!435 sync patches from upstream

From: @hugel 
Reviewed-by: @xujing99 
Signed-off-by: @xujing99

Add-IMA-digest-list-support.patch

@@ -1,20 +1,20 @@
-From 92ed69a1e2051f202a2532c28cb0b17facda1924 Mon Sep 17 00:00:00 2001
+From 773107eccfa7f0da8547b2c5efe8cce996a35a91 Mon Sep 17 00:00:00 2001
 From: zhoushuiqing <zhoushuiqing2@huawei.com>
 Date: Fri, 16 Jun 2023 11:35:21 +0800
 Subject: [PATCH] Add IMA digest list support
 
+Signed-off-by: xuce <xuce10@h-partners.com>
 ---
  build/files.c           | 305 ++++++++++++++++++++++++++++++++++++++--
  build/parsePreamble.c   |   3 +-
  macros.in               |   1 +
  plugins/Makefile.am     |   4 +
- plugins/selinux.c       |   3 +-
  rpmio/rpmpgp_internal.c |  32 +----
  rpmio/rpmpgp_internal.h |  29 ++++
- 7 files changed, 336 insertions(+), 41 deletions(-)
+ 6 files changed, 334 insertions(+), 40 deletions(-)
 
 diff --git a/build/files.c b/build/files.c
-index eb008ab..3fc3551 100644
+index 44ac155..53a26b2 100644
 --- a/build/files.c
 +++ b/build/files.c
 @@ -50,6 +50,8 @@
@@ -46,7 +46,7 @@ index eb008ab..3fc3551 100644
  static void nullAttrRec(AttrRec ar)
  {
      memset(ar, 0, sizeof(*ar));
-@@ -992,6 +1000,139 @@ static int seenHardLink(FileRecords files, FileListRec flp, rpm_ino_t *fileid)
+@@ -993,6 +1001,139 @@ static int seenHardLink(FileRecords files, FileListRec flp, rpm_ino_t *fileid)
   * @param pkg		(sub) package
   * @param isSrc		pass 1 for source packages 0 otherwise
   */
@@ -186,7 +186,7 @@ index eb008ab..3fc3551 100644
  static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
  {
      FileListRec flp;
-@@ -1003,6 +1144,11 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
+@@ -1005,6 +1146,11 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
      int override_date = 0;
      time_t source_date_epoch = 0;
      char *srcdate = getenv("SOURCE_DATE_EPOCH");
@@ -198,7 +198,7 @@ index eb008ab..3fc3551 100644
  
      /* Limit the maximum date to SOURCE_DATE_EPOCH if defined
       * similar to the tar --clamp-mtime option
-@@ -1200,13 +1346,18 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
+@@ -1203,13 +1349,18 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
  	if (fl->haveCaps) {
  	    headerPutString(h, RPMTAG_FILECAPS, flp->caps);
  	}
@@ -223,7 +223,7 @@ index eb008ab..3fc3551 100644
  	buf[0] = '\0';
  	if (S_ISLNK(flp->fl_mode)) {
  	    ssize_t llen = readlink(flp->diskPath, buf, BUFSIZ-1);
-@@ -1247,6 +1398,7 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
+@@ -1250,6 +1401,7 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
  
  	headerPutUint32(h, RPMTAG_FILEFLAGS, &(flp->flags) ,1);
      }
@@ -231,7 +231,7 @@ index eb008ab..3fc3551 100644
      pkg->dpaths[npaths] = NULL;
  
      if (totalFileSize < UINT32_MAX) {
-@@ -1285,6 +1437,7 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
+@@ -1287,6 +1439,7 @@ static void genCpioListAndHeader(FileList fl, Package pkg, int isSrc)
  	/* Binary packages with dirNames cannot be installed by legacy rpm. */
  	(void) rpmlibNeedsFeature(pkg, "CompressedFileNames", "3.0.4-1");
      }
@@ -239,7 +239,7 @@ index eb008ab..3fc3551 100644
  }
  
  static FileRecords FileRecordsFree(FileRecords files)
-@@ -1359,8 +1512,8 @@ static int validFilename(const char *fn)
+@@ -1361,8 +1514,8 @@ static int validFilename(const char *fn)
   * @param statp		file stat (possibly NULL)
   * @return		RPMRC_OK on success
   */
@@ -250,7 +250,7 @@ index eb008ab..3fc3551 100644
  {
      size_t plen = strlen(diskPath);
      char buf[plen + 1];
-@@ -1371,6 +1524,10 @@ static rpmRC addFile(FileList fl, const char * diskPath,
+@@ -1373,6 +1526,10 @@ static rpmRC addFile(FileList fl, const char * diskPath,
      gid_t fileGid;
      const char *fileUname;
      const char *fileGname;
@@ -261,7 +261,7 @@ index eb008ab..3fc3551 100644
      rpmRC rc = RPMRC_FAIL; /* assume failure */
  
      /* Strip trailing slash. The special case of '/' path is handled below. */
-@@ -1406,6 +1563,33 @@ static rpmRC addFile(FileList fl, const char * diskPath,
+@@ -1408,6 +1565,33 @@ static rpmRC addFile(FileList fl, const char * diskPath,
      if (*cpioPath == '\0')
  	cpioPath = "/";
  
@@ -295,7 +295,7 @@ index eb008ab..3fc3551 100644
      /*
       * Unless recursing, we dont have stat() info at hand. Handle the
       * various cases, preserving historical behavior wrt %dev():
-@@ -1543,6 +1727,8 @@ static rpmRC addFile(FileList fl, const char * diskPath,
+@@ -1545,6 +1729,8 @@ static rpmRC addFile(FileList fl, const char * diskPath,
  	}
  
  	flp->flags = fl->cur.attrFlags;
@@ -304,7 +304,7 @@ index eb008ab..3fc3551 100644
  	flp->specdFlags = fl->cur.specdFlags;
  	flp->verifyFlags = fl->cur.verifyFlags;
  
-@@ -1563,6 +1749,32 @@ exit:
+@@ -1565,6 +1751,32 @@ exit:
      return rc;
  }
  
@@ -337,7 +337,7 @@ index eb008ab..3fc3551 100644
  /**
   * Add directory (and all of its files) to the package manifest.
   * @param fl		package file tree walk data
-@@ -2584,6 +2796,61 @@ static void addPackageFileList (struct FileList_s *fl, Package pkg,
+@@ -2586,6 +2798,61 @@ static void addPackageFileList (struct FileList_s *fl, Package pkg,
      argvFree(fileNames);
  }
  
@@ -399,7 +399,7 @@ index eb008ab..3fc3551 100644
  static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
  				 Package pkg, int didInstall, int test)
  {
-@@ -2597,6 +2861,10 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
+@@ -2599,6 +2866,10 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
  	if (readFilesManifest(spec, pkg, *fp))
  	    return RPMRC_FAIL;
      }
@@ -410,7 +410,7 @@ index eb008ab..3fc3551 100644
      /* Init the file list structure */
      memset(&fl, 0, sizeof(fl));
  
-@@ -2652,12 +2920,17 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
+@@ -2654,12 +2925,17 @@ static rpmRC processPackageFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
      if (checkHardLinks(&fl.files))
  	(void) rpmlibNeedsFeature(pkg, "PartialHardlinkSets", "4.0.4-1");
  
@@ -428,7 +428,7 @@ index eb008ab..3fc3551 100644
      return fl.processingFailed ? RPMRC_FAIL : RPMRC_OK;
  }
  
-@@ -3126,6 +3399,7 @@ static void addPackageDeps(Package from, Package to, enum rpmTag_e tag)
+@@ -3128,6 +3404,7 @@ static void addPackageDeps(Package from, Package to, enum rpmTag_e tag)
  rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
  			int didInstall, int test)
  {
@@ -436,7 +436,7 @@ index eb008ab..3fc3551 100644
      Package pkg;
      rpmRC rc = RPMRC_OK;
      char *buildroot;
-@@ -3142,7 +3416,14 @@ rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
+@@ -3144,7 +3421,14 @@ rpmRC processBinaryFiles(rpmSpec spec, rpmBuildPkgFlags pkgFlags,
      check_fileList = newStringBuf();
      genSourceRpmName(spec);
      buildroot = rpmGenPath(spec->rootDir, spec->buildRoot, NULL);
@@ -452,7 +452,7 @@ index eb008ab..3fc3551 100644
      if (rpmExpandNumeric("%{?_debuginfo_subpackages}")) {
  	maindbg = findDebuginfoPackage(spec);
  	if (maindbg) {
-@@ -3248,6 +3529,7 @@ exit:
+@@ -3250,6 +3534,7 @@ exit:
      check_fileList = freeStringBuf(check_fileList);
      _free(buildroot);
      _free(uniquearch);
@@ -476,10 +476,10 @@ index 729fd4f..306a029 100644
          }
  	if (rpmCharCheck(spec, field, ALLOWED_CHARS_VERREL, NULL))
 diff --git a/macros.in b/macros.in
-index 949fd7d..c00d270 100644
+index 4c7073c..6093898 100644
 --- a/macros.in
 +++ b/macros.in
-@@ -1135,6 +1135,7 @@ package or when debugging this package.\
+@@ -1155,6 +1155,7 @@ package or when debugging this package.\
  %__transaction_prioreset	%{__plugindir}/prioreset.so
  %__transaction_audit		%{__plugindir}/audit.so
  %__transaction_dbus_announce	%{__plugindir}/dbus_announce.so
@@ -499,22 +499,8 @@ index 822c7d2..161fe4c 100644
 +digest_list_la_sources = digest_list.c
 +digest_list_la_LIBADD = $(top_builddir)/lib/librpm.la $(top_builddir)/rpmio/librpmio.la
 +plugins_LTLIBRARIES += digest_list.la
-diff --git a/plugins/selinux.c b/plugins/selinux.c
-index 316ff88..ac1e354 100644
---- a/plugins/selinux.c
-+++ b/plugins/selinux.c
-@@ -64,7 +64,8 @@ static rpmRC selinux_tsm_pre(rpmPlugin plugin, rpmts ts)
-     rpmRC rc = RPMRC_OK;
- 
-     /* If SELinux isn't enabled on the system, dont mess with it */
--    if (!is_selinux_enabled()) {
-+    if (!is_selinux_enabled() || selinux_file_context_path() == NULL ||
-+        access(selinux_file_context_path(), F_OK)) {
- 	rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
-     }
- 
 diff --git a/rpmio/rpmpgp_internal.c b/rpmio/rpmpgp_internal.c
-index 19947be..16bf57e 100644
+index 0fcd220..63d065a 100644
 --- a/rpmio/rpmpgp_internal.c
 +++ b/rpmio/rpmpgp_internal.c
 @@ -19,34 +19,6 @@
@@ -569,7 +555,7 @@ index 19947be..16bf57e 100644
  	rc = tag ? pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp) : 0;
      }	break;
      default:
-@@ -636,6 +609,7 @@ static int pgpPrtKey(pgpTag tag, const uint8_t *h, size_t hlen,
+@@ -641,6 +614,7 @@ static int pgpPrtKey(pgpTag tag, const uint8_t *h, size_t hlen,
  	    }
  
  	    p = ((uint8_t *)v) + sizeof(*v);
@@ -618,5 +604,5 @@ index 64b50de..67fecb0 100644
      setmpifunc setmpi;
      verifyfunc verify;
 -- 
-2.39.1
+2.43.0
 

Unbundle-config-site-and-add-RPM-LD-FLAGS-macro.patch

@@ -20,7 +20,7 @@ index a2411d7..8cb8a5a 100644
    RPM_OS=\"%{_os}\"\
    RPM_BUILD_NCPUS=\"%{_smp_build_ncpus}\"\
 -  export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS\
-+  export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS RPM_OPT_FLAGS\
++  export RPM_SOURCE_DIR RPM_BUILD_DIR RPM_OPT_FLAGS RPM_ARCH RPM_OS RPM_BUILD_NCPUS RPM_LD_FLAGS\
    RPM_DOC_DIR=\"%{_docdir}\"\
    export RPM_DOC_DIR\
    RPM_PACKAGE_NAME=\"%{NAME}\"\

backport-Allow-version-to-be-omitted-in-the-replace-test-spec.patch

@@ -0,0 +1,27 @@
+From 2c20f9677eff989817148d236543191dec0d8059 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Tue, 14 Nov 2023 09:07:28 +0200
+Subject: [PATCH] Allow version to be omitted in the replace test spec
+
+Conflict:adapt context
+Reference:https://github.com/rpm-software-management/rpm/commit/2c20f9677eff989817148d236543191dec0d8059
+
+---
+ tests/data/SPECS/replacetest.spec | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/tests/data/SPECS/replacetest.spec b/tests/data/SPECS/replacetest.spec
+index 0f86ea628..4fb72b408 100644
+--- a/tests/data/SPECS/replacetest.spec
++++ b/tests/data/SPECS/replacetest.spec
+@@ -2,6 +2,7 @@
+ %{?fixit: %global havepretrans 1}
+ %{!?user: %global user root}
+ %{!?grp: %global grp root}
++%{!?ver: %global ver 1.0}
+ 
+ Name:		replacetest%{?sub:-%{sub}}
+ Version:	%{ver}
+-- 
+2.33.0
+

backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch

@@ -0,0 +1,64 @@
+From 1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Tue, 17 Sep 2024 08:31:35 +0300
+Subject: [PATCH] Enforce the same sanity checks on db add and rebuild
+
+Conflict:adapt context; don't use RPMTAG_HEADERIMMUTABLE because
+e484d99 is not merged; use int type instead of bool in validHeader()
+Reference:https://github.com/rpm-software-management/rpm/commit/1fbf8aeb4e78b8b4afeeaafcbc97b3cbf7cfeaba
+
+It doesn't make a whole lot of sense to allow inserting headers
+that will get removed as invalid on the next rebuild. Funny what
+oddities have survived all this time...
+
+Fixes: #3306
+---
+ lib/rpmdb.c | 18 +++++++++++++-----
+ 1 file changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/lib/rpmdb.c b/lib/rpmdb.c
+index 3bf3457f3..dccdf80cd 100644
+--- a/lib/rpmdb.c
++++ b/lib/rpmdb.c
+@@ -2176,6 +2176,17 @@ exit:
+     return (rc == 0) ? RPMRC_OK : RPMRC_FAIL;
+ }
+ 
++static int validHeader(Header h)
++{
++    if (!(headerIsEntry(h, RPMTAG_NAME) &&
++	headerIsEntry(h, RPMTAG_VERSION) &&
++	headerIsEntry(h, RPMTAG_RELEASE)))
++    {
++	return 0;
++    }
++    return 1;
++}
++
+ int rpmdbAdd(rpmdb db, Header h)
+ {
+     dbiIndex dbi = NULL;
+@@ -2189,7 +2200,7 @@ int rpmdbAdd(rpmdb db, Header h)
+ 	return 0;
+ 
+     hdrBlob = headerExport(h, &hdrLen);
+-    if (hdrBlob == NULL || hdrLen == 0) {
++    if (!validHeader(h) || hdrBlob == NULL || hdrLen == 0) {
+ 	ret = -1;
+ 	goto exit;
+     }
+@@ -2424,10 +2435,7 @@ int rpmdbRebuild(const char * prefix, rpmts ts,
+ 	while ((h = rpmdbNextIterator(mi)) != NULL) {
+ 
+ 	    /* let's sanity check this record a bit, otherwise just skip it */
+-	    if (!(headerIsEntry(h, RPMTAG_NAME) &&
+-		headerIsEntry(h, RPMTAG_VERSION) &&
+-		headerIsEntry(h, RPMTAG_RELEASE)))
+-	    {
++	    if (!validHeader(h)) {
+ 		rpmlog(RPMLOG_ERR,
+ 			_("header #%u in the database is bad -- skipping.\n"),
+ 			rpmdbGetIteratorOffset(mi));
+-- 
+2.33.0
+

backport-Fix-FA_TOUCH-ed-files-getting-removed-on-failed-upda.patch

@@ -0,0 +1,47 @@
+From 027ef640b33b38ca257bb301bb302e9c71d43c27 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Fri, 18 Oct 2024 14:50:35 +0300
+Subject: [PATCH] Fix FA_TOUCH'ed files getting removed on failed update
+
+Conflict:modify fsm.c instead of fsm.cc; don't modify testcode because
+the test code differs greatly, it requires the root permission to run
+chown. However, the current test code cannot implement chown. Manual
+test cases will be used to guard test cases.
+Reference:https://github.com/rpm-software-management/rpm/commit/027ef640b33b38ca257bb301bb302e9c71d43c27
+
+On install/update, most files are laid down with a temporary suffix
+and if the update fails, removing those at the end of the loop is
+the right thing to do. However FA_TOUCH'ed files were already there,
+we only update their metadata, and we better not remove them!
+
+AFAICS this all versions since rpm >= 4.14 in one way or the other.
+If %_minimize_writes is enabled then it affects way more than just
+unmodified config files.
+
+The test is a simplified version of pam update failing in the original
+report. Technically, --nomtime should not be needed for the test
+verification but we don't even try to restore the metadata on failure,
+and fixing that is way out of scope here.
+
+Fixes: RHEL-54386
+Fixes: #3284
+---
+ lib/fsm.c |  2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/fsm.c b/lib/fsm.c
+index e3be219c3..ec0303400 100644
+--- a/lib/fsm.c
++++ b/lib/fsm.c
+@@ -1094,7 +1094,7 @@ setmeta:
+ 	    if (ensureDir(NULL, rpmfiDN(fi), 0, 0, 1, &di.dirfd))
+ 		continue;
+ 
+-	    if (fp->stage > FILE_NONE && !fp->skip) {
++	    if (fp->stage > FILE_NONE && !fp->skip && fp->action != FA_TOUCH) {
+ 		(void) fsmRemove(di.dirfd, fp->fpath, fp->sb.st_mode);
+ 	    }
+ 	}
+-- 
+2.33.0
+

backport-Fix-a-memory-leak-on-rpmdb-importdb.patch

@@ -0,0 +1,27 @@
+From 4b830f7b5a4a70a53e2eef63baf82b7fff308a3c Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Fri, 11 Oct 2024 14:26:57 +0300
+Subject: [PATCH] Fix a memory leak on rpmdb --importdb
+
+Conflict:modify rpmdb.c instead of tools/rpmdb.cc
+Reference:https://github.com/rpm-software-management/rpm/commit/4b830f7b5a4a70a53e2eef63baf82b7fff308a3c
+
+---
+ rpmdb.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/rpmdb.c b/rpmdb.c
+index 20d5d67bd..1736e1ef7 100644
+--- a/rpmdb.c
++++ b/rpmdb.c
+@@ -79,6 +79,7 @@ static int importDB(rpmts ts)
+ 	Header h;
+ 	while ((h = headerRead(fd, HEADER_MAGIC_YES))) {
+ 	    rc += rpmtsImportHeader(txn, h, 0);
++	    headerFree(h);
+ 	}
+     } else {
+ 	rc = -1;
+-- 
+2.33.0
+

backport-Fix-memleak-when-process-policies.patch

@@ -0,0 +1,35 @@
+From 937e725626eecad2e0c34463e733ae123ba2ff5e Mon Sep 17 00:00:00 2001
+From: xujing <xujing125@huawei.com>
+Date: Thu, 12 Sep 2024 20:52:30 +0800
+Subject: [PATCH] Fix memleak when process policies
+
+Conflict:NA
+Reference:https://github.com/rpm-software-management/rpm/commit/937e725626eecad2e0c34463e733ae123ba2ff5e
+
+---
+ build/policies.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/build/policies.c b/build/policies.c
+index 5d704c0eb..69062ee6a 100644
+--- a/build/policies.c
++++ b/build/policies.c
+@@ -289,6 +289,7 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test)
+ 	mod = freeModule(mod);
+ 	name = _free(name);
+ 	types = _free(types);
++	optCon = poptFreeContext(optCon);
+     }
+ 
+     rc = RPMRC_OK;
+@@ -297,6 +298,7 @@ static rpmRC processPolicies(rpmSpec spec, Package pkg, int test)
+     freeModule(mod);
+     free(name);
+     free(types);
++    poptFreeContext(optCon);
+ 
+     return rc;
+ }
+-- 
+2.33.0
+

backport-Fix-wrong-return-code-on-O_DIRECTORY-open-of-invalid.patch

@@ -0,0 +1,49 @@
+From 89ce4e7ca592f5abafc3f25aeaa07d36a7b43a61 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Tue, 14 Nov 2023 11:37:48 +0200
+Subject: [PATCH] Fix wrong return code on O_DIRECTORY open of invalid symlink
+
+Conflict:NA
+Reference:https://github.com/rpm-software-management/rpm/commit/89ce4e7ca592f5abafc3f25aeaa07d36a7b43a61
+
+The dir argument to fsmOpenpath() is supposed to be a rough O_DIRECTORY
+equivalent, and if the path is actually a misowned symlink it should
+return ENOTDIR instead of ELOOP. Makes the resulting error messages
+at least a little more comprehensible.
+---
+ lib/fsm.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/lib/fsm.c b/lib/fsm.c
+index 51f439ef3..091e90554 100644
+--- a/lib/fsm.c
++++ b/lib/fsm.c
+@@ -304,6 +304,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
+     struct stat lsb, sb;
+     int sflags = flags | O_NOFOLLOW;
+     int fd = openat(dirfd, path, sflags);
++    int ffd = fd;
+ 
+     /*
+      * Only ever follow symlinks by root or target owner. Since we can't
+@@ -312,7 +313,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
+      * it could've only been the link owner or root.
+      */
+     if (fd < 0 && errno == ELOOP && flags != sflags) {
+-	int ffd = openat(dirfd, path, flags);
++	ffd = openat(dirfd, path, flags);
+ 	if (ffd >= 0) {
+ 	    if (fstatat(dirfd, path, &lsb, AT_SYMLINK_NOFOLLOW) == 0) {
+ 		if (fstat(ffd, &sb) == 0) {
+@@ -327,7 +328,7 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
+     }
+ 
+     /* O_DIRECTORY equivalent */
+-    if (dir && fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)) {
++    if (dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)))) {
+ 	errno = ENOTDIR;
+ 	fsmClose(&fd);
+     }
+-- 
+2.33.0
+

backport-Refactor-fsmOpenat-return-style-for-consistency-with.patch

@@ -0,0 +1,175 @@
+From 14516542c113560dc0070df2f9102568a7a71b58 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Mon, 19 Aug 2024 11:03:10 +0300
+Subject: [PATCH] Refactor fsmOpenat() return style for consistency within the
+ fsm
+
+Conflict:adapt context; don't modify testcode because the test code differs 
+greatly, 0091214 requires the root permission to run chown. However, the
+current test code cannot implement chown. Manual test cases will be used to
+guard test cases.
+Reference:https://github.com/rpm-software-management/rpm/commit/14516542c113560dc0070df2f9102568a7a71b58
+
+Everything inside the fsm is returning a return code as the main
+returned data and file descriptors as one of the arguments, except
+for fsmOpenat() which I for some reason modeled after openat() instead.
+This mismatch makes for some strange code in the callers.
+
+The only visible change here is supposed to be the error message
+changing slightly due to using rpmfileStrerror() instead of strerror().
+
+Co-authored-by: Florian Festi <ffesti@redhat.com>
+---
+ lib/fsm.c     | 62 +++++++++++++++++++++++++--------------------------
+ 1 file changed, 31 insertions(+), 31 deletions(-)
+
+diff --git a/lib/fsm.c b/lib/fsm.c
+index 20b270cf5..b5f8800a8 100644
+--- a/lib/fsm.c
++++ b/lib/fsm.c
+@@ -65,7 +65,7 @@ struct filedata_s {
+  * things around needlessly 
+  */ 
+ static const char * fileActionString(rpmFileAction a);
+-static int fsmOpenat(int dirfd, const char *path, int flags, int dir);
++static int fsmOpenat(int *fdp, int dirfd, const char *path, int flags, int dir);
+ static int fsmClose(int *wfdp);
+ 
+ /** \ingroup payload
+@@ -98,9 +98,9 @@ static int fsmLink(int odirfd, const char *opath, int dirfd, const char *path)
+ #if WITH_CAP
+ static int cap_set_fileat(int dirfd, const char *path, cap_t fcaps)
+ {
+-    int rc = -1;
+-    int fd = fsmOpenat(dirfd, path, O_RDONLY|O_NOFOLLOW, 0);
+-    if (fd >= 0) {
++    int fd = -1;
++    int rc = fsmOpenat(&fd, dirfd, path, O_RDONLY|O_NOFOLLOW, 0);
++    if (!rc) {
+ 	rc = cap_set_fd(fd, fcaps);
+ 	fsmClose(&fd);
+     }
+@@ -299,12 +299,13 @@ static int fsmMkdir(int dirfd, const char *path, mode_t mode)
+     return rc;
+ }
+ 
+-static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
++static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
+ {
+     struct stat lsb, sb;
+     int sflags = flags | O_NOFOLLOW;
+     int fd = openat(dirfd, path, sflags);
+     int ffd = fd;
++    int rc = 0;
+ 
+     /*
+      * Only ever follow symlinks by root or target owner. Since we can't
+@@ -328,11 +329,17 @@ static int fsmOpenat(int dirfd, const char *path, int flags, int dir)
+     }
+ 
+     /* O_DIRECTORY equivalent */
+-    if (dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode)))) {
+-	errno = ENOTDIR;
++    if (!rc && dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))))
++	rc = RPMERR_ENOTDIR;
++
++    if (!rc && fd < 0)
++	rc = RPMERR_OPEN_FAILED;
++
++    if (rc)
+ 	fsmClose(&fd);
+-    }
+-    return fd;
++
++    *wfdp = fd;
++    return rc;
+ }
+ 
+ static int fsmDoMkDir(rpmPlugins plugins, int dirfd, const char *dn,
+@@ -351,9 +358,7 @@ static int fsmDoMkDir(rpmPlugins plugins, int dirfd, const char *dn,
+ 	rc = fsmMkdir(dirfd, dn, mode);
+ 
+     if (!rc) {
+-	*fdp = fsmOpenat(dirfd, dn, O_RDONLY|O_NOFOLLOW, 1);
+-	if (*fdp == -1)
+-	    rc = RPMERR_ENOTDIR;
++	rc = fsmOpenat(fdp, dirfd, dn, O_RDONLY|O_NOFOLLOW, 1);
+     }
+ 
+     if (!rc) {
+@@ -378,47 +383,44 @@ static int ensureDir(rpmPlugins plugins, const char *p, int owned, int create,
+     char *sp = NULL, *bn;
+     char *apath = NULL;
+     int oflags = O_RDONLY;
+-    int rc = 0;
+ 
+     if (*dirfdp >= 0)
+-	return rc;
++	return 0;
+ 
+-    int dirfd = fsmOpenat(-1, "/", oflags, 1);
++    int dirfd = -1;
++    int rc = fsmOpenat(&dirfd, -1, "/", oflags, 1);
+     int fd = dirfd; /* special case of "/" */
+ 
+     char *path = xstrdup(p);
+     char *dp = path;
+ 
+     while ((bn = strtok_r(dp, "/", &sp)) != NULL) {
+-	fd = fsmOpenat(dirfd, bn, oflags, 1);
++	rc = fsmOpenat(&fd, dirfd, bn, oflags, 1);
+ 	/* assemble absolute path for plugins benefit, sigh */
+ 	apath = rstrscat(&apath, "/", bn, NULL);
+ 
+-	if (fd < 0 && errno == ENOENT && create) {
++	if (rc && errno == ENOENT && create) {
+ 	    mode_t mode = S_IFDIR | (_dirPerms & 07777);
+ 	    rc = fsmDoMkDir(plugins, dirfd, bn, apath, owned, mode, &fd);
+ 	}
+ 
+ 	fsmClose(&dirfd);
+-	if (fd >= 0) {
+-	    dirfd = fd;
+-	} else {
+-	    if (!quiet) {
+-		rpmlog(RPMLOG_ERR, _("failed to open dir %s of %s: %s\n"),
+-			bn, p, strerror(errno));
+-	    }
+-	    rc = RPMERR_OPEN_FAILED;
++	if (rc)
+ 	    break;
+-	}
+ 
++	dirfd = fd;
+ 	dp = NULL;
+     }
+ 
+     if (rc) {
++	if (!quiet) {
++	    char *msg = rpmfileStrerror(rc);
++	    rpmlog(RPMLOG_ERR, _("failed to open dir %s of %s: %s\n"),
++		    bn, p, msg);
++	    free(msg);
++	}
+ 	fsmClose(&fd);
+ 	fsmClose(&dirfd);
+-    } else {
+-	rc = 0;
+     }
+     *dirfdp = dirfd;
+ 
+@@ -1026,10 +1028,8 @@ setmeta:
+ 		/* Only follow safe symlinks, and never on temporary files */
+ 		if (fp->suffix)
+ 		    flags |= AT_SYMLINK_NOFOLLOW;
+-		fd = fsmOpenat(di.dirfd, fp->fpath, flags,
++		rc = fsmOpenat(&fd, di.dirfd, fp->fpath, flags,
+ 				S_ISDIR(fp->sb.st_mode));
+-		if (fd < 0)
+-		    rc = RPMERR_OPEN_FAILED;
+ 	    }
+ 
+ 	    if (!rc && fp->setmeta) {
+-- 
+2.33.0
+

backport-Report-unsafe-symlinks-during-installation-as-a-spec.patch

@@ -0,0 +1,87 @@
+From 535eacc96ae6fe5289a2917bb0af43e491b0f4f4 Mon Sep 17 00:00:00 2001
+From: Panu Matilainen <pmatilai@redhat.com>
+Date: Mon, 19 Aug 2024 11:43:33 +0300
+Subject: [PATCH] Report unsafe symlinks during installation as a specific case
+
+Conflict:don't modify testcode because the test code differs greatly, 0091214
+requires the root permission to run chown. However, the current test code
+cannot implement chown. Manual test cases will be used to guard test cases.
+Reference:https://github.com/rpm-software-management/rpm/commit/535eacc96ae6fe5289a2917bb0af43e491b0f4f4
+
+RPM refuses to follow non root owned symlinks pointing to files owned by
+another user for security reasons. This case was lumped in with
+O_DIRECTORY behavior, leading to confusing error message as the symlink
+often indeed points at a directory. Emit a more meaningful error message
+when encountering unsafe symlinks.
+
+We already detect the error condition in the main if block here, might
+as well set the error code right there and then so we don't need to
+redetect later. We previously only tested for the unsafe link condition
+when our O_DIRECTORY equivalent was set, but that seems wrong. Probably
+doesn't matter with the existing callers, but we really must not
+follow those unsafe symlinks no matter what.
+
+Co-authored-by: Florian Festi <ffesti@redhat.com>
+
+Resolves: #3100
+---
+ lib/fsm.c     | 10 ++++++----
+ lib/rpmfi.c   |  2 +-
+ 2 files changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/lib/fsm.c b/lib/fsm.c
+index b5f8800a8..4c0968f73 100644
+--- a/lib/fsm.c
++++ b/lib/fsm.c
+@@ -304,7 +304,6 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
+     struct stat lsb, sb;
+     int sflags = flags | O_NOFOLLOW;
+     int fd = openat(dirfd, path, sflags);
+-    int ffd = fd;
+     int rc = 0;
+ 
+     /*
+@@ -314,7 +313,7 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
+      * it could've only been the link owner or root.
+      */
+     if (fd < 0 && errno == ELOOP && flags != sflags) {
+-	ffd = openat(dirfd, path, flags);
++	int ffd = openat(dirfd, path, flags);
+ 	if (ffd >= 0) {
+ 	    if (fstatat(dirfd, path, &lsb, AT_SYMLINK_NOFOLLOW) == 0) {
+ 		if (fstat(ffd, &sb) == 0) {
+@@ -323,13 +322,16 @@ static int fsmOpenat(int *wfdp, int dirfd, const char *path, int flags, int dir)
+ 		    }
+ 		}
+ 	    }
+-	    if (ffd != fd)
++	    /* Symlink with non-matching owners */
++	    if (ffd != fd) {
+ 		close(ffd);
++		rc = RPMERR_INVALID_SYMLINK;
++	    }
+ 	}
+     }
+ 
+     /* O_DIRECTORY equivalent */
+-    if (!rc && dir && ((fd != ffd) || (fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))))
++    if (!rc && dir && fd >= 0 && fstat(fd, &sb) == 0 && !S_ISDIR(sb.st_mode))
+ 	rc = RPMERR_ENOTDIR;
+ 
+     if (!rc && fd < 0)
+diff --git a/lib/rpmfi.c b/lib/rpmfi.c
+index a3d8ad470..d8dbb67c7 100644
+--- a/lib/rpmfi.c
++++ b/lib/rpmfi.c
+@@ -2426,7 +2426,7 @@ char * rpmfileStrerror(int rc)
+     case RPMERR_DIGEST_MISMATCH: s = _("Digest mismatch");	break;
+     case RPMERR_INTERNAL:	s = _("Internal error");	break;
+     case RPMERR_UNMAPPED_FILE:	s = _("Archive file not in header"); break;
+-    case RPMERR_INVALID_SYMLINK: s = _("Invalid symlink");	break;
++    case RPMERR_INVALID_SYMLINK: s = _("Unsafe symlink");	break;
+     case RPMERR_ENOTDIR:	s = strerror(ENOTDIR);	break;
+     case RPMERR_ENOENT:	s = strerror(ENOENT); break;
+     case RPMERR_ENOTEMPTY:	s = strerror(ENOTEMPTY); break;
+-- 
+2.33.0
+

backport-Require-macro-filenames-to-end-in-alphanum-char.patch

@@ -0,0 +1,77 @@
+From 63e3061fa2471c663bed43d02f97c80953dfc9f7 Mon Sep 17 00:00:00 2001
+From: Michal Domonkos <mdomonko@redhat.com>
+Date: Wed, 23 Oct 2024 15:45:07 +0200
+Subject: [PATCH] Require macro filenames to end in alphanum char
+
+Conflict:modify macro.c instead of macro.cc; use AT_{CHECK,CLEANUP}
+instead of RPMTEST_{CHECK,CLEANUP} because adafe8d04724b is not merged;
+use "/usr/lib/rpm" instead of $RPM_CONFIGDIR_PATH because f134eb1 and
+1592f16 are not merged; "mkdir -p $RPMTEST/usr/lib/rpm/macros.d/" to
+ensure directory exist.
+Reference:https://github.com/rpm-software-management/rpm/commit/63e3061fa2471c663bed43d02f97c80953dfc9f7
+
+Make sure (text editor) backup files, such as those with the tilde (~)
+at the end, aren't processed by our macrofiles globs.  These can appear
+while editing a macro file in place and may result in confusing behavior
+where an old version of a macro overrides the one being written, like
+seen in the ticket #3373.
+
+Rather than enumerating any specific suffixes, just mandate that macro
+files end with alphanumerics.  That's more of a name sanity check than
+anything but fits the bill here.
+
+Co-authored-by: Peter Oliver <git@mavit.org.uk>
+---
+ rpmio/macro.c     |  4 +++-
+ tests/rpmmacro.at | 18 ++++++++++++++++++
+ 2 files changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/rpmio/macro.c b/rpmio/macro.c
+index 1a9f2f63a..11668b7ee 100644
+--- a/rpmio/macro.c
++++ b/rpmio/macro.c
+@@ -1981,9 +1981,11 @@ rpmInitMacros(rpmMacroContext mc, const char * macrofiles)
+ 
+ 	/* Read macros from each file. */
+ 	for (path = files; *path; path++) {
++	    size_t len = strlen(*path);
+ 	    if (rpmFileHasSuffix(*path, ".rpmnew") || 
+ 		rpmFileHasSuffix(*path, ".rpmsave") ||
+-		rpmFileHasSuffix(*path, ".rpmorig")) {
++		rpmFileHasSuffix(*path, ".rpmorig") ||
++		(len > 0 && !risalnum((*path)[len - 1]))) {
+ 		continue;
+ 	    }
+ 	    (void) loadMacroFile(mc, *path);
+diff --git a/tests/rpmmacro.at b/tests/rpmmacro.at
+index 50096fd5d..968d48ee7 100644
+--- a/tests/rpmmacro.at
++++ b/tests/rpmmacro.at
+@@ -2,6 +2,24 @@
+ #
+ AT_BANNER([RPM macros])
+ 
++# ------------------------------
++AT_SETUP([macro path: skip editor backups])
++AT_KEYWORDS([macros])
++RPMTEST_SETUP
++AT_CHECK([
++mkdir -p $RPMTEST/usr/lib/rpm/macros.d/
++echo '%this that' > $RPMTEST/usr/lib/rpm/macros.d/macros.this
++runroot rpm --eval '%{this}'
++mv $RPMTEST/usr/lib/rpm/macros.d/macros.this{,~}
++runroot rpm --eval '%{this}'
++],
++[0],
++[that
++%{this}
++],
++[])
++AT_CLEANUP
++
+ # ------------------------------
+ AT_SETUP([simple rpm --eval])
+ AT_KEYWORDS([macros])
+-- 
+2.33.0
+

rpm-selinux-plugin-check-context-file-exist.patch

@@ -0,0 +1,26 @@
+From 55708fd5822a3e4bf5537002a648f32cb0a6e07e Mon Sep 17 00:00:00 2001
+From: luhuaxin <1539327763@qq.com>
+Date: Tue, 26 Oct 2021 18:39:46 +0800
+Subject: [PATCH] rpm selinux plugin check context file exist
+
+---
+ plugins/selinux.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/plugins/selinux.c b/plugins/selinux.c
+index 1254517..fb8b7a2 100644
+--- a/plugins/selinux.c
++++ b/plugins/selinux.c
+@@ -63,7 +63,8 @@ static rpmRC selinux_tsm_pre(rpmPlugin plugin, rpmts ts)
+     rpmRC rc = RPMRC_OK;
+ 
+     /* If SELinux isn't enabled on the system, dont mess with it */
+-    if (!is_selinux_enabled()) {
++    if (!is_selinux_enabled() || selinux_file_context_path() == NULL ||
++        access(selinux_file_context_path(), F_OK)) {
+ 	rpmtsSetFlags(ts, (rpmtsFlags(ts) | RPMTRANS_FLAG_NOCONTEXTS));
+     }
+ 
+-- 
+2.23.0
+

rpm.spec

@@ -1,6 +1,6 @@
 Name:          rpm
 Version:       4.18.2
-Release:       17
+Release:       22
 Summary:       RPM Package Manager
 License:       GPL-2.0-or-later
 URL:           https://rpm.org/
@@ -17,6 +17,7 @@ Patch8: still-in-use-of-python-scripts-from-old-version.patch
 Patch9: Add-loongarch-architecture-support.patch
 Patch10: rpm-Add-sw64-architecture.patch
 Patch11: add-default-machine-name-to-support-loongarch.patch
+Patch12: rpm-selinux-plugin-check-context-file-exist.patch
 
 Patch6000: backport-revert-Permit-building-rpm-from-git-without-pandoc.patch
 Patch6001: backport-Check-inside-root-when-querying-for-files.patch
@@ -47,6 +48,15 @@ Patch6025: backport-Fix-crash-on-Lua-file-trigger-exiting-with-return-ed.patch
 Patch6026: backport-Fix-V-option-usage-in-our-tests.patch
 Patch6027: backport-Remove-libtool-la-symlinks.patch
 Patch6028: backport-Specify-the-private-key-in-rpm-addsign.patch
+Patch6029: backport-Fix-memleak-when-process-policies.patch
+Patch6030: backport-Enforce-the-same-sanity-checks-on-db-add-and-rebuild.patch
+Patch6031: backport-Fix-a-memory-leak-on-rpmdb-importdb.patch
+Patch6032: backport-Require-macro-filenames-to-end-in-alphanum-char.patch
+Patch6033: backport-Allow-version-to-be-omitted-in-the-replace-test-spec.patch
+Patch6034: backport-Fix-wrong-return-code-on-O_DIRECTORY-open-of-invalid.patch
+Patch6035: backport-Refactor-fsmOpenat-return-style-for-consistency-with.patch
+Patch6036: backport-Report-unsafe-symlinks-during-installation-as-a-spec.patch
+Patch6037: backport-Fix-FA_TOUCH-ed-files-getting-removed-on-failed-upda.patch
 
 Patch9000: Add-digest-list-plugin.patch
 Patch9001: Add-IMA-digest-list-support.patch
@@ -335,6 +345,21 @@ make clean
 %exclude %{_mandir}/man8/rpmspec.8*
 
 %changelog
+* Mon Dec 2 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-22
+- sync patches from upstream
+
+* Wed Nov 27 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-21
+- Require macro filenames to end in alphanum char
+
+* Mon Nov 25 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-20
+- sync patches from upstream
+
+* Sat Oct 26 2024 Funda Wang <fundawang@yeah.net> - 4.18.2-19
+- fix RPM_LD_FLAGS not got exported
+
+* Fri Oct 25 2024 xuce<xuce10@h-partners.com> - 4.18.2-18
+- Separate the SELinux patch from the IMA digest list patch
+
 * Sun Sep 29 2024 hugel<gengqihu2@h-partners.com> - 4.18.2-17
 - Fix testcase failed of rpm addsign
 
@@ -414,7 +439,7 @@ make clean
 * Tue Jun 20 2023 renhongxun<renhongxun@h-partners.com> - 4.18.1-1
 - upgrade version to 4.18.1
 
-* Wed Jun 21 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-11
+* Tue Jun 20 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-11
 - Fix per-file plugin hook regression introduced in 4.18
 
 * Mon Jun 19 2023 renhongxun<renhongxun@h-partners.com> - 4.18.0-10