[libsepol/f17] Revert patches

Daniel J Walsh dwalsh at fedoraproject.org
Fri Jul 27 14:08:29 UTC 2012 

commit 8c41a643907d1432ee5f94c9bc24d0ab7e9adaf7
Author: Dan Walsh <dwalsh at redhat.com>
Date:   Fri Jul 27 10:08:25 2012 -0400

    Revert patches

 libsepol-bad.patch |  175 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 libsepol.spec      |   10 +++-
 2 files changed, 184 insertions(+), 1 deletions(-)
---
diff --git a/libsepol-bad.patch b/libsepol-bad.patch
new file mode 100644
index 0000000..55b59e8
--- /dev/null
+++ b/libsepol-bad.patch
@@ -0,0 +1,175 @@
+diff --git a/libsepol/include/sepol/policydb/polcaps.h b/libsepol/include/sepol/policydb/polcaps.h
+diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
+index bef759c..4663321 100644
+--- a/libsepol/src/expand.c
++++ b/libsepol/src/expand.c
+@@ -49,6 +49,79 @@ typedef struct expand_state {
+ 	int expand_neverallow;
+ } expand_state_t;
+ 
++struct linear_probe {
++	filename_trans_t **table;	/* filename_trans chunks with same stype */
++	filename_trans_t **ends;	/* pointers to ends of **table chunks */
++	uint32_t length;		/* length of the table */
++};
++
++static int linear_probe_create(struct linear_probe *probe, uint32_t length)
++{
++	probe->table = calloc(length, sizeof(*probe->table));
++	if (probe->table == NULL)
++		return -1;
++
++	probe->ends = calloc(length, sizeof(*probe->ends));
++	if (probe->ends == NULL)
++		return -1;
++
++	probe->length = length;
++
++	return 0;
++}
++
++static void linear_probe_destroy(struct linear_probe *probe)
++{
++	if (probe->length == 0)
++		return;
++
++	free(probe->table);
++	free(probe->ends);
++	memset(probe, 0, sizeof(*probe));
++}
++
++static void linear_probe_insert(struct linear_probe *probe, uint32_t key,
++				filename_trans_t *data)
++{
++	assert(probe->length > key);
++
++	if (probe->table[key] != NULL) {
++		data->next = probe->table[key];
++		probe->table[key] = data;
++	} else {
++		probe->table[key] = probe->ends[key] = data;
++	}
++}
++
++static filename_trans_t *linear_probe_find(struct linear_probe *probe, uint32_t key)
++{
++	assert(probe->length > key);
++
++	return probe->table[key];
++}
++
++/* Returns all chunks stored in the *probe as single-linked list */
++static filename_trans_t *linear_probe_dump(struct linear_probe *probe,
++					   filename_trans_t **endp)
++{
++	uint32_t i;
++	filename_trans_t *result = NULL;
++	filename_trans_t *end = NULL;
++
++	for (i = 0; i < probe->length; i++) {
++		if (probe->table[i] != NULL) {
++			if (end == NULL)
++				end = probe->ends[i];
++			probe->ends[i]->next = result;
++			result = probe->table[i];
++			probe->table[i] = probe->ends[i] = NULL;
++		}
++	}
++
++	*endp = end;
++	return result;
++}
++
+ static void expand_state_init(expand_state_t * state)
+ {
+ 	memset(state, 0, sizeof(expand_state_t));
+@@ -1352,10 +1425,20 @@ static int copy_role_trans(expand_state_t * state, role_trans_rule_t * rules)
+ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *rules)
+ {
+ 	unsigned int i, j;
+-	filename_trans_t *new_trans, *cur_trans;
++	filename_trans_t *new_trans, *cur_trans, *end;
+ 	filename_trans_rule_t *cur_rule;
+ 	ebitmap_t stypes, ttypes;
+ 	ebitmap_node_t *snode, *tnode;
++	struct linear_probe probe;
++
++	/*
++	 * Linear probing speeds-up finding filename_trans rules with certain
++	 * "stype" value.
++	 */
++	if (linear_probe_create(&probe, 4096)) { /* Assume 4096 is enough for most cases */
++		ERR(state->handle, "Out of memory!");
++		return -1;
++	}
+ 
+ 	cur_rule = rules;
+ 	while (cur_rule) {
+@@ -1378,6 +1461,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ 
+ 		mapped_otype = state->typemap[cur_rule->otype - 1];
+ 
++		if (ebitmap_length(&stypes) > probe.length) {
++			linear_probe_destroy(&probe);
++			if (linear_probe_create(&probe, ebitmap_length(&stypes))) {
++				ERR(state->handle, "Out of memory!");
++				return -1;
++			}
++		}
++
+ 		ebitmap_for_each_bit(&stypes, snode, i) {
+ 			if (!ebitmap_node_get_bit(snode, i))
+ 				continue;
+@@ -1385,16 +1476,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ 				if (!ebitmap_node_get_bit(tnode, j))
+ 					continue;
+ 
+-				cur_trans = state->out->filename_trans;
+-				while (cur_trans) {
+-					if ((cur_trans->stype == i + 1) &&
+-					    (cur_trans->ttype == j + 1) &&
++				cur_trans = linear_probe_find(&probe, i);
++				while (cur_trans != NULL) {
++					if ((cur_trans->ttype == j + 1) &&
+ 					    (cur_trans->tclass == cur_rule->tclass) &&
+ 					    (!strcmp(cur_trans->name, cur_rule->name))) {
+ 						/* duplicate rule, who cares */
+ 						if (cur_trans->otype == mapped_otype)
+ 							break;
+-
+ 						ERR(state->handle, "Conflicting filename trans rules %s %s %s : %s otype1:%s otype2:%s",
+ 						    cur_trans->name,
+ 						    state->out->p_type_val_to_name[i],
+@@ -1402,7 +1491,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ 						    state->out->p_class_val_to_name[cur_trans->tclass - 1],
+ 						    state->out->p_type_val_to_name[cur_trans->otype - 1],
+ 						    state->out->p_type_val_to_name[mapped_otype - 1]);
+-						    
++
+ 						return -1;
+ 					}
+ 					cur_trans = cur_trans->next;
+@@ -1417,8 +1506,6 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ 					return -1;
+ 				}
+ 				memset(new_trans, 0, sizeof(*new_trans));
+-				new_trans->next = state->out->filename_trans;
+-				state->out->filename_trans = new_trans;
+ 
+ 				new_trans->name = strdup(cur_rule->name);
+ 				if (!new_trans->name) {
+@@ -1429,9 +1516,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ 				new_trans->ttype = j + 1;
+ 				new_trans->tclass = cur_rule->tclass;
+ 				new_trans->otype = mapped_otype;
++				linear_probe_insert(&probe, i, new_trans);
+ 			}
+ 		}
+ 
++		cur_trans = linear_probe_dump(&probe, &end);
++		end->next = state->out->filename_trans;
++		state->out->filename_trans = cur_trans;
++
+ 		ebitmap_destroy(&stypes);
+ 		ebitmap_destroy(&ttypes);
+ 
diff --git a/libsepol.spec b/libsepol.spec
index 7081c11..fceab1c 100644
--- a/libsepol.spec
+++ b/libsepol.spec
@@ -1,11 +1,12 @@
 Summary: SELinux binary policy manipulation library 
 Name: libsepol
 Version: 2.1.7
-Release: 1%{?dist}
+Release: 3%{?dist}
 License: LGPLv2+
 Group: System Environment/Libraries
 Source: http://www.nsa.gov/selinux/archives/libsepol-%{version}.tgz
 Patch: libsepol-rhat.patch
+Patch1: libsepol-bad.patch
 URL: http://www.selinuxproject.org
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
@@ -46,6 +47,7 @@ needed for developing applications that manipulate binary policies.
 %prep
 %setup -q
 %patch -p2 -b .rhat
+%patch1 -p2 -R -b .bad
 
 # sparc64 is an -fPIC arch, so we need to fix it here
 %ifarch sparc64
@@ -99,6 +101,12 @@ exit 0
 /%{_lib}/libsepol.so.1
 
 %changelog
+* Tue Jul 24 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.7-3
+- Revert patches
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.1.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
 * Wed Jul 4 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.7-1
 - Update to upstream 
 	* reserve policycapability for redhat testing of ptrace child

More information about the scm-commits mailing list