!51 backport upstream patches

From: @jinlun123123 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee

backport-libsepol-add-missing-oom-checks.patch

@@ -0,0 +1,112 @@
+From 0233e4f6d59a96b759e32661a20be4bbadb374a4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 31 Mar 2022 16:44:52 +0200
+Subject: [PATCH] libsepol: add missing oom checks
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check return values of memory allocation functions and propagate their
+failure.
+
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+Acked-by: James Carter <jwcart2@gmail.com>
+---
+ libsepol/src/kernel_to_cil.c  |  9 +++++++++
+ libsepol/src/kernel_to_conf.c |  4 ++++
+ libsepol/src/module_to_cil.c  | 11 +++++++++++
+ libsepol/src/policydb.c       |  3 ++-
+ 4 files changed, 26 insertions(+), 1 deletion(-)
+
+diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
+index 869f69407..9128ac553 100644
+--- a/libsepol/src/kernel_to_cil.c
++++ b/libsepol/src/kernel_to_cil.c
+@@ -190,6 +190,10 @@ static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr
+ 				}
+ 				if (!names) {
+ 					names = strdup("NO_IDENTIFIER");
++					if (!names) {
++						sepol_log_err("Out of memory");
++						goto exit;
++					}
+ 				}
+ 				if (strchr(names, ' ')) {
+ 					new_val = create_str("(%s %s (%s))", 3, op, attr1, names);
+@@ -568,6 +572,11 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
+ 		} else {
+ 			snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
+ 			sid = strdup(unknown);
++			if (!sid) {
++				sepol_log_err("Out of memory");
++				rc = -1;
++				goto exit;
++			}
+ 		}
+ 		rc = strs_add_at_index(strs, sid, i);
+ 		if (rc != 0) {
+diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
+index 3544f73d2..63dffd9b4 100644
+--- a/libsepol/src/kernel_to_conf.c
++++ b/libsepol/src/kernel_to_conf.c
+@@ -187,6 +187,10 @@ static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr
+ 				}
+ 				if (!names) {
+ 					names = strdup("NO_IDENTIFIER");
++					if (!names) {
++						sepol_log_err("Out of memory");
++						goto exit;
++					}
+ 				}
+ 				if (strchr(names, ' ')) {
+ 					new_val = create_str("%s %s { %s }", 3, attr1, op, names);
+diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
+index c9e88f1e0..f2e8aff03 100644
+--- a/libsepol/src/module_to_cil.c
++++ b/libsepol/src/module_to_cil.c
+@@ -393,6 +393,8 @@ static int typealias_list_create(struct policydb *pdb)
+ 	}
+ 
+ 	typealias_lists = calloc(max_decl_id + 1, sizeof(*typealias_lists));
++	if (!typealias_lists)
++		goto exit;
+ 	typealias_lists_len = max_decl_id + 1;
+ 
+ 	rc = hashtab_map(pdb->p_types.table, typealiases_gather_map, pdb);
+@@ -1792,6 +1794,10 @@ static int constraint_expr_to_string(struct policydb *pdb, struct constraint_exp
+ 				}
+ 				if (num_names == 0) {
+ 					names = strdup("NO_IDENTIFIER");
++					if (!names) {
++						rc = -1;
++						goto exit;
++					}
+ 				} else {
+ 					rc = name_list_to_string(name_list, num_names, &names);
+ 					if (rc != 0) {
+@@ -2556,6 +2562,11 @@ static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_
+ 			goto exit;
+ 		}
+ 		item->sid_key = strdup(sid);
++		if (!item->sid_key) {
++			log_err("Out of memory");
++			rc = -1;
++			goto exit;
++		}
+ 		item->next = head;
+ 		head = item;
+ 	}
+diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
+index fc71463e6..5c7e35e85 100644
+--- a/libsepol/src/policydb.c
++++ b/libsepol/src/policydb.c
+@@ -1252,7 +1252,8 @@ int policydb_index_others(sepol_handle_t * handle,
+ 	if (!p->type_val_to_struct)
+ 		return -1;
+ 
+-	cond_init_bool_indexes(p);
++	if (cond_init_bool_indexes(p))
++		return -1;
+ 
+ 	for (i = SYM_ROLES; i < SYM_NUM; i++) {
+ 		free(p->sym_val_to_name[i]);

backport-libsepol-avoid-potential-NULL-dereference-on-optional-parameter.patch

@@ -0,0 +1,32 @@
+From f505a73b06302ba5e84f8c56851121d4a410c1ea Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 10 Jun 2022 17:06:23 +0200
+Subject: [PATCH] libsepol: avoid potential NULL dereference on optional
+ parameter
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The parameter `reason` of `context_struct_compute_av()` is optional and
+can be passed in as NULL, like from `type_attribute_bounds_av()`.
+
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+Acked-by: James Carter <jwcart2@gmail.com>
+---
+ libsepol/src/services.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/libsepol/src/services.c b/libsepol/src/services.c
+index d7510e9da..24412d837 100644
+--- a/libsepol/src/services.c
++++ b/libsepol/src/services.c
+@@ -894,7 +894,8 @@ static void type_attribute_bounds_av(context_struct_t *scontext,
+ 	/* mask violated permissions */
+ 	avd->allowed &= ~masked;
+ 
+-	*reason |= SEPOL_COMPUTEAV_BOUNDS;
++	if (reason)
++		*reason |= SEPOL_COMPUTEAV_BOUNDS;
+ }
+ 
+ /*

backport-libsepol-check-correct-pointer-for-oom.patch

@@ -0,0 +1,34 @@
+From 68a29c3aee60a6dd4e0d435fc10adb0f2cc1c0ef Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Fri, 8 Apr 2022 15:10:51 +0200
+Subject: [PATCH] libsepol: check correct pointer for oom
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Check the actual pointer which memory was assigned to, not its parent
+array pointer.
+
+    services.c:810:14: warning: Assigned value is garbage or undefined [core.uninitialized.Assign]
+                                            **r_buf = **new_buf;
+                                                    ^ ~~~~~~~~~
+
+Acked-by: James Carter <jwcart2@gmail.com>
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+---
+ libsepol/src/services.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsepol/src/services.c b/libsepol/src/services.c
+index 47e564df4..d7510e9da 100644
+--- a/libsepol/src/services.c
++++ b/libsepol/src/services.c
+@@ -803,7 +803,7 @@ static int constraint_expr_eval_reason(context_struct_t *scontext,
+ 				if (len < 0 || len >= reason_buf_len - reason_buf_used) {
+ 					new_buf_len = reason_buf_len + REASON_BUF_SIZE;
+ 					*new_buf = realloc(*r_buf, new_buf_len);
+-					if (!new_buf) {
++					if (!*new_buf) {
+ 						ERR(NULL, "failed to realloc reason buffer");
+ 						goto out1;
+ 					}

backport-libsepol-do-not-modify-policy-during-write.patch

@@ -0,0 +1,49 @@
+From 2651989d3b94dd15459fbef4384f114b24850665 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 30 Jun 2022 19:03:01 +0200
+Subject: [PATCH] libsepol: do not modify policy during write
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Do not modify the in memory default_range value of a class datum while
+writing a policy.
+
+While on it fix indentation.
+
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+Acked-by: James Carter <jwcart2@gmail.com>
+---
+ libsepol/src/write.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/libsepol/src/write.c b/libsepol/src/write.c
+index 48ed21ea6..a9fdf93a8 100644
+--- a/libsepol/src/write.c
++++ b/libsepol/src/write.c
+@@ -1097,16 +1097,18 @@ static int class_write(hashtab_key_t key, hashtab_datum_t datum, void *ptr)
+ 	     p->policyvers >= POLICYDB_VERSION_NEW_OBJECT_DEFAULTS) ||
+ 	    (p->policy_type == POLICY_BASE &&
+ 	     p->policyvers >= MOD_POLICYDB_VERSION_NEW_OBJECT_DEFAULTS)) {
++		char default_range = cladatum->default_range;
++
+ 		buf[0] = cpu_to_le32(cladatum->default_user);
+ 		buf[1] = cpu_to_le32(cladatum->default_role);
+-		if (!glblub_version && cladatum->default_range == DEFAULT_GLBLUB) {
++		if (!glblub_version && default_range == DEFAULT_GLBLUB) {
+ 			WARN(fp->handle,
+-                             "class %s default_range set to GLBLUB but policy version is %d (%d required), discarding",
+-                             p->p_class_val_to_name[cladatum->s.value - 1], p->policyvers,
+-                             p->policy_type == POLICY_KERN? POLICYDB_VERSION_GLBLUB:MOD_POLICYDB_VERSION_GLBLUB);
+-                        cladatum->default_range = 0;
+-                }
+-		buf[2] = cpu_to_le32(cladatum->default_range);
++			     "class %s default_range set to GLBLUB but policy version is %d (%d required), discarding",
++			     p->p_class_val_to_name[cladatum->s.value - 1], p->policyvers,
++			     p->policy_type == POLICY_KERN? POLICYDB_VERSION_GLBLUB:MOD_POLICYDB_VERSION_GLBLUB);
++			default_range = 0;
++		}
++		buf[2] = cpu_to_le32(default_range);
+ 		items = put_entry(buf, sizeof(uint32_t), 3, fp);
+ 		if (items != 3)
+ 			return POLICYDB_ERROR;

backport-libsepol-enclose-macro-parameters-and-replacement-lists-in-parentheses.patch

@@ -0,0 +1,113 @@
+From 65b3f695be306ad8f525d4db2befd55336bd0a09 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Wed, 13 Jul 2022 15:43:43 +0200
+Subject: [PATCH] libsepol: enclose macro parameters and replacement lists in
+ parentheses
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+Acked-by: James Carter <jwcart2@gmail.com>
+---
+ libsepol/include/sepol/errcodes.h          | 13 ++++++-------
+ libsepol/include/sepol/policydb/policydb.h | 10 +++++-----
+ libsepol/src/kernel_to_cil.c               |  2 +-
+ libsepol/src/module_to_cil.c               |  2 +-
+ libsepol/src/util.c                        |  2 +-
+ 5 files changed, 14 insertions(+), 15 deletions(-)
+
+diff --git a/libsepol/include/sepol/errcodes.h b/libsepol/include/sepol/errcodes.h
+index 6e9ff3161..e5fe71e36 100644
+--- a/libsepol/include/sepol/errcodes.h
++++ b/libsepol/include/sepol/errcodes.h
+@@ -16,15 +16,14 @@ extern "C" {
+  * codes that don't map to system error codes should be defined
+  * outside of the range of system error codes.
+  */
+-#define SEPOL_ERR            -1
+-#define SEPOL_ENOTSUP        -2  /* feature not supported in module language */
+-#define SEPOL_EREQ           -3  /* requirements not met */
++#define SEPOL_ERR            (-1)
++#define SEPOL_ENOTSUP        (-2)  /* feature not supported in module language */
++#define SEPOL_EREQ           (-3)  /* requirements not met */
+ 
+ /* Error codes that map to system error codes */
+-#define SEPOL_ENOMEM         -ENOMEM
+-#define SEPOL_ERANGE         -ERANGE
+-#define SEPOL_EEXIST         -EEXIST
+-#define SEPOL_ENOENT         -ENOENT
++#define SEPOL_ENOMEM         (-ENOMEM)
++#define SEPOL_EEXIST         (-EEXIST)
++#define SEPOL_ENOENT         (-ENOENT)
+ 
+ #ifdef __cplusplus
+ }
+diff --git a/libsepol/include/sepol/policydb/policydb.h b/libsepol/include/sepol/policydb/policydb.h
+index de0068a6c..ef1a014a5 100644
+--- a/libsepol/include/sepol/policydb/policydb.h
++++ b/libsepol/include/sepol/policydb/policydb.h
+@@ -251,9 +251,9 @@ typedef struct class_perm_node {
+ 	struct class_perm_node *next;
+ } class_perm_node_t;
+ 
+-#define xperm_test(x, p) (UINT32_C(1) & (p[x >> 5] >> (x & 0x1f)))
+-#define xperm_set(x, p) (p[x >> 5] |= (UINT32_C(1) << (x & 0x1f)))
+-#define xperm_clear(x, p) (p[x >> 5] &= ~(UINT32_C(1) << (x & 0x1f)))
++#define xperm_test(x, p) (UINT32_C(1) & ((p)[(x) >> 5] >> ((x) & 0x1f)))
++#define xperm_set(x, p) ((p)[(x) >> 5] |= (UINT32_C(1) << ((x) & 0x1f)))
++#define xperm_clear(x, p) ((p)[(x) >> 5] &= ~(UINT32_C(1) << ((x) & 0x1f)))
+ #define EXTENDED_PERMS_LEN 8
+ 
+ typedef struct av_extended_perms {
+@@ -795,9 +795,9 @@ extern int policydb_set_target_platform(policydb_t *p, int platform);
+ 
+ #define policydb_has_boundary_feature(p)			\
+ 	(((p)->policy_type == POLICY_KERN			\
+-	  && p->policyvers >= POLICYDB_VERSION_BOUNDARY) ||	\
++	  && (p)->policyvers >= POLICYDB_VERSION_BOUNDARY) ||	\
+ 	 ((p)->policy_type != POLICY_KERN			\
+-	  && p->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY))
++	  && (p)->policyvers >= MOD_POLICYDB_VERSION_BOUNDARY))
+ 
+ /* the config flags related to unknown classes/perms are bits 2 and 3 */
+ #define DENY_UNKNOWN	SEPOL_DENY_UNKNOWN
+diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
+index 9128ac553..5a1336a33 100644
+--- a/libsepol/src/kernel_to_cil.c
++++ b/libsepol/src/kernel_to_cil.c
+@@ -1626,7 +1626,7 @@ static int write_type_permissive_rules_to_cil(FILE *out, struct policydb *pdb)
+ 	return rc;
+ }
+ 
+-#define next_bit_in_range(i, p) ((i + 1 < sizeof(p)*8) && xperm_test((i + 1), p))
++#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
+ 
+ static char *xperms_to_str(avtab_extended_perms_t *xperms)
+ {
+diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
+index b35bf055f..b900290a7 100644
+--- a/libsepol/src/module_to_cil.c
++++ b/libsepol/src/module_to_cil.c
+@@ -624,7 +624,7 @@ static int avrule_to_cil(int indent, struct policydb *pdb, uint32_t type, const
+ 	return rc;
+ }
+ 
+-#define next_bit_in_range(i, p) ((i + 1 < sizeof(p)*8) && xperm_test((i + 1), p))
++#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
+ 
+ static int xperms_to_cil(const av_extended_perms_t *xperms)
+ {
+diff --git a/libsepol/src/util.c b/libsepol/src/util.c
+index 1cd1308d1..0a2edc852 100644
+--- a/libsepol/src/util.c
++++ b/libsepol/src/util.c
+@@ -124,7 +124,7 @@ char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
+ 	return avbuf;
+ }
+ 
+-#define next_bit_in_range(i, p) ((i + 1 < sizeof(p)*8) && xperm_test((i + 1), p))
++#define next_bit_in_range(i, p) (((i) + 1 < sizeof(p)*8) && xperm_test(((i) + 1), p))
+ 
+ char *sepol_extended_perms_to_string(avtab_extended_perms_t *xperms)
+ {

backport-libsepol-fix-missing-double-quotes-in-typetransition-CIL-rule.patch

@@ -0,0 +1,30 @@
+From eca72d8e47ac8b962f87c46aa77fb893aa0df0f8 Mon Sep 17 00:00:00 2001
+From: Juraj Marcin <juraj@jurajmarcin.com>
+Date: Thu, 25 Aug 2022 15:27:18 +0200
+Subject: [PATCH] libsepol: fix missing double quotes in typetransition CIL
+ rule
+
+CIL Reference Guide defines typetransition rule with double quotes
+around object name, but those are not present in the format string.
+
+This patch fixes this issue, so the CIL output produced by
+sepol_kernel_policydb_to_cil() is in the correct format.
+
+Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
+---
+ libsepol/src/kernel_to_cil.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
+index 5a1336a330..ad4121d50a 100644
+--- a/libsepol/src/kernel_to_cil.c
++++ b/libsepol/src/kernel_to_cil.c
+@@ -1894,7 +1894,7 @@ static int map_filename_trans_to_str(hashtab_key_t key, void *data, void *arg)
+ 		ebitmap_for_each_positive_bit(&datum->stypes, node, bit) {
+ 			src = pdb->p_type_val_to_name[bit];
+ 			rc = strs_create_and_add(strs,
+-						 "(typetransition %s %s %s %s %s)",
++						 "(typetransition %s %s %s \"%s\" %s)",
+ 						 5, src, tgt, class, filename, new);
+ 			if (rc)
+ 				return rc;

backport-libsepol-rename-validate_policydb-to-policydb_validate.patch

@@ -0,0 +1,58 @@
+From 938530171bcfbd0175b819eaa05960e9f4568ac0 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
+Date: Thu, 21 Jul 2022 17:24:40 +0200
+Subject: [PATCH] libsepol: rename validate_policydb to policydb_validate
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Most global functions operating on a policy database use policydb as
+prefix.
+
+Since this function is not exported there should not be any external
+use.
+
+Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
+Acked-by: James Carter <jwcart2@gmail.com>
+---
+ libsepol/src/policydb.c          | 2 +-
+ libsepol/src/policydb_validate.c | 2 +-
+ libsepol/src/policydb_validate.h | 2 +-
+ 3 files changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
+index fc260eb66..8a65df053 100644
+--- a/libsepol/src/policydb.c
++++ b/libsepol/src/policydb.c
+@@ -4570,7 +4570,7 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose)
+ 		}
+ 	}
+ 
+-	if (validate_policydb(fp->handle, p))
++	if (policydb_validate(fp->handle, p))
+ 		goto bad;
+ 
+ 	return POLICYDB_SUCCESS;
+diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c
+index 99d4eb7f6..e1dad2362 100644
+--- a/libsepol/src/policydb_validate.c
++++ b/libsepol/src/policydb_validate.c
+@@ -1330,7 +1330,7 @@ static void validate_array_destroy(validate_t flavors[])
+ /*
+  * Validate policydb
+  */
+-int validate_policydb(sepol_handle_t *handle, policydb_t *p)
++int policydb_validate(sepol_handle_t *handle, policydb_t *p)
+ {
+ 	validate_t flavors[SYM_NUM] = {};
+ 
+diff --git a/libsepol/src/policydb_validate.h b/libsepol/src/policydb_validate.h
+index d9f7229bf..b7f9f1913 100644
+--- a/libsepol/src/policydb_validate.h
++++ b/libsepol/src/policydb_validate.h
+@@ -4,4 +4,4 @@
+ #include <sepol/policydb/policydb.h>
+ 
+ int value_isvalid(uint32_t value, uint32_t nprim);
+-int validate_policydb(sepol_handle_t *handle, policydb_t *p);
++int policydb_validate(sepol_handle_t *handle, policydb_t *p);

libsepol.spec

@@ -1,11 +1,19 @@
 Name:           libsepol
 Version:        3.3
-Release:        2
+Release:        3
 Summary:        SELinux binary policy manipulation library
 License:        LGPLv2+
 URL:            https://github.com/SELinuxProject/selinux/wiki/Releases
 Source0:        https://github.com/SELinuxProject/selinux/releases/download/%{version}/%{name}-%{version}.tar.gz 
 
+Patch0001:      backport-libsepol-add-missing-oom-checks.patch
+Patch0002:      backport-libsepol-check-correct-pointer-for-oom.patch
+Patch0003:      backport-libsepol-avoid-potential-NULL-dereference-on-optional-parameter.patch
+Patch0004:      backport-libsepol-do-not-modify-policy-during-write.patch
+Patch0005:      backport-libsepol-enclose-macro-parameters-and-replacement-lists-in-parentheses.patch
+Patch0006:      backport-libsepol-rename-validate_policydb-to-policydb_validate.patch
+Patch0007:      backport-libsepol-fix-missing-double-quotes-in-typetransition-CIL-rule.patch
+
 BuildRequires:  gcc flex
 
 %description
@@ -64,6 +72,9 @@ make DESTDIR="%{buildroot}" LIBDIR="%{_libdir}" SHLIBDIR="%{_libdir}" install
 %{_mandir}/man3/*
 
 %changelog
+* Fri Nov 18 2022 jinlun <jinlun@huawei.com> - 3.3-3
+- backport upstream patches
+
 * Tue Mar 15 2022 panxiaohe <panxh.life@foxmail.com> - 3.3-2
 - delete useless old version dynamic library