[libsepol/f17] Revert patches
Daniel J Walsh
dwalsh at fedoraproject.org
Fri Jul 27 14:08:29 UTC 2012
commit 8c41a643907d1432ee5f94c9bc24d0ab7e9adaf7
Author: Dan Walsh <dwalsh at redhat.com>
Date: Fri Jul 27 10:08:25 2012 -0400
Revert patches
libsepol-bad.patch | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++++
libsepol.spec | 10 +++-
2 files changed, 184 insertions(+), 1 deletions(-)
---
diff --git a/libsepol-bad.patch b/libsepol-bad.patch
new file mode 100644
index 0000000..55b59e8
--- /dev/null
+++ b/libsepol-bad.patch
@@ -0,0 +1,175 @@
+diff --git a/libsepol/include/sepol/policydb/polcaps.h b/libsepol/include/sepol/policydb/polcaps.h
+diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
+index bef759c..4663321 100644
+--- a/libsepol/src/expand.c
++++ b/libsepol/src/expand.c
+@@ -49,6 +49,79 @@ typedef struct expand_state {
+ int expand_neverallow;
+ } expand_state_t;
+
++struct linear_probe {
++ filename_trans_t **table; /* filename_trans chunks with same stype */
++ filename_trans_t **ends; /* pointers to ends of **table chunks */
++ uint32_t length; /* length of the table */
++};
++
++static int linear_probe_create(struct linear_probe *probe, uint32_t length)
++{
++ probe->table = calloc(length, sizeof(*probe->table));
++ if (probe->table == NULL)
++ return -1;
++
++ probe->ends = calloc(length, sizeof(*probe->ends));
++ if (probe->ends == NULL)
++ return -1;
++
++ probe->length = length;
++
++ return 0;
++}
++
++static void linear_probe_destroy(struct linear_probe *probe)
++{
++ if (probe->length == 0)
++ return;
++
++ free(probe->table);
++ free(probe->ends);
++ memset(probe, 0, sizeof(*probe));
++}
++
++static void linear_probe_insert(struct linear_probe *probe, uint32_t key,
++ filename_trans_t *data)
++{
++ assert(probe->length > key);
++
++ if (probe->table[key] != NULL) {
++ data->next = probe->table[key];
++ probe->table[key] = data;
++ } else {
++ probe->table[key] = probe->ends[key] = data;
++ }
++}
++
++static filename_trans_t *linear_probe_find(struct linear_probe *probe, uint32_t key)
++{
++ assert(probe->length > key);
++
++ return probe->table[key];
++}
++
++/* Returns all chunks stored in the *probe as single-linked list */
++static filename_trans_t *linear_probe_dump(struct linear_probe *probe,
++ filename_trans_t **endp)
++{
++ uint32_t i;
++ filename_trans_t *result = NULL;
++ filename_trans_t *end = NULL;
++
++ for (i = 0; i < probe->length; i++) {
++ if (probe->table[i] != NULL) {
++ if (end == NULL)
++ end = probe->ends[i];
++ probe->ends[i]->next = result;
++ result = probe->table[i];
++ probe->table[i] = probe->ends[i] = NULL;
++ }
++ }
++
++ *endp = end;
++ return result;
++}
++
+ static void expand_state_init(expand_state_t * state)
+ {
+ memset(state, 0, sizeof(expand_state_t));
+@@ -1352,10 +1425,20 @@ static int copy_role_trans(expand_state_t * state, role_trans_rule_t * rules)
+ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *rules)
+ {
+ unsigned int i, j;
+- filename_trans_t *new_trans, *cur_trans;
++ filename_trans_t *new_trans, *cur_trans, *end;
+ filename_trans_rule_t *cur_rule;
+ ebitmap_t stypes, ttypes;
+ ebitmap_node_t *snode, *tnode;
++ struct linear_probe probe;
++
++ /*
++ * Linear probing speeds-up finding filename_trans rules with certain
++ * "stype" value.
++ */
++ if (linear_probe_create(&probe, 4096)) { /* Assume 4096 is enough for most cases */
++ ERR(state->handle, "Out of memory!");
++ return -1;
++ }
+
+ cur_rule = rules;
+ while (cur_rule) {
+@@ -1378,6 +1461,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+
+ mapped_otype = state->typemap[cur_rule->otype - 1];
+
++ if (ebitmap_length(&stypes) > probe.length) {
++ linear_probe_destroy(&probe);
++ if (linear_probe_create(&probe, ebitmap_length(&stypes))) {
++ ERR(state->handle, "Out of memory!");
++ return -1;
++ }
++ }
++
+ ebitmap_for_each_bit(&stypes, snode, i) {
+ if (!ebitmap_node_get_bit(snode, i))
+ continue;
+@@ -1385,16 +1476,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ if (!ebitmap_node_get_bit(tnode, j))
+ continue;
+
+- cur_trans = state->out->filename_trans;
+- while (cur_trans) {
+- if ((cur_trans->stype == i + 1) &&
+- (cur_trans->ttype == j + 1) &&
++ cur_trans = linear_probe_find(&probe, i);
++ while (cur_trans != NULL) {
++ if ((cur_trans->ttype == j + 1) &&
+ (cur_trans->tclass == cur_rule->tclass) &&
+ (!strcmp(cur_trans->name, cur_rule->name))) {
+ /* duplicate rule, who cares */
+ if (cur_trans->otype == mapped_otype)
+ break;
+-
+ ERR(state->handle, "Conflicting filename trans rules %s %s %s : %s otype1:%s otype2:%s",
+ cur_trans->name,
+ state->out->p_type_val_to_name[i],
+@@ -1402,7 +1491,7 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ state->out->p_class_val_to_name[cur_trans->tclass - 1],
+ state->out->p_type_val_to_name[cur_trans->otype - 1],
+ state->out->p_type_val_to_name[mapped_otype - 1]);
+-
++
+ return -1;
+ }
+ cur_trans = cur_trans->next;
+@@ -1417,8 +1506,6 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ return -1;
+ }
+ memset(new_trans, 0, sizeof(*new_trans));
+- new_trans->next = state->out->filename_trans;
+- state->out->filename_trans = new_trans;
+
+ new_trans->name = strdup(cur_rule->name);
+ if (!new_trans->name) {
+@@ -1429,9 +1516,14 @@ static int expand_filename_trans(expand_state_t *state, filename_trans_rule_t *r
+ new_trans->ttype = j + 1;
+ new_trans->tclass = cur_rule->tclass;
+ new_trans->otype = mapped_otype;
++ linear_probe_insert(&probe, i, new_trans);
+ }
+ }
+
++ cur_trans = linear_probe_dump(&probe, &end);
++ end->next = state->out->filename_trans;
++ state->out->filename_trans = cur_trans;
++
+ ebitmap_destroy(&stypes);
+ ebitmap_destroy(&ttypes);
+
diff --git a/libsepol.spec b/libsepol.spec
index 7081c11..fceab1c 100644
--- a/libsepol.spec
+++ b/libsepol.spec
@@ -1,11 +1,12 @@
Summary: SELinux binary policy manipulation library
Name: libsepol
Version: 2.1.7
-Release: 1%{?dist}
+Release: 3%{?dist}
License: LGPLv2+
Group: System Environment/Libraries
Source: http://www.nsa.gov/selinux/archives/libsepol-%{version}.tgz
Patch: libsepol-rhat.patch
+Patch1: libsepol-bad.patch
URL: http://www.selinuxproject.org
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -46,6 +47,7 @@ needed for developing applications that manipulate binary policies.
%prep
%setup -q
%patch -p2 -b .rhat
+%patch1 -p2 -R -b .bad
# sparc64 is an -fPIC arch, so we need to fix it here
%ifarch sparc64
@@ -99,6 +101,12 @@ exit 0
/%{_lib}/libsepol.so.1
%changelog
+* Tue Jul 24 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.7-3
+- Revert patches
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.1.7-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
* Wed Jul 4 2012 Dan Walsh <dwalsh at redhat.com> - 2.1.7-1
- Update to upstream
* reserve policycapability for redhat testing of ptrace child
More information about the scm-commits
mailing list