selinux-policy/backport-Stop-ignoring-standalone-interface-files.patch

From 3a55e3a69bb33261abcd8104d93e0ee83d5da35a Mon Sep 17 00:00:00 2001
From: Vit Mojzis <vmojzis@redhat.com>
Date: Wed, 1 Sep 2021 10:06:44 +0200
Subject: [PATCH] Stop ignoring standalone interface files

Interface files without corresponding .te where ignored, unless the
module name was specified in modules.conf.

Standalone interface files are useful for backwards compatibility in
case a policy module removed from this repository.

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
---
 Makefile      | 4 ++++
 Rules.modular | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index a9dfef1bc1..4a08bba6fa 100644
--- a/Makefile
+++ b/Makefile
@@ -264,6 +264,7 @@ generated_fc := $(basename $(foreach dir,$(all_layers),$(wildcard $(dir)/*.fc.in
 # sort here since it removes duplicates, which can happen
 # when a generated file is already generated
 detected_mods := $(sort $(foreach dir,$(all_layers),$(wildcard $(dir)/*.te)) $(generated_te))
+detected_ifs := $(sort $(foreach dir,$(all_layers),$(wildcard $(dir)/*.if)) $(generated_if))
 
 modxml := $(addprefix $(tmpdir)/, $(detected_mods:.te=.xml))
 layerxml := $(sort $(addprefix $(tmpdir)/, $(notdir $(addsuffix .xml,$(all_layers)))))
@@ -307,6 +308,9 @@ off_mods += $(filter-out $(cmdline_off) $(cmdline_base) $(cmdline_mods), $(mod_c
 # add modules not in modules.conf to the off list
 off_mods += $(filter-out $(base_mods) $(mod_mods) $(off_mods),$(notdir $(detected_mods)))
 
+# all interface files without corresponding .te - backwards compatibility
+standalone_ifs := $(filter-out $(subst .te,.if, $(base_mods) $(mod_mods) $(off_mods)), $(notdir $(detected_ifs)))
+
 # filesystems to be used in labeling targets
 filesystems = $(shell mount | grep -v "context=" | egrep -v '\((|.*,)bind(,.*|)\)' | awk '/(ext[234]|btrfs| xfs| jfs).*rw/{print $$3}';)
 fs_names := "btrfs ext2 ext3 ext4 xfs jfs"
diff --git a/Rules.modular b/Rules.modular
index ad65733e10..258c8b6560 100644
--- a/Rules.modular
+++ b/Rules.modular
@@ -4,7 +4,7 @@
 #
 
 all_modules := $(base_mods) $(mod_mods) $(off_mods)
-all_interfaces := $(all_modules:.te=.if)
+all_interfaces := $(all_modules:.te=.if) $(standalone_ifs)
 
 base_pkg := $(builddir)base.pp
 base_fc := $(builddir)base.fc