diff options
Diffstat (limited to 'recipes-security/selinux/libselinux/libselinux-make-SOCK_CLOEXEC-optional.patch')
-rw-r--r-- | recipes-security/selinux/libselinux/libselinux-make-SOCK_CLOEXEC-optional.patch | 38 |
1 files changed, 0 insertions, 38 deletions
diff --git a/recipes-security/selinux/libselinux/libselinux-make-SOCK_CLOEXEC-optional.patch b/recipes-security/selinux/libselinux/libselinux-make-SOCK_CLOEXEC-optional.patch deleted file mode 100644 index febced7..0000000 --- a/recipes-security/selinux/libselinux/libselinux-make-SOCK_CLOEXEC-optional.patch +++ /dev/null @@ -1,38 +0,0 @@ -From e630805d15a3b8d09330353f87a7e4a9fcc9998a Mon Sep 17 00:00:00 2001 -From: Joe MacDonald <joe.macdonald@windriver.com> -Date: Tue, 15 Oct 2013 10:07:43 -0400 -Subject: [PATCH] libselinux: make SOCK_CLOEXEC optional - -libselinux/src/setrans_client.c checks for the existence of SOCK_CLOEXEC -before using it, however libselinux/src/avc_internal.c does not. Since -SOCK_CLOEXEC suffers the same problem as O_CLOEXEC on some older -platforms, we need to ensure we protect the references it it in the same -way. - -Uptream-Status: Inappropriate - -Signed-off-by: Joe MacDonald <joe.macdonald@windriver.com> - ---- - src/avc_internal.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/src/avc_internal.c b/src/avc_internal.c -index 49cecc9..148cc83 100644 ---- a/src/avc_internal.c -+++ b/src/avc_internal.c -@@ -60,7 +60,13 @@ int avc_netlink_open(int blocking) - int len, rc = 0; - struct sockaddr_nl addr; - -- fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_SELINUX); -+ fd = socket(PF_NETLINK, SOCK_RAW -+#ifdef SOCK_CLOEXEC -+ | SOCK_CLOEXEC -+#else -+#warning SOCK_CLOEXEC undefined on this platform, this may leak file descriptors -+#endif -+ , NETLINK_SELINUX); - if (fd < 0) { - rc = fd; - goto out; |