!33 修复loongarch架构编译错误

From: @yue-yuankun 
Reviewed-by: @HuaxinLuGitee 
Signed-off-by: @HuaxinLuGitee

fix-go-build-ref-cldflags.patch

@@ -0,0 +1,25 @@
+From a52f67f2dbdf1b20b17061c695049e9ffec795c9 Mon Sep 17 00:00:00 2001
+From: luofeng <luofeng13@huawei.com>
+Date: Tue, 2 Apr 2024 20:00:04 +0800
+Subject: [PATCH] fix go build ref cldflags
+
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 405bcc3..8a29fb1 100644
+--- a/Makefile
++++ b/Makefile
+@@ -23,7 +23,7 @@ SYSTEMD_DIR = $(DESTDIR)/usr/lib/systemd/system
+ LOG_DIR := $(DESTDIR)/var/log/secpaver
+ 
+ BUILDFLAGS := -trimpath
+-LDFLAGS := -w -s -buildid=IdBySecPaver -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-Wl,-z,now $(LDFLAGS)
++LDFLAGS := -w -s -buildid=IdBySecPaver -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-Wl,-z,now
+ 
+ ifeq ($(shell go help mod >/dev/null 2>&1 && echo true), true)
+ export GO111MODULE=on
+-- 
+2.19.1
+

remove-unused-socket.patch

@@ -0,0 +1,55 @@
+From 2d999bb4fbbdbf3bb4cd24bdcfe105a9031c38fa Mon Sep 17 00:00:00 2001
+From: zhengxiaoxiao <zhengxiaoxiao2@huawei.com>
+Date: Sat, 13 Apr 2024 11:47:46 +0800
+Subject: [PATCH] remove unused socket
+
+---
+ common/project/keywords.go        | 3 ---
+ engine/selinux/builder/network.go | 3 ---
+ 2 files changed, 6 deletions(-)
+
+diff --git a/common/project/keywords.go b/common/project/keywords.go
+index 8674aab..6213fc3 100644
+--- a/common/project/keywords.go
++++ b/common/project/keywords.go
+@@ -122,7 +122,6 @@ const (
+ 	NetDomainIpx        = "ipx"
+ 	NetDomainAppletalk  = "appletalk"
+ 	NetDomainNetrom     = "netrom"
+-	NetDomainBridge     = "bridge"
+ 	NetDomainAtmpvc     = "atmpvc"
+ 	NetDomainX25        = "x25"
+ 	NetDomainInet6      = "inet6"
+@@ -155,8 +154,6 @@ const (
+ 	NetDomainAlg        = "alg"
+ 	NetDomainNfc        = "nfc"
+ 	NetDomainVsock      = "vsock"
+-	NetDomainMpls       = "mpls"
+-	NetDomainIb         = "ib"
+ 	NetDomainSmc        = "smc"
+ 
+ 	NetTypeStream    = "stream"
+diff --git a/engine/selinux/builder/network.go b/engine/selinux/builder/network.go
+index 354cc3a..fbb04bc 100644
+--- a/engine/selinux/builder/network.go
++++ b/engine/selinux/builder/network.go
+@@ -29,7 +29,6 @@ var commonDomainSocketMap = map[string]string{
+ 	project.NetDomainIpx:        "ipx_socket",
+ 	project.NetDomainAppletalk:  "appletalk_socket",
+ 	project.NetDomainNetrom:     "netrom_socket",
+-	project.NetDomainBridge:     "bridge_socket",
+ 	project.NetDomainAtmpvc:     "atmpvc_socket",
+ 	project.NetDomainX25:        "x25_socket",
+ 	project.NetDomainRose:       "rose_socket",
+@@ -59,8 +58,6 @@ var commonDomainSocketMap = map[string]string{
+ 	project.NetDomainAlg:        "alg_socket",
+ 	project.NetDomainNfc:        "nfc_socket",
+ 	project.NetDomainVsock:      "vsock_socket",
+-	project.NetDomainMpls:       "mpls_socket",
+-	project.NetDomainIb:         "ib_socket",
+ 	project.NetDomainSmc:        "smc_socket",
+ }
+ 
+-- 
+2.33.0
+

secpaver.spec

@@ -2,7 +2,7 @@
 Name: secpaver
 Summary: Security policy development tool
 Version: 1.0.2
-Release: 6
+Release: 11
 License: MulanPSL-2.0
 URL: https://gitee.com/openeuler/secpaver
 Source: https://gitee.com/openeuler/secpaver/repository/archive/%{name}-%{version}.tar.gz
@@ -11,7 +11,11 @@ Source1: sys.tar.gz
 
 Patch0001: dont-do-daemon-reload-in-make-install.patch
 Patch0002: set-default-log-path.patch
-%ifarch riscv64
+Patch0003: support-clang-build.patch
+Patch0004: fix-go-build-ref-cldflags.patch
+Patch0005: remove-unused-socket.patch
+
+%ifarch riscv64 loongarch64
 Patch1000: 1000-fix-build-on-riscv64.patch
 %endif
 
@@ -51,8 +55,8 @@ tar -xf %{SOURCE1} -C vendor/golang.org/x/
 
 %files
 %defattr(0600,root,root,0700)
-%attr(0700,root,root) %{_bindir}/pav
+%attr(0500,root,root) %{_bindir}/pav
-%attr(0700,root,root) %{_bindir}/pavd
+%attr(0500,root,root) %{_bindir}/pavd
 %dir %{_sysconfdir}/secpaver
 %dir %{_sysconfdir}/secpaver/pavd
 %dir %{_libdir}/secpaver
@@ -82,6 +86,21 @@ tar -xf %{SOURCE1} -C vendor/golang.org/x/
 %systemd_postun_with_restart pavd.service
 
 %changelog
+* Sun Jun 09 2024 yueyuankun <yueyuankun@kylinos.cn> - 1.0.2-11
+- Fix build on loongarch64
+
+* Sat Apr 13 2024 zhengxiaoxiao <zhengxiaoxiao2@huawei.com> - 1.0.2-10
+- remove unused socket
+
+* Mon Apr 8 2024 luofeng <luofeng13@huawei.com> - 1.0.2-9
+- modify pav and pavd premission from 700 to 500
+
+* Mon Apr 1 2024 luofeng <luofeng13@huawei.com> - 1.0.2-8
+- fix go build ref C LDFLAGS
+
+* Fri Mar 1 2024 luofeng <luofeng13@huawei.com> - 1.0.2-7
+- support clang build
+
 * Fri Sep 15 2023 misaka00251 <liuxin@iscas.ac.cn> - 1.0.2-6
 - Fix build on riscv64
 

support-clang-build.patch

@@ -0,0 +1,25 @@
+From cb587f370f5cd9caf57c8c4364392f5513435b21 Mon Sep 17 00:00:00 2001
+From: luofeng <luofeng13@huawei.com>
+Date: Mon, 4 Mar 2024 15:49:13 +0800
+Subject: [PATCH] support clang build
+
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 858346a..405bcc3 100644
+--- a/Makefile
++++ b/Makefile
+@@ -23,7 +23,7 @@ SYSTEMD_DIR = $(DESTDIR)/usr/lib/systemd/system
+ LOG_DIR := $(DESTDIR)/var/log/secpaver
+ 
+ BUILDFLAGS := -trimpath
+-LDFLAGS := -w -s -buildid=IdBySecPaver -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-znow $(LDFLAGS)
++LDFLAGS := -w -s -buildid=IdBySecPaver -linkmode=external -extldflags=-static -extldflags=-zrelro -extldflags=-Wl,-z,now $(LDFLAGS)
+ 
+ ifeq ($(shell go help mod >/dev/null 2>&1 && echo true), true)
+ export GO111MODULE=on
+-- 
+2.19.1
+