From patchwork Tue Apr 8 10:49:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: mark yang X-Patchwork-Id: 60977 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A333EC3600C for ; Tue, 8 Apr 2025 10:50:09 +0000 (UTC) Received: from lgeamrelo11.lge.com (lgeamrelo11.lge.com [156.147.23.51]) by mx.groups.io with SMTP id smtpd.web11.71793.1744109405991326604 for ; Tue, 08 Apr 2025 03:50:06 -0700 Authentication-Results: mx.groups.io; dkim=none (message not signed); spf=pass (domain: lge.com, ip: 156.147.23.51, mailfrom: mark.yang@lge.com) Received: from unknown (HELO lgemrelse7q.lge.com) (156.147.1.151) by 156.147.23.51 with ESMTP; 8 Apr 2025 19:50:03 +0900 X-Original-SENDERIP: 156.147.1.151 X-Original-MAILFROM: mark.yang@lge.com Received: from unknown (HELO markyang..) (10.177.120.37) by 156.147.1.151 with ESMTP; 8 Apr 2025 19:50:03 +0900 X-Original-SENDERIP: 10.177.120.37 X-Original-MAILFROM: mark.yang@lge.com From: mark.yang@lge.com To: openembedded-devel@lists.openembedded.org Cc: "mark.yang" Subject: [meta-oe][PATCH v2] bubblewrap: fix error with gcc-15 Date: Tue, 8 Apr 2025 19:49:54 +0900 Message-Id: <20250408104954.2046888-1-mark.yang@lge.com> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 08 Apr 2025 10:50:09 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/116705 From: "mark.yang" * backport fix from: https://github.com/containers/bubblewrap/pull/660 But patch rework for this version. In gcc 15, bool became a reserved keyword in C23, causing conflicts with our custom bool definition. See also, https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=55e3bd376b2214e200fa76d12b67ff259b06c212 * to fix: http://errors.yoctoproject.org/Errors/Details/851183/ ../bubblewrap-0.10.0/utils.h:46:13: error: 'bool' cannot be defined via 'typedef' 46 | typedef int bool; | ^~~~ Signed-off-by: mark.yang --- v2: Change patch file author .../0001-Use-stdbool.h-for-booleans.patch | 633 ++++++++++++++++++ .../bubblewrap/bubblewrap_0.10.0.bb | 5 +- 2 files changed, 637 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-security/bubblewrap/bubblewrap/0001-Use-stdbool.h-for-booleans.patch diff --git a/meta-oe/recipes-security/bubblewrap/bubblewrap/0001-Use-stdbool.h-for-booleans.patch b/meta-oe/recipes-security/bubblewrap/bubblewrap/0001-Use-stdbool.h-for-booleans.patch new file mode 100644 index 0000000000..2566314ce3 --- /dev/null +++ b/meta-oe/recipes-security/bubblewrap/bubblewrap/0001-Use-stdbool.h-for-booleans.patch @@ -0,0 +1,633 @@ +From 4572dd9378c876349e02403cf7f6031c45281f85 Mon Sep 17 00:00:00 2001 +From: "Simon McVittie" +Date: Tue, 8 Apr 2025 16:29:18 +0900 +Subject: [PATCH] Use stdbool.h for booleans + +* backport fix from: + https://github.com/containers/bubblewrap/pull/660 + But patch rework for this version. + In gcc 15, bool became a reserved keyword in C23, causing conflicts with our custom bool definition. + + See also, https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=55e3bd376b2214e200fa76d12b67ff259b06c212 + +* to fix: + http://errors.yoctoproject.org/Errors/Details/851183/ + ../bubblewrap-0.10.0/utils.h:46:13: error: 'bool' cannot be defined via 'typedef' + 46 | typedef int bool; + | ^~~~ + +Upstream-Status: Backport [https://github.com/containers/bubblewrap/pull/660] +Signed-off-by: mark.yang +--- + bind-mount.c | 20 ++++---- + bubblewrap.c | 134 +++++++++++++++++++++++++-------------------------- + utils.c | 16 +++--- + utils.h | 5 +- + 4 files changed, 86 insertions(+), 89 deletions(-) + +diff --git a/bind-mount.c b/bind-mount.c +index 2757cae..bf7f68d 100644 +--- a/bind-mount.c ++++ b/bind-mount.c +@@ -76,7 +76,7 @@ match_token (const char *token, const char *token_end, const char *str) + if (token == token_end) + return *str == 0; + +- return FALSE; ++ return false; + } + + static unsigned long +@@ -281,12 +281,12 @@ parse_mountinfo (int proc_fd, + die ("Can't parse mountinfo line"); + rest = line + consumed; + +- rest = skip_token (rest, TRUE); /* mountroot */ ++ rest = skip_token (rest, true); /* mountroot */ + mountpoint = rest; +- rest = skip_token (rest, FALSE); /* mountpoint */ ++ rest = skip_token (rest, false); /* mountpoint */ + mountpoint_end = rest++; + options = rest; +- rest = skip_token (rest, FALSE); /* vfs options */ ++ rest = skip_token (rest, false); /* vfs options */ + options_end = rest; + + *mountpoint_end = 0; +@@ -324,7 +324,7 @@ parse_mountinfo (int proc_fd, + MountInfoLine *parent = by_id[this->parent_id]; + MountInfoLine **to_sibling; + MountInfoLine *sibling; +- bool covered = FALSE; ++ bool covered = false; + + if (!has_path_prefix (this->mountpoint, root_mount)) + continue; +@@ -333,7 +333,7 @@ parse_mountinfo (int proc_fd, + continue; + + if (strcmp (parent->mountpoint, this->mountpoint) == 0) +- parent->covered = TRUE; ++ parent->covered = true; + + to_sibling = &parent->first_child; + sibling = parent->first_child; +@@ -344,7 +344,7 @@ parse_mountinfo (int proc_fd, + * covered by the sibling, and we drop it. */ + if (has_path_prefix (this->mountpoint, sibling->mountpoint)) + { +- covered = TRUE; ++ covered = true; + break; + } + +@@ -499,7 +499,7 @@ bind_mount_result_to_string (bind_mount_result res, + bool *want_errno_p) + { + char *string = NULL; +- bool want_errno = TRUE; ++ bool want_errno = true; + + switch (res) + { +@@ -521,7 +521,7 @@ bind_mount_result_to_string (bind_mount_result res, + + case BIND_MOUNT_ERROR_FIND_DEST_MOUNT: + string = xasprintf ("Unable to find \"%s\" in mount table", failing_path); +- want_errno = FALSE; ++ want_errno = false; + break; + + case BIND_MOUNT_ERROR_REMOUNT_DEST: +@@ -557,7 +557,7 @@ die_with_bind_result (bind_mount_result res, + ...) + { + va_list args; +- bool want_errno = TRUE; ++ bool want_errno = true; + char *message; + + fprintf (stderr, "bwrap: "); +diff --git a/bubblewrap.c b/bubblewrap.c +index bc75da4..1504449 100644 +--- a/bubblewrap.c ++++ b/bubblewrap.c +@@ -74,19 +74,19 @@ static bool opt_as_pid_1; + + static const char *opt_argv0 = NULL; + static const char *opt_chdir_path = NULL; +-static bool opt_assert_userns_disabled = FALSE; +-static bool opt_disable_userns = FALSE; +-static bool opt_unshare_user = FALSE; +-static bool opt_unshare_user_try = FALSE; +-static bool opt_unshare_pid = FALSE; +-static bool opt_unshare_ipc = FALSE; +-static bool opt_unshare_net = FALSE; +-static bool opt_unshare_uts = FALSE; +-static bool opt_unshare_cgroup = FALSE; +-static bool opt_unshare_cgroup_try = FALSE; +-static bool opt_needs_devpts = FALSE; +-static bool opt_new_session = FALSE; +-static bool opt_die_with_parent = FALSE; ++static bool opt_assert_userns_disabled = false; ++static bool opt_disable_userns = false; ++static bool opt_unshare_user = false; ++static bool opt_unshare_user_try = false; ++static bool opt_unshare_pid = false; ++static bool opt_unshare_ipc = false; ++static bool opt_unshare_net = false; ++static bool opt_unshare_uts = false; ++static bool opt_unshare_cgroup = false; ++static bool opt_unshare_cgroup_try = false; ++static bool opt_needs_devpts = false; ++static bool opt_new_session = false; ++static bool opt_die_with_parent = false; + static uid_t opt_sandbox_uid = -1; + static gid_t opt_sandbox_gid = -1; + static int opt_sync_fd = -1; +@@ -476,7 +476,7 @@ report_child_exit_status (int exitc, int setup_finished_fd) + return; + + output = xasprintf ("{ \"exit-code\": %i }\n", exitc); +- dump_info (opt_json_status_fd, output, FALSE); ++ dump_info (opt_json_status_fd, output, false); + close (opt_json_status_fd); + opt_json_status_fd = -1; + close (setup_finished_fd); +@@ -621,7 +621,7 @@ do_init (int event_fd, pid_t initial_pid) + + seccomp_programs_apply (); + +- while (TRUE) ++ while (true) + { + pid_t child; + int status; +@@ -765,16 +765,16 @@ prctl_caps (uint32_t *caps, bool do_cap_bounding, bool do_set_ambient) + */ + for (cap = 0; cap <= CAP_LAST_CAP; cap++) + { +- bool keep = FALSE; ++ bool keep = false; + if (cap < 32) + { + if (CAP_TO_MASK_0 (cap) & caps[0]) +- keep = TRUE; ++ keep = true; + } + else + { + if (CAP_TO_MASK_1 (cap) & caps[1]) +- keep = TRUE; ++ keep = true; + } + + if (keep && do_set_ambient) +@@ -803,11 +803,11 @@ static void + drop_cap_bounding_set (bool drop_all) + { + if (!drop_all) +- prctl_caps (requested_caps, TRUE, FALSE); ++ prctl_caps (requested_caps, true, false); + else + { + uint32_t no_caps[2] = {0, 0}; +- prctl_caps (no_caps, TRUE, FALSE); ++ prctl_caps (no_caps, true, false); + } + } + +@@ -816,7 +816,7 @@ set_ambient_capabilities (void) + { + if (is_privileged) + return; +- prctl_caps (requested_caps, FALSE, TRUE); ++ prctl_caps (requested_caps, false, true); + } + + /* This acquires the privileges that the bwrap will need it to work. +@@ -846,7 +846,7 @@ acquire_privs (void) + if (euid != 0) + die ("Unexpected setuid user %d, should be 0", euid); + +- is_privileged = TRUE; ++ is_privileged = true; + /* We want to keep running as euid=0 until at the clone() + * operation because doing so will make the user namespace be + * owned by root, which makes it not ptrace:able by the user as +@@ -867,7 +867,7 @@ acquire_privs (void) + die ("Unable to set fsuid (was %d)", (int)new_fsuid); + + /* We never need capabilities after execve(), so lets drop everything from the bounding set */ +- drop_cap_bounding_set (TRUE); ++ drop_cap_bounding_set (true); + + /* Keep only the required capabilities for setup */ + set_required_caps (); +@@ -904,7 +904,7 @@ switch_to_user_with_privs (void) + { + /* If we're in a new user namespace, we got back the bounding set, clear it again */ + if (opt_unshare_user || opt_userns_fd != -1) +- drop_cap_bounding_set (FALSE); ++ drop_cap_bounding_set (false); + + /* If we switched to a new user namespace it may allow other uids/gids, so switch to the target one */ + if (opt_userns_fd != -1) +@@ -1211,7 +1211,7 @@ setup_newroot (bool unshare_pid, + parent_mode &= ~0005U; + + dest = get_newroot_path (op->dest); +- if (mkdir_with_parents (dest, parent_mode, FALSE) != 0) ++ if (mkdir_with_parents (dest, parent_mode, false) != 0) + die_with_error ("Can't mkdir parents for %s", op->dest); + } + +@@ -1761,7 +1761,7 @@ parse_args_recurse (int *argcp, + } + + data_argv_copy = data_argv; /* Don't change data_argv, we need to free it */ +- parse_args_recurse (&data_argc, &data_argv_copy, TRUE, total_parsed_argc_p); ++ parse_args_recurse (&data_argc, &data_argv_copy, true, total_parsed_argc_p); + + argv += 1; + argc -= 1; +@@ -1786,45 +1786,45 @@ parse_args_recurse (int *argcp, + */ + opt_unshare_user_try = opt_unshare_ipc = opt_unshare_pid = + opt_unshare_uts = opt_unshare_cgroup_try = +- opt_unshare_net = TRUE; ++ opt_unshare_net = true; + } + /* Begin here the older individual --unshare variants */ + else if (strcmp (arg, "--unshare-user") == 0) + { +- opt_unshare_user = TRUE; ++ opt_unshare_user = true; + } + else if (strcmp (arg, "--unshare-user-try") == 0) + { +- opt_unshare_user_try = TRUE; ++ opt_unshare_user_try = true; + } + else if (strcmp (arg, "--unshare-ipc") == 0) + { +- opt_unshare_ipc = TRUE; ++ opt_unshare_ipc = true; + } + else if (strcmp (arg, "--unshare-pid") == 0) + { +- opt_unshare_pid = TRUE; ++ opt_unshare_pid = true; + } + else if (strcmp (arg, "--unshare-net") == 0) + { +- opt_unshare_net = TRUE; ++ opt_unshare_net = true; + } + else if (strcmp (arg, "--unshare-uts") == 0) + { +- opt_unshare_uts = TRUE; ++ opt_unshare_uts = true; + } + else if (strcmp (arg, "--unshare-cgroup") == 0) + { +- opt_unshare_cgroup = TRUE; ++ opt_unshare_cgroup = true; + } + else if (strcmp (arg, "--unshare-cgroup-try") == 0) + { +- opt_unshare_cgroup_try = TRUE; ++ opt_unshare_cgroup_try = true; + } + /* Begin here the newer --share variants */ + else if (strcmp (arg, "--share-net") == 0) + { +- opt_unshare_net = FALSE; ++ opt_unshare_net = false; + } + /* End --share variants, other arguments begin */ + else if (strcmp (arg, "--chdir") == 0) +@@ -1841,11 +1841,11 @@ parse_args_recurse (int *argcp, + } + else if (strcmp (arg, "--disable-userns") == 0) + { +- opt_disable_userns = TRUE; ++ opt_disable_userns = true; + } + else if (strcmp (arg, "--assert-userns-disabled") == 0) + { +- opt_assert_userns_disabled = TRUE; ++ opt_assert_userns_disabled = true; + } + else if (strcmp (arg, "--remount-ro") == 0) + { +@@ -1975,7 +1975,7 @@ parse_args_recurse (int *argcp, + + op = setup_op_new (SETUP_MOUNT_DEV); + op->dest = argv[1]; +- opt_needs_devpts = TRUE; ++ opt_needs_devpts = true; + + argv += 1; + argc -= 1; +@@ -2425,15 +2425,15 @@ parse_args_recurse (int *argcp, + } + else if (strcmp (arg, "--new-session") == 0) + { +- opt_new_session = TRUE; ++ opt_new_session = true; + } + else if (strcmp (arg, "--die-with-parent") == 0) + { +- opt_die_with_parent = TRUE; ++ opt_die_with_parent = true; + } + else if (strcmp (arg, "--as-pid-1") == 0) + { +- opt_as_pid_1 = TRUE; ++ opt_as_pid_1 = true; + } + else if (strcmp (arg, "--cap-add") == 0) + { +@@ -2441,7 +2441,7 @@ parse_args_recurse (int *argcp, + if (argc < 2) + die ("--cap-add takes an argument"); + +- opt_cap_add_or_drop_used = TRUE; ++ opt_cap_add_or_drop_used = true; + + if (strcasecmp (argv[1], "ALL") == 0) + { +@@ -2467,7 +2467,7 @@ parse_args_recurse (int *argcp, + if (argc < 2) + die ("--cap-drop takes an argument"); + +- opt_cap_add_or_drop_used = TRUE; ++ opt_cap_add_or_drop_used = true; + + if (strcasecmp (argv[1], "ALL") == 0) + { +@@ -2610,7 +2610,7 @@ parse_args (int *argcp, + { + int total_parsed_argc = *argcp; + +- parse_args_recurse (argcp, argvp, FALSE, &total_parsed_argc); ++ parse_args_recurse (argcp, argvp, false, &total_parsed_argc); + } + + static void +@@ -2656,7 +2656,7 @@ namespace_ids_read (pid_t pid) + int r; + + /* if we don't unshare this ns, ignore it */ +- if (do_unshare && *do_unshare == FALSE) ++ if (do_unshare && *do_unshare == false) + continue; + + r = fstatat (ns_fd, info->name, &st, 0); +@@ -2691,7 +2691,7 @@ namespace_ids_write (int fd, + output = xasprintf (",%s\"%s-namespace\": %ju", + indent, info->name, nsid); + +- dump_info (fd, output, TRUE); ++ dump_info (fd, output, true); + } + } + +@@ -2799,18 +2799,18 @@ main (int argc, + /* We have to do this if we weren't installed setuid (and we're not + * root), so let's just DWIM */ + if (!is_privileged && getuid () != 0 && opt_userns_fd == -1) +- opt_unshare_user = TRUE; ++ opt_unshare_user = true; + + #ifdef ENABLE_REQUIRE_USERNS + /* In this build option, we require userns. */ + if (is_privileged && getuid () != 0 && opt_userns_fd == -1) +- opt_unshare_user = TRUE; ++ opt_unshare_user = true; + #endif + + if (opt_unshare_user_try && + stat ("/proc/self/ns/user", &sbuf) == 0) + { +- bool disabled = FALSE; ++ bool disabled = false; + + /* RHEL7 has a kernel module parameter that lets you enable user namespaces */ + if (stat ("/sys/module/user_namespace/parameters/enable", &sbuf) == 0) +@@ -2818,7 +2818,7 @@ main (int argc, + cleanup_free char *enable = NULL; + enable = load_file_at (AT_FDCWD, "/sys/module/user_namespace/parameters/enable"); + if (enable != NULL && enable[0] == 'N') +- disabled = TRUE; ++ disabled = true; + } + + /* Check for max_user_namespaces */ +@@ -2827,7 +2827,7 @@ main (int argc, + cleanup_free char *max_user_ns = NULL; + max_user_ns = load_file_at (AT_FDCWD, "/proc/sys/user/max_user_namespaces"); + if (max_user_ns != NULL && strcmp(max_user_ns, "0\n") == 0) +- disabled = TRUE; ++ disabled = true; + } + + /* Debian lets you disable *unprivileged* user namespaces. However this is not +@@ -2835,7 +2835,7 @@ main (int argc, + already, and there is not much we can do, its just a non-working setup. */ + + if (!disabled) +- opt_unshare_user = TRUE; ++ opt_unshare_user = true; + } + + if (argc <= 0) +@@ -2993,7 +2993,7 @@ main (int argc, + */ + write_uid_gid_map (ns_uid, real_uid, + ns_gid, real_gid, +- pid, TRUE, opt_needs_devpts); ++ pid, true, opt_needs_devpts); + } + + /* Initial launched process, wait for pid 1 or exec:ed command to exit */ +@@ -3002,7 +3002,7 @@ main (int argc, + die_with_error ("Setting userns2 failed"); + + /* We don't need any privileges in the launcher, drop them immediately. */ +- drop_privs (FALSE, FALSE); ++ drop_privs (false, false); + + /* Optionally bind our lifecycle to that of the parent */ + handle_die_with_parent (); +@@ -3010,17 +3010,17 @@ main (int argc, + if (opt_info_fd != -1) + { + cleanup_free char *output = xasprintf ("{\n \"child-pid\": %i", pid); +- dump_info (opt_info_fd, output, TRUE); +- namespace_ids_write (opt_info_fd, FALSE); +- dump_info (opt_info_fd, "\n}\n", TRUE); ++ dump_info (opt_info_fd, output, true); ++ namespace_ids_write (opt_info_fd, false); ++ dump_info (opt_info_fd, "\n}\n", true); + close (opt_info_fd); + } + if (opt_json_status_fd != -1) + { + cleanup_free char *output = xasprintf ("{ \"child-pid\": %i", pid); +- dump_info (opt_json_status_fd, output, TRUE); +- namespace_ids_write (opt_json_status_fd, TRUE); +- dump_info (opt_json_status_fd, " }\n", TRUE); ++ dump_info (opt_json_status_fd, output, true); ++ namespace_ids_write (opt_json_status_fd, true); ++ dump_info (opt_json_status_fd, " }\n", true); + } + + if (opt_userns_block_fd != -1) +@@ -3116,7 +3116,7 @@ main (int argc, + + write_uid_gid_map (ns_uid, real_uid, + ns_gid, real_gid, +- -1, TRUE, FALSE); ++ -1, true, false); + } + + old_umask = umask (0); +@@ -3177,7 +3177,7 @@ main (int argc, + if (child == 0) + { + /* Unprivileged setup process */ +- drop_privs (FALSE, TRUE); ++ drop_privs (false, true); + close (privsep_sockets[0]); + setup_newroot (opt_unshare_pid, privsep_sockets[1]); + exit (0); +@@ -3289,11 +3289,11 @@ main (int argc, + die_with_error ("unshare user ns"); + + /* We're in a new user namespace, we got back the bounding set, clear it again */ +- drop_cap_bounding_set (FALSE); ++ drop_cap_bounding_set (false); + + write_uid_gid_map (opt_sandbox_uid, ns_uid, + opt_sandbox_gid, ns_gid, +- -1, FALSE, FALSE); ++ -1, false, false); + } + + if (opt_disable_userns || opt_assert_userns_disabled) +@@ -3306,7 +3306,7 @@ main (int argc, + } + + /* All privileged ops are done now, so drop caps we don't need */ +- drop_privs (!is_privileged, TRUE); ++ drop_privs (!is_privileged, true); + + if (opt_block_fd != -1) + { +@@ -3370,7 +3370,7 @@ main (int argc, + + if (pid != 0) + { +- drop_all_caps (FALSE); ++ drop_all_caps (false); + + /* Close fds in pid 1, except stdio and optionally event_fd + (for syncing pid 2 lifetime with monitor_child) and +diff --git a/utils.c b/utils.c +index 43c8d79..7c562b1 100644 +--- a/utils.c ++++ b/utils.c +@@ -206,7 +206,7 @@ bool + has_path_prefix (const char *str, + const char *prefix) + { +- while (TRUE) ++ while (true) + { + /* Skip consecutive slashes to reach next path + element */ +@@ -217,13 +217,13 @@ has_path_prefix (const char *str, + + /* No more prefix path elements? Done! */ + if (*prefix == 0) +- return TRUE; ++ return true; + + /* Compare path element */ + while (*prefix != 0 && *prefix != '/') + { + if (*str != *prefix) +- return FALSE; ++ return false; + str++; + prefix++; + } +@@ -231,7 +231,7 @@ has_path_prefix (const char *str, + /* Matched prefix path element, + must be entire str path element */ + if (*str != '/' && *str != 0) +- return FALSE; ++ return false; + } + } + +@@ -239,7 +239,7 @@ bool + path_equal (const char *path1, + const char *path2) + { +- while (TRUE) ++ while (true) + { + /* Skip consecutive slashes to reach next path + element */ +@@ -256,14 +256,14 @@ path_equal (const char *path1, + while (*path1 != 0 && *path1 != '/') + { + if (*path1 != *path2) +- return FALSE; ++ return false; + path1++; + path2++; + } + + /* Matched path1 path element, must be entire path element */ + if (*path2 != '/' && *path2 != 0) +- return FALSE; ++ return false; + } + } + +@@ -526,7 +526,7 @@ copy_file_data (int sfd, + char buffer[BUFSIZE]; + ssize_t bytes_read; + +- while (TRUE) ++ while (true) + { + bytes_read = read (sfd, buffer, BUFSIZE); + if (bytes_read == -1) +diff --git a/utils.h b/utils.h +index 9f17297..2c37ccb 100644 +--- a/utils.h ++++ b/utils.h +@@ -24,6 +24,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -41,10 +42,6 @@ + + #define N_ELEMENTS(arr) (sizeof (arr) / sizeof ((arr)[0])) + +-#define TRUE 1 +-#define FALSE 0 +-typedef int bool; +- + #define PIPE_READ_END 0 + #define PIPE_WRITE_END 1 + diff --git a/meta-oe/recipes-security/bubblewrap/bubblewrap_0.10.0.bb b/meta-oe/recipes-security/bubblewrap/bubblewrap_0.10.0.bb index 60155e035b..41ab0cfc32 100644 --- a/meta-oe/recipes-security/bubblewrap/bubblewrap_0.10.0.bb +++ b/meta-oe/recipes-security/bubblewrap/bubblewrap_0.10.0.bb @@ -5,7 +5,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" DEPENDS = "libcap" -SRC_URI = "https://github.com/containers/${BPN}/releases/download/v${PV}/${BP}.tar.xz" +SRC_URI = " \ + https://github.com/containers/${BPN}/releases/download/v${PV}/${BP}.tar.xz \ + file://0001-Use-stdbool.h-for-booleans.patch \ +" SRC_URI[sha256sum] = "65d92cf44a63a51e1b7771f70c05013dce5bd6b0b2841c4b4be54b0c45565471" inherit autotools bash-completion github-releases manpages pkgconfig