[PATCH] selinux-h: add stubs for selabel_open etc.

[Paul Eggert]

Coreutils with --enable-gcc-warnings does not build on Ubuntu 20.10
because matchpathcon is deprecated in favor of selabel_open etc.,
so this patch adds stubs for these functions.
* lib/se-label.c, lib/se-label.in.h, m4/selinux-label-h.m4: New files.
* lib/se-selinux.in.h (struct selinux_opt): Add incomplete decl,
as it is needed for selabel_open and selinux/selinux.h declares
this type here.
* modules/selinux-h (Files): Add the new files.
(configure.ac): Add gl_HEADERS_SELINUX_LABEL_H.
(lib_SOURCES): Add se-label.in.h, se-label.c.
(BUILT_SOURCES): Add $(SELINUX_LABEL_H).
(selinux/label.h): New rule, mimicking selinux/context.h.
(MOSTLYCLEANFILES): Add selinux/label.h, selinux/label.h-t.
(Include): Add selinux/label.h.
---
 ChangeLog             | 18 +++++++++++++
 lib/se-label.c        |  3 +++
 lib/se-label.in.h     | 59 +++++++++++++++++++++++++++++++++++++++++++
 lib/se-selinux.in.h   |  1 +
 m4/selinux-label-h.m4 | 19 ++++++++++++++
 modules/selinux-h     | 26 ++++++++++++++++++-
 6 files changed, 125 insertions(+), 1 deletion(-)
 create mode 100644 lib/se-label.c
 create mode 100644 lib/se-label.in.h
 create mode 100644 m4/selinux-label-h.m4

diff --git a/ChangeLog b/ChangeLog
index 3f2ed9bc3..745a90097 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,21 @@
+2020-11-21  Paul Eggert  <eggert@cs.ucla.edu>
+
+       selinux-h: add stubs for selabel_open etc.
+       Coreutils with --enable-gcc-warnings does not build on Ubuntu 20.10
+       because matchpathcon is deprecated in favor of selabel_open etc.,
+       so this patch adds stubs for these functions.
+       * lib/se-label.c, lib/se-label.in.h, m4/selinux-label-h.m4: New files.
+       * lib/se-selinux.in.h (struct selinux_opt): Add incomplete decl,
+       as it is needed for selabel_open and selinux/selinux.h declares
+       this type here.
+       * modules/selinux-h (Files): Add the new files.
+       (configure.ac): Add gl_HEADERS_SELINUX_LABEL_H.
+       (lib_SOURCES): Add se-label.in.h, se-label.c.
+       (BUILT_SOURCES): Add $(SELINUX_LABEL_H).
+       (selinux/label.h): New rule, mimicking selinux/context.h.
+       (MOSTLYCLEANFILES): Add selinux/label.h, selinux/label.h-t.
+       (Include): Add selinux/label.h.
+
 2020-11-21  Bruno Haible  <bruno@clisp.org>
 
        Update after 'test-driver' in Automake changed.
diff --git a/lib/se-label.c b/lib/se-label.c
new file mode 100644
index 000000000..16d706fd8
--- /dev/null
+++ b/lib/se-label.c
@@ -0,0 +1,3 @@
+#include <config.h>
+#define SE_LABEL_INLINE _GL_EXTERN_INLINE
+#include <selinux/label.h>
diff --git a/lib/se-label.in.h b/lib/se-label.in.h
new file mode 100644
index 000000000..405e77401
--- /dev/null
+++ b/lib/se-label.in.h
@@ -0,0 +1,59 @@
+/* Replacement <selinux/label.h> for platforms that lack it.
+   Copyright 2020 Free Software Foundation, Inc.
+
+   This program is free software: you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 3 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
+
+/* Written by Paul Eggert.  */
+
+#ifndef SELINUX_LABEL_H
+
+#define SELINUX_LABEL_H
+
+#include <selinux/selinux.h>
+#include <errno.h>
+
+#ifndef _GL_INLINE_HEADER_BEGIN
+ #error "Please include config.h first."
+#endif
+_GL_INLINE_HEADER_BEGIN
+#ifndef SE_LABEL_INLINE
+# define SE_LABEL_INLINE _GL_INLINE
+#endif
+
+/* The definition of _GL_UNUSED_PARAMETER is copied here.  */
+
+#define SELABEL_CTX_FILE 0
+
+struct selabel_handle;
+
+SE_LABEL_INLINE int
+selabel_lookup (struct selabel_handle *hnd _GL_UNUSED_PARAMETER,
+                char **context _GL_UNUSED_PARAMETER,
+                char const *key _GL_UNUSED_PARAMETER,
+                int type _GL_UNUSED_PARAMETER)
+{ errno = ENOTSUP; return -1; }
+
+SE_LABEL_INLINE struct selabel_handle *
+selabel_open (int backend _GL_UNUSED_PARAMETER,
+              struct selinux_opt *options _GL_UNUSED_PARAMETER,
+              unsigned nopt _GL_UNUSED_PARAMETER)
+{ errno = ENOTSUP; return 0; }
+
+SE_LABEL_INLINE void
+selabel_close (struct selabel_handle *hnd _GL_UNUSED_PARAMETER)
+{ errno = ENOTSUP; }
+
+_GL_INLINE_HEADER_END
+
+#endif
diff --git a/lib/se-selinux.in.h b/lib/se-selinux.in.h
index 022596bb8..a6c194aa0 100644
--- a/lib/se-selinux.in.h
+++ b/lib/se-selinux.in.h
@@ -43,6 +43,7 @@ _GL_INLINE_HEADER_BEGIN
 #  if !GNULIB_defined_security_types
 
 typedef unsigned short security_class_t;
+struct selinux_opt;
 #   define is_selinux_enabled() 0
 
 SE_SELINUX_INLINE int
diff --git a/m4/selinux-label-h.m4 b/m4/selinux-label-h.m4
new file mode 100644
index 000000000..340c014c0
--- /dev/null
+++ b/m4/selinux-label-h.m4
@@ -0,0 +1,19 @@
+# Copyright 2020 Free Software Foundation, Inc.
+# This file is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# From Paul Eggert
+# Provide <selinux/label.h>, if necessary.
+
+AC_DEFUN([gl_HEADERS_SELINUX_LABEL_H],
+[
+  AC_REQUIRE([gl_LIBSELINUX])
+  SELINUX_LABEL_H=selinux/label.h
+  if test "$with_selinux" != no; then
+    AC_CHECK_HEADERS([selinux/label.h],
+                     [SELINUX_LABEL_H=])
+  fi
+  AC_SUBST([SELINUX_LABEL_H])
+  AM_CONDITIONAL([GL_GENERATE_SELINUX_LABEL_H], [test -n "$SELINUX_LABEL_H"])
+])
diff --git a/modules/selinux-h b/modules/selinux-h
index e074e673f..26face8a7 100644
--- a/modules/selinux-h
+++ b/modules/selinux-h
@@ -4,10 +4,13 @@ SELinux-related headers for systems that lack them.
 Files:
 lib/getfilecon.c
 lib/se-context.in.h
+lib/se-label.in.h
 lib/se-selinux.in.h
 lib/se-context.c
+lib/se-label.c
 lib/se-selinux.c
 m4/selinux-context-h.m4
+m4/selinux-label-h.m4
 m4/selinux-selinux-h.m4
 
 Depends-on:
@@ -18,12 +21,14 @@ snippet/unused-parameter
 configure.ac:
 gl_HEADERS_SELINUX_SELINUX_H
 gl_HEADERS_SELINUX_CONTEXT_H
+gl_HEADERS_SELINUX_LABEL_H
 if test "$with_selinux" != no && test "$ac_cv_header_selinux_selinux_h" = yes; 
then
   AC_LIBOBJ([getfilecon])
 fi
 
 Makefile.am:
-lib_SOURCES += se-context.in.h se-selinux.in.h se-context.c se-selinux.c
+lib_SOURCES += se-context.in.h se-label.in.h se-selinux.in.h \
+  se-context.c se-label.c se-selinux.c
 
 BUILT_SOURCES += selinux/selinux.h
 selinux/selinux.h: se-selinux.in.h $(top_builddir)/config.status 
$(UNUSED_PARAMETER_H)
@@ -58,11 +63,30 @@ selinux/context.h: $(top_builddir)/config.status
        rm -f $@
 endif
 MOSTLYCLEANFILES += selinux/context.h selinux/context.h-t
+
+BUILT_SOURCES += $(SELINUX_LABEL_H)
+if GL_GENERATE_SELINUX_LABEL_H
+selinux/label.h: se-label.in.h $(top_builddir)/config.status 
$(UNUSED_PARAMETER_H)
+       $(AM_V_at)$(MKDIR_P) selinux
+       $(AM_V_GEN)rm -f $@-t $@ && \
+       { echo '/* DO NOT EDIT! GENERATED AUTOMATICALLY! */' && \
+         sed -e '/definition of _GL_UNUSED_PARAMETER/r $(UNUSED_PARAMETER_H)' \
+             < $(srcdir)/se-label.in.h; \
+       } > $@-t && \
+       chmod a-x $@-t && \
+       mv $@-t $@
+else
+selinux/label.h: $(top_builddir)/config.status
+       rm -f $@
+endif
+MOSTLYCLEANFILES += selinux/label.h selinux/label.h-t
+
 MOSTLYCLEANDIRS += selinux
 
 Include:
 <selinux/selinux.h>
 <selinux/context.h>
+<selinux/label.h>
 
 Link:
 $(LIB_SELINUX)
-- 
2.27.0