Stephen Smalley <stephen.smalley.work@xxxxxxxxx> writes: > On Mon, Mar 2, 2020 at 11:41 AM <bill.c.roberts@xxxxxxxxx> wrote: >> >> Version 4: >> - Fix linker option warnings. >> - Move map file to begining of options. >> >> Version 3: >> - Add more symbols that should be dropped from the dso: >> - map_class; >> - map_decision; >> - map_perm; >> >> Version 2: >> - adds a version to the linker script LIBSELINUX_1.0 >> - Adds a patch to drop some additional symbols from the dso: >> - dir_xattr_list >> - myprintf_compat >> - unmap_class >> - unmap_perm >> >> This four part patch series drops the dso.h and hidden_* >> macros. >> >> The old dso.h functionality provided libselinux with both control over >> external exported symbols as well as ensuring internal callers call into >> libselinux and not a symbol with the same name loaded by the linker >> earlier in the library list. >> >> The functionality is replaced by a linker script that requires public >> API to explicitly be opt-in. The old method required that internal API >> be explicitly annotated, and everything else is public. This should help >> make it easier to control libselinux DSO hygene going forward. >> >> The second functionality is replaced by compiler option >> -fno-semantic-interposition >> >> Note that clang has this enabled by default, and thus doesn't need it. >> >> See: >> - https://stackoverflow.com/questions/35745543/new-option-in-gcc-5-3-fno-semantic-interposition >> >> [PATCH v4 1/4] dso: drop hidden_proto and hidden_def >> [PATCH v4 2/4] Makefile: add -fno-semantic-interposition >> [PATCH v4 3/4] Makefile: add linker script to minimize exports >> [PATCH v4 4/4] libselinux: drop symbols from map > > This looks fine to me but I'd like at least one of the distro > maintainers to ack it (especially the last one). On it. I'll provide a feedback later today or tomorrow.