libselinux: bump to 3.3 and sync with upstream #10300
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Nick Hainke <[email protected]>
Update VERSIONs to 3.3 for release. libsepol/cil: Fix potential undefined shifts libsepol: Fix potential undefined shifts Update VERSIONs to 3.3-rc3 for release. libsepol/cil: Do not skip macros when resolving until later passes libsepol/cil: Limit the amount of reporting for bounds failures libsepol/cil: silence clang void-pointer-to-enum-cast warning libsepol: resolve GCC warning about null-dereference libsepol: use correct cast libsepol: ebitmap: mark nodes of const ebitmaps const Update VERSIONs to 3.3-rc2 for release. libsepol/cil: Handle operations in a class mapping when verifying libsepol/cil: Do not use original type and typeattribute datums libsepol: free memory after policy validation libsepol: avoid implicit conversions libsepol: fix typo libsepol/cil: Free duplicate datums in original calling function libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/cil: Limit the number of active line marks libsepol/cil: Add function to get number of items in a stack libsepol: Fix detected RESOURCE_LEAKs libsepol/cil: Fix syntax checking in __cil_verify_syntax() libsepol/cil: Use size_t for len in __cil_verify_syntax() libsepol/cil: Remove redundant syntax checking libsepol/cil: Improve in-statement to allow use after inheritance libsepol/cil: Simplify cil_tree_children_destroy() libsepol/cil: Refactor the function __cil_build_ast_node_helper() libsepol/cil: Don't destroy optionals whose parent will be destroyed libsepol/cil: Properly check for parameter when inserting name libsepol/cil: Reset expandtypeattribute rules when resetting AST libsepol/cil: Properly check parse tree when printing error messages libsepol/cil: Allow some duplicate macro and block declarations libsepol/cil: When writing AST use line marks for src_info nodes libsepol/cil: Report correct high-level language line numbers libsepol/cil: Add line mark kind and line number to src info libsepol/cil: Create common string-to-unsigned-integer functions libsepol/cil: Push line mark state first when processing a line mark libsepol/cil: Check for valid line mark type immediately libsepol/cil: Check the token type after getting the next token libsepol/cil: Check syntax of src_info statement libsepol/cil: move the fuzz target and build script to the selinux repository libsepol: replace strerror by %m libsepol/cil: remove obsolete comment libsepol/cil: do not allow \0 in quoted strings libsepol/cil: Fix handling category sets in an expression libsepol: assure string NUL-termination of ibdev_name libsepol: avoid implicit conversions libsepol: ignore UBSAN false-positives libsepol: avoid unsigned integer overflow libsepol/cil: Improve checking for bad inheritance patterns libsepol: silence -Wextra-semi-stmt warning libsepol/cil: do not override previous results of __cil_verify_classperms libsepol/cil: Provide option to allow qualified names in declarations libsepol/cil: make array cil_sym_sizes const libsepol/cil: Only reset AST if optional has a declaration libsepol/cil: Add function to determine if a subtree has a declaration libsepol/cil: Improve degenerate inheritance check libsepol/cil: Reduce the initial symtab sizes for blocks libsepol/cil: Check for empty list when marking neverallow attributes libsepol/cil: Fix syntax checking of defaultrange rule libsepol/cil: Properly check for loops in sets libsepol/cil: Allow duplicate optional blocks in most cases libsepol: declare read-only arrays const libsepol: declare file local variable static libsepol: drop unnecessary casts libsepol: drop repeated semicolons libsepol/cil: avoid using maybe uninitialized variables libsepol/cil: drop unnecessary casts libsepol/cil: drop dead store libsepol/cil: drop extra semicolon libsepol/cil: silence cast warning libsepol: remove dead stores libsepol: do not allocate memory of size 0 libsepol: mark read-only parameters of type_set_ interfaces const libsepol: mark read-only parameters of ebitmap interfaces const libsepol: remove dead stores libsepol/cil: follow declaration-after-statement libsepol: follow declaration-after-statement libsepol: avoid unsigned integer overflow libsepol: remove unused functions libsepol: resolve missing prototypes libsepol: fix typos libsepol: Quote paths when generating policy.conf from binary policy libsepol/cil: Account for anonymous category sets in an expression libsepol/cil: Fix anonymous IP address call arguments libsepol: quote paths in CIL conversion libsepol/cil: Resolve anonymous levels only once libsepol/cil: Pointers to datums should be set to NULL when resetting libsepol/cil: Resolve anonymous class permission sets only once libsepol/cil: Limit the number of open parenthesis allowed libsepol/cil: Destroy the permission nodes when exiting with an error libsepol/cil: Handle disabled optional blocks in earlier passes libsepol/cil: Do not resolve arguments to declarations in the call libsepo/cil: Refactor macro call resolution libsepol/cil: Do not add NULL node when inserting key into symtab libsepol/cil: Make name resolution in macros work as documented libsepol/cil: Fix name resolution involving inherited blocks libsepol/cil: Check for self-referential loops in sets libsepol/cil: Return an error if a call argument fails to resolve libsepol/cil: Check datum in ordered list for expected flavor libsepol/cil: Detect degenerate inheritance and exit with an error libsepol/cil: Fix instances where an error returns SEPOL_OK libsepol/cil: Properly reset an anonymous classperm set libsepol: use checked arithmetic builtin to perform safe addition libsepol/cil: Add functions to make use of cil_write_ast() libsepol/cil: Create functions to write the CIL AST libsepol/cil: Use CIL_ERR for error messages in cil_compile() libsepol/cil: Make invalid statement error messages consistent libsepol/cil: Do not allow tunable declarations in in-statements libsepol/cil: Sync checks for invalid rules in macros libsepol/cil: Check for statements not allowed in optional blocks libsepol/cil: Sync checks for invalid rules in booleanifs libsepol/cil: Reorder checks for invalid rules when resolving AST libsepol/cil: Use AST to track blocks and optionals when resolving libsepol/cil: Create new first child helper function for building AST libsepol/cil: Cleanup build AST helper functions libsepol/cil: Reorder checks for invalid rules when building AST libsepol/cil: Move check for the shadowing of macro parameters libsepol/cil: Create function cil_add_decl_to_symtab() and refactor libsepol/cil: Refactor helper function for cil_gen_node() libsepol/cil: Allow permission expressions when using map classes libsepol/cil: Exit with an error if declaration name is a reserved word libsepol/cil: More strict verification of constraint leaf expressions libsepol/cil: Set class field to NULL when resetting struct cil_classperms libsepol/cil: cil_reset_classperms_set() should not reset classpermission libsepol/cil: Destroy classperm list when resetting map perms libsepol/cil: Destroy classperms list when resetting classpermission libsepol/cil: Fix out-of-bound read of file context pattern ending with "\" libsepol/cil: Check for duplicate blocks, optionals, and macros libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression libsepol: Enclose identifier lists in CIL constraint expressions libsepol/cil: Allow lists in constraint expressions libsepol: Enclose identifier lists in constraint expressions libsepol: Write "NO_IDENTIFIER" for empty constraint expression libsepol: make num_* unsigned int in module_to_cil libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs libsepol/cil: fix NULL pointer dereference in __cil_insert_name libsepol/cil: replace printf with proper cil_tree_log libsepol/cil: remove stray printf libsepol/cil: make cil_post_fc_fill_data static libsepol: Check kernel to CIL and Conf functions for supported versions libsepol: Remove unnecessary copying of declarations from link.c libsepol: Properly handle types associated to role attributes libsepol: Expand role attributes in constraint expressions Signed-off-by: Daniel Golle <[email protected]> [re-apply now that buildbot phase1 has caught up] Signed-off-by: Dominick Grift <[email protected]>
Add CPE ID for tracking CVEs. Signed-off-by: Nick Hainke <[email protected]>
yjh126yjh
pushed a commit
to yjh126yjh/lede
that referenced
this pull request
Oct 22, 2022
* https://github.com/coolsnowwolf/lede: (49 commits) Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299) scripts/download.pl: Make the download tool configurable (coolsnowwolf#10291) rockchip: Add Rongpin King3399 support (coolsnowwolf#10292) kernel: mtd: add en25qx128a spi nor support toolchain: musl: disable crypt size hack by default toolchain: gcc: improve patch handling by introducing major version build: remove GCC9 support build: remove GCC7 support toolchain/binutils: remove old versions download.pl: use more Chinese mirrors (coolsnowwolf#10281) build: move Build/copy-file to image-commands.mk mt76: add MediaTek Filogic 630 (MT7916) support build: switch default target to x64 scripts: sync with upstream wireless-regdb: unlock WIFI6E channel and txpower rockchip: add rockchip-crypto support for rk3568/rk3588 toolchain: glibc: Update to glibc 2.35 (coolsnowwolf#10276) ...
github-actions bot
added a commit
to Kin-Chi/lede
that referenced
this pull request
Oct 22, 2022
* https://github.com/coolsnowwolf/lede: Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299)
github-actions bot
added a commit
to chingxuds/lede-custom
that referenced
this pull request
Oct 22, 2022
* https://github.com/coolsnowwolf/lede: Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299)
github-actions bot
added a commit
to HongJie-Master/lede
that referenced
this pull request
Oct 23, 2022
* https://github.com/coolsnowwolf/lede: (28 commits) Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299) scripts/download.pl: Make the download tool configurable (coolsnowwolf#10291) rockchip: Add Rongpin King3399 support (coolsnowwolf#10292) kernel: mtd: add en25qx128a spi nor support toolchain: musl: disable crypt size hack by default toolchain: gcc: improve patch handling by introducing major version build: remove GCC9 support build: remove GCC7 support toolchain/binutils: remove old versions download.pl: use more Chinese mirrors (coolsnowwolf#10281) build: move Build/copy-file to image-commands.mk mt76: add MediaTek Filogic 630 (MT7916) support build: switch default target to x64 scripts: sync with upstream wireless-regdb: unlock WIFI6E channel and txpower rockchip: add rockchip-crypto support for rk3568/rk3588 toolchain: glibc: Update to glibc 2.35 (coolsnowwolf#10276) ...
github-actions bot
pushed a commit
to zesming/lede
that referenced
this pull request
Oct 23, 2022
* https://github.com/coolsnowwolf/lede: Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299)
github-actions bot
added a commit
to DeakeyTan/openwrt
that referenced
this pull request
Oct 23, 2022
* https://github.com/coolsnowwolf/lede: Revert "toolchain: gcc: improve patch handling by introducing major version" iwlwifi: edit package/firmware/linux-firmware/intel.mk for support inter-ax201 (coolsnowwolf#10303) libselinux: sync with upstream (coolsnowwolf#10300) kernel: bump 6.0 to 6.0.3 (coolsnowwolf#10299)
desmondc9
pushed a commit
to desmondc9/lede
that referenced
this pull request
Oct 26, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes: #10294
Q:你知道这是
pull request吗?(使用 "x" 选择)