package/libsepol: Remove use of cdefs.h
authorAdam Duskett <Aduskett@gmail.com>
Fri, 8 Jul 2016 21:45:36 +0000 (17:45 -0400)
committerThomas Petazzoni <thomas.petazzoni@free-electrons.com>
Sun, 24 Jul 2016 21:52:23 +0000 (23:52 +0200)
Libsepol uses cdefs.h which is a internal glibc header.
This header is not intended to be used by any program and will cause
compiling against musl (and possibly other c libraries) to fail.
This patch fixed this issue and replaces all references of

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
package/libsepol/0005-replace-cdefs.patch [new file with mode: 0644]

diff --git a/package/libsepol/0005-replace-cdefs.patch b/package/libsepol/0005-replace-cdefs.patch
new file mode 100644 (file)
index 0000000..2f76a74
--- /dev/null
@@ -0,0 +1,1074 @@
+Remove usage of <sys/cdefs.h>.
+
+This fixes autobuild issue: http://autobuild.buildroot.org/results/cbb/cbb2bac69aa0708e587ba9fcd1efcead82e42446/build-end.log
+Libsepol uses cdefs.h which is a internal glibc header.
+This header is not intended to be used by any program and will cause
+compiling against musl (and possibly other c libraries) to fail.
+This patch fixed this issue and replaces all references of
+#include <sys/cdefs.h> and __BEGIN/END_DECLS with the appropriate #ifdefs.
+
+This patch has also been submitted upstream to the selinux github repository.
+https://github.com/SELinuxProject/selinux/issues/19
+
+Signed-off-by: Adam Duskett <Aduskett@gmail.com>
+
+
+diff --git a/include/sepol/boolean_record.h b/include/sepol/boolean_record.h
+index 9af16be..09cd01f 100644
+--- a/include/sepol/boolean_record.h
++++ b/include/sepol/boolean_record.h
+@@ -3,9 +3,10 @@
+
+ #include <stddef.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_bool;
+ struct sepol_bool_key;
+@@ -51,5 +52,8 @@ extern int sepol_bool_clone(sepol_handle_t * handle,
+
+ extern void sepol_bool_free(sepol_bool_t * boolean);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/booleans.h b/include/sepol/booleans.h
+index 7374dde..02356d1 100644
+--- a/include/sepol/booleans.h
++++ b/include/sepol/booleans.h
+@@ -5,9 +5,10 @@
+ #include <sepol/policydb.h>
+ #include <sepol/boolean_record.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*--------------compatibility--------------*/
+
+@@ -59,5 +60,8 @@ extern int sepol_bool_iterate(sepol_handle_t * handle,
+                             int (*fn) (const sepol_bool_t * boolean,
+                                        void *fn_arg), void *arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/context.h b/include/sepol/context.h
+index a69e8c9..b3e5497 100644
+--- a/include/sepol/context.h
++++ b/include/sepol/context.h
+@@ -4,9 +4,10 @@
+ #include <sepol/context_record.h>
+ #include <sepol/policydb.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* -- Deprecated -- */
+
+@@ -26,5 +27,8 @@ extern int sepol_mls_contains(sepol_handle_t * handle,
+ extern int sepol_mls_check(sepol_handle_t * handle,
+                          const sepol_policydb_t * policydb, const char *mls);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/context_record.h b/include/sepol/context_record.h
+index c07da8f..1dcbebb 100644
+--- a/include/sepol/context_record.h
++++ b/include/sepol/context_record.h
+@@ -2,9 +2,10 @@
+ #define _SEPOL_CONTEXT_RECORD_H_
+
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_context;
+ typedef struct sepol_context sepol_context_t;
+@@ -53,5 +54,8 @@ extern int sepol_context_from_string(sepol_handle_t * handle,
+ extern int sepol_context_to_string(sepol_handle_t * handle,
+                                  const sepol_context_t * con, char **str_ptr);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/debug.h b/include/sepol/debug.h
+index b852c8d..972a4de 100644
+--- a/include/sepol/debug.h
++++ b/include/sepol/debug.h
+@@ -2,9 +2,10 @@
+ #define _SEPOL_DEBUG_H_
+
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Deprecated */
+ extern void sepol_debug(int on);
+@@ -35,5 +36,8 @@ extern void sepol_msg_set_callback(sepol_handle_t * handle,
+                                                        const char *fmt, ...),
+                                  void *msg_callback_arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/errcodes.h b/include/sepol/errcodes.h
+index eba7088..0136564 100644
+--- a/include/sepol/errcodes.h
++++ b/include/sepol/errcodes.h
+@@ -4,9 +4,10 @@
+ #define __sepol_errno_h__
+
+ #include <errno.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ #define SEPOL_OK             0
+
+@@ -25,5 +26,8 @@ __BEGIN_DECLS
+ #define SEPOL_EEXIST         -EEXIST
+ #define SEPOL_ENOENT         -ENOENT
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/handle.h b/include/sepol/handle.h
+index 00ed0ed..27cbd6c 100644
+--- a/include/sepol/handle.h
++++ b/include/sepol/handle.h
+@@ -1,9 +1,9 @@
+ #ifndef _SEPOL_HANDLE_H_
+ #define _SEPOL_HANDLE_H_
+
+-#include <sys/cdefs.h>
+-
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_handle;
+ typedef struct sepol_handle sepol_handle_t;
+@@ -35,5 +35,8 @@ int sepol_get_preserve_tunables(sepol_handle_t * sh);
+  * 0 is default and discard such branch, 1 preserves them */
+ void sepol_set_preserve_tunables(sepol_handle_t * sh, int preserve_tunables);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/iface_record.h b/include/sepol/iface_record.h
+index 81d7027..098bc77 100644
+--- a/include/sepol/iface_record.h
++++ b/include/sepol/iface_record.h
+@@ -3,9 +3,10 @@
+
+ #include <sepol/handle.h>
+ #include <sepol/context_record.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_iface;
+ struct sepol_iface_key;
+@@ -59,5 +60,8 @@ extern int sepol_iface_clone(sepol_handle_t * handle,
+
+ extern void sepol_iface_free(sepol_iface_t * iface);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/interfaces.h b/include/sepol/interfaces.h
+index 3cb5043..7ef23ce 100644
+--- a/include/sepol/interfaces.h
++++ b/include/sepol/interfaces.h
+@@ -4,9 +4,10 @@
+ #include <sepol/policydb.h>
+ #include <sepol/iface_record.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Return the number of interfaces */
+ extern int sepol_iface_count(sepol_handle_t * handle,
+@@ -43,5 +44,8 @@ extern int sepol_iface_iterate(sepol_handle_t * handle,
+                              int (*fn) (const sepol_iface_t * iface,
+                                         void *fn_arg), void *arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/module.h b/include/sepol/module.h
+index ff27f96..77114a1 100644
+--- a/include/sepol/module.h
++++ b/include/sepol/module.h
+@@ -7,9 +7,11 @@
+
+ #include <sepol/handle.h>
+ #include <sepol/policydb.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_module_package;
+ typedef struct sepol_module_package sepol_module_package_t;
+@@ -82,5 +84,8 @@ extern int sepol_expand_module(sepol_handle_t * handle,
+                              sepol_policydb_t * base,
+                              sepol_policydb_t * out, int verbose, int check);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/module_to_cil.h b/include/sepol/module_to_cil.h
+index 18bb3bf..fe5eb5b 100644
+--- a/include/sepol/module_to_cil.h
++++ b/include/sepol/module_to_cil.h
+@@ -1,5 +1,4 @@
+ #include <stdlib.h>
+-
+ #include <sepol/module.h>
+ #include <sepol/policydb/policydb.h>
+
+diff --git a/include/sepol/node_record.h b/include/sepol/node_record.h
+index e2d3e6d..3873223 100644
+--- a/include/sepol/node_record.h
++++ b/include/sepol/node_record.h
+@@ -4,9 +4,10 @@
+ #include <stddef.h>
+ #include <sepol/context_record.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_node;
+ struct sepol_node_key;
+@@ -92,5 +93,8 @@ extern int sepol_node_clone(sepol_handle_t * handle,
+
+ extern void sepol_node_free(sepol_node_t * node);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/nodes.h b/include/sepol/nodes.h
+index 6fa534e..3cf99d2 100644
+--- a/include/sepol/nodes.h
++++ b/include/sepol/nodes.h
+@@ -4,9 +4,10 @@
+ #include <sepol/handle.h>
+ #include <sepol/policydb.h>
+ #include <sepol/node_record.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Return the number of nodes */
+ extern int sepol_node_count(sepol_handle_t * handle,
+@@ -40,5 +41,8 @@ extern int sepol_node_iterate(sepol_handle_t * handle,
+                             int (*fn) (const sepol_node_t * node,
+                                        void *fn_arg), void *arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb.h b/include/sepol/policydb.h
+index c3943e9..6769b91 100644
+--- a/include/sepol/policydb.h
++++ b/include/sepol/policydb.h
+@@ -5,9 +5,10 @@
+ #include <stdio.h>
+
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_policy_file;
+ typedef struct sepol_policy_file sepol_policy_file_t;
+@@ -144,5 +145,8 @@ extern int sepol_policydb_mls_enabled(const sepol_policydb_t * p);
+  */
+ extern int sepol_policydb_compat_net(const sepol_policydb_t * p);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/avrule_block.h b/include/sepol/policydb/avrule_block.h
+index ecd347b..57d6a8a 100644
+--- a/include/sepol/policydb/avrule_block.h
++++ b/include/sepol/policydb/avrule_block.h
+@@ -21,9 +21,11 @@
+ #define _SEPOL_AVRULE_BLOCK_H_
+
+ #include <sepol/policydb/policydb.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ extern avrule_block_t *avrule_block_create(void);
+ extern void avrule_block_destroy(avrule_block_t * x);
+@@ -37,5 +39,7 @@ extern cond_list_t *get_decl_cond_list(policydb_t * p,
+ extern int is_id_enabled(char *id, policydb_t * p, int symbol_table);
+ extern int is_perm_enabled(char *class_id, char *perm_id, policydb_t * p);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
+ #endif
+diff --git a/include/sepol/policydb/avtab.h b/include/sepol/policydb/avtab.h
+index d3ea84e..74f97f8 100644
+--- a/include/sepol/policydb/avtab.h
++++ b/include/sepol/policydb/avtab.h
+@@ -40,11 +40,13 @@
+ #ifndef _SEPOL_POLICYDB_AVTAB_H_
+ #define _SEPOL_POLICYDB_AVTAB_H_
+
+-#include <sys/cdefs.h>
++
+ #include <sys/types.h>
+ #include <stdint.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ typedef struct avtab_key {
+       uint16_t source_type;
+@@ -142,7 +144,9 @@ extern avtab_ptr_t avtab_search_node_next(avtab_ptr_t node, int specified);
+ /* avtab_alloc uses one bucket per 2-4 elements, so adjust to get maximum buckets */
+ #define MAX_AVTAB_SIZE (MAX_AVTAB_HASH_BUCKETS << 1)
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
+ #endif                                /* _AVTAB_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/conditional.h b/include/sepol/policydb/conditional.h
+index cd2a9a9..52d6b31 100644
+--- a/include/sepol/policydb/conditional.h
++++ b/include/sepol/policydb/conditional.h
+@@ -25,9 +25,11 @@
+ #include <sepol/policydb/avtab.h>
+ #include <sepol/policydb/symtab.h>
+ #include <sepol/policydb/policydb.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ #define COND_EXPR_MAXDEPTH 10
+
+@@ -136,5 +138,7 @@ extern int cond_read_list(policydb_t * p, cond_list_t ** list, void *fp);
+ extern void cond_compute_av(avtab_t * ctab, avtab_key_t * key,
+                           struct sepol_av_decision *avd);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
+ #endif                                /* _CONDITIONAL_H_ */
+diff --git a/include/sepol/policydb/constraint.h b/include/sepol/policydb/constraint.h
+index ae7034d..927bdc0 100644
+--- a/include/sepol/policydb/constraint.h
++++ b/include/sepol/policydb/constraint.h
+@@ -22,7 +22,9 @@
+ #include <sepol/policydb/ebitmap.h>
+ #include <sepol/policydb/flask_types.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ #define CEXPR_MAXDEPTH 5
+
+@@ -73,7 +75,10 @@ struct policydb;
+ extern int constraint_expr_init(constraint_expr_t * expr);
+ extern void constraint_expr_destroy(constraint_expr_t * expr);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif                                /* _CONSTRAINT_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/context.h b/include/sepol/policydb/context.h
+index dbb7c3e..aad3647 100644
+--- a/include/sepol/policydb/context.h
++++ b/include/sepol/policydb/context.h
+@@ -22,7 +22,9 @@
+ #include <sepol/policydb/ebitmap.h>
+ #include <sepol/policydb/mls_types.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*
+  * A security context consists of an authenticated user
+@@ -95,5 +97,8 @@ static inline int context_cmp(context_struct_t * c1, context_struct_t * c2)
+               (c1->type == c2->type) && mls_context_cmp(c1, c2));
+ }
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/ebitmap.h b/include/sepol/policydb/ebitmap.h
+index 7b3508d..b883597 100644
+--- a/include/sepol/policydb/ebitmap.h
++++ b/include/sepol/policydb/ebitmap.h
+@@ -19,9 +19,11 @@
+
+ #include <stdint.h>
+ #include <string.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ #define MAPTYPE uint64_t      /* portion of bitmap in each node */
+ #define MAPSIZE (sizeof(MAPTYPE) * 8) /* number of bits in node bitmap */
+@@ -92,7 +94,9 @@ extern int ebitmap_set_bit(ebitmap_t * e, unsigned int bit, int value);
+ extern void ebitmap_destroy(ebitmap_t * e);
+ extern int ebitmap_read(ebitmap_t * e, void *fp);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
+ #endif                                /* _EBITMAP_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/expand.h b/include/sepol/policydb/expand.h
+index a8de41e..59151c1 100644
+--- a/include/sepol/policydb/expand.h
++++ b/include/sepol/policydb/expand.h
+@@ -28,9 +28,11 @@
+ #include <stddef.h>
+ #include <sepol/handle.h>
+ #include <sepol/policydb/conditional.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*
+  * Expand only the avrules for a module. It is valid for this function
+@@ -79,5 +81,8 @@ extern int expand_avtab(policydb_t * p, avtab_t * a, avtab_t * expa);
+ extern int expand_cond_av_list(policydb_t * p, cond_av_list_t * l,
+                              cond_av_list_t ** newl, avtab_t * expa);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/flask_types.h b/include/sepol/policydb/flask_types.h
+index 2a59565..c41bd22 100644
+--- a/include/sepol/policydb/flask_types.h
++++ b/include/sepol/policydb/flask_types.h
+@@ -13,9 +13,11 @@
+
+ #include <sys/types.h>
+ #include <stdint.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*
+  * A security context is a set of security attributes 
+@@ -61,5 +63,8 @@ struct sepol_av_decision {
+       uint32_t seqno;
+ };
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/hashtab.h b/include/sepol/policydb/hashtab.h
+index 0afc59c..af72817 100644
+--- a/include/sepol/policydb/hashtab.h
++++ b/include/sepol/policydb/hashtab.h
+@@ -17,9 +17,11 @@
+
+ #include <stdint.h>
+ #include <stdio.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ typedef char *hashtab_key_t;  /* generic key type */
+ typedef void *hashtab_datum_t;        /* generic datum type */
+@@ -136,5 +138,8 @@ extern void hashtab_map_remove_on_error(hashtab_t h,
+
+ extern void hashtab_hash_eval(hashtab_t h, char *tag);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/hierarchy.h b/include/sepol/policydb/hierarchy.h
+index 88bc02e..27d140b 100644
+--- a/include/sepol/policydb/hierarchy.h
++++ b/include/sepol/policydb/hierarchy.h
+@@ -27,9 +27,11 @@
+
+ #include <sepol/policydb/avtab.h>
+ #include <sepol/policydb/policydb.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ extern int hierarchy_add_bounds(sepol_handle_t *handle, policydb_t *p);
+
+@@ -43,5 +45,8 @@ extern int bounds_check_types(sepol_handle_t *handle, policydb_t *p);
+
+ extern int hierarchy_check_constraints(sepol_handle_t * handle, policydb_t * p);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/link.h b/include/sepol/policydb/link.h
+index 7c7c9be..545331d 100644
+--- a/include/sepol/policydb/link.h
++++ b/include/sepol/policydb/link.h
+@@ -12,13 +12,18 @@
+
+
+ #include <stddef.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ extern int link_modules(sepol_handle_t * handle,
+                       policydb_t * b, policydb_t ** mods, int len,
+                       int verbose);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/mls_types.h b/include/sepol/policydb/mls_types.h
+index 4bf7367..52347a6 100644
+--- a/include/sepol/policydb/mls_types.h
++++ b/include/sepol/policydb/mls_types.h
+@@ -34,9 +34,11 @@
+ #include <stdlib.h>
+ #include <sepol/policydb/ebitmap.h>
+ #include <sepol/policydb/flask_types.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ typedef struct mls_level {
+       uint32_t sens;          /* sensitivity */
+@@ -152,5 +154,8 @@ extern void mls_semantic_range_init(mls_semantic_range_t *r);
+ extern void mls_semantic_range_destroy(mls_semantic_range_t *r);
+ extern int mls_semantic_range_cpy(mls_semantic_range_t *dst, mls_semantic_range_t *src);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/module.h b/include/sepol/policydb/module.h
+index 3fe560c..d0d2c7a 100644
+--- a/include/sepol/policydb/module.h
++++ b/include/sepol/policydb/module.h
+@@ -27,11 +27,12 @@
+
+ #include <sepol/policydb/policydb.h>
+ #include <sepol/policydb/conditional.h>
+-#include <sys/cdefs.h>
+
+ #define SEPOL_MODULE_PACKAGE_MAGIC 0xf97cff8f
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_module_package {
+       sepol_policydb_t *policy;
+@@ -48,5 +49,8 @@ struct sepol_module_package {
+
+ extern int sepol_module_package_init(sepol_module_package_t * p);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/polcaps.h b/include/sepol/policydb/polcaps.h
+index 74b7c9e..53d7994 100644
+--- a/include/sepol/policydb/polcaps.h
++++ b/include/sepol/policydb/polcaps.h
+@@ -1,9 +1,9 @@
+ #ifndef _SEPOL_POLICYDB_POLCAPS_H_
+ #define _SEPOL_POLICYDB_POLCAPS_H_
+
+-#include <sys/cdefs.h>
+-
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Policy capabilities */
+ enum {
+@@ -21,5 +21,8 @@ extern int sepol_polcap_getnum(const char *name);
+ /* Convert a capability number to name. */
+ extern const char *sepol_polcap_getname(int capnum);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif /* _SEPOL_POLICYDB_POLCAPS_H_ */
+diff --git a/include/sepol/policydb/policydb.h b/include/sepol/policydb/policydb.h
+index 26cec13..0d770bf 100644
+--- a/include/sepol/policydb/policydb.h
++++ b/include/sepol/policydb/policydb.h
+@@ -61,7 +61,6 @@
+ #include <sepol/policydb/context.h>
+ #include <sepol/policydb/constraint.h>
+ #include <sepol/policydb/sidtab.h>
+-#include <sys/cdefs.h>
+
+ #define ERRMSG_LEN 1024
+
+@@ -69,7 +68,9 @@
+ #define POLICYDB_ERROR       -1
+ #define POLICYDB_UNSUPPORTED -2
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*
+  * A datum type is defined for each kind of symbol 
+@@ -768,7 +769,10 @@ extern int policydb_set_target_platform(policydb_t *p, int platform);
+ #define POLICYDB_MOD_MAGIC SELINUX_MOD_MAGIC
+ #define POLICYDB_MOD_STRING "SE Linux Module"
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif                                /* _POLICYDB_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/services.h b/include/sepol/policydb/services.h
+index 8a5dc9a..29f57cf 100644
+--- a/include/sepol/policydb/services.h
++++ b/include/sepol/policydb/services.h
+@@ -15,9 +15,10 @@
+ #include <sepol/policydb/flask_types.h>
+ #include <sepol/policydb/policydb.h>
+ #include <stddef.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Set the policydb and sidtab structures to be used by
+    the service functions.  If not set, then these default
+@@ -230,5 +231,8 @@ extern int sepol_genfs_sid(const char *fstype,     /* IN */
+                          sepol_security_class_t sclass,       /* IN */
+                          sepol_security_id_t * sid);  /* OUT  */
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/policydb/sidtab.h b/include/sepol/policydb/sidtab.h
+index 4b93567..2df1a50 100644
+--- a/include/sepol/policydb/sidtab.h
++++ b/include/sepol/policydb/sidtab.h
+@@ -11,9 +11,10 @@
+ #define _SEPOL_POLICYDB_SIDTAB_H_
+
+ #include <sepol/policydb/context.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ typedef struct sidtab_node {
+       sepol_security_id_t sid;        /* security identifier */
+@@ -69,7 +70,10 @@ extern void sepol_sidtab_set(sidtab_t * dst, sidtab_t * src);
+
+ extern void sepol_sidtab_shutdown(sidtab_t * s);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif                                /* _SIDTAB_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/symtab.h b/include/sepol/policydb/symtab.h
+index e0da337..68b5ad4 100644
+--- a/include/sepol/policydb/symtab.h
++++ b/include/sepol/policydb/symtab.h
+@@ -14,9 +14,10 @@
+ #define _SEPOL_POLICYDB_SYMTAB_H_
+
+ #include <sepol/policydb/hashtab.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* The symtab_datum struct stores the common information for
+  * all symtab datums. It should the first element in every
+@@ -37,7 +38,10 @@ typedef struct {
+ extern int symtab_init(symtab_t *, unsigned int size);
+ extern void symtab_destroy(symtab_t *);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif                                /* _SYMTAB_H_ */
+
+ /* FLASK */
+diff --git a/include/sepol/policydb/util.h b/include/sepol/policydb/util.h
+index fa12661..ee236a2 100644
+--- a/include/sepol/policydb/util.h
++++ b/include/sepol/policydb/util.h
+@@ -23,9 +23,9 @@
+ #ifndef __SEPOL_UTIL_H__
+ #define __SEPOL_UTIL_H__
+
+-#include <sys/cdefs.h>
+-
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ extern int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a);
+
+@@ -40,5 +40,8 @@ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms);
+  */
+ extern int tokenize(char *line_buf, char delim, int num_args, ...);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/port_record.h b/include/sepol/port_record.h
+index 697cea4..3bb4039 100644
+--- a/include/sepol/port_record.h
++++ b/include/sepol/port_record.h
+@@ -3,9 +3,10 @@
+
+ #include <sepol/context_record.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_port;
+ struct sepol_port_key;
+@@ -66,5 +67,8 @@ extern int sepol_port_clone(sepol_handle_t * handle,
+
+ extern void sepol_port_free(sepol_port_t * port);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/ports.h b/include/sepol/ports.h
+index b4622ba..cda246c 100644
+--- a/include/sepol/ports.h
++++ b/include/sepol/ports.h
+@@ -4,9 +4,10 @@
+ #include <sepol/handle.h>
+ #include <sepol/policydb.h>
+ #include <sepol/port_record.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /* Return the number of ports */
+ extern int sepol_port_count(sepol_handle_t * handle,
+@@ -40,5 +41,8 @@ extern int sepol_port_iterate(sepol_handle_t * handle,
+                             int (*fn) (const sepol_port_t * port,
+                                        void *fn_arg), void *arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/roles.h b/include/sepol/roles.h
+index 89b3af2..e750078 100644
+--- a/include/sepol/roles.h
++++ b/include/sepol/roles.h
+@@ -1,9 +1,9 @@
+ #ifndef _SEPOL_ROLES_H_
+ #define _SEPOL_ROLES_H_
+
+-#include <sys/cdefs.h>
+-
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ extern int sepol_role_exists(const sepol_policydb_t * policydb,
+                            const char *role, int *response);
+@@ -11,5 +11,8 @@ extern int sepol_role_exists(const sepol_policydb_t * policydb,
+ extern int sepol_role_list(const sepol_policydb_t * policydb,
+                          char ***roles, unsigned int *nroles);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/sepol.h b/include/sepol/sepol.h
+index 00a2129..513f77d 100644
+--- a/include/sepol/sepol.h
++++ b/include/sepol/sepol.h
+@@ -3,9 +3,10 @@
+
+ #include <stddef.h>
+ #include <stdio.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ #include <sepol/user_record.h>
+ #include <sepol/context_record.h>
+@@ -28,5 +29,8 @@ __BEGIN_DECLS
+ /* Set internal policydb from a file for subsequent service calls. */
+ extern int sepol_set_policydb_from_file(FILE * fp);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/user_record.h b/include/sepol/user_record.h
+index 9a39526..d17a3db 100644
+--- a/include/sepol/user_record.h
++++ b/include/sepol/user_record.h
+@@ -3,9 +3,10 @@
+
+ #include <stddef.h>
+ #include <sepol/handle.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ struct sepol_user;
+ struct sepol_user_key;
+@@ -76,5 +77,8 @@ extern int sepol_user_clone(sepol_handle_t * handle,
+
+ extern void sepol_user_free(sepol_user_t * user);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif
+diff --git a/include/sepol/users.h b/include/sepol/users.h
+index 0e0f76e..ad23f89 100644
+--- a/include/sepol/users.h
++++ b/include/sepol/users.h
+@@ -5,9 +5,10 @@
+ #include <sepol/user_record.h>
+ #include <sepol/handle.h>
+ #include <stddef.h>
+-#include <sys/cdefs.h>
+
+-__BEGIN_DECLS
++#ifdef __cplusplus
++extern "C" {
++#endif
+
+ /*---------compatibility------------*/
+
+@@ -57,5 +58,8 @@ extern int sepol_user_iterate(sepol_handle_t * handle,
+                             int (*fn) (const sepol_user_t * user,
+                                        void *fn_arg), void *arg);
+
+-__END_DECLS
++#ifdef __cplusplus
++}
++#endif
++
+ #endif