From 8391037f86b95a4986b23b61f6f32efa760dd8a6 Mon Sep 17 00:00:00 2001 From: Nathan Chancellor Date: Mon, 30 Dec 2019 16:27:29 -0700 Subject: kernels/coral: apply a patch to fix glibc 2.29+ Link: https://lore.kernel.org/lkml/20190422210041.GA21711@archlinux-i9/ Link: https://git.kernel.org/stable/c/760f8522ce08a24abac3208290f93fe3fffc0d6c Signed-off-by: Nathan Chancellor --- kernels/coral/do.bash | 2 ++ kernels/coral/selinux.patch | 73 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 75 insertions(+) create mode 100644 kernels/coral/selinux.patch diff --git a/kernels/coral/do.bash b/kernels/coral/do.bash index 5e8cc41..ea66372 100644 --- a/kernels/coral/do.bash +++ b/kernels/coral/do.bash @@ -1,5 +1,7 @@ #!/bin/bash set -ex +BASE="$(readlink -f "$(dirname "$(readlink -f "$0")")")" +patch -d private/msm-google -p1 < "$BASE/selinux.patch" echo 'EXT_MODULES="${EXT_MODULES} wireguard"' >> private/msm-google/build.config.common echo 'ccflags-y += -Wno-unused-variable' >> wireguard-linux-compat/src/Kbuild ./build/build.sh diff --git a/kernels/coral/selinux.patch b/kernels/coral/selinux.patch new file mode 100644 index 0000000..c40f729 --- /dev/null +++ b/kernels/coral/selinux.patch @@ -0,0 +1,73 @@ +From 760f8522ce08a24abac3208290f93fe3fffc0d6c Mon Sep 17 00:00:00 2001 +From: Paulo Alcantara +Date: Sun, 24 Feb 2019 21:55:28 -0300 +Subject: selinux: use kernel linux/socket.h for genheaders and mdp + +commit dfbd199a7cfe3e3cd8531e1353cdbd7175bfbc5e upstream. + +When compiling genheaders and mdp from a newer host kernel, the +following error happens: + + In file included from scripts/selinux/genheaders/genheaders.c:18: + ./security/selinux/include/classmap.h:238:2: error: #error New + address family defined, please update secclass_map. #error New + address family defined, please update secclass_map. ^~~~~ + make[3]: *** [scripts/Makefile.host:107: + scripts/selinux/genheaders/genheaders] Error 1 make[2]: *** + [scripts/Makefile.build:599: scripts/selinux/genheaders] Error 2 + make[1]: *** [scripts/Makefile.build:599: scripts/selinux] Error 2 + make[1]: *** Waiting for unfinished jobs.... + +Instead of relying on the host definition, include linux/socket.h in +classmap.h to have PF_MAX. + +Cc: stable@vger.kernel.org +Signed-off-by: Paulo Alcantara +Acked-by: Stephen Smalley +[PM: manually merge in mdp.c, subject line tweaks] +Signed-off-by: Paul Moore +Signed-off-by: Greg Kroah-Hartman +--- + scripts/selinux/genheaders/genheaders.c | 1 - + scripts/selinux/mdp/mdp.c | 1 - + security/selinux/include/classmap.h | 1 + + 3 files changed, 1 insertion(+), 2 deletions(-) + +diff --git a/scripts/selinux/genheaders/genheaders.c b/scripts/selinux/genheaders/genheaders.c +index fa48fabcb330..3cc4893d98cc 100644 +--- a/scripts/selinux/genheaders/genheaders.c ++++ b/scripts/selinux/genheaders/genheaders.c +@@ -9,7 +9,6 @@ + #include + #include + #include +-#include + + struct security_class_mapping { + const char *name; +diff --git a/scripts/selinux/mdp/mdp.c b/scripts/selinux/mdp/mdp.c +index ffe8179f5d41..c29fa4a6228d 100644 +--- a/scripts/selinux/mdp/mdp.c ++++ b/scripts/selinux/mdp/mdp.c +@@ -32,7 +32,6 @@ + #include + #include + #include +-#include + + static void usage(char *name) + { +diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h +index cc35695d97b4..45ef6a0c17cc 100644 +--- a/security/selinux/include/classmap.h ++++ b/security/selinux/include/classmap.h +@@ -1,5 +1,6 @@ + /* SPDX-License-Identifier: GPL-2.0 */ + #include ++#include + + #define COMMON_FILE_SOCK_PERMS "ioctl", "read", "write", "create", \ + "getattr", "setattr", "lock", "relabelfrom", "relabelto", "append", "map" +-- +cgit 1.2-0.3.lf.el7 + -- cgit v1.2.3-59-g8ed1b