Re: Killing The Android libselinux Fork (available)

[Joshua Brindle <brindle@quarksecurity.com>]

William Roberts wrote:
> On Sep 22, 2016 9:18 PM, "Jeffrey Vander Stoep"<jeffv@google.com>  wrote:
>> Remember to test on the Mac build. About a year ago I moved the host side
> tools over to upstream libselinux, but had to revert because it broke the
> Mac build in multiple places. Since then Richard Haines has done a lot of
> work to reduce the diff between upstream and the Android fork. Hopefully
> that will reduce your effort.
>
> Yeah I'm quite concerned about the Mac build, does anyone on here have
> access to a Mac for testing?

I do, let me know when you have a branch you need looked at and I'll try 
to get to it.


>
>> On Thu, Sep 22, 2016 at 6:39 PM William Roberts<bill.c.roberts@gmail.com>
> wrote:
>>> On Thu, Sep 22, 2016 at 6:34 PM, William Roberts
>>> <bill.c.roberts@gmail.com>  wrote:
>>>> So I have been working the last couple of days to understand what it
>>>> would take to kill external/libselinux (the Android Fork) and fixup
>>>> upstream so most of the delta is in. The only thing we would keep on
>>>> the Android side, is android.c and .h. Since those files are self
>>>> contained, we should just be able to merge upstream without concerns
>>>> of conflict. If we really wanted to, we could spin off a separate
>>>> libselinux-android that builds those two files and links to
>>>> libselinux, but that seems overkill IMHO.
>>>>
>>>> The work is available here:
>>>> https://github.com/williamcroberts/selinux/tree/fork-kill
>>>>
>>>> Currently to Build:
>>>> 1. remove external/libselinux
>>>> 2. apply this patch to bionic if not present:
>>>> https://android-review.googlesource.com/#/c/276918
>>>> 3. either set external/selinux to my fork-kill branch or merge selinux
>>>> upstream master into external/selinux and apply the two patches listed
>>>> below:
>>>>
>>>> Patches that matter ( I don't know how to make pretty little git
> summaries):
>>>> commit e017f48acd2791a6aa62b4ed0c0b44256b26651f
>>>> Author: William Roberts<william.c.roberts@intel.com>
>>>> Date:   Wed Sep 21 16:06:37 2016 -0700
>>>> libselinux: add The Android fork files
>>>>
>>>> commit f40d7facbcaf1337f37b5630b98806fd25b1dbf9
>>>> Author: William Roberts<william.c.roberts@intel.com>
>>>> Date:   Wed Sep 21 16:00:34 2016 -0700
>>>> libselinux: rectify the Android fork
>>>>
>>>> The goal would be to upstream commit f40d7facb and leave
>>>> commit e017f48ac on the Android tree.
>>>>
>>>> I am going to do some further testing tomorrow, and plan on submitting
>>>> the upstream patch f40d7facbc on Monday. If anyone wants to leave
>>>> preliminary feedback, or has a specific thing they want tested, let me
> know.
>>>> Currently tested on the emulator and checked that the digest mechanism
> for
>>>> last restorecon value is working.
>>>>
>>>> --
>>>> Respectfully,
>>>>
>>>> William C Roberts
>>> FYI I may rebase that branch at anytime... you have been warned :-P
>
> _______________________________________________
> Seandroid-list mailing list
> Seandroid-list@tycho.nsa.gov
> To unsubscribe, send email to Seandroid-list-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Seandroid-list-request@tycho.nsa.gov.