From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id A4DBA1391DB for ; Mon, 17 Mar 2014 08:24:35 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id CA336E0AA4; Mon, 17 Mar 2014 08:24:22 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id EE34CE0AA6 for ; Mon, 17 Mar 2014 08:24:21 +0000 (UTC) Received: from spoonbill.gentoo.org (spoonbill.gentoo.org [81.93.255.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 0716033FBCD for ; Mon, 17 Mar 2014 08:24:21 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by spoonbill.gentoo.org (Postfix) with ESMTP id 35A65188F0 for ; Mon, 17 Mar 2014 08:24:18 +0000 (UTC) From: "Sven Vermeulen" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sven Vermeulen" Message-ID: <1395044365.e51e839b198fb014732315fa4b8398134a31c3a8.swift@gentoo> Subject: [gentoo-commits] proj/hardened-refpolicy:master commit in: / X-VCS-Repository: proj/hardened-refpolicy X-VCS-Files: Rules.modular Rules.monolithic X-VCS-Directories: / X-VCS-Committer: swift X-VCS-Committer-Name: Sven Vermeulen X-VCS-Revision: e51e839b198fb014732315fa4b8398134a31c3a8 X-VCS-Branch: master Date: Mon, 17 Mar 2014 08:24:18 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: e9794c06-7f77-4876-9159-8ce8a4c68406 X-Archives-Hash: d606dce15bbc35b4860d7a89624cd891 commit: e51e839b198fb014732315fa4b8398134a31c3a8 Author: Nicolas Iooss m4x org> AuthorDate: Tue Feb 18 23:26:33 2014 +0000 Commit: Sven Vermeulen gentoo org> CommitDate: Mon Mar 17 08:19:25 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e51e839b Fix parallel build of the policy Before this commit, "make -j2" would execute twice at the same time the rules written to build tmp/all_post.conf because these rules were applied every time tmp/all_post.conf, tmp/all_attrs_types.conf and tmp/only_te_rules.conf needed to be built. However, executing twice in parallel such line is buggy: $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> \ tmpdir)/all_post.conf This is why "make" reports following error for parallel builds: Compiling refpolicy-patched base module /usr/bin/checkmodule -M -U allow base.conf -o tmp/base.mod /usr/bin/checkmodule: loading policy configuration from base.conf policy/modules/kernel/ubac.te":710:ERROR 'syntax error' at token 'fs_use_trans' on line 26520: fs_use_trans devtmpfs system_u:object_r:device_t:s0; /usr/bin/checkmodule: error(s) encountered while parsing configuration make: *** [tmp/base.mod] Error 1 This commit fixes this bug by splitting the rules in 3 different targets, in both monolithic and modular builds. --- Rules.modular | 24 ++++++++++++++---------- Rules.monolithic | 24 ++++++++++++++---------- 2 files changed, 28 insertions(+), 20 deletions(-) diff --git a/Rules.modular b/Rules.modular index 58e94da..2c5f5ff 100644 --- a/Rules.modular +++ b/Rules.modular @@ -157,17 +157,21 @@ $(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf # extract attributes and put them first. extract post te stuff # like genfscon and put last. -$(tmpdir)/all_attrs_types.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf - $(verbose) $(get_type_attr_decl) $(tmpdir)/all_te_files.conf | $(SORT) > $(tmpdir)/all_attrs_types.conf - $(verbose) cat $(tmpdir)/post_te_files.conf > $(tmpdir)/all_post.conf +$(tmpdir)/all_attrs_types.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(get_type_attr_decl) $^ | $(SORT) > $@ + +$(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf + $(verbose) cat $(tmpdir)/post_te_files.conf > $@ # these have to run individually because order matters: - $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(comment_move_decl) $(tmpdir)/all_te_files.conf > $(tmpdir)/only_te_rules.conf + $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $@ || true + +$(tmpdir)/only_te_rules.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(comment_move_decl) $^ > $@ ######################################## # diff --git a/Rules.monolithic b/Rules.monolithic index 7e77c03..b635952 100644 --- a/Rules.monolithic +++ b/Rules.monolithic @@ -144,17 +144,21 @@ $(tmpdir)/post_te_files.conf: $(m4support) $(tmpdir)/generated_definitions.conf # extract attributes and put them first. extract post te stuff # like genfscon and put last. -$(tmpdir)/all_attrs_types.conf $(tmpdir)/only_te_rules.conf $(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf - $(verbose) $(get_type_attr_decl) $(tmpdir)/all_te_files.conf | $(SORT) > $(tmpdir)/all_attrs_types.conf - $(verbose) cat $(tmpdir)/post_te_files.conf > $(tmpdir)/all_post.conf +$(tmpdir)/all_attrs_types.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(get_type_attr_decl) $^ | $(SORT) > $@ + +$(tmpdir)/all_post.conf: $(tmpdir)/all_te_files.conf $(tmpdir)/post_te_files.conf + $(verbose) cat $(tmpdir)/post_te_files.conf > $@ # these have to run individually because order matters: - $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $(tmpdir)/all_post.conf || true - $(verbose) $(comment_move_decl) $(tmpdir)/all_te_files.conf > $(tmpdir)/only_te_rules.conf + $(verbose) $(GREP) '^sid ' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) '^fs_use_(xattr|task|trans)' $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^genfscon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^portcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^netifcon $(tmpdir)/all_te_files.conf >> $@ || true + $(verbose) $(GREP) ^nodecon $(tmpdir)/all_te_files.conf >> $@ || true + +$(tmpdir)/only_te_rules.conf: $(tmpdir)/all_te_files.conf + $(verbose) $(comment_move_decl) $^ > $@ ######################################## #