+++ /dev/null
-libselinux: build: follow standard semantics for DESTDIR and PREFIX
-
-This patch solves the following issues:
-- The pkg-config files generates odd paths when using DESTDIR without PREFIX
-- DESTDIR is needed during compile time to compute library and header paths which it should not.
-- Installing with both DESTDIR and PREFIX set gives us odd paths
-- Make usage of DESTDIR and PREFIX more standard
-
-Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
-
-diff -durN libselinux.orig/include/Makefile libselinux/include/Makefile
---- libselinux.orig/include/Makefile 2018-01-12 12:42:30.898709792 +0100
-+++ libselinux/include/Makefile 2018-01-12 10:02:57.745478435 +0100
-@@ -1,6 +1,6 @@
- # Installation directories.
--PREFIX ?= $(DESTDIR)/usr
--INCDIR ?= $(PREFIX)/include/selinux
-+PREFIX ?= /usr
-+INCDIR = $(DESTDIR)$(PREFIX)/include/selinux
-
- all:
-
-diff -durN libselinux.orig/man/Makefile libselinux/man/Makefile
---- libselinux.orig/man/Makefile 2018-01-12 12:42:30.898709792 +0100
-+++ libselinux/man/Makefile 2018-01-12 10:02:57.745478435 +0100
-@@ -1,7 +1,8 @@
- # Installation directories.
--MAN8DIR ?= $(DESTDIR)/usr/share/man/man8
--MAN5DIR ?= $(DESTDIR)/usr/share/man/man5
--MAN3DIR ?= $(DESTDIR)/usr/share/man/man3
-+PREFIX ?= /usr
-+MAN8DIR ?= $(DESTDIR)$(PREFIX)/share/man/man8
-+MAN5DIR ?= $(DESTDIR)$(PREFIX)/share/man/man5
-+MAN3DIR ?= $(DESTDIR)$(PREFIX)/share/man/man3
-
- all:
-
-diff -durN libselinux.orig/src/libselinux.pc.in libselinux/src/libselinux.pc.in
---- libselinux.orig/src/libselinux.pc.in 2018-01-12 12:42:30.905376458 +0100
-+++ libselinux/src/libselinux.pc.in 2018-01-12 10:02:57.745478435 +0100
-@@ -1,6 +1,6 @@
- prefix=@prefix@
- exec_prefix=${prefix}
--libdir=${exec_prefix}/@libdir@
-+libdir=@libdir@
- includedir=@includedir@
-
- Name: libselinux
-diff -durN libselinux.orig/src/Makefile libselinux/src/Makefile
---- libselinux.orig/src/Makefile 2018-01-12 12:42:30.902043126 +0100
-+++ libselinux/src/Makefile 2018-01-12 10:02:57.745478435 +0100
-@@ -8,10 +8,10 @@
- PKG_CONFIG ?= pkg-config
-
- # Installation directories.
--PREFIX ?= $(DESTDIR)/usr
-+PREFIX ?= /usr
- LIBDIR ?= $(PREFIX)/lib
--SHLIBDIR ?= $(DESTDIR)/lib
- INCLUDEDIR ?= $(PREFIX)/include
-+LIBINSTALL = $(DESTDIR)$(LIBDIR)
- PYINC ?= $(shell $(PKG_CONFIG) --cflags $(PYPREFIX))
- PYLIBS ?= $(shell $(PKG_CONFIG) --libs $(PYPREFIX))
- PYSITEDIR ?= $(DESTDIR)$(shell $(PYTHON) -c 'import site; print(site.getsitepackages()[0])')
-@@ -19,8 +19,6 @@
- RUBYINC ?= $(shell $(RUBY) -e 'puts "-I" + RbConfig::CONFIG["rubyarchhdrdir"] + " -I" + RbConfig::CONFIG["rubyhdrdir"]')
- RUBYLIBS ?= $(shell $(RUBY) -e 'puts "-L" + RbConfig::CONFIG["libdir"] + " -L" + RbConfig::CONFIG["archlibdir"] + " " + RbConfig::CONFIG["LIBRUBYARG_SHARED"]')
- RUBYINSTALL ?= $(DESTDIR)$(shell $(RUBY) -e 'puts RbConfig::CONFIG["vendorarchdir"]')
--LIBBASE ?= $(shell basename $(LIBDIR))
--LIBSEPOLA ?= $(LIBDIR)/libsepol.a
-
- VERSION = $(shell cat ../VERSION)
- LIBVERSION = 1
-@@ -148,7 +146,7 @@
- ln -sf $@ $(TARGET)
-
- $(LIBPC): $(LIBPC).in ../VERSION
-- sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBBASE):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
-+ sed -e 's/@VERSION@/$(VERSION)/; s:@prefix@:$(PREFIX):; s:@libdir@:$(LIBDIR):; s:@includedir@:$(INCLUDEDIR):' < $< > $@
-
- selinuxswig_python_exception.i: ../include/selinux/selinux.h
- bash -e exception.sh > $@ || (rm -f $@ ; false)
-@@ -156,8 +154,8 @@
- $(AUDIT2WHYLOBJ): audit2why.c
- $(CC) $(filter-out -Werror, $(CFLAGS)) $(PYINC) -fPIC -DSHARED -c -o $@ $<
-
--$(AUDIT2WHYSO): $(AUDIT2WHYLOBJ) $(LIBSEPOLA)
-- $(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(PYLIBS)
-+$(AUDIT2WHYSO): $(AUDIT2WHYLOBJ)
-+ $(CC) $(CFLAGS) $(LDFLAGS) -L. -shared -o $@ $^ -lselinux $(PYLIBS) -l:libsepol.a
-
- %.o: %.c policy.h
- $(CC) $(CFLAGS) $(TLSFLAGS) -c -o $@ $<
-@@ -177,13 +175,13 @@
- $(SWIG) $<
-
- install: all
-- test -d $(LIBDIR) || install -m 755 -d $(LIBDIR)
-- install -m 644 $(LIBA) $(LIBDIR)
-- test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR)
-- install -m 755 $(LIBSO) $(SHLIBDIR)
-- test -d $(LIBDIR)/pkgconfig || install -m 755 -d $(LIBDIR)/pkgconfig
-- install -m 644 $(LIBPC) $(LIBDIR)/pkgconfig
-- ln -sf --relative $(SHLIBDIR)/$(LIBSO) $(LIBDIR)/$(TARGET)
-+ test -d $(LIBINSTALL) || install -m 755 -d $(LIBINSTALL)
-+ install -m 644 $(LIBA) $(LIBINSTALL)
-+ test -d $(LIBINSTALL) || install -m 755 -d $(LIBINSTALL)
-+ install -m 755 $(LIBSO) $(LIBINSTALL)
-+ test -d $(LIBINSTALL)/pkgconfig || install -m 755 -d $(LIBINSTALL)/pkgconfig
-+ install -m 644 $(LIBPC) $(LIBINSTALL)/pkgconfig
-+ ln -sf --relative $(LIBINSTALL)/$(LIBSO) $(LIBINSTALL)/$(TARGET)
-
- install-pywrap: pywrap
- test -d $(PYSITEDIR)/selinux || install -m 755 -d $(PYSITEDIR)/selinux
-@@ -196,7 +194,7 @@
- install -m 755 $(SWIGRUBYSO) $(RUBYINSTALL)/selinux.so
-
- relabel:
-- /sbin/restorecon $(SHLIBDIR)/$(LIBSO)
-+ /sbin/restorecon $(LIBINSTALL)/$(LIBSO)
-
- clean-pywrap:
- -rm -f $(SWIGLOBJ) $(SWIGSO) $(AUDIT2WHYLOBJ) $(AUDIT2WHYSO)
-diff -durN libselinux.orig/utils/Makefile libselinux/utils/Makefile
---- libselinux.orig/utils/Makefile 2018-01-12 12:42:30.905376458 +0100
-+++ libselinux/utils/Makefile 2018-01-12 10:02:57.745478435 +0100
-@@ -1,8 +1,6 @@
- # Installation directories.
--PREFIX ?= $(DESTDIR)/usr
--LIBDIR ?= $(PREFIX)/lib
--SBINDIR ?= $(PREFIX)/sbin
--INCLUDEDIR ?= $(PREFIX)/include
-+PREFIX ?= /usr
-+SBINDIR ?= $(DESTDIR)$(PREFIX)/sbin
-
- OS ?= $(shell uname)
-
--- /dev/null
+Makefile: revert libselinux: use ln --relative to create .so symlinks
+
+This reverts 71393a181d63c9baae5fe8dcaeb9411d1f253998
+
+ln --relative is too recent to be available in all distributions,
+especially enterprise-grade distros that can stick around as long as
+they are maintained (up to 10 years in some cases?).
+
+For the sake of Buildroot, revert the upstream patch.
+
+Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+[Update for 2.8 (with assumption that SHLIBDIR=LIBDIR)]
+
+diff -durNw libselinux-2.7.orig/src/Makefile libselinux-2.7/src/Makefile
+--- libselinux-2.7.orig/src/Makefile 2018-01-15 20:53:50.168525700 +0100
++++ libselinux-2.7/src/Makefile 2018-01-15 20:55:27.061858005 +0100
+@@ -181,7 +181,7 @@
+ install -m 755 $(LIBSO) $(DESTDIR)$(SHLIBDIR)
+ test -d $(DESTDIR)$(LIBDIR)/pkgconfig || install -m 755 -d $(DESTDIR)$(LIBDIR)/pkgconfig
+ install -m 644 $(LIBPC) $(DESTDIR)$(LIBDIR)/pkgconfig
+- ln -sf --relative $(DESTDIR)$(SHLIBDIR)/$(LIBSO) $(DESTDIR)$(LIBDIR)/$(TARGET)
++ cd $(DESTDIR)$(LIBDIR) && ln -sf $(LIBSO) $(TARGET)
+
+ install-pywrap: pywrap
+ test -d $(DESTDIR)$(PYTHONLIBDIR)/selinux || install -m 755 -d $(DESTDIR)$(PYTHONLIBDIR)/selinux
--- /dev/null
+From abe76789f8e7ce61b357f693eaed5b28feab5ce2 Mon Sep 17 00:00:00 2001
+From: Hollis Blanchard <hollis_blanchard@mentor.com>
+Date: Mon, 13 Aug 2018 12:11:33 -0700
+Subject: [PATCH] Fix build break around __atomic_*() with GCC<4.7
+
+The __atomic_* GCC primitives were introduced in GCC 4.7, but Red Hat
+Enterprise Linux 6.x (for example) provides GCC 4.4. Tweak the current code to
+use the (most conservative) __sync_synchronize() primitive provided by those
+older GCC versions.
+
+(Really, no __atomic or __sync operations are needed here at all, since POSIX
+4.12 "Memory Synchronization" says pthread_mutex_lock() and
+pthread_mutex_unlock() "synchronize memory with respect to other threads"...)
+
+Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
+---
+ src/label_file.h | 18 ++++++++++++++++++
+ 1 file changed, 18 insertions(+)
+
+diff --git a/src/label_file.h b/src/label_file.h
+index 2fa85474..47859baf 100644
+--- a/src/label_file.h
++++ b/src/label_file.h
+@@ -351,8 +351,14 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
+ * init_routine does not take a parameter, it's not possible
+ * to use, so we generate the same effect with atomics and a
+ * mutex */
++#ifdef __ATOMIC_RELAXED
+ regex_compiled =
+ __atomic_load_n(&spec->regex_compiled, __ATOMIC_ACQUIRE);
++#else
++ /* GCC <4.7 */
++ __sync_synchronize();
++ regex_compiled = spec->regex_compiled;
++#endif
+ if (regex_compiled) {
+ return 0; /* already done */
+ }
+@@ -360,8 +366,14 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
+ __pthread_mutex_lock(&spec->regex_lock);
+ /* Check if another thread compiled the regex while we waited
+ * on the mutex */
++#ifdef __ATOMIC_RELAXED
+ regex_compiled =
+ __atomic_load_n(&spec->regex_compiled, __ATOMIC_ACQUIRE);
++#else
++ /* GCC <4.7 */
++ __sync_synchronize();
++ regex_compiled = spec->regex_compiled;
++#endif
+ if (regex_compiled) {
+ __pthread_mutex_unlock(&spec->regex_lock);
+ return 0;
+@@ -404,7 +416,13 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
+ }
+
+ /* Done. */
++#ifdef __ATOMIC_RELAXED
+ __atomic_store_n(&spec->regex_compiled, true, __ATOMIC_RELEASE);
++#else
++ /* GCC <4.7 */
++ spec->regex_compiled = true;
++ __sync_synchronize();
++#endif
+ __pthread_mutex_unlock(&spec->regex_lock);
+ return 0;
+ }
+--
+2.13.0
+
+++ /dev/null
-Makefile: revert libselinux: use ln --relative to create .so symlinks
-
-This reverts 71393a181d63c9baae5fe8dcaeb9411d1f253998
-
-ln --relative is too recent to be available in all distributions,
-especially enterprise-grade distros that can stick around as long as
-they are maintained (up to 10 years in some cases?).
-
-For the sake of Buildroot, revert the upstream patch.
-
-Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
-
-diff -durNw libselinux-2.7.orig/src/Makefile libselinux-2.7/src/Makefile
---- libselinux-2.7.orig/src/Makefile 2018-01-15 20:53:50.168525700 +0100
-+++ libselinux-2.7/src/Makefile 2018-01-15 20:55:27.061858005 +0100
-@@ -181,7 +181,7 @@
- install -m 755 $(LIBSO) $(LIBINSTALL)
- test -d $(LIBINSTALL)/pkgconfig || install -m 755 -d $(LIBINSTALL)/pkgconfig
- install -m 644 $(LIBPC) $(LIBINSTALL)/pkgconfig
-- ln -sf --relative $(LIBINSTALL)/$(LIBSO) $(LIBINSTALL)/$(TARGET)
-+ cd $(LIBINSTALL) && ln -sf $(LIBSO) $(TARGET)
-
- install-pywrap: pywrap
- test -d $(PYSITEDIR)/selinux || install -m 755 -d $(PYSITEDIR)/selinux
+++ /dev/null
-From abe76789f8e7ce61b357f693eaed5b28feab5ce2 Mon Sep 17 00:00:00 2001
-From: Hollis Blanchard <hollis_blanchard@mentor.com>
-Date: Mon, 13 Aug 2018 12:11:33 -0700
-Subject: [PATCH] Fix build break around __atomic_*() with GCC<4.7
-
-The __atomic_* GCC primitives were introduced in GCC 4.7, but Red Hat
-Enterprise Linux 6.x (for example) provides GCC 4.4. Tweak the current code to
-use the (most conservative) __sync_synchronize() primitive provided by those
-older GCC versions.
-
-(Really, no __atomic or __sync operations are needed here at all, since POSIX
-4.12 "Memory Synchronization" says pthread_mutex_lock() and
-pthread_mutex_unlock() "synchronize memory with respect to other threads"...)
-
-Signed-off-by: Hollis Blanchard <hollis_blanchard@mentor.com>
----
- src/label_file.h | 18 ++++++++++++++++++
- 1 file changed, 18 insertions(+)
-
-diff --git a/src/label_file.h b/src/label_file.h
-index 2fa85474..47859baf 100644
---- a/src/label_file.h
-+++ b/src/label_file.h
-@@ -351,8 +351,14 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
- * init_routine does not take a parameter, it's not possible
- * to use, so we generate the same effect with atomics and a
- * mutex */
-+#ifdef __ATOMIC_RELAXED
- regex_compiled =
- __atomic_load_n(&spec->regex_compiled, __ATOMIC_ACQUIRE);
-+#else
-+ /* GCC <4.7 */
-+ __sync_synchronize();
-+ regex_compiled = spec->regex_compiled;
-+#endif
- if (regex_compiled) {
- return 0; /* already done */
- }
-@@ -360,8 +366,14 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
- __pthread_mutex_lock(&spec->regex_lock);
- /* Check if another thread compiled the regex while we waited
- * on the mutex */
-+#ifdef __ATOMIC_RELAXED
- regex_compiled =
- __atomic_load_n(&spec->regex_compiled, __ATOMIC_ACQUIRE);
-+#else
-+ /* GCC <4.7 */
-+ __sync_synchronize();
-+ regex_compiled = spec->regex_compiled;
-+#endif
- if (regex_compiled) {
- __pthread_mutex_unlock(&spec->regex_lock);
- return 0;
-@@ -404,7 +416,13 @@ static inline int compile_regex(struct saved_data *data, struct spec *spec,
- }
-
- /* Done. */
-+#ifdef __ATOMIC_RELAXED
- __atomic_store_n(&spec->regex_compiled, true, __ATOMIC_RELEASE);
-+#else
-+ /* GCC <4.7 */
-+ spec->regex_compiled = true;
-+ __sync_synchronize();
-+#endif
- __pthread_mutex_unlock(&spec->regex_lock);
- return 0;
- }
---
-2.13.0
-
# From: https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 d0fec0769b3ad60aa7baf9b9a4b7a056827769dc2dadda0dc0eb59b3d1c18c57 libselinux-2.7.tar.gz
+sha256 31db96ec7643ce10912b3c3f98506a08a9116dcfe151855fd349c3fda96187e1 libselinux-2.8.tar.gz
+
+# Hash for license file
+sha256 86657b4c0fe868d7cbd977cb04c63b6c667e08fa51595a7bc846ad4bed8fc364 LICENSE
#
################################################################################
-LIBSELINUX_VERSION = 2.7
-LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20170804
+LIBSELINUX_VERSION = 2.8
+LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20180524
LIBSELINUX_LICENSE = Public Domain
LIBSELINUX_LICENSE_FILES = LICENSE
LIBSELINUX_INSTALL_STAGING = YES
# Filter out D_FILE_OFFSET_BITS=64. This fixes errors caused by glibc 2.22.
+# Set SHLIBDIR to /usr/lib so it has the same value than LIBDIR, as a result
+# we won't have to use a relative path in 0002-revert-ln-relative.patch
LIBSELINUX_MAKE_OPTS = \
$(TARGET_CONFIGURE_OPTS) \
CFLAGS="$(filter-out -D_FILE_OFFSET_BITS=64,$(TARGET_CFLAGS))" \
LDFLAGS="$(TARGET_LDFLAGS) -lpcre -lpthread" \
- ARCH=$(KERNEL_ARCH)
+ ARCH=$(KERNEL_ARCH) \
+ SHLIBDIR=/usr/lib
LIBSELINUX_MAKE_INSTALL_TARGETS = install
HOST_LIBSELINUX_MAKE_OPTS = \
$(HOST_CONFIGURE_OPTS) \
PREFIX=$(HOST_DIR) \
+ SHLIBDIR=$(HOST_DIR)/lib \
LDFLAGS="$(HOST_LDFLAGS) -lpcre -lpthread" \
PYINC="$(HOST_LIBSELINUX_PYINC)" \
PYSITEDIR="$(HOST_DIR)/lib/$(HOST_LIBSELINUX_PYLIBVER)/site-packages" \
projects / buildroot.git / commitdiff