ANN: SELinux userspace 3.4-rc1 release candidate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

A 3.4-rc1 release candidate for the SELinux userspace is now 
available at:

https://github.com/SELinuxProject/selinux/wiki/Releases

I signed all tarballs using my gpg key, see .asc files.
You can download the public key from
https://people.redhat.com/plautrba/plautrba@xxxxxxxxxxxxxx

Please give it a test and let us know if there are any issues.

If there are specific changes that you think should be called out 
in release notes for packagers and users in the final release
announcement, let us know. 

Thanks to all the contributors to this release candidate!

User-visible changes
--------------------

* A new selinux_restorecon_parallel(3) function that allows to run relabeling over multiple threads

* setfiles/restorecon/fixfiles support parallel relabeling via [ -T <N> ] threads option

* A new semodule options [ -m | --checksum ] to get SHA256 hashes of modules

* mcstrans ported to PCRE2

* libsepol/cil supports IPv4/IPv6 address embedding

* Add a new semodule option [ --rebuild-if-modules-changed ] to optionally rebuild policy when modules
  are changed externally

* A lot of static code analyse issues, fuzzer issues and compiler warnings fixed

* Translations split into sub-packages and updated from
  https://translate.fedoraproject.org/projects/selinux/

* Bug fixes

Development-relevant changes
----------------------------

* ci: run the tests under ASan/UBsan on GHActions

Shortlog of changes since the 3.3 release
-----------------------------------------

Christian Göttsche (86):
      libsepol: do not pass NULL to memcpy
      libsemanage: do not sort empty records
      libsemanage/tests: free memory
      libselinux: use valid address to silence glibc 2.34 warnings
      libsepol: avoid passing NULL pointer to memcpy
      checkpolicy: use correct unsigned format specifiers
      libsepol: use string literals as format strings
      policycoreutils: use string literal as format strings
      Enable extra global compiler warnings
      checkpolicy: ignore possible string truncation
      policycoreutils: mark local functions static
      sandbox: mark local functions static
      python: mark local functions static
      mcstrans: avoid missing prototypes
      libsemanage: mark local functions static
      libsemanage: include paired header for prototypes
      libsemanage: add extern prototype for legacy function
      mcstrans: port to new PCRE2 from end-of-life PCRE
      libselinux: use PCRE2 by default
      Replace PCRE with PCRE2 build dependencies
      libsepol/cil: support IPv4/IPv6 address embedding
      checkpolicy: warn on bogus IP address or netmask in nodecon statement
      cifuzz: enable report-unreproducible-crashes
      cifuzz: use the default runtime of 600 seconds
      libsepol/fuzz: silence secilc-fuzzer
      libsepol: add libfuzz based fuzzer for reading binary policies
      libsepol/fuzz: limit element sizes for fuzzing
      libsepol: use logging framework in conditional.c
      libsepol: use logging framework in ebitmap.c
      libsepol: use mallocarray wrapper to avoid overflows
      libsepol: use reallocarray wrapper to avoid overflows
      libsepol: add checks for read sizes
      libsepol: enforce avtab item limit
      libsepol: clean memory on conditional insertion failure
      libsepol: reject abnormal huge sid ids
      libsepol: reject invalid filetrans source type
      libsepol: zero member before potential dereference
      libsepol: use size_t for indexes in strs helpers
      libsepol: do not underflow on short format arguments
      libsepol: do not crash on class gaps
      libsepol: do not crash on user gaps
      libsepol: use correct size for initial string list
      libsepol: do not create a string list with initial size zero
      libsepol: split validation of datum array gaps and entries
      libsepol: validate MLS levels
      libsepol: validate expanded user range and level
      libsepol: validate permission count of classes
      libsepol: resolve log message mismatch
      libsepol: validate avtab and avrule types
      libsepol: validate constraint expression operators and attributes
      libsepol: validate type of avtab type rules
      libsepol: validate ocontexts
      libsepol: validate genfs contexts
      libsepol: validate permissive types
      libsepol: validate policy properties
      libsepol: validate categories
      libsepol: validate fsuse types
      libsepol: validate class default targets
      libsepol/cil: bail out on snprintf failure
      libsepol: check for valid sensitivity before lookup
      libsepol: check for saturated class name length
      libsepol: return failure on saturated class name length
      libsepol: drop trailing newlines in log messages
      libsepol: handle type gaps
      libsepol: invert only valid range of role bitmap
      policycoreutils: handle argument counter of zero
      libsepol: do not add gaps to string list
      libsepol: use correct error type to please UBSAN
      libsepol: more strict constraint validation
      libsepol: validate several flags
      checkpolicy: allow wildcard permissions in constraints
      python/sepolgen: accept square brackets in FILENAME token
      libsepol: NULL pointer offset fix
      newrole: add Makefile target to test build options
      newrole: silence compiler warnings
      newrole: check for crypt(3) failure
      newrole: ensure password memory erasure
      libsepol: reject xperm av rules in conditional statements
      libsepol: validate boolean datum arrays
      libsepol/cil: silence GCC 12 array-bounds false positive
      libsepol: add missing oom checks
      libsepol: mark immutable mls and context parameter const
      libsepol: mark immutable common helper parameter const
      libsepol/cil: declare file local functions static
      libsepol/cil: drop unused function cil_tree_error
      libsepol/cil: post process pirqcon rules

Cutright Jacob (1):
      Modified Russian and English man pages to fix typo; REQUIREUSERS -> REQUIRESEUSERS

Evgeny Vereshchagin (1):
      ci: run the tests under ASan/UBsan on GHActions

James Carter (36):
      libsepol: Add support for file types in writing out policy.conf
      libsepol/cil: Refactor filecon file type handling
      libsepol/cil: Allow optional file type in genfscon rules
      secilc/docs: Document the optional file type for genfscon rules
      libsepol: Write out genfscon file type when writing out CIL policy
      libsepol/cil: Do not copy blockabstracts when inheriting a block
      libsepol/cil: Mark as abstract all sub-blocks of an abstract block
      libsepol/cil: Do not resolve names to declarations in abstract blocks
      libsepol/cil: Ensure that the class in a classcommon is a kernel class
      libsepol: Return an error if check_assertion() returns an error.
      libsepol: Change label in check_assertion_avtab_match()
      libsepol: Remove uneeded error messages in assertion checking
      libsepol: Check for error from check_assertion_extended_permissions()
      libsepol: Use consistent return checking style
      libsepol: Move check of target types to before check for self
      libsepol: Create function check_assertion_self_match() and use it
      libsepol: Use (rc < 0) instead of (rc) when calling ebitmap functions
      libsepol: Remove unnessesary check for matching class
      libsepol: Move assigning outer loop index out of inner loop
      libsepol: Make use of previously created ebitmap when checking self
      libsepol: Refactor match_any_class_permissions() to be clearer
      libsepol: Make return value clearer when reporting neverallowx errors
      libsepol: The src and tgt must be the same if neverallow uses self
      libsepol: Set args avtab pointer when reporting assertion violations
      libsepol: Fix two problems with neverallowxperm reporting
      libsepol/cil: Add cil_get_log_level() function
      libsepol/cil: Provide more control over reporting bounds failures
      libsepol/cil: Limit the neverallow violations reported
      libsepol/cil: Limit the amount of reporting for context rule conflicts
      libsepol: Do a more thorough validation of constraints
      libsepol/cil: Don't add constraint if there are no permissions
      libsepol: Don't write out constraint if it has no permissions
      libsepol/cil: Write a message when a log message is truncated
      libsepol: Use calloc when initializing bool_val_to_struct array
      libsepol: Validate conditional expressions
      Add a file describing the security vulnerability handling process

Markus Linnala (1):
      Use IANA-managed domain example.com in examples

Ondrej Mosnacek (14):
      label_file: fix a data race
      selinux_restorecon: simplify fl_head allocation by using calloc()
      selinux_restorecon: protect file_spec list with a mutex
      libselinux: make selinux_log() thread-safe
      libselinux: make is_context_customizable() thread-safe
      selinux_restorecon: add a global mutex to synchronize progress output
      selinux_restorecon: introduce selinux_restorecon_parallel(3)
      setfiles/restorecon: support parallel relabeling
      libsemanage: add missing include to boolean_record.c
      semodule,libsemanage: move module hashing into libsemanage
      libsemanage: move compressed file handling into a separate object
      libsemanage: clean up semanage_direct_commit() a bit
      libsemanage: optionally rebuild policy when modules are changed externally
      semodule: add command-line option to detect module changes

Petr Lautrbach (14):
      semodule: add -m | --checksum option
      semodule: Fix lang_ext column index
      semodule: Don't forget to munmap() data
      libselinux: Fix selinux_restorecon_parallel symbol version
      semanage-fcontext.8: Drop extra )s after FILE_SPEC
      policycoreutils/fixfiles: Use parallel relabeling
      libselinux: Close leaked FILEs
      libsemanage: Fall back to semanage_copy_dir when rename() fails
      Split po/ translation files into the relevant sub-directories
      Update translations from translate.fedoraproject.org
      libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_get_module_info()
      semodule_package: Close leaking fd
      mcstrans: Fir RESOURCE_LEAK and USE_AFTER_FREE coverity scan defects
      Update VERSIONs to 3.4-rc1 for release.

Richard Haines (2):
      libsepol: Add 'ioctl_skip_cloexec' policy capability
      libsepol: Shorten the policy capability enum names

Thiébaud Weksteen (2):
      libsepol: Populate and use policy name
      libsepol: fix reallocarray imports

Topi Miettinen (1):
      secilc: kernel policy language is infix

Vit Mojzis (3):
      policycoreutils: Improve error message when selabel_open fails
      libselinux: Strip spaces before values in config
      libsemanage: allow spaces in user/group names





[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux