_directory
> -   (semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)) < 0) {
> +   if (sh->commit_err)
> +   return 0;
> +
> +   /* destroy sandbox if it exists */
> +   if (semanage_remove_directory
> +   (semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)) < 0) {
> +   if (errno != ENOENT) {
> ERR(sh, "Could not cleanly remove sandbox %s.",
> semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL));
> return -1;
> }
> -   if (semanage_remove_directory
> -   (semanage_final_path(SEMANAGE_FINAL_TMP,
> -SEMANAGE_FINAL_TOPLEVEL)) < 0) {
> +   }
> +
> +   /* destroy tmp policy if it exists */
> +   if (semanage_remove_directory
> +   (semanage_final_path(SEMANAGE_FINAL_TMP,
> +SEMANAGE_FINAL_TOPLEVEL)) < 0) {
> +   if (errno != ENOENT) {
> ERR(sh, "Could not cleanly remove tmp %s.",
> semanage_final_path(SEMANAGE_FINAL_TMP,
> SEMANAGE_FINAL_TOPLEVEL));
> return -1;
> }
> +   }
> +
> +   return 0;
> +}
> +
> +static int semanage_direct_disconnect(semanage_handle_t *sh)
> +{
> +   int retval = 0;
> +
> +   /* destroy transaction and remove tmp files if no commit error */
> +   if (sh->is_in_transaction) {
> semanage_release_trans_lock(sh);
> +   retval = semanage_remove_tmps(sh);
> }
>
> /* Release object databases: local modifications */
> @@ -375,7 +393,7 @@ static int semanage_direct_disconnect(semanage_handle_t * 
> sh)
> /* Release object databases: active kernel policy */
> bool_activedb_dbase_release(semanage_bool_dbase_active(sh));
>
> -   return 0;
> +   return retval;
>  }
>
>  static int semanage_direct_begintrans(semanage_handle_t * sh)
> @@ -1639,13 +1657,15 @@ cleanup:
>
> free(fc_buffer);
>
> -   /* regardless if the commit was successful or not, remove the
> -  sandbox if it is still there */
> -   semanage_remove_directory(semanage_path
> - (SEMANAGE_TMP, SEMANAGE_TOPLEVEL));
> -   semanage_remove_directory(semanage_final_path
> - (SEMANAGE_FINAL_TMP,
> -  SEMANAGE_FINAL_TOPLEVEL));
> +   /* Set commit_err so other functions can detect any errors. Note that
> +* retval > 0 will be the commit number.
> +*/
> +   if (retval < 0)
> +   sh->commit_err = retval;
> +
> +   if (semanage_remove_tmps(sh) != 0)
> +   retval = -1;
> +
> umask(mask);
>
> return retval;
> diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
> index 4ce1df03..a6567bd4 100644
> --- a/libsemanage/src/handle.c
> +++ b/libsemanage/src/handle.c
> @@ -86,6 +86,8 @@ semanage_handle_t *semanage_handle_create(void)
>  * If any changes are made, this flag is ignored */
> sh->do_rebuild = 0;
>
> +   sh->commit_err = 0;
> +
> /* By default always reload policy after commit if SELinux is 
> enabled. */
> sh->do_reload = (is_selinux_enabled() > 0);
>
> diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
> index 1780ac81..65b15600 100644
> --- a/libsemanage/src/handle.h
> +++ b/libsemanage/src/handle.h
> @@ -62,6 +62,7 @@ struct semanage_handle {
> int is_in_transaction;
> int do_reload;  /* whether to reload policy after commit */
> int do_rebuild; /* whether to rebuild policy if there were no 
> changes */
> +   int commit_err; /* set by 

Re: [PATCH v2 02/14] libselinux: build: follow standard semantics for DESTDIR and PREFIX

[Nicolas Iooss]

On 19/01/18 13:07, Marcus Folkesson wrote:
> Hi Nicolas!
> 
> On Wed, Jan 17, 2018 at 11:12:56PM +0100, Nicolas Iooss wrote:
>> On Tue, Jan 16, 2018 at 9:23 PM, Marcus Folkesson
>>  wrote:
>>> This patch solves the following issues:
>>> - The pkg-config files generates odd paths when using DESTDIR without PREFIX
>>> - DESTDIR is needed during compile time to compute library and header paths 
>>> which it should not.
>>> - Installing with both DESTDIR and PREFIX set gives us odd paths
>>> - Make usage of DESTDIR and PREFIX more standard
>>>
>>> Signed-off-by: Marcus Folkesson 
>>> ---
>>>  libselinux/include/Makefile |  4 ++--
>>>  libselinux/man/Makefile |  7 ---
>>>  libselinux/src/Makefile | 12 +---
>>>  libselinux/src/libselinux.pc.in |  2 +-
>>>  libselinux/utils/Makefile   |  6 ++
>>>  5 files changed, 14 insertions(+), 17 deletions(-)
>>>
>>> diff --git a/libselinux/include/Makefile b/libselinux/include/Makefile
>>> index 757a6c9c..3b51f5ce 100644
>>> --- a/libselinux/include/Makefile
>>> +++ b/libselinux/include/Makefile
>>> @@ -1,6 +1,6 @@
>>>  # Installation directories.
>>> -PREFIX ?= $(DESTDIR)/usr
>>> -INCDIR ?= $(PREFIX)/include/selinux
>>> +PREFIX ?= /usr
>>> +INCDIR = $(DESTDIR)$(PREFIX)/include/selinux
>>>
>>>  all:
>>>
>>> diff --git a/libselinux/man/Makefile b/libselinux/man/Makefile
>>> index 0643e6af..233bfaa9 100644
>>> --- a/libselinux/man/Makefile
>>> +++ b/libselinux/man/Makefile
>>> @@ -1,7 +1,8 @@
>>>  # Installation directories.
>>> -MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
>>> -MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
>>> -MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
>>> +PREFIX ?= /usr
>>> +MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
>>> +MAN5DIR ?= $(DESTDIR)$(PREFIX)/share/man/man5
>>> +MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
>>>
>>>  all:
>>>
>>> diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
>>> index 18df75c8..18a58164 100644
>>> --- a/libselinux/src/Makefile
>>> +++ b/libselinux/src/Makefile
>>> @@ -8,8 +8,8 @@ RUBYPREFIX ?= $(notdir $(RUBY))
>>>  PKG_CONFIG ?= pkg-config
>>>
>>>  # Installation directories.
>>> -PREFIX ?= $(DESTDIR)/usr
>>> -LIBDIR ?= $(PREFIX)/lib
>>> +PREFIX ?= /usr
>>> +LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
>>>  SHLIBDIR ?= $(DESTDIR)/lib
>>>  INCLUDEDIR ?= $(PREFIX)/include
>>>  PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
>>> @@ -19,8 +19,6 @@ PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for 
>>> s,m,t in imp.get_suffixe
>>>  RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + 
>>> RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + 
>>> RbConfig::CONFIG["rubyhdrdir"]')
>>>  RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " 
>>> -L" + RbConfig::CONFIG["archlibdir"] + " " + 
>>> RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
>>>  RUBYINSTALL ?= $(DESTDIR)$(shell $(RUBY) -e 'puts 
>>> RbConfig::CONFIG["vendorarchdir"]')
>>> -LIBBASE ?= $(shell basename $(LIBDIR))
>>> -LIBSEPOLA ?= $(LIBDIR)/libsepol.a
>>>
>>>  VERSION = $(shell cat ../VERSION)
>>>  LIBVERSION = 1
>>> @@ -148,7 +146,7 @@ $(LIBSO): $(LOBJS)
>>> ln -sf $@ $(TARGET)
>>>
>>>  $(LIBPC): $(LIBPC).in ../VERSION
>>> -   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
>>> s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):; 
>>> s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
>>> +   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
>>> s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):; 
>>> s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
>>>
>>>  selinuxswig_python_exception.i: ../include/selinux/selinux.h
>>> bash -e exception.sh > $@ || (rm -f $@ ; false)
>>> @@ -156,8 +154,8 @@ selinuxswig_python_exception.i: 
>>> ../include/selinux/selinux.h
>>>  $(AUDIT2WHYLOBJ): audit2why.c
>>> $(CC) $(filter-out -Werror, $(CFLAGS)) $(PYINC) -fPIC -DSHARED -c 
>>> -o $@ $<
>>>
>>> -$(AUDIT2WHYSO): $(AUDIT2WHYLOBJ) $(LIBSEPOLA)
>>> -   $(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(PYLIBS)
>>> +$(AUDIT2WHYSO): $(AUDIT2WHYLOBJ)
>>> +   $(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(PYLIBS) 
>>> -l:libsepol.a
>>
>> Hello,
>> This change makes audit2why.so no longer being rebuilt when libsepol's
>> code change. This is an issue when debugging issues in libsepol, which
>> is why I added $(LIBSEPOLA) to the dependencies of $(AUDIT2WHYSO) in
>> commit dcd135cc06ab ("Re-link programs after libsepol.a is updated"
>> [1]).
>> By the way, I like the change from using a "hardcoded" path to
>> libsepol.a to telling the compiler to look into directories specified
>> with option -L in LDFLAGS. This would ease the packaging a little bit,
>> as it makes defining LIBSEPOLA no longer necessary (if I understood
>> the changes correctly, I have not tested this point). Is there a way
>> to ask the compiler for the resolved location of a static library, in
>> a way which can be used to compute the value of LIBSEPOLA? ("gcc

[PATCH V2] libsemanage: Allow tmp files to be kept if a compile fails

[Richard Haines]

Allow the tmp build files to be kept for debugging when a policy
build fails.

Signed-off-by: Richard Haines 
---
V2 Changes: 
Remove the retain-tmp flag and just keep tmp files on build errors.

 libsemanage/src/direct_api.c | 54 ++--
 libsemanage/src/handle.c |  2 ++
 libsemanage/src/handle.h |  1 +
 3 files changed, 40 insertions(+), 17 deletions(-)

diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c
index a455612f..3d1cf1fe 100644
--- a/libsemanage/src/direct_api.c
+++ b/libsemanage/src/direct_api.c
@@ -323,26 +323,44 @@ static void semanage_direct_destroy(semanage_handle_t * sh
/* do nothing */
 }
 
-static int semanage_direct_disconnect(semanage_handle_t * sh)
+static int semanage_remove_tmps(semanage_handle_t *sh)
 {
-   /* destroy transaction */
-   if (sh->is_in_transaction) {
-   /* destroy sandbox */
-   if (semanage_remove_directory
-   (semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)) < 0) {
+   if (sh->commit_err)
+   return 0;
+
+   /* destroy sandbox if it exists */
+   if (semanage_remove_directory
+   (semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL)) < 0) {
+   if (errno != ENOENT) {
ERR(sh, "Could not cleanly remove sandbox %s.",
semanage_path(SEMANAGE_TMP, SEMANAGE_TOPLEVEL));
return -1;
}
-   if (semanage_remove_directory
-   (semanage_final_path(SEMANAGE_FINAL_TMP,
-SEMANAGE_FINAL_TOPLEVEL)) < 0) {
+   }
+
+   /* destroy tmp policy if it exists */
+   if (semanage_remove_directory
+   (semanage_final_path(SEMANAGE_FINAL_TMP,
+SEMANAGE_FINAL_TOPLEVEL)) < 0) {
+   if (errno != ENOENT) {
ERR(sh, "Could not cleanly remove tmp %s.",
semanage_final_path(SEMANAGE_FINAL_TMP,
SEMANAGE_FINAL_TOPLEVEL));
return -1;
}
+   }
+
+   return 0;
+}
+
+static int semanage_direct_disconnect(semanage_handle_t *sh)
+{
+   int retval = 0;
+
+   /* destroy transaction and remove tmp files if no commit error */
+   if (sh->is_in_transaction) {
semanage_release_trans_lock(sh);
+   retval = semanage_remove_tmps(sh);
}
 
/* Release object databases: local modifications */
@@ -375,7 +393,7 @@ static int semanage_direct_disconnect(semanage_handle_t * 
sh)
/* Release object databases: active kernel policy */
bool_activedb_dbase_release(semanage_bool_dbase_active(sh));
 
-   return 0;
+   return retval;
 }
 
 static int semanage_direct_begintrans(semanage_handle_t * sh)
@@ -1639,13 +1657,15 @@ cleanup:
 
free(fc_buffer);
 
-   /* regardless if the commit was successful or not, remove the
-  sandbox if it is still there */
-   semanage_remove_directory(semanage_path
- (SEMANAGE_TMP, SEMANAGE_TOPLEVEL));
-   semanage_remove_directory(semanage_final_path
- (SEMANAGE_FINAL_TMP,
-  SEMANAGE_FINAL_TOPLEVEL));
+   /* Set commit_err so other functions can detect any errors. Note that
+* retval > 0 will be the commit number.
+*/
+   if (retval < 0)
+   sh->commit_err = retval;
+
+   if (semanage_remove_tmps(sh) != 0)
+   retval = -1;
+
umask(mask);
 
return retval;
diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c
index 4ce1df03..a6567bd4 100644
--- a/libsemanage/src/handle.c
+++ b/libsemanage/src/handle.c
@@ -86,6 +86,8 @@ semanage_handle_t *semanage_handle_create(void)
 * If any changes are made, this flag is ignored */
sh->do_rebuild = 0;
 
+   sh->commit_err = 0;
+
/* By default always reload policy after commit if SELinux is enabled. 
*/
sh->do_reload = (is_selinux_enabled() > 0);
 
diff --git a/libsemanage/src/handle.h b/libsemanage/src/handle.h
index 1780ac81..65b15600 100644
--- a/libsemanage/src/handle.h
+++ b/libsemanage/src/handle.h
@@ -62,6 +62,7 @@ struct semanage_handle {
int is_in_transaction;
int do_reload;  /* whether to reload policy after commit */
int do_rebuild; /* whether to rebuild policy if there were no 
changes */
+   int commit_err; /* set by semanage_direct_commit() */
int modules_modified;
int create_store;   /* whether to create the store if it does not 
exist
 * this will only have an effect on direct 
connections */
-- 
2.14.3

[PATCH] libsemanage: Return commit number if save-previous false

[Richard Haines]

Stop overwriting the commit number for the default save-previous flag
setting (false) in semanage.conf.

Allows semodule -v -i  to show the correct commit number.

Signed-off-by: Richard Haines 
---
 libsemanage/src/semanage_store.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c
index 37ff5ace..936e6495 100644
--- a/libsemanage/src/semanage_store.c
+++ b/libsemanage/src/semanage_store.c
@@ -1740,9 +1740,9 @@ static int semanage_commit_sandbox(semanage_handle_t * sh)
 
if (!sh->conf->save_previous) {
int errsv = errno;
-   retval = semanage_remove_directory(backup);
-   if (retval < 0) {
+   if (semanage_remove_directory(backup) != 0) {
ERR(sh, "Could not delete previous directory %s.", 
backup);
+   retval = -1;
goto cleanup;
}
errno = errsv;
-- 
2.14.3

Re: [PATCH V6 1/2] security: Add a cred_getsecid hook

[Casey Schaufler]

On 1/21/2018 9:27 PM, Matthew Garrett wrote:
> On Tue, Jan 9, 2018 at 8:36 AM, Matthew Garrett  wrote:
>> For IMA purposes, we want to be able to obtain the prepared secid in the
>> bprm structure before the credentials are committed. Add a cred_getsecid
>> hook that makes this possible.
> Any feedback on this version of the set?


Sorry for the delay. I'm having a mindset crisis on secids just
now, and I'm not completely sure if I have any issue with this
particular hook. Don't wait for me. If everyone else is OK with
it, go ahead.

[PATCH v3 12/14] semodule-utils: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 semodule-utils/semodule_expand/Makefile  | 8 +++-
 semodule-utils/semodule_link/Makefile| 8 +++-
 semodule-utils/semodule_package/Makefile | 8 +++-
 3 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/semodule-utils/semodule_expand/Makefile 
b/semodule-utils/semodule_expand/Makefile
index 072f2137..c2ab3f65 100644
--- a/semodule-utils/semodule_expand/Makefile
+++ b/semodule-utils/semodule_expand/Makefile
@@ -1,9 +1,7 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCLUDEDIR ?= $(PREFIX)/include
-BINDIR ?= $(PREFIX)/bin
-LIBDIR ?= $(PREFIX)/lib
-MANDIR ?= $(PREFIX)/share/man
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 CFLAGS ?= -Werror -Wall -W
 override LDLIBS += -lsepol
diff --git a/semodule-utils/semodule_link/Makefile 
b/semodule-utils/semodule_link/Makefile
index cc4687bd..bcf98765 100644
--- a/semodule-utils/semodule_link/Makefile
+++ b/semodule-utils/semodule_link/Makefile
@@ -1,9 +1,7 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCLUDEDIR ?= $(PREFIX)/include
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
-LIBDIR ?= $(PREFIX)/lib
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 CFLAGS ?= -Werror -Wall -W
 override LDLIBS += -lsepol
diff --git a/semodule-utils/semodule_package/Makefile 
b/semodule-utils/semodule_package/Makefile
index 96dd7c4f..33a95e16 100644
--- a/semodule-utils/semodule_package/Makefile
+++ b/semodule-utils/semodule_package/Makefile
@@ -1,9 +1,7 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCLUDEDIR ?= $(PREFIX)/include
-BINDIR ?= $(PREFIX)/bin
-LIBDIR ?= $(PREFIX)/lib
-MANDIR ?= $(PREFIX)/share/man
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 CFLAGS ?= -Werror -Wall -W
 override LDLIBS += -lsepol
-- 
2.15.1

[PATCH v3 09/14] restorecond: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 restorecond/Makefile | 11 +--
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/restorecond/Makefile b/restorecond/Makefile
index ada94aeb..a2316947 100644
--- a/restorecond/Makefile
+++ b/restorecond/Makefile
@@ -1,13 +1,12 @@
 PKG_CONFIG ?= pkg-config
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-SBINDIR ?= $(PREFIX)/sbin
-LIBDIR ?= $(PREFIX)/lib
-MANDIR = $(PREFIX)/share/man
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR = $(DESTDIR)$(PREFIX)/share/man
 AUTOSTARTDIR = $(DESTDIR)/etc/xdg/autostart
-DBUSSERVICEDIR = $(DESTDIR)/usr/share/dbus-1/services
-SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd
+DBUSSERVICEDIR = $(DESTDIR)$(PREFIX)/share/dbus-1/services
+SYSTEMDDIR ?= $(DESTDIR)$(PREFIX)/lib/systemd
 
 autostart_DATA = sealertauto.desktop
 INITDIR ?= $(DESTDIR)/etc/rc.d/init.d
-- 
2.15.1

Re: [PATCH V6 1/2] security: Add a cred_getsecid hook

[Matthew Garrett via Selinux]

On Tue, Jan 9, 2018 at 8:36 AM, Matthew Garrett  wrote:
> For IMA purposes, we want to be able to obtain the prepared secid in the
> bprm structure before the credentials are committed. Add a cred_getsecid
> hook that makes this possible.

Any feedback on this version of the set?

[PATCH v3 10/14] sandbox: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 sandbox/Makefile | 12 ++--
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/sandbox/Makefile b/sandbox/Makefile
index 05c3d658..5a6b707a 100644
--- a/sandbox/Makefile
+++ b/sandbox/Makefile
@@ -1,14 +1,14 @@
 PYTHON ?= python
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
+PREFIX ?= /usr
 SYSCONFDIR ?= $(DESTDIR)/etc/sysconfig
-LIBDIR ?= $(PREFIX)/lib
-BINDIR ?= $(PREFIX)/bin
-SBINDIR ?= $(PREFIX)/sbin
-MANDIR ?= $(PREFIX)/share/man
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 LOCALEDIR ?= /usr/share/locale
-SHAREDIR ?= $(PREFIX)/share/sandbox
+SHAREDIR ?= $(DESTDIR)$(PREFIX)/share/sandbox
 override CFLAGS += -DPACKAGE="\"policycoreutils\"" -Wall -Werror -Wextra -W
 override LDLIBS += -lselinux -lcap-ng
 SEUNSHARE_OBJS = seunshare.o
-- 
2.15.1

Rework of Makefiles v3

[Marcus Folkesson]

Hi all,

I have updated the patchset.

Please test to compile with:
make DESTDIR=/tmp/myroot PREFIX=/myusr install
or
make DESTDIR=/tmp/myroot install

As said before, the goal with this patchset is to clean up the
Makefiles on unused symbols, use standard semantics and keep all
the old functionality.

Changes:
v3:
- python: Add missing slash 
- Top makefile: Add default prefix
- python, mcstrans, selinux: keep the possibility to specify LIBSEPOLA 
to
  make depending component recompile on change. If not specified, fall 
back to
  libsepola in LDFLAGS path.

v2:
- Use separate directories for shared libraries as before( Comment from 
Stephen Smalley)
- Rework all packages (not just selinux/sepol/semanage)

[PATCH v3 11/14] secilc: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 secilc/Makefile | 8 +++-
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/secilc/Makefile b/secilc/Makefile
index 1cac53e4..5b0a4852 100644
--- a/secilc/Makefile
+++ b/secilc/Makefile
@@ -1,8 +1,6 @@
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
-LIBDIR ?= $(PREFIX)/lib
-INCLUDEDIR ?= $(PREFIX)/include
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 SECILC = secilc
 SECILC_SRCS := secilc.c
-- 
2.15.1

[PATCH v3 08/14] python: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 python/audit2allow/Makefile   | 17 ++---
 python/chcat/Makefile |  8 
 python/semanage/Makefile  | 11 +--
 python/sepolgen/src/sepolgen/Makefile |  3 ++-
 python/sepolicy/Makefile  | 18 +-
 5 files changed, 30 insertions(+), 27 deletions(-)

diff --git a/python/audit2allow/Makefile b/python/audit2allow/Makefile
index 8db8075f..d1d4ca8d 100644
--- a/python/audit2allow/Makefile
+++ b/python/audit2allow/Makefile
@@ -1,19 +1,22 @@
 PYTHON ?= python
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-LIBDIR ?= $(PREFIX)/lib
-MANDIR ?= $(PREFIX)/share/man
-LOCALEDIR ?= /usr/share/locale
-INCLUDEDIR ?= $(PREFIX)/include
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 CFLAGS ?= -Werror -Wall -W
 
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
+
 all: audit2why sepolgen-ifgen-attr-helper
 
 sepolgen-ifgen-attr-helper: sepolgen-ifgen-attr-helper.o $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
 
 audit2why:
ln -sf audit2allow audit2why
diff --git a/python/chcat/Makefile b/python/chcat/Makefile
index 0fd12d6d..947734a0 100644
--- a/python/chcat/Makefile
+++ b/python/chcat/Makefile
@@ -1,8 +1,8 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
-LOCALEDIR ?= $(PREFIX)/share/locale
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
+LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
 
 .PHONY: all
 all: chcat
diff --git a/python/semanage/Makefile b/python/semanage/Makefile
index 132162bc..0218222d 100644
--- a/python/semanage/Makefile
+++ b/python/semanage/Makefile
@@ -1,13 +1,12 @@
 PYTHON ?= python
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-SBINDIR ?= $(PREFIX)/sbin
-MANDIR = $(PREFIX)/share/man
-PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; 
print(get_python_lib(1))")
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR = $(DESTDIR)$(PREFIX)/share/man
+PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; 
print(get_python_lib(prefix='$(PREFIX)'))")
 PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)
-BASHCOMPLETIONDIR ?= $(DESTDIR)/usr/share/bash-completion/completions
+BASHCOMPLETIONDIR ?= $(DESTDIR)$(PREFIX)/share/bash-completion/completions
 
 TARGETS=semanage
 
diff --git a/python/sepolgen/src/sepolgen/Makefile 
b/python/sepolgen/src/sepolgen/Makefile
index d3aa7715..2121a955 100644
--- a/python/sepolgen/src/sepolgen/Makefile
+++ b/python/sepolgen/src/sepolgen/Makefile
@@ -1,5 +1,6 @@
+PREFIX ?= /usr
 PYTHON ?= python
-PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; 
print(get_python_lib(1))")
+PYTHONLIBDIR ?= $(shell $(PYTHON) -c "from distutils.sysconfig import *; 
print(get_python_lib(prefix='$(PREFIX)'))")
 PACKAGEDIR ?= $(DESTDIR)/$(PYTHONLIBDIR)/sepolgen
 
 all:
diff --git a/python/sepolicy/Makefile b/python/sepolicy/Makefile
index 5a56e6c8..1c02ee06 100644
--- a/python/sepolicy/Makefile
+++ b/python/sepolicy/Makefile
@@ -1,14 +1,14 @@
 PYTHON ?= python
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-BINDIR ?= $(PREFIX)/bin
-DATADIR ?= $(PREFIX)/share
-MANDIR ?= $(PREFIX)/share/man
-LOCALEDIR ?= /usr/share/locale
-BASHCOMPLETIONDIR ?= $(DESTDIR)/usr/share/bash-completion/completions
-SHAREDIR ?= $(PREFIX)/share/sandbox
+PREFIX ?= /usr
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+DATADIR ?= $(DESTDIR)$(PREFIX)/share
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
+LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
+BASHCOMPLETIONDIR ?= $(DESTDIR)$(PREFIX)/share/bash-completion/completions
+SHAREDIR ?= $(DESTDIR)$(PREFIX)/share/sandbox
 CFLAGS ?= -Wall -Werror -Wextra -W
 override CFLAGS += -DPACKAGE="policycoreutils" -DSHARED -shared
 
@@ -30,7 +30,7 @@ test:
@$(PYTHON) test_sepolicy.py -v
 
 install:
-   $(PYTHON) setup.py install `test -n "$(DESTDIR)" && echo --root 
$(DESTDIR)`
+   $(PYTHON) setup.py install --prefix=$(PREFIX) `test -n "$(DESTDIR)" && 
echo --root $(DESTDIR)`
[ -d $(BINDIR) ] || mkdir -p $(BINDIR)
install -m 755 sepolicy.py $(BINDIR)/sepolicy
(cd $(BINDIR); ln -sf sepolicy sepolgen)
-- 
2.15.1

[PATCH v3 07/14] policycoreutils: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 policycoreutils/hll/pp/Makefile  |  7 ++-
 policycoreutils/load_policy/Makefile |  8 
 policycoreutils/man/Makefile |  3 ++-
 policycoreutils/newrole/Makefile |  8 
 policycoreutils/po/Makefile  |  3 ++-
 policycoreutils/run_init/Makefile|  8 
 policycoreutils/scripts/Makefile |  8 
 policycoreutils/secon/Makefile   |  9 -
 policycoreutils/semodule/Makefile|  8 +++-
 policycoreutils/sestatus/Makefile|  8 
 policycoreutils/setfiles/Makefile|  5 ++---
 policycoreutils/setsebool/Makefile   | 10 --
 12 files changed, 39 insertions(+), 46 deletions(-)

diff --git a/policycoreutils/hll/pp/Makefile b/policycoreutils/hll/pp/Makefile
index 3401dcc9..ce58e0cf 100644
--- a/policycoreutils/hll/pp/Makefile
+++ b/policycoreutils/hll/pp/Makefile
@@ -1,9 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCLUDEDIR ?= $(PREFIX)/include
-MANDIR = $(PREFIX)/share/man
-LIBDIR ?= $(PREFIX)/lib
-LIBEXECDIR ?= $(PREFIX)/libexec
+PREFIX ?= /usr
+LIBEXECDIR ?= $(DESTDIR)$(PREFIX)/libexec
 HLLDIR ?= $(LIBEXECDIR)/selinux/hll
 
 CFLAGS ?= -Werror -Wall -W
diff --git a/policycoreutils/load_policy/Makefile 
b/policycoreutils/load_policy/Makefile
index b85833c2..720bf45f 100644
--- a/policycoreutils/load_policy/Makefile
+++ b/policycoreutils/load_policy/Makefile
@@ -1,8 +1,8 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-SBINDIR ?= $(DESTDIR)/sbin
-MANDIR ?= $(PREFIX)/share/man
-LOCALEDIR ?= /usr/share/locale
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
+LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
 
 CFLAGS ?= -Werror -Wall -W
 override CFLAGS += $(LDFLAGS) -DUSE_NLS -DLOCALEDIR="\"$(LOCALEDIR)\"" 
-DPACKAGE="\"policycoreutils\""
diff --git a/policycoreutils/man/Makefile b/policycoreutils/man/Makefile
index 0d91cd46..8a8fbd49 100644
--- a/policycoreutils/man/Makefile
+++ b/policycoreutils/man/Makefile
@@ -1,5 +1,6 @@
 # Installation directories.
-MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
+PREFIX ?= /usr
+MAN5DIR ?= $(DESTDIR)$(PREFIX)/share/man/man5
 
 all:
 
diff --git a/policycoreutils/newrole/Makefile b/policycoreutils/newrole/Makefile
index 196af926..4dbe6f52 100644
--- a/policycoreutils/newrole/Makefile
+++ b/policycoreutils/newrole/Makefile
@@ -1,9 +1,9 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 ETCDIR ?= $(DESTDIR)/etc
-LOCALEDIR = /usr/share/locale
+LOCALEDIR = $(DESTDIR)$(PREFIX)/share/locale
 PAMH ?= $(shell test -f /usr/include/security/pam_appl.h && echo y)
 AUDITH ?= $(shell test -f /usr/include/libaudit.h && echo y)
 # Enable capabilities to permit newrole to generate audit records.
diff --git a/policycoreutils/po/Makefile b/policycoreutils/po/Makefile
index 58148613..c583d23a 100644
--- a/policycoreutils/po/Makefile
+++ b/policycoreutils/po/Makefile
@@ -2,6 +2,7 @@
 # Makefile for the PO files (translation) catalog
 #
 
+PREFIX ?= /usr
 TOP = ../..
 
 # What is this package?
@@ -12,7 +13,7 @@ INSTALL_DATA  = $(INSTALL) -m 644
 INSTALL_DIR= /usr/bin/install -d
 
 # destination directory
-INSTALL_NLS_DIR = $(DESTDIR)/usr/share/locale
+INSTALL_NLS_DIR = $(DESTDIR)$(PREFIX)/share/locale
 
 # PO catalog handling
 MSGMERGE   = msgmerge
diff --git a/policycoreutils/run_init/Makefile 
b/policycoreutils/run_init/Makefile
index 921f0b07..4178493e 100644
--- a/policycoreutils/run_init/Makefile
+++ b/policycoreutils/run_init/Makefile
@@ -1,10 +1,10 @@
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-SBINDIR ?= $(PREFIX)/sbin
-MANDIR ?= $(PREFIX)/share/man
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 ETCDIR ?= $(DESTDIR)/etc
-LOCALEDIR ?= /usr/share/locale
+LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
 PAMH ?= $(shell test -f /usr/include/security/pam_appl.h && echo y)
 AUDITH ?= $(shell test -f /usr/include/libaudit.h && echo y)
 
diff --git a/policycoreutils/scripts/Makefile b/policycoreutils/scripts/Makefile
index d9e86ffe..cfd841ec 100644
--- a/policycoreutils/scripts/Makefile
+++ b/policycoreutils/scripts/Makefile
@@ -1,8 +1,8 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-SBINDIR ?= $(DESTDIR)/sbin
-MANDIR ?= $(PREFIX)/share/man
-LOCALEDIR ?= $(PREFIX)/share/locale
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
+LOCALEDIR ?= $(DESTDIR)$(PREFIX)/share/locale
 
 .PHONY: all
 all: fixfiles
diff --git a/policycoreutils/secon/Makefile b/policycoreutils/secon/Makefile
index 8e491d74..4ecbd57d 100644
--- a/policycoreutils/secon/Makefile
+++ b/policycoreutils/secon/Makefile
@@ -1,9 +1,8 @@
 # secon tool - command-line context
-PREFIX ?= $(DESTDIR)/usr
-INCLUDEDIR ?= $(PREFIX)/include
-BINDIR ?= 

[PATCH v3 06/14] mcstrans: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 mcstrans/man/Makefile   |  3 ++-
 mcstrans/src/Makefile   | 18 +++---
 mcstrans/utils/Makefile | 20 ++--
 3 files changed, 27 insertions(+), 14 deletions(-)

diff --git a/mcstrans/man/Makefile b/mcstrans/man/Makefile
index 8e971192..5030fa81 100644
--- a/mcstrans/man/Makefile
+++ b/mcstrans/man/Makefile
@@ -1,5 +1,6 @@
 # Installation directories.
-MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
+PREFIX ?= /usr
+MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
 
 all:
 
diff --git a/mcstrans/src/Makefile b/mcstrans/src/Makefile
index 3f4a89c3..09551d63 100644
--- a/mcstrans/src/Makefile
+++ b/mcstrans/src/Makefile
@@ -1,10 +1,14 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
+PREFIX ?= /usr
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 SBINDIR ?= $(DESTDIR)/sbin
 INITDIR ?= $(DESTDIR)/etc/rc.d/init.d
-SYSTEMDDIR ?= $(DESTDIR)/usr/lib/systemd
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
+SYSTEMDDIR ?= $(DESTDIR)$(PREFIX)/lib/systemd
+
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
 
 PROG_SRC=mcstrans.c  mcscolor.c  mcstransd.c  mls_level.c
 PROG_OBJS= $(patsubst %.c,%.o,$(PROG_SRC))
@@ -15,11 +19,11 @@ override CFLAGS += -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64
 
 all: $(PROG)
 
-$(PROG): $(PROG_OBJS)
-   $(CC) $(LDFLAGS) -pie -o $@ $^ -lselinux -lcap -lpcre $(LIBSEPOLA)
+$(PROG): $(PROG_OBJS) $(LIBSEPOLA)
+   $(CC) -pie -o $@ $^ -lselinux -lcap -lpcre $(LDFLAGS)
 
 %.o:  %.c 
-   $(CC) $(CFLAGS) -fPIE -c -o $@ $<
+   $(CC) $(CFLAGS) -fPIE -c -o $@ $< $(LDFLAGS)
 
 install: all
test -d $(SBINDIR) || install -m 755 -d $(SBINDIR)
diff --git a/mcstrans/utils/Makefile b/mcstrans/utils/Makefile
index 4d3cbfcb..0a0452a4 100644
--- a/mcstrans/utils/Makefile
+++ b/mcstrans/utils/Makefile
@@ -1,18 +1,26 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-SBINDIR ?= $(PREFIX)/sbin
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
+PREFIX ?= /usr
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
 
 CFLAGS ?= -Wall
 override CFLAGS += -I../src -D_GNU_SOURCE
 override LDLIBS += -lselinux -lpcre
 
-TARGETS=$(patsubst %.c,%,$(sort $(wildcard *.c)))
+TARGETS=transcon untranscon
+
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
 
 all: $(TARGETS)
 
-$(TARGETS): ../src/mcstrans.o ../src/mls_level.o $(LIBSEPOLA)
+transcon: transcon.o ../src/mcstrans.o ../src/mls_level.o $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) -lpcre -lselinux
+
+untranscon: untranscon.o ../src/mcstrans.o ../src/mls_level.o $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) -lpcre -lselinux
 
 install: all
-mkdir -p $(SBINDIR)
-- 
2.15.1

[PATCH v3 03/14] libsemanage: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

This patch solves the following issues:
- DESTDIR is needed during compile time to compute library and header paths 
which it should not.
- Installing with both DESTDIR and PREFIX set gives us odd paths
- Make usage of DESTDIR and PREFIX more standard

Signed-off-by: Marcus Folkesson 
---
 libsemanage/include/Makefile  | 4 ++--
 libsemanage/man/Makefile  | 5 +++--
 libsemanage/src/Makefile  | 9 +++--
 libsemanage/src/libsemanage.pc.in | 2 +-
 libsemanage/tests/Makefile| 3 ---
 libsemanage/utils/Makefile| 4 ++--
 6 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/libsemanage/include/Makefile b/libsemanage/include/Makefile
index b660660e..f4234b9e 100644
--- a/libsemanage/include/Makefile
+++ b/libsemanage/include/Makefile
@@ -1,6 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCDIR ?= $(PREFIX)/include/semanage
+PREFIX ?= /usr
+INCDIR ?= $(DESTDIR)$(PREFIX)/include/semanage
 
 all:
 
diff --git a/libsemanage/man/Makefile b/libsemanage/man/Makefile
index 852043d4..43c2b3f6 100644
--- a/libsemanage/man/Makefile
+++ b/libsemanage/man/Makefile
@@ -1,6 +1,7 @@
 # Installation directories.
-MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
-MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
+PREFIX ?= /usr
+MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
+MAN5DIR ?= $(DESTDIR)$(PREFIX)/share/man/man5
 
 all:
 
diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile
index fdb178f5..f66d1b73 100644
--- a/libsemanage/src/Makefile
+++ b/libsemanage/src/Makefile
@@ -8,9 +8,8 @@ RUBYPREFIX ?= $(notdir $(RUBY))
 PKG_CONFIG ?= pkg-config
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-SHLIBDIR ?= $(DESTDIR)/lib
+PREFIX ?= /usr
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 INCLUDEDIR ?= $(PREFIX)/include
 PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
 PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX))
@@ -20,8 +19,6 @@ RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + 
RbConfig::CONFIG["rubyarchhdrdir"] +
 RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" 
+ RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
 RUBYINSTALL ?= $(DESTDIR)$(shell $(RUBY) -e 'puts 
RbConfig::CONFIG["vendorarchdir"]')
 
-LIBBASE=$(shell basename $(LIBDIR))
-
 DEFAULT_SEMANAGE_CONF_LOCATION=$(DESTDIR)/etc/selinux/semanage.conf
 
 ifeq ($(DEBUG),1)
@@ -95,7 +92,7 @@ $(LIBSO): $(LOBJS)
ln -sf $@ $(TARGET)
 
 $(LIBPC): $(LIBPC).in ../VERSION
-   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
+   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
 
 semanageswig_python_exception.i: ../include/semanage/semanage.h
bash -e exception.sh > $@ || (rm -f $@ ; false)
diff --git a/libsemanage/src/libsemanage.pc.in 
b/libsemanage/src/libsemanage.pc.in
index d3eaa062..43681ddb 100644
--- a/libsemanage/src/libsemanage.pc.in
+++ b/libsemanage/src/libsemanage.pc.in
@@ -1,6 +1,6 @@
 prefix=@prefix@
 exec_prefix=${prefix}
-libdir=${exec_prefix}/@libdir@
+libdir=@libdir@
 includedir=@includedir@
 
 Name: libsemanage
diff --git a/libsemanage/tests/Makefile b/libsemanage/tests/Makefile
index 2ef8d30d..324766a0 100644
--- a/libsemanage/tests/Makefile
+++ b/libsemanage/tests/Makefile
@@ -1,6 +1,3 @@
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-
 # Add your test source files here:
 SOURCES = $(sort $(wildcard *.c))
 
diff --git a/libsemanage/utils/Makefile b/libsemanage/utils/Makefile
index 725f0eec..f527ad07 100644
--- a/libsemanage/utils/Makefile
+++ b/libsemanage/utils/Makefile
@@ -1,6 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBEXECDIR ?= $(PREFIX)/libexec
+PREFIX ?= /usr
+LIBEXECDIR ?= $(DESTDIR)$(PREFIX)/libexec
 SELINUXEXECDIR ?= $(LIBEXECDIR)/selinux/
 
 all:
-- 
2.15.1

[PATCH v3 14/14] build: add prefix for includes in top Makefile

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 Makefile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 6da7f7b7..6baea148 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,4 @@
+PREFIX ?= /usr
 OPT_SUBDIRS ?= dbus gui mcstrans python restorecond sandbox semodule-utils
 SUBDIRS=libsepol libselinux libsemanage checkpolicy secilc policycoreutils 
$(OPT_SUBDIRS)
 PYSUBDIRS=libselinux libsemanage
@@ -19,8 +20,8 @@ else
 endif
 
 ifneq ($(DESTDIR),)
-   CFLAGS += -I$(DESTDIR)/usr/include
-   LDFLAGS += -L$(DESTDIR)/usr/lib
+   CFLAGS += -I$(DESTDIR)$(PREFIX)/include
+   LDFLAGS += -L$(DESTDIR)$(PREFIX)/lib
export CFLAGS
export LDFLAGS
 endif
-- 
2.15.1

[PATCH v3 01/14] libsepol: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

This patch solves the following issues:
- The pkg-config files generates odd paths when using DESTDIR without PREFIX
- DESTDIR is needed during compile time to compute library and header paths 
which it should not.
- Installing with both DESTDIR and PREFIX set gives us odd paths
- Make usage of DESTDIR and PREFIX more standard

Signed-off-by: Marcus Folkesson 
---
 README  | 2 +-
 libsepol/include/Makefile   | 4 ++--
 libsepol/man/Makefile   | 5 +++--
 libsepol/src/Makefile   | 7 +++
 libsepol/src/libsepol.pc.in | 2 +-
 libsepol/utils/Makefile | 4 ++--
 6 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/README b/README
index 7fc7b17b..174551a1 100644
--- a/README
+++ b/README
@@ -19,6 +19,6 @@ lacks library functions or other dependencies relied upon by 
your
 distribution.  If it breaks, you get to keep both pieces.
 
 To install libsepol on macOS (mainly for policy analysis):
-cd libsepol; make DESTDIR=/usr/local PREFIX=/usr/local install
+cd libsepol; make PREFIX=/usr/local install
 
 This requires GNU coreutils (brew install coreutils).
diff --git a/libsepol/include/Makefile b/libsepol/include/Makefile
index 56b7a114..ad5c34a4 100644
--- a/libsepol/include/Makefile
+++ b/libsepol/include/Makefile
@@ -1,6 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCDIR ?= $(PREFIX)/include/sepol
+PREFIX ?= /usr
+INCDIR = $(DESTDIR)$(PREFIX)/include/sepol
 CILDIR ?= ../cil
 
 all:
diff --git a/libsepol/man/Makefile b/libsepol/man/Makefile
index 11924334..4f3d9fa2 100644
--- a/libsepol/man/Makefile
+++ b/libsepol/man/Makefile
@@ -1,6 +1,7 @@
 # Installation directories.
-MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
-MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
+PREFIX ?= /usr
+MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
+MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
 
 all:
 
diff --git a/libsepol/src/Makefile b/libsepol/src/Makefile
index 819d261b..d158398f 100644
--- a/libsepol/src/Makefile
+++ b/libsepol/src/Makefile
@@ -1,10 +1,9 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
+PREFIX ?= /usr
 INCLUDEDIR ?= $(PREFIX)/include
-LIBDIR ?= $(PREFIX)/lib
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 SHLIBDIR ?= $(DESTDIR)/lib
 RANLIB ?= ranlib
-LIBBASE ?= $(shell basename $(LIBDIR))
 CILDIR ?= ../cil
 
 VERSION = $(shell cat ../VERSION)
@@ -52,7 +51,7 @@ $(LIBSO): $(LOBJS) $(LIBMAP)
ln -sf $@ $(TARGET) 
 
 $(LIBPC): $(LIBPC).in ../VERSION
-   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
+   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
 
 $(LIBMAP): $(LIBMAP).in
 ifneq ($(DISABLE_CIL),y)
diff --git a/libsepol/src/libsepol.pc.in b/libsepol/src/libsepol.pc.in
index e52f5892..f807fec6 100644
--- a/libsepol/src/libsepol.pc.in
+++ b/libsepol/src/libsepol.pc.in
@@ -1,6 +1,6 @@
 prefix=@prefix@
 exec_prefix=${prefix}
-libdir=${exec_prefix}/@libdir@
+libdir=@libdir@
 includedir=@includedir@
 
 Name: libsepol
diff --git a/libsepol/utils/Makefile b/libsepol/utils/Makefile
index fba1d8a0..8ce4bf47 100644
--- a/libsepol/utils/Makefile
+++ b/libsepol/utils/Makefile
@@ -1,6 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
 
 CFLAGS ?= -Wall -Werror
 override CFLAGS += -I../include
-- 
2.15.1

[PATCH v3 02/14] libselinux: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

This patch solves the following issues:
- The pkg-config files generates odd paths when using DESTDIR without PREFIX
- DESTDIR is needed during compile time to compute library and header paths 
which it should not.
- Installing with both DESTDIR and PREFIX set gives us odd paths
- Make usage of DESTDIR and PREFIX more standard

Signed-off-by: Marcus Folkesson 
---
 libselinux/include/Makefile |  4 ++--
 libselinux/man/Makefile |  7 ---
 libselinux/src/Makefile | 14 +-
 libselinux/src/libselinux.pc.in |  2 +-
 libselinux/utils/Makefile   |  6 ++
 5 files changed, 18 insertions(+), 15 deletions(-)

diff --git a/libselinux/include/Makefile b/libselinux/include/Makefile
index 757a6c9c..3b51f5ce 100644
--- a/libselinux/include/Makefile
+++ b/libselinux/include/Makefile
@@ -1,6 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-INCDIR ?= $(PREFIX)/include/selinux
+PREFIX ?= /usr
+INCDIR = $(DESTDIR)$(PREFIX)/include/selinux
 
 all:
 
diff --git a/libselinux/man/Makefile b/libselinux/man/Makefile
index 0643e6af..233bfaa9 100644
--- a/libselinux/man/Makefile
+++ b/libselinux/man/Makefile
@@ -1,7 +1,8 @@
 # Installation directories.
-MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
-MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
-MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
+PREFIX ?= /usr
+MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
+MAN5DIR ?= $(DESTDIR)$(PREFIX)/share/man/man5
+MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
 
 all:
 
diff --git a/libselinux/src/Makefile b/libselinux/src/Makefile
index 18df75c8..e18c00f2 100644
--- a/libselinux/src/Makefile
+++ b/libselinux/src/Makefile
@@ -8,8 +8,8 @@ RUBYPREFIX ?= $(notdir $(RUBY))
 PKG_CONFIG ?= pkg-config
 
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
+PREFIX ?= /usr
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 SHLIBDIR ?= $(DESTDIR)/lib
 INCLUDEDIR ?= $(PREFIX)/include
 PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
@@ -19,8 +19,6 @@ PYCEXT ?= $(shell $(PYTHON) -c 'import imp;print([s for s,m,t 
in imp.get_suffixe
 RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] 
+ " -I" + RbConfig::CONFIG["rubyhdrdir"]')
 RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" 
+ RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
 RUBYINSTALL ?= $(DESTDIR)$(shell $(RUBY) -e 'puts 
RbConfig::CONFIG["vendorarchdir"]')
-LIBBASE ?= $(shell basename $(LIBDIR))
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
 
 VERSION = $(shell cat ../VERSION)
 LIBVERSION = 1
@@ -50,6 +48,12 @@ LIBSO=$(TARGET).$(LIBVERSION)
 AUDIT2WHYLOBJ=$(PYPREFIX)audit2why.lo
 AUDIT2WHYSO=$(PYPREFIX)audit2why.so
 
+
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
+
 GENERATED=$(SWIGCOUT) $(SWIGRUBYCOUT) selinuxswig_python_exception.i
 SRCS= $(filter-out $(GENERATED) audit2why.c, $(sort $(wildcard *.c)))
 
@@ -148,7 +152,7 @@ $(LIBSO): $(LOBJS)
ln -sf $@ $(TARGET)
 
 $(LIBPC): $(LIBPC).in ../VERSION
-   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):; 
s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
+   sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; 
s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):; 
s:@PCRE_MODULE@:$(PCRE_MODULE):' < $< > $@
 
 selinuxswig_python_exception.i: ../include/selinux/selinux.h
bash -e exception.sh > $@ || (rm -f $@ ; false)
diff --git a/libselinux/src/libselinux.pc.in b/libselinux/src/libselinux.pc.in
index 2e90a844..7c66b1fa 100644
--- a/libselinux/src/libselinux.pc.in
+++ b/libselinux/src/libselinux.pc.in
@@ -1,6 +1,6 @@
 prefix=@prefix@
 exec_prefix=${prefix}
-libdir=${exec_prefix}/@libdir@
+libdir=@libdir@
 includedir=@includedir@
 
 Name: libselinux
diff --git a/libselinux/utils/Makefile b/libselinux/utils/Makefile
index eb4851a9..9adce6d3 100644
--- a/libselinux/utils/Makefile
+++ b/libselinux/utils/Makefile
@@ -1,8 +1,6 @@
 # Installation directories.
-PREFIX ?= $(DESTDIR)/usr
-LIBDIR ?= $(PREFIX)/lib
-SBINDIR ?= $(PREFIX)/sbin
-INCLUDEDIR ?= $(PREFIX)/include
+PREFIX ?= /usr
+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
 
 OS ?= $(shell uname)
 
-- 
2.15.1

[PATCH v3 04/14] checkpolicy: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

This patch solves the following issues:
- DESTDIR is needed during compile time to compute library
  and header paths which it should not.
- Installing with both DESTDIR and PREFIX set gives us odd paths
- Make usage of DESTDIR and PREFIX more standard

Signed-off-by: Marcus Folkesson 
---
 checkpolicy/Makefile  | 19 ---
 checkpolicy/test/Makefile | 15 ++-
 2 files changed, 22 insertions(+), 12 deletions(-)

diff --git a/checkpolicy/Makefile b/checkpolicy/Makefile
index 68e11f2a..78a8a43b 100644
--- a/checkpolicy/Makefile
+++ b/checkpolicy/Makefile
@@ -1,12 +1,10 @@
 #
 # Makefile for building the checkpolicy program
 #
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-MANDIR ?= $(PREFIX)/share/man
-LIBDIR ?= $(PREFIX)/lib
-INCLUDEDIR ?= $(PREFIX)/include
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 TARGETS = checkpolicy checkmodule
 
 LEX = flex
@@ -14,6 +12,11 @@ YACC = bison -y
 
 CFLAGS ?= -g -Wall -Werror -Wshadow -O2 -pipe -fno-strict-aliasing
 
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
+
 override CFLAGS += -I.
 
 CHECKOBJS = y.tab.o lex.yy.o queue.o module_compiler.o parse_util.o \
@@ -27,11 +30,13 @@ all:  $(TARGETS)
$(MAKE) -C test
 
 checkpolicy: $(CHECKPOLOBJS) $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
 
 checkmodule: $(CHECKMODOBJS) $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
 
 %.o: %.c 
-   $(CC) $(CFLAGS) -o $@ -c $<
+   $(CC) $(CFLAGS) $(LDFLAGS) -o $@ -c $<
 
 y.tab.o: y.tab.c
$(CC) $(filter-out -Werror, $(CFLAGS)) -o $@ -c $<
diff --git a/checkpolicy/test/Makefile b/checkpolicy/test/Makefile
index 59fa4460..3eb1c512 100644
--- a/checkpolicy/test/Makefile
+++ b/checkpolicy/test/Makefile
@@ -1,19 +1,24 @@
 #
 # Makefile for building the dispol program
 #
-PREFIX ?= $(DESTDIR)/usr
-BINDIR ?= $(PREFIX)/bin
-LIBDIR ?= $(PREFIX)/lib
-INCLUDEDIR ?= $(PREFIX)/include
-LIBSEPOLA ?= $(LIBDIR)/libsepol.a
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+LIBDIR ?= $(DESTDIR)$(PREFIX)/lib
 
 CFLAGS ?= -g -Wall -W -Werror -O2 -pipe
 
+# If no specific libsepol.a is specified, fall back on LDFLAGS search path
+ifeq ($(LIBSEPOLA),)
+   LDFLAGS += -l:libsepol.a
+endif
+
 all: dispol dismod
 
 dispol: dispol.o $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
 
 dismod: dismod.o $(LIBSEPOLA)
+   $(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS)
 
 clean:
-rm -f dispol dismod *.o 
-- 
2.15.1

[PATCH v3 05/14] gui: build: follow standard semantics for DESTDIR and PREFIX

[Marcus Folkesson]

Signed-off-by: Marcus Folkesson 
---
 gui/Makefile | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/gui/Makefile b/gui/Makefile
index cfe47405..5efd17d7 100644
--- a/gui/Makefile
+++ b/gui/Makefile
@@ -1,9 +1,9 @@
 # Installation directories.
-PREFIX ?= ${DESTDIR}/usr
-BINDIR ?= $(PREFIX)/bin
-SHAREDIR ?= $(PREFIX)/share/system-config-selinux
-DATADIR ?= $(PREFIX)/share
-MANDIR ?= $(PREFIX)/share/man
+PREFIX ?= /usr
+BINDIR ?= $(DESTDIR)$(PREFIX)/bin
+SHAREDIR ?= $(DESTDIR)$(PREFIX)/share/system-config-selinux
+DATADIR ?= $(DESTDIR)$(PREFIX)/share
+MANDIR ?= $(DESTDIR)$(PREFIX)/share/man
 
 TARGETS= \
 booleansPage.py \
-- 
2.15.1

Re: [PATCH] general protection fault in sock_has_perm

[Mark Salyzyn]

On 01/19/2018 09:06 AM, Paul Moore wrote:

On Fri, Jan 19, 2018 at 10:49 AM, Mark Salyzyn  wrote:

On 01/18/2018 02:36 PM, Paul Moore wrote:

On Thu, Jan 18, 2018 at 4:58 PM, Mark Salyzyn  wrote:

general protection fault:  [#1] PREEMPT SMP KASAN
CPU: 1 PID: 14233 Comm: syz-executor2 Not tainted 4.4.112-g5f6325b #28
. . .
[] selinux_socket_setsockopt+0x4d/0x80
security/selinux/hooks.c:4338
[] security_socket_setsockopt+0x7d/0xb0
security/security.c:1257
[] SYSC_setsockopt net/socket.c:1757 [inline]
[] SyS_setsockopt+0xe8/0x250 net/socket.c:1746
[] entry_SYSCALL_64_fastpath+0x16/0x92
Code: c2 42 9b b6 81 be 01 00 00 00 48 c7 c7 a0 cb 2b 84 e8
f7 2f 6d ff 49 8d 7d 10 48 b8 00 00 00 00 00 fc ff df 48 89
fa 48 c1 ea 03 <0f> b6 04 02 84 c0 74 08 3c 03 0f 8e 83 01 00
00 41 8b 75 10 31
RIP  [] sock_has_perm+0x1fe/0x3e0
security/selinux/hooks.c:4069
RSP 
---[ end trace 7b5aaf788fef6174 ]---

In the absence of commit a4298e4522d6 ("net: add SOCK_RCU_FREE socket
flag") and all the associated infrastructure changes to take advantage
of a RCU grace period before freeing, there is a heightened
possibility that a security check is performed while an ill-timed
setsockopt call races in from user space.  It then is prudent to null
check sk_security, and if the case, reject the permissions.

This adjustment is orthogonal to infrastructure improvements that may
nullify the needed check, but should be added as good code hygiene.

I'm skeptical that this is the full solution for systems that lack the
SOCK_RCU_FREE protection.  Is this really limited to just
setsockopt()?

Maybe overstepped in my analysis and assumptions?

This is a result of a fuzzer hitting an android 4.4 KASAN kernel. We (so
far) have _not_ seen this with an android 4.9 KASAN kernel (which has the
SOCK_RCU_FREE adjustments). There is no standalone duplication or PoC
_except_ via the fuzzer. The rest of the statements stands based on this
tidbit (statements of general good code hygiene, not 100% sure SOCK_RCU_FREE
usage is completely covered, KISS solution etc).

To be honest, yes, this may be a layer in the onion (swat this NULL check
does not by itself solve the _problem_), I'd prefer kernel continuing on in
a rational manner rather than panic ... and I have a gut feeling this could
be a gratuitous NULL check if all the bugs in the network layer have been
solved . Programming to solve a problem
with one's gut is not a good practice, but hygiene is. This is 10
characters, and an estimated 1.2ns of added hygiene.

No, I do not think this is limited to setsockopt, but would be willing to
believe a multithreaded attack of any socket functions or ioctl would drop
down to the check with sock_has_perm at possibly the wrong time in socket
teardown.

I'm not necessarily opposed to adding additional safety checks, if
warranted, but I am opposed to adding a single check and declaring
mission accomplished when there is a suspicion that additional checks
may be needed.

Perhaps in this particular case it really is only setsockopt(), but
from what I can tell from your comments and the SOCK_RCU_FREE commit
message it would appear that there is a race condition here between a
socket's lifetime and its visibility to userspace.


I will need to fix my comments to be clearer ... (besides, I got the 
error return wrong, so I will have to respin it anyways).


In later kernels SOCK_RCU_FREE _appears_ to fix the race condition. In 
earlier kernels there is _no_ SOCK_RCU_FREE infrastructure, and thus the 
race condition exists. That race conditions _should_ have been solved in 
ToT. I have evaluated that porting all the SOCK_RCU_FREE refactoring may 
be too risky an endeavor for stable kernels though (maybe I am wrong 
about that? The author of those fixes eduma...@google.com has been 
notified, have yet to receive a response).


Because I can not confirm that SOCK_RCU_FREE solves the problem, I am 
making a case for this to land in 4.9+ to ToT kernels as good hygiene. 
But maybe this should only go in 4.4- stable ...


-- Mark