Changes for January 2023, syncing up to 20230104
This commit is contained in:
Andy CrossGate Yan
@@ -1,7 +1,7 @@
|
||||
From 43119ff620379b3710f1411b0e965ed0b10982fc Mon Sep 17 00:00:00 2001
|
||||
From d9083d41e17a8429dc53a6be9acfb437fd3b982b Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Mon, 9 Apr 2018 00:19:49 +0200
|
||||
Subject: [PATCH 1/8] Increase default log_level to get actual selinux error in
|
||||
Subject: [PATCH 1/9] Increase default log_level to get actual selinux error in
|
||||
kmsg
|
||||
|
||||
---
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 1e713fc5860318d2a99f31718fea884c8d461923 Mon Sep 17 00:00:00 2001
|
||||
From 0deb03a6694729e084e8e81d7e840a851d130476 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Wed, 9 Sep 2020 22:36:42 +0200
|
||||
Subject: [PATCH 2/8] Revert "libsepol: Make an unknown permission an error in
|
||||
Subject: [PATCH 2/9] Revert "libsepol: Make an unknown permission an error in
|
||||
CIL"
|
||||
|
||||
This reverts commit dc4e54126bf25dea4d51820922ccd1959be68fbc.
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 383c762e65ba755da5f424cea56f7249fb4aa852 Mon Sep 17 00:00:00 2001
|
||||
From fad09461b0c7ab877b32c5ab402c053335f19f18 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Wed, 31 Mar 2021 23:32:37 +0200
|
||||
Subject: [PATCH 3/8] Workaround device/phh/treble conflict with SELinux policy
|
||||
Subject: [PATCH 3/9] Workaround device/phh/treble conflict with SELinux policy
|
||||
|
||||
device/phh/treble defines the following three types (hostapd,
|
||||
sysfs_usb_supply, rpmb_device)
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From f1ee5e7fb0ef1bbed930d955ce34601f91850762 Mon Sep 17 00:00:00 2001
|
||||
From 8168537d375afd17235b88f6ee9bc9b2c3db06a3 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Fri, 6 Sep 2019 15:07:25 +0200
|
||||
Subject: [PATCH 4/8] Allow /devices/virtual/block/ genfscon conflict (seen on
|
||||
Subject: [PATCH 4/9] Allow /devices/virtual/block/ genfscon conflict (seen on
|
||||
Xiaomi Mi 9)
|
||||
|
||||
Change-Id: I06e4e9d5b82d61a8aeab595b47e2589249675895
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From d023a3be8b43e5539ac5aab02f0fa96c03ed9901 Mon Sep 17 00:00:00 2001
|
||||
From 5d08badc20058b79803197379ca0371b5ae18230 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Thu, 12 Sep 2019 20:37:04 +0200
|
||||
Subject: [PATCH 5/8] if service is "rcs", accept conflict. Seen on Moto E5
|
||||
Subject: [PATCH 5/9] if service is "rcs", accept conflict. Seen on Moto E5
|
||||
|
||||
Change-Id: I0cc2d0fad83f403f2b5d7458039b1564ce5ed9dd
|
||||
---
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 9cd3d8a0becbd182f5fe77af64ca7611ceba6fd1 Mon Sep 17 00:00:00 2001
|
||||
From 1bb417ece7c1709906499a9cdd73c5b37ddd8c71 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Sun, 24 May 2020 17:22:22 +0200
|
||||
Subject: [PATCH 6/8] Allow mismatches of exfat genfscon
|
||||
Subject: [PATCH 6/9] Allow mismatches of exfat genfscon
|
||||
|
||||
---
|
||||
libsepol/cil/src/cil_post.c | 4 ++++
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 81a82adb74c53b1671f24cb69a140a7915707f0f Mon Sep 17 00:00:00 2001
|
||||
From 6a0bc65c6bda1576d59bd89225ae4babfc3de6be Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Fri, 2 Mar 2018 22:49:55 +0100
|
||||
Subject: [PATCH 7/8] Enable multipl_decls by default. This is needed because
|
||||
Subject: [PATCH 7/9] Enable multipl_decls by default. This is needed because
|
||||
8.0 init doesn't add -m
|
||||
|
||||
Change-Id: I43dc661d519f7b8576d72a828d8cbd444592bf5e
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
From 426de61556334b4b1024f615302dadb1ed6d6ac8 Mon Sep 17 00:00:00 2001
|
||||
From 1e5154623b208daf37d20d297f3c8ecaacfb1b28 Mon Sep 17 00:00:00 2001
|
||||
From: Pierre-Hugues Husson <phh@phh.me>
|
||||
Date: Fri, 25 Oct 2019 13:29:20 +0200
|
||||
Subject: [PATCH 8/8] Fix boot on Moto devices using unknown class
|
||||
Subject: [PATCH 8/9] Fix boot on Moto devices using unknown class
|
||||
|
||||
vendor sepolicy never contains new class or classorder, and are not
|
||||
allowed to.
|
||||
|
||||
@@ -0,0 +1,26 @@
|
||||
From e0e22c909d3f107f54136921d723f2656d5677ff Mon Sep 17 00:00:00 2001
|
||||
From: ponces <ponces26@gmail.com>
|
||||
Date: Mon, 7 Nov 2022 16:14:20 +0000
|
||||
Subject: [PATCH 9/9] Improve SELinux policy workaround on device/phh/treble
|
||||
conflict to exit with SEPOL_OK instead of SEPOL_EEXIST
|
||||
|
||||
This fixes boot on many Samsung devices as exiting with SEPOL_EEXIST will prevent them to boot
|
||||
---
|
||||
libsepol/cil/src/cil_build_ast.c | 1 -
|
||||
1 file changed, 1 deletion(-)
|
||||
|
||||
diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c
|
||||
index 023fd6c7..61c8864b 100644
|
||||
--- a/libsepol/cil/src/cil_build_ast.c
|
||||
+++ b/libsepol/cil/src/cil_build_ast.c
|
||||
@@ -141,7 +141,6 @@ int cil_add_decl_to_symtab(struct cil_db *db, symtab_t *symtab, hashtab_key_t ke
|
||||
/* multiple_decls is enabled and works for this datum type, add node */
|
||||
cil_list_append(prev->nodes, CIL_NODE, node);
|
||||
node->data = prev;
|
||||
- return SEPOL_EEXIST;
|
||||
}
|
||||
|
||||
return SEPOL_OK;
|
||||
--
|
||||
2.25.1
|
||||
|
||||
Reference in New Issue
Block a user