[Buildroot] [PATCH 1/1] Add libselinux and libsepol dependency for SELinux support.

[Buildroot] [PATCH 1/1] Add libselinux and libsepol dependency for SELinux support.

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 package/busybox/Config.in | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/package/busybox/Config.in b/package/busybox/Config.in
index a3a328d..b7d6c13 100644
--- a/package/busybox/Config.in
+++ b/package/busybox/Config.in
@@ -33,7 +33,8 @@ config BR2_PACKAGE_BUSYBOX_SHOW_OTHERS
 	  by busybox.
 
 config BR2_PACKAGE_BUSYBOX_SELINUX
-	select BR2_PACKAGE_LIBSELINUX
+	depends on BR2_PACKAGE_LIBSELINUX
+	depends on BR2_PACKAGE_LIBSEPOL
 	depends on BR2_TOOLCHAIN_HAS_THREADS
 	depends on !BR2_STATIC_LIBS
 	depends on !BR2_arc
@@ -51,6 +52,9 @@ config BR2_PACKAGE_BUSYBOX_SELINUX
 	  crond, then individual binaries have to be enabled for the
 	  SELinux type transitions to occur properly.
 
+	comment "SELinux support in BusyBox requires libselinux, libsepol"
+		depends on !BR2_PACKAGE_LIBSELINUX || !BR2_PACKAGE_LIBSEPOL
+
 config BR2_PACKAGE_BUSYBOX_WATCHDOG
 	bool "Install the watchdog daemon startup script"
 	help
-- 
2.7.4

[Buildroot] [PATCH 2/6] Audit: bump to version 2.5.2

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 package/audit/audit.hash | 2 +-
 package/audit/audit.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/audit/audit.hash b/package/audit/audit.hash
index f234fdb..bca97d6 100644
--- a/package/audit/audit.hash
+++ b/package/audit/audit.hash
@@ -1,2 +1,2 @@
 #Locally computed
-sha256	25f57f465f3230d7b1166b615ffd6748818a3dc225d0e8b396c5b2e951674e23	audit-2.4.4.tar.gz
+sha256	f7c35a8c27d98255303f0e828d1045df43f968957bc733338335c64f2ede024d    audit-2.5.2.tar.gz
diff --git a/package/audit/audit.mk b/package/audit/audit.mk
index 1fbc623..9589c06 100644
--- a/package/audit/audit.mk
+++ b/package/audit/audit.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-AUDIT_VERSION = 2.4.4
+AUDIT_VERSION = 2.5.2
 AUDIT_SITE = http://people.redhat.com/sgrubb/audit
 AUDIT_LICENSE = GPLv2
 AUDIT_LICENSE_FILES = COPYING
-- 
2.7.4

[Buildroot] [PATCH 3/6] checkpolicy: bump to version 2.5

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 package/checkpolicy/checkpolicy.hash | 2 +-
 package/checkpolicy/checkpolicy.mk   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/package/checkpolicy/checkpolicy.hash b/package/checkpolicy/checkpolicy.hash
index 32b5ff6..bc5199c 100644
--- a/package/checkpolicy/checkpolicy.hash
+++ b/package/checkpolicy/checkpolicy.hash
@@ -1,2 +1,2 @@
 # https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256 e6a0ac539b74859b4262b317eb90d9914deb15e7aa509659f47724d50fe2ecc6  checkpolicy-2.1.12.tar.gz
+sha256 33af9f3eb19135a7e6536ecd3fbb9686323000016cd51eb88346346ed7546001  checkpolicy-2.5.tar.gz
diff --git a/package/checkpolicy/checkpolicy.mk b/package/checkpolicy/checkpolicy.mk
index 4b7b2f3..f1b76d0 100644
--- a/package/checkpolicy/checkpolicy.mk
+++ b/package/checkpolicy/checkpolicy.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-CHECKPOLICY_VERSION = 2.1.12
-CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+CHECKPOLICY_VERSION = 2.5
+CHECKPOLICY_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 CHECKPOLICY_LICENSE = GPLv2
 CHECKPOLICY_LICENSE_FILES = COPYING
 
-- 
2.7.4

[Buildroot] [PATCH 4/6] libsepol: bump to version 2.5

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 package/libsepol/0001-support-static-only.patch    | 17 +++++++++--------
 .../libsepol/0002-workaround-blackfin-issue.patch  | 22 ++++++----------------
 package/libsepol/libsepol.hash                     |  2 +-
 package/libsepol/libsepol.mk                       |  4 ++--
 4 files changed, 18 insertions(+), 27 deletions(-)

diff --git a/package/libsepol/0001-support-static-only.patch b/package/libsepol/0001-support-static-only.patch
index b974680..6d30454 100644
--- a/package/libsepol/0001-support-static-only.patch
+++ b/package/libsepol/0001-support-static-only.patch
@@ -6,15 +6,16 @@ when defined to some non-empty value, will disable the build of shared
 libraries. It allows to support cases where the target architecture
 does not have support for shared libraries.
 
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
 Index: b/src/Makefile
 ===================================================================
+
+diff --git a/src/Makefile b/src/Makefile
+index db6c2ba..0006285 100644
 --- a/src/Makefile
 +++ b/src/Makefile
-@@ -17,7 +17,12 @@
- CFLAGS ?= -Werror -Wall -W -Wundef -Wshadow -Wmissing-noreturn -Wmissing-format-attribute
- override CFLAGS += -I. -I../include -D_GNU_SOURCE
+@@ -31,7 +31,12 @@ override CFLAGS += -I$(CILDIR)/include
+ endif
+
  
 -all: $(LIBA) $(LIBSO) $(LIBPC)
 +ALL_TARGETS = $(LIBA) $(LIBPC)
@@ -24,9 +25,9 @@ Index: b/src/Makefile
 +
 +all: $(ALL_TARGETS)
  
+
  $(LIBA):  $(OBJS)
- 	$(AR) rcs $@ $^
-@@ -39,11 +44,13 @@
+@@ -66,11 +71,13 @@ endif
  install: all
  	test -d $(LIBDIR) || install -m 755 -d $(LIBDIR)
  	install -m 644 $(LIBA) $(LIBDIR)
@@ -37,7 +38,7 @@ Index: b/src/Makefile
 +ifeq ($(STATIC),)
 +	test -d $(SHLIBDIR) || install -m 755 -d $(SHLIBDIR)
 +	install -m 755 $(LIBSO) $(SHLIBDIR)
- 	cd $(LIBDIR) && ln -sf ../../`basename $(SHLIBDIR)`/$(LIBSO) $(TARGET)
+ 	ln -sf --relative $(SHLIBDIR)/$(LIBSO) $(LIBDIR)/$(TARGET)
 +endif
  
  relabel:
diff --git a/package/libsepol/0002-workaround-blackfin-issue.patch b/package/libsepol/0002-workaround-blackfin-issue.patch
index 5d00c69..237c06a 100644
--- a/package/libsepol/0002-workaround-blackfin-issue.patch
+++ b/package/libsepol/0002-workaround-blackfin-issue.patch
@@ -1,24 +1,14 @@
-Do not make symbols hidden on Blackfin
-
-The libselinux logic to hide internal symbols from the DSO doesn't
-work properly on Blackfin due to the USER_LABEL_PREFIX not being
-handled properly. A real fix is not that simple, so this patch simply
-disables the internal symbol hiding mechanism. This means that those
-symbols are visible in the final DSO, which is not a problem for
-proper execution, it just isn't as clean.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/src/dso.h
-===================================================================
+diff --git a/src/dso.h b/src/dso.h
+index a06e349..e04758d 100644
 --- a/src/dso.h
 +++ b/src/dso.h
-@@ -1,7 +1,7 @@
- #ifndef _SELINUX_DSO_H
- #define _SELINUX_DSO_H	1
+@@ -5,7 +5,7 @@
+     #define DISABLE_SYMVER 1
+ #endif
  
 -#ifdef SHARED
 +#if defined(SHARED) && !defined(__bfin__)
  # define hidden __attribute__ ((visibility ("hidden")))
  # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
  # define __hidden_proto(fct, internal)	\
+
diff --git a/package/libsepol/libsepol.hash b/package/libsepol/libsepol.hash
index df5dabd..266ce43 100644
--- a/package/libsepol/libsepol.hash
+++ b/package/libsepol/libsepol.hash
@@ -1,2 +1,2 @@
 # From https://github.com/SELinuxProject/selinux/wiki/Releases
-sha256	290d17f583635a4a5d8a2141511272adf0571c4205cdea38b5a68df20d58a70b  libsepol-2.1.9.tar.gz
+sha256 2bdeec56d0a08b082b93b40703b4b3329cc5562152f7254d8f6ef6b56afe850a  libsepol-2.5.tar.gz
diff --git a/package/libsepol/libsepol.mk b/package/libsepol/libsepol.mk
index 1e709c6..93896cf 100644
--- a/package/libsepol/libsepol.mk
+++ b/package/libsepol/libsepol.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSEPOL_VERSION = 2.1.9
-LIBSEPOL_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSEPOL_VERSION = 2.5
+LIBSEPOL_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSEPOL_LICENSE = LGPLv2.1+
 LIBSEPOL_LICENSE_FILES = COPYING
 
-- 
2.7.4

[Buildroot] [PATCH 5/6] libselinux: bump to version 2.5

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 package/libselinux/Config.in       | 9 +++++++--
 package/libselinux/libselinux.hash | 2 +-
 package/libselinux/libselinux.mk   | 4 ++--
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/package/libselinux/Config.in b/package/libselinux/Config.in
index bc8298d..af4d759 100644
--- a/package/libselinux/Config.in
+++ b/package/libselinux/Config.in
@@ -6,6 +6,8 @@ config BR2_PACKAGE_LIBSELINUX
 	depends on !BR2_STATIC_LIBS
 	# Toolchain issue: "fixup not contained within frag"
 	depends on !BR2_arc
+   # Newer versions of libselinux won't compile against glibc 2.22.
+	depends on !BR2_GLIBC_VERSION_2_22
 	help
 	  libselinux is the runtime SELinux library that provides
 	  interfaces (e.g. library functions for the SELinux kernel
@@ -17,6 +19,9 @@ config BR2_PACKAGE_LIBSELINUX
 
 	  http://selinuxproject.org/page/Main_Page
 
-comment "libselinux needs a toolchain w/ threads, dynamic library"
+comment "libselinux needs a toolchain w/ threads, dynamic library, glibc version != 2.22"
 	depends on !BR2_arc
-	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
+	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || BR2_GLIBC_VERSION_2_22
+
+
+
diff --git a/package/libselinux/libselinux.hash b/package/libselinux/libselinux.hash
index 861c327..a4c3440 100644
--- a/package/libselinux/libselinux.hash
+++ b/package/libselinux/libselinux.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 57aad47c06b7ec18a76e8d9870539277a84cb40109cfdcf70ed3260bdb04447a libselinux-2.1.13.tar.gz
+sha256 94c9e97706280bedcc288f784f67f2b9d3d6136c192b2c9f812115edba58514f libselinux-2.5.tar.gz
diff --git a/package/libselinux/libselinux.mk b/package/libselinux/libselinux.mk
index d4b96c4..8383831 100644
--- a/package/libselinux/libselinux.mk
+++ b/package/libselinux/libselinux.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSELINUX_VERSION = 2.1.13
-LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSELINUX_VERSION = 2.5
+LIBSELINUX_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSELINUX_LICENSE = Public Domain
 LIBSELINUX_LICENSE_FILES = LICENSE
 
-- 
2.7.4

[Buildroot] [PATCH 6/6] libsemanage: bump to version 2.5

[Adam Duskett]

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
---
 .../libsemanage/0001-execption-lib-path-fix.patch  | 14 -------------
 .../0001-workaround-blackfin-issue.patch           | 13 ++++++++++++
 .../0002-workaround-blackfin-issue.patch           | 24 ----------------------
 package/libsemanage/Config.in                      |  6 +++---
 package/libsemanage/libsemanage.hash               |  2 +-
 package/libsemanage/libsemanage.mk                 |  4 ++--
 6 files changed, 19 insertions(+), 44 deletions(-)
 delete mode 100644 package/libsemanage/0001-execption-lib-path-fix.patch
 create mode 100644 package/libsemanage/0001-workaround-blackfin-issue.patch
 delete mode 100644 package/libsemanage/0002-workaround-blackfin-issue.patch

diff --git a/package/libsemanage/0001-execption-lib-path-fix.patch b/package/libsemanage/0001-execption-lib-path-fix.patch
deleted file mode 100644
index cbcbea5..0000000
--- a/package/libsemanage/0001-execption-lib-path-fix.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-Patch to correct a missing header file issue.
-
-Signed-off-by Clayton Shotwell <clshotwe@rockwellcollins.com>
-
---- a/src/exception.sh	2011-12-21 11:46:04.000000000 -0600
-+++ b/src/exception.sh	2012-08-27 11:29:58.000000000 -0500
-@@ -9,6 +9,6 @@
- }
- "
- }
--gcc -x c -c - -aux-info temp.aux < ../include/semanage/semanage.h
-+gcc -x c -c - -aux-info temp.aux -I../include < ../include/semanage/semanage.h
- for i in `awk '/extern int/ { print $6 }' temp.aux`; do except $i ; done
- rm -f -- temp.aux -.o
diff --git a/package/libsemanage/0001-workaround-blackfin-issue.patch b/package/libsemanage/0001-workaround-blackfin-issue.patch
new file mode 100644
index 0000000..6208ee7
--- /dev/null
+++ b/package/libsemanage/0001-workaround-blackfin-issue.patch
@@ -0,0 +1,13 @@
+diff --git a/src/dso.h b/src/dso.h
+index 5c69aae..90ba3bf 100644
+--- a/src/dso.h
++++ b/src/dso.h
+@@ -1,7 +1,7 @@
+ #ifndef _SEPOL_DSO_H
+ #define _SEPOL_DSO_H	1
+ 
+-#ifdef SHARED
++#if defined(SHARED) && !defined(__bfin__)
+ # define hidden __attribute__ ((visibility ("hidden")))
+ # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
+ # define __hidden_proto(fct, internal)	\
diff --git a/package/libsemanage/0002-workaround-blackfin-issue.patch b/package/libsemanage/0002-workaround-blackfin-issue.patch
deleted file mode 100644
index 5d00c69..0000000
--- a/package/libsemanage/0002-workaround-blackfin-issue.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-Do not make symbols hidden on Blackfin
-
-The libselinux logic to hide internal symbols from the DSO doesn't
-work properly on Blackfin due to the USER_LABEL_PREFIX not being
-handled properly. A real fix is not that simple, so this patch simply
-disables the internal symbol hiding mechanism. This means that those
-symbols are visible in the final DSO, which is not a problem for
-proper execution, it just isn't as clean.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
-
-Index: b/src/dso.h
-===================================================================
---- a/src/dso.h
-+++ b/src/dso.h
-@@ -1,7 +1,7 @@
- #ifndef _SELINUX_DSO_H
- #define _SELINUX_DSO_H	1
- 
--#ifdef SHARED
-+#if defined(SHARED) && !defined(__bfin__)
- # define hidden __attribute__ ((visibility ("hidden")))
- # define hidden_proto(fct) __hidden_proto (fct, fct##_internal)
- # define __hidden_proto(fct, internal)	\
diff --git a/package/libsemanage/Config.in b/package/libsemanage/Config.in
index 5e9ad8f..cff4c07 100644
--- a/package/libsemanage/Config.in
+++ b/package/libsemanage/Config.in
@@ -1,9 +1,9 @@
 config BR2_PACKAGE_LIBSEMANAGE
 	bool "libsemanage"
-	select BR2_PACKAGE_LIBSELINUX
 	select BR2_PACKAGE_USTR
 	select BR2_PACKAGE_BZIP2
 	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on BR2_PACKAGE_LIBSELINUX
 	depends on !BR2_STATIC_LIBS
 	depends on !BR2_TOOLCHAIN_USES_MUSL # getpwent_r()
 	depends on !BR2_arc
@@ -18,7 +18,7 @@ config BR2_PACKAGE_LIBSEMANAGE
 
 	  http://selinuxproject.org/page/Main_Page
 
-comment "libsemanage needs a toolchain w/ threads, dynamic library"
+comment "libsemanage needs a toolchain w/ threads, dynamic library, libselinux"
 	depends on !BR2_arc
 	depends on !BR2_TOOLCHAIN_USES_MUSL
-	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
+	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || !BR2_PACKAGE_LIBSELINUX
diff --git a/package/libsemanage/libsemanage.hash b/package/libsemanage/libsemanage.hash
index d4204d1..69f7c8d 100644
--- a/package/libsemanage/libsemanage.hash
+++ b/package/libsemanage/libsemanage.hash
@@ -1,2 +1,2 @@
 # Locally computed
-sha256 de2e8077245581e94576276f54e80a53c23c28d6961d2dfbe2f004eaba452e91 libsemanage-2.1.10.tar.gz
+sha256 46e2f36254369b6e91d1eea0460c262b139361b055a3a67d3ceea2d8ef72e006 libsemanage-2.5.tar.gz
diff --git a/package/libsemanage/libsemanage.mk b/package/libsemanage/libsemanage.mk
index 197c14e..35bbdcf 100644
--- a/package/libsemanage/libsemanage.mk
+++ b/package/libsemanage/libsemanage.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBSEMANAGE_VERSION = 2.1.10
-LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20130423
+LIBSEMANAGE_VERSION = 2.5
+LIBSEMANAGE_SITE = https://raw.githubusercontent.com/wiki/SELinuxProject/selinux/files/releases/20160223
 LIBSEMANAGE_LICENSE = LGPLv2.1+
 LIBSEMANAGE_LICENSE_FILES = COPYING
 LIBSEMANAGE_DEPENDENCIES = host-bison host-flex libselinux ustr bzip2
-- 
2.7.4

[Buildroot] [PATCH 4/6] libsepol: bump to version 2.5

[Thomas Petazzoni]

Hello,

Glad to see that there are some people interested by SELinux support!
We still have lots of pending patches about SELinux, especially the
one adding the refpolicy package. See
http://patchwork.ozlabs.org/project/buildroot/list/?submitter=&state=&q=selinux&archive=&delegate=.

Some comments below though.

On Thu, 23 Jun 2016 22:43:19 -0400, Adam Duskett wrote:
> Signed-off-by: Adam Duskett <Aduskett@gmail.com>
> ---
>  package/libsepol/0001-support-static-only.patch    | 17 +++++++++--------
>  .../libsepol/0002-workaround-blackfin-issue.patch  | 22 ++++++----------------

It would be good if you could indicate in the commit log what is
changed in the patches. Indeed, there are some strange changes that
you're doing.

>  package/libsepol/libsepol.hash                     |  2 +-
>  package/libsepol/libsepol.mk                       |  4 ++--
>  4 files changed, 18 insertions(+), 27 deletions(-)
> 
> diff --git a/package/libsepol/0001-support-static-only.patch b/package/libsepol/0001-support-static-only.patch
> index b974680..6d30454 100644
> --- a/package/libsepol/0001-support-static-only.patch
> +++ b/package/libsepol/0001-support-static-only.patch
> @@ -6,15 +6,16 @@ when defined to some non-empty value, will disable the build of shared
>  libraries. It allows to support cases where the target architecture
>  does not have support for shared libraries.
>  
> -Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
> -

Why are you removing this?

> diff --git a/package/libsepol/0002-workaround-blackfin-issue.patch b/package/libsepol/0002-workaround-blackfin-issue.patch
> index 5d00c69..237c06a 100644
> --- a/package/libsepol/0002-workaround-blackfin-issue.patch
> +++ b/package/libsepol/0002-workaround-blackfin-issue.patch
> @@ -1,24 +1,14 @@
> -Do not make symbols hidden on Blackfin
> -
> -The libselinux logic to hide internal symbols from the DSO doesn't
> -work properly on Blackfin due to the USER_LABEL_PREFIX not being
> -handled properly. A real fix is not that simple, so this patch simply
> -disables the internal symbol hiding mechanism. This means that those
> -symbols are visible in the final DSO, which is not a problem for
> -proper execution, it just isn't as clean.
> -
> -Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
> -

And why are you removing this ?

Thanks!

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

[Buildroot] [PATCH 5/6] libselinux: bump to version 2.5

[Thomas Petazzoni]

Hello,

On Thu, 23 Jun 2016 22:43:20 -0400, Adam Duskett wrote:

> diff --git a/package/libselinux/Config.in b/package/libselinux/Config.in
> index bc8298d..af4d759 100644
> --- a/package/libselinux/Config.in
> +++ b/package/libselinux/Config.in
> @@ -6,6 +6,8 @@ config BR2_PACKAGE_LIBSELINUX
>  	depends on !BR2_STATIC_LIBS
>  	# Toolchain issue: "fixup not contained within frag"
>  	depends on !BR2_arc
> +   # Newer versions of libselinux won't compile against glibc 2.22.

Indentation must be done with one tab here.

> +	depends on !BR2_GLIBC_VERSION_2_22

What is the issue you're facing with glibc 2.22 ?

Adding a depends on !BR2_GLIBC_VERSION_2_22 is not possible, because
this symbol only makes sense when you're using the internal toolchain
mechanism (i.e when Buildroot builds the toolchain for you). When
you're using an external toolchain, this symbol has no meaning, so you
might very well have BR2_GLIBC_VERSION_2_22 disabled, but still have a
glibc 2.22 based external toolchain.

So I'd rather understand what is the build failure, and see if it can
be fixed.

>  	help
>  	  libselinux is the runtime SELinux library that provides
>  	  interfaces (e.g. library functions for the SELinux kernel
> @@ -17,6 +19,9 @@ config BR2_PACKAGE_LIBSELINUX
>  
>  	  http://selinuxproject.org/page/Main_Page
>  
> -comment "libselinux needs a toolchain w/ threads, dynamic library"
> +comment "libselinux needs a toolchain w/ threads, dynamic library, glibc version != 2.22"
>  	depends on !BR2_arc
> -	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
> +	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || BR2_GLIBC_VERSION_2_22
> +
> +
> +

Unnecessary line additions.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

[Buildroot] [PATCH 1/1] Add libselinux and libsepol dependency for SELinux support.

[Thomas Petazzoni]

Hello,

The title should always contain the package being affected by the
change. I.e, it should be of the form:

	<package>: <description>

In your case:

	busybox: ...

On Thu, 23 Jun 2016 22:43:16 -0400, Adam Duskett wrote:

>  config BR2_PACKAGE_BUSYBOX_SELINUX
> -	select BR2_PACKAGE_LIBSELINUX
> +	depends on BR2_PACKAGE_LIBSELINUX

Why are you doing this? A select is what's appropriate.

> +	depends on BR2_PACKAGE_LIBSEPOL

Why are you adding this? libselinux already selects libsepol, so when
you have libselinux, you have libsepol.

Therefore, this patch looks bogus :-/

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com

[Buildroot] [PATCH 6/6] libsemanage: bump to version 2.5

[Thomas Petazzoni]

Hello,

Thanks for your patch. See my comments below.

On Thu, 23 Jun 2016 22:43:21 -0400, Adam Duskett wrote:

>  .../libsemanage/0001-execption-lib-path-fix.patch  | 14 -------------

You are removing this patch, why?

> diff --git a/package/libsemanage/0001-workaround-blackfin-issue.patch b/package/libsemanage/0001-workaround-blackfin-issue.patch
> new file mode 100644
> index 0000000..6208ee7
> --- /dev/null
> +++ b/package/libsemanage/0001-workaround-blackfin-issue.patch
> @@ -0,0 +1,13 @@
> +diff --git a/src/dso.h b/src/dso.h
> +index 5c69aae..90ba3bf 100644

This patch got renamed, but in the process, you completely removed the
description of the patch and the Signed-off-by line. This is not good.


> diff --git a/package/libsemanage/Config.in b/package/libsemanage/Config.in
> index 5e9ad8f..cff4c07 100644
> --- a/package/libsemanage/Config.in
> +++ b/package/libsemanage/Config.in
> @@ -1,9 +1,9 @@
>  config BR2_PACKAGE_LIBSEMANAGE
>  	bool "libsemanage"
> -	select BR2_PACKAGE_LIBSELINUX
>  	select BR2_PACKAGE_USTR
>  	select BR2_PACKAGE_BZIP2
>  	depends on BR2_TOOLCHAIN_HAS_THREADS
> +	depends on BR2_PACKAGE_LIBSELINUX

Why are you changing from a depends on to a select ? The original
"select" is the correct thing to do.

>  	depends on !BR2_STATIC_LIBS
>  	depends on !BR2_TOOLCHAIN_USES_MUSL # getpwent_r()
>  	depends on !BR2_arc
> @@ -18,7 +18,7 @@ config BR2_PACKAGE_LIBSEMANAGE
>  
>  	  http://selinuxproject.org/page/Main_Page
>  
> -comment "libsemanage needs a toolchain w/ threads, dynamic library"
> +comment "libsemanage needs a toolchain w/ threads, dynamic library, libselinux"
>  	depends on !BR2_arc
>  	depends on !BR2_TOOLCHAIN_USES_MUSL
> -	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS
> +	depends on !BR2_TOOLCHAIN_HAS_THREADS || BR2_STATIC_LIBS || !BR2_PACKAGE_LIBSELINUX

As per my comment above, this change is not necessary.

Thanks,

Thomas
-- 
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com