* linux-next: build failure after merge of the security-testing tree
@ 2010-08-02 2:16 Stephen Rothwell
2010-08-03 0:04 ` John Johansen
2010-08-03 2:40 ` linux-next: Fix AppArmor build warnings " John Johansen
0 siblings, 2 replies; 20+ messages in thread
From: Stephen Rothwell @ 2010-08-02 2:16 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, John Johansen, Rusty Russell
Hi James,
After merging the security-testing tree, today's linux-next build (x86_64
allmodconfig) failed like this (also some warnings ...):
security/apparmor/ipc.c: In function 'aa_ptrace':
security/apparmor/ipc.c:103: warning: initialization discards qualifiers from pointer target type
security/apparmor/domain.c: In function 'may_change_ptraced_domain':
security/apparmor/domain.c:73: warning: assignment discards qualifiers from pointer target type
security/apparmor/lsm.c:701: error: 'param_ops_aabool' undeclared here (not in a function)
security/apparmor/lsm.c:721: error: 'param_ops_aalockpolicy' undeclared here (not in a function)
security/apparmor/lsm.c:729: error: 'param_ops_aauint' undeclared here (not in a function)
Error caused by commit e0500000b50a50ec8cc9967001f3ed201b83cb36
("AppArmor: LSM interface, and security module initialization")
interacting with commit 0685652df0929cec7d78efa85127f6eb34962132
("param:param_ops") from the rr tree.
I applied the following merge fix patch:
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 2 Aug 2010 12:00:43 +1000
Subject: [PATCH] AppArmor: update for module_param_named API change
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
security/apparmor/lsm.c | 36 ++++++++++++++++++++++++------------
1 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 8db33a8..d5666d3 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -667,17 +667,29 @@ static struct security_operations apparmor_ops = {
* AppArmor sysfs module parameters
*/
-static int param_set_aabool(const char *val, struct kernel_param *kp);
-static int param_get_aabool(char *buffer, struct kernel_param *kp);
+static int param_set_aabool(const char *val, const struct kernel_param *kp);
+static int param_get_aabool(char *buffer, const struct kernel_param *kp);
#define param_check_aabool(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aabool = {
+ .set = param_set_aabool,
+ .get = param_get_aabool
+};
-static int param_set_aauint(const char *val, struct kernel_param *kp);
-static int param_get_aauint(char *buffer, struct kernel_param *kp);
+static int param_set_aauint(const char *val, const struct kernel_param *kp);
+static int param_get_aauint(char *buffer, const struct kernel_param *kp);
#define param_check_aauint(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aauint = {
+ .set = param_set_aauint,
+ .get = param_get_aauint
+};
-static int param_set_aalockpolicy(const char *val, struct kernel_param *kp);
-static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp);
+static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp);
+static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp);
#define param_check_aalockpolicy(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aalockpolicy = {
+ .set = param_set_aalockpolicy,
+ .get = param_get_aalockpolicy
+};
static int param_set_audit(const char *val, struct kernel_param *kp);
static int param_get_audit(char *buffer, struct kernel_param *kp);
@@ -751,7 +763,7 @@ static int __init apparmor_enabled_setup(char *str)
__setup("apparmor=", apparmor_enabled_setup);
/* set global flag turning off the ability to load policy */
-static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
+static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
@@ -760,35 +772,35 @@ static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
return param_set_bool(val, kp);
}
-static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp)
+static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_get_bool(buffer, kp);
}
-static int param_set_aabool(const char *val, struct kernel_param *kp)
+static int param_set_aabool(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_set_bool(val, kp);
}
-static int param_get_aabool(char *buffer, struct kernel_param *kp)
+static int param_get_aabool(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_get_bool(buffer, kp);
}
-static int param_set_aauint(const char *val, struct kernel_param *kp)
+static int param_set_aauint(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_set_uint(val, kp);
}
-static int param_get_aauint(char *buffer, struct kernel_param *kp)
+static int param_get_aauint(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
--
1.7.1
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-08-02 2:16 linux-next: build failure after merge of the security-testing tree Stephen Rothwell
@ 2010-08-03 0:04 ` John Johansen
2010-08-05 1:37 ` Stephen Rothwell
2010-08-03 2:40 ` linux-next: Fix AppArmor build warnings " John Johansen
1 sibling, 1 reply; 20+ messages in thread
From: John Johansen @ 2010-08-03 0:04 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: James Morris, linux-next, linux-kernel, Rusty Russell
On 08/01/2010 07:16 PM, Stephen Rothwell wrote:
> Hi James,
>
> After merging the security-testing tree, today's linux-next build (x86_64
> allmodconfig) failed like this (also some warnings ...):
>
> security/apparmor/ipc.c: In function 'aa_ptrace':
> security/apparmor/ipc.c:103: warning: initialization discards qualifiers from pointer target type
> security/apparmor/domain.c: In function 'may_change_ptraced_domain':
> security/apparmor/domain.c:73: warning: assignment discards qualifiers from pointer target type
> security/apparmor/lsm.c:701: error: 'param_ops_aabool' undeclared here (not in a function)
> security/apparmor/lsm.c:721: error: 'param_ops_aalockpolicy' undeclared here (not in a function)
> security/apparmor/lsm.c:729: error: 'param_ops_aauint' undeclared here (not in a function)
>
> Error caused by commit e0500000b50a50ec8cc9967001f3ed201b83cb36
> ("AppArmor: LSM interface, and security module initialization")
> interacting with commit 0685652df0929cec7d78efa85127f6eb34962132
> ("param:param_ops") from the rr tree.
>
> I applied the following merge fix patch:
>
> From: Stephen Rothwell <sfr@canb.auug.org.au>
> Date: Mon, 2 Aug 2010 12:00:43 +1000
> Subject: [PATCH] AppArmor: update for module_param_named API change
>
> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
looks good, thanks Stephen
Signed-off-by: John Johansen <john.johansen@canonical.com>
> ---
> security/apparmor/lsm.c | 36 ++++++++++++++++++++++++------------
> 1 files changed, 24 insertions(+), 12 deletions(-)
>
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index 8db33a8..d5666d3 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -667,17 +667,29 @@ static struct security_operations apparmor_ops = {
> * AppArmor sysfs module parameters
> */
>
> -static int param_set_aabool(const char *val, struct kernel_param *kp);
> -static int param_get_aabool(char *buffer, struct kernel_param *kp);
> +static int param_set_aabool(const char *val, const struct kernel_param *kp);
> +static int param_get_aabool(char *buffer, const struct kernel_param *kp);
> #define param_check_aabool(name, p) __param_check(name, p, int)
> +static struct kernel_param_ops param_ops_aabool = {
> + .set = param_set_aabool,
> + .get = param_get_aabool
> +};
>
> -static int param_set_aauint(const char *val, struct kernel_param *kp);
> -static int param_get_aauint(char *buffer, struct kernel_param *kp);
> +static int param_set_aauint(const char *val, const struct kernel_param *kp);
> +static int param_get_aauint(char *buffer, const struct kernel_param *kp);
> #define param_check_aauint(name, p) __param_check(name, p, int)
> +static struct kernel_param_ops param_ops_aauint = {
> + .set = param_set_aauint,
> + .get = param_get_aauint
> +};
>
> -static int param_set_aalockpolicy(const char *val, struct kernel_param *kp);
> -static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp);
> +static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp);
> +static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp);
> #define param_check_aalockpolicy(name, p) __param_check(name, p, int)
> +static struct kernel_param_ops param_ops_aalockpolicy = {
> + .set = param_set_aalockpolicy,
> + .get = param_get_aalockpolicy
> +};
>
> static int param_set_audit(const char *val, struct kernel_param *kp);
> static int param_get_audit(char *buffer, struct kernel_param *kp);
> @@ -751,7 +763,7 @@ static int __init apparmor_enabled_setup(char *str)
> __setup("apparmor=", apparmor_enabled_setup);
>
> /* set global flag turning off the ability to load policy */
> -static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
> +static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
> @@ -760,35 +772,35 @@ static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
> return param_set_bool(val, kp);
> }
>
> -static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp)
> +static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
> return param_get_bool(buffer, kp);
> }
>
> -static int param_set_aabool(const char *val, struct kernel_param *kp)
> +static int param_set_aabool(const char *val, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
> return param_set_bool(val, kp);
> }
>
> -static int param_get_aabool(char *buffer, struct kernel_param *kp)
> +static int param_get_aabool(char *buffer, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
> return param_get_bool(buffer, kp);
> }
>
> -static int param_set_aauint(const char *val, struct kernel_param *kp)
> +static int param_set_aauint(const char *val, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
> return param_set_uint(val, kp);
> }
>
> -static int param_get_aauint(char *buffer, struct kernel_param *kp)
> +static int param_get_aauint(char *buffer, const struct kernel_param *kp)
> {
> if (!capable(CAP_MAC_ADMIN))
> return -EPERM;
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: Fix AppArmor build warnings after merge of the security-testing tree
2010-08-02 2:16 linux-next: build failure after merge of the security-testing tree Stephen Rothwell
2010-08-03 0:04 ` John Johansen
@ 2010-08-03 2:40 ` John Johansen
2010-08-18 0:56 ` Stephen Rothwell
1 sibling, 1 reply; 20+ messages in thread
From: John Johansen @ 2010-08-03 2:40 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: James Morris, linux-next, linux-kernel, Rusty Russell
Hi Stephen,
the follow patch fixes the AppArmor build warnings from the security-next tree merge
From: John Johansen <john.johansen@canonical.com>
Date: Mon, 2 Aug 2010 19:31:57 -0700
Subject: [PATCH] AppArmor: Fix build warnings from linux-next merge
Patch AppArmor to fix build warnings for changes that exist in the
linux-next tree.
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
security/apparmor/domain.c | 2 +-
security/apparmor/ipc.c | 2 +-
security/apparmor/lsm.c | 4 +++-
3 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 08bbe63..c825c6e 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -62,7 +62,7 @@ static int may_change_ptraced_domain(struct task_struct *task,
struct aa_profile *to_profile)
{
struct task_struct *tracer;
- struct cred *cred = NULL;
+ const struct cred *cred = NULL;
struct aa_profile *tracerp = NULL;
int error = 0;
diff --git a/security/apparmor/ipc.c b/security/apparmor/ipc.c
index 9013a78..649fad8 100644
--- a/security/apparmor/ipc.c
+++ b/security/apparmor/ipc.c
@@ -100,7 +100,7 @@ int aa_ptrace(struct task_struct *tracer, struct task_struct *tracee,
if (!unconfined(tracer_p)) {
/* lcred released below */
- struct cred *lcred = get_task_cred(tracee);
+ const struct cred *lcred = get_task_cred(tracee);
struct aa_profile *tracee_p = aa_cred_profile(lcred);
error = aa_may_ptrace(tracer, tracer_p, tracee_p, mode);
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index d5666d3..f56978a 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -607,9 +607,11 @@ static int apparmor_setprocattr(struct task_struct *task, char *name,
return error;
}
-static int apparmor_task_setrlimit(unsigned int resource,
+static int apparmor_task_setrlimit(struct task_struct *tsk,
+ unsigned int resource,
struct rlimit *new_rlim)
{
+ /* Use current profile instead of profile on @tsk */
struct aa_profile *profile = aa_current_profile();
int error = 0;
--
1.7.0.4
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-08-03 0:04 ` John Johansen
@ 2010-08-05 1:37 ` Stephen Rothwell
0 siblings, 0 replies; 20+ messages in thread
From: Stephen Rothwell @ 2010-08-05 1:37 UTC (permalink / raw)
To: Rusty Russell; +Cc: John Johansen, James Morris, linux-next, linux-kernel
Hi Rusty,
On Mon, 02 Aug 2010 17:04:28 -0700 John Johansen <john.johansen@canonical.com> wrote:
>
> On 08/01/2010 07:16 PM, Stephen Rothwell wrote:
> >
> > After merging the security-testing tree, today's linux-next build (x86_64
> > allmodconfig) failed like this (also some warnings ...):
> >
> > security/apparmor/ipc.c: In function 'aa_ptrace':
> > security/apparmor/ipc.c:103: warning: initialization discards qualifiers from pointer target type
> > security/apparmor/domain.c: In function 'may_change_ptraced_domain':
> > security/apparmor/domain.c:73: warning: assignment discards qualifiers from pointer target type
> > security/apparmor/lsm.c:701: error: 'param_ops_aabool' undeclared here (not in a function)
> > security/apparmor/lsm.c:721: error: 'param_ops_aalockpolicy' undeclared here (not in a function)
> > security/apparmor/lsm.c:729: error: 'param_ops_aauint' undeclared here (not in a function)
> >
> > Error caused by commit e0500000b50a50ec8cc9967001f3ed201b83cb36
> > ("AppArmor: LSM interface, and security module initialization")
> > interacting with commit 0685652df0929cec7d78efa85127f6eb34962132
> > ("param:param_ops") from the rr tree.
> >
> > I applied the following merge fix patch:
> >
> > From: Stephen Rothwell <sfr@canb.auug.org.au>
> > Date: Mon, 2 Aug 2010 12:00:43 +1000
> > Subject: [PATCH] AppArmor: update for module_param_named API change
> >
> > Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
> looks good, thanks Stephen
>
> Signed-off-by: John Johansen <john.johansen@canonical.com>
The security-testing tree has been merged by Linus, so this patch can now
be added to the rr tree.
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 2 Aug 2010 12:00:43 +1000
Subject: [PATCH] AppArmor: update for module_param_named API change
Fixes these build errors:
security/apparmor/lsm.c:701: error: 'param_ops_aabool' undeclared here (not in a function)
security/apparmor/lsm.c:721: error: 'param_ops_aalockpolicy' undeclared here (not in a function)
security/apparmor/lsm.c:729: error: 'param_ops_aauint' undeclared here (not in a function)
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
security/apparmor/lsm.c | 36 ++++++++++++++++++++++++------------
1 files changed, 24 insertions(+), 12 deletions(-)
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 8db33a8..d5666d3 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -667,17 +667,29 @@ static struct security_operations apparmor_ops = {
* AppArmor sysfs module parameters
*/
-static int param_set_aabool(const char *val, struct kernel_param *kp);
-static int param_get_aabool(char *buffer, struct kernel_param *kp);
+static int param_set_aabool(const char *val, const struct kernel_param *kp);
+static int param_get_aabool(char *buffer, const struct kernel_param *kp);
#define param_check_aabool(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aabool = {
+ .set = param_set_aabool,
+ .get = param_get_aabool
+};
-static int param_set_aauint(const char *val, struct kernel_param *kp);
-static int param_get_aauint(char *buffer, struct kernel_param *kp);
+static int param_set_aauint(const char *val, const struct kernel_param *kp);
+static int param_get_aauint(char *buffer, const struct kernel_param *kp);
#define param_check_aauint(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aauint = {
+ .set = param_set_aauint,
+ .get = param_get_aauint
+};
-static int param_set_aalockpolicy(const char *val, struct kernel_param *kp);
-static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp);
+static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp);
+static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp);
#define param_check_aalockpolicy(name, p) __param_check(name, p, int)
+static struct kernel_param_ops param_ops_aalockpolicy = {
+ .set = param_set_aalockpolicy,
+ .get = param_get_aalockpolicy
+};
static int param_set_audit(const char *val, struct kernel_param *kp);
static int param_get_audit(char *buffer, struct kernel_param *kp);
@@ -751,7 +763,7 @@ static int __init apparmor_enabled_setup(char *str)
__setup("apparmor=", apparmor_enabled_setup);
/* set global flag turning off the ability to load policy */
-static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
+static int param_set_aalockpolicy(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
@@ -760,35 +772,35 @@ static int param_set_aalockpolicy(const char *val, struct kernel_param *kp)
return param_set_bool(val, kp);
}
-static int param_get_aalockpolicy(char *buffer, struct kernel_param *kp)
+static int param_get_aalockpolicy(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_get_bool(buffer, kp);
}
-static int param_set_aabool(const char *val, struct kernel_param *kp)
+static int param_set_aabool(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_set_bool(val, kp);
}
-static int param_get_aabool(char *buffer, struct kernel_param *kp)
+static int param_get_aabool(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_get_bool(buffer, kp);
}
-static int param_set_aauint(const char *val, struct kernel_param *kp)
+static int param_set_aauint(const char *val, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
return param_set_uint(val, kp);
}
-static int param_get_aauint(char *buffer, struct kernel_param *kp)
+static int param_get_aauint(char *buffer, const struct kernel_param *kp)
{
if (!capable(CAP_MAC_ADMIN))
return -EPERM;
--
1.7.1
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
^ permalink raw reply related [flat|nested] 20+ messages in thread
* Re: linux-next: Fix AppArmor build warnings after merge of the security-testing tree
2010-08-03 2:40 ` linux-next: Fix AppArmor build warnings " John Johansen
@ 2010-08-18 0:56 ` Stephen Rothwell
2010-08-18 1:00 ` Stephen Rothwell
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2010-08-18 0:56 UTC (permalink / raw)
To: John Johansen; +Cc: James Morris, linux-next, linux-kernel, Rusty Russell
[-- Attachment #1: Type: text/plain, Size: 1327 bytes --]
Hi all,
On Mon, 02 Aug 2010 19:40:31 -0700 John Johansen <john.johansen@canonical.com> wrote:
>
> the follow patch fixes the AppArmor build warnings from the security-next tree merge
Thanks.
> From: John Johansen <john.johansen@canonical.com>
> Date: Mon, 2 Aug 2010 19:31:57 -0700
> Subject: [PATCH] AppArmor: Fix build warnings from linux-next merge
>
> Patch AppArmor to fix build warnings for changes that exist in the
> linux-next tree.
>
> Signed-off-by: John Johansen <john.johansen@canonical.com>
.
.
> diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> index d5666d3..f56978a 100644
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@ -607,9 +607,11 @@ static int apparmor_setprocattr(struct task_struct *task, char *name,
> return error;
> }
>
> -static int apparmor_task_setrlimit(unsigned int resource,
> +static int apparmor_task_setrlimit(struct task_struct *tsk,
> + unsigned int resource,
> struct rlimit *new_rlim)
> {
> + /* Use current profile instead of profile on @tsk */
> struct aa_profile *profile = aa_current_profile();
> int error = 0;
This last change seems to have been lost along the way.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: Fix AppArmor build warnings after merge of the security-testing tree
2010-08-18 0:56 ` Stephen Rothwell
@ 2010-08-18 1:00 ` Stephen Rothwell
0 siblings, 0 replies; 20+ messages in thread
From: Stephen Rothwell @ 2010-08-18 1:00 UTC (permalink / raw)
To: John Johansen; +Cc: James Morris, linux-next, linux-kernel, Rusty Russell
[-- Attachment #1: Type: text/plain, Size: 1470 bytes --]
Hi again,
On Wed, 18 Aug 2010 10:56:09 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> On Mon, 02 Aug 2010 19:40:31 -0700 John Johansen <john.johansen@canonical.com> wrote:
> >
> > From: John Johansen <john.johansen@canonical.com>
> > Date: Mon, 2 Aug 2010 19:31:57 -0700
> > Subject: [PATCH] AppArmor: Fix build warnings from linux-next merge
> >
> > Patch AppArmor to fix build warnings for changes that exist in the
> > linux-next tree.
> >
> > Signed-off-by: John Johansen <john.johansen@canonical.com>
> .
> .
> > diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
> > index d5666d3..f56978a 100644
> > --- a/security/apparmor/lsm.c
> > +++ b/security/apparmor/lsm.c
> > @@ -607,9 +607,11 @@ static int apparmor_setprocattr(struct task_struct *task, char *name,
> > return error;
> > }
> >
> > -static int apparmor_task_setrlimit(unsigned int resource,
> > +static int apparmor_task_setrlimit(struct task_struct *tsk,
> > + unsigned int resource,
> > struct rlimit *new_rlim)
> > {
> > + /* Use current profile instead of profile on @tsk */
> > struct aa_profile *profile = aa_current_profile();
> > int error = 0;
>
> This last change seems to have been lost along the way.
Sorry, my mistake, this change is sitting in the security-testing tree in
linux-next still.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2011-08-12 2:47 linux-next: build failure " Stephen Rothwell
@ 2011-08-15 4:04 ` Stephen Rothwell
0 siblings, 0 replies; 20+ messages in thread
From: Stephen Rothwell @ 2011-08-15 4:04 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, Mimi Zohar
[-- Attachment #1: Type: text/plain, Size: 1055 bytes --]
Hi James,
On Fri, 12 Aug 2011 12:47:23 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> After merging the security-testing tree, today's linux-next build
> (powerpc ppc64_defconfig) failed like this:
>
> init/mounts.o: In function `security_old_inode_init_security':
> (.opd+0xf0): multiple definition of `security_old_inode_init_security'
> init/main.o:(.opd+0x108): first defined here
> init/mounts.o: In function `.security_old_inode_init_security':
> (.text+0x50): multiple definition of `.security_old_inode_init_security'
> init/main.o:(.text+0x110): first defined here
>
> etc ... (lots and lots)
>
> Casued by commit e1c9b23adbe8 ("evm: building without EVM enabled fixes").
>
> Please, please, build test this stuff. This is the same error that that
> patch was supposed to fix but on another function ...
>
> I have used the security-tree tree from next-20110809 again.
I am still getting this ...
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* linux-next: build failure after merge of the security-testing tree
@ 2011-08-12 2:47 Stephen Rothwell
2011-08-15 4:04 ` Stephen Rothwell
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2011-08-12 2:47 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, Mimi Zohar
[-- Attachment #1: Type: text/plain, Size: 902 bytes --]
Hi James,
After merging the security-testing tree, today's linux-next build
(powerpc ppc64_defconfig) failed like this:
init/mounts.o: In function `security_old_inode_init_security':
(.opd+0xf0): multiple definition of `security_old_inode_init_security'
init/main.o:(.opd+0x108): first defined here
init/mounts.o: In function `.security_old_inode_init_security':
(.text+0x50): multiple definition of `.security_old_inode_init_security'
init/main.o:(.text+0x110): first defined here
etc ... (lots and lots)
Casued by commit e1c9b23adbe8 ("evm: building without EVM enabled fixes").
Please, please, build test this stuff. This is the same error that that
patch was supposed to fix but on another function ...
I have used the security-tree tree from next-20110809 again.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2011-08-10 1:48 ` Mimi Zohar
@ 2011-08-10 7:21 ` James Morris
0 siblings, 0 replies; 20+ messages in thread
From: James Morris @ 2011-08-10 7:21 UTC (permalink / raw)
To: Mimi Zohar; +Cc: Stephen Rothwell, linux-next, linux-kernel
On Tue, 9 Aug 2011, Mimi Zohar wrote:
> No, I left out the stub definition in the include. James, how do you
> want me to correct this and the missing 'inline'? Should I be updating
> the original patches or submitting them as new patches?
Send a new patch, thanks.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2011-08-10 0:58 Stephen Rothwell
@ 2011-08-10 1:48 ` Mimi Zohar
2011-08-10 7:21 ` James Morris
0 siblings, 1 reply; 20+ messages in thread
From: Mimi Zohar @ 2011-08-10 1:48 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: James Morris, linux-next, linux-kernel
On Wed, 2011-08-10 at 10:58 +1000, Stephen Rothwell wrote:
> Hi James,
>
> After merging the security-testing tree, today's linux-next build
> (powerpc ppc64_defconfig) failed like this:
>
> fs/reiserfs/xattr_security.c: In function 'reiserfs_security_init':
> fs/reiserfs/xattr_security.c:69:2: error: implicit declaration of function 'security_old_inode_init_security'
>
> Caused by commit 9d8f13ba3f48 ("security: new
> security_inode_init_security API adds function callback"). Forgotten
> include?
>
> I have used the security-testing tree from next-20110809 for today.
No, I left out the stub definition in the include. James, how do you
want me to correct this and the missing 'inline'? Should I be updating
the original patches or submitting them as new patches?
thanks,
Mimi
^ permalink raw reply [flat|nested] 20+ messages in thread
* linux-next: build failure after merge of the security-testing tree
@ 2011-08-10 0:58 Stephen Rothwell
2011-08-10 1:48 ` Mimi Zohar
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2011-08-10 0:58 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, Mimi Zohar
Hi James,
After merging the security-testing tree, today's linux-next build
(powerpc ppc64_defconfig) failed like this:
fs/reiserfs/xattr_security.c: In function 'reiserfs_security_init':
fs/reiserfs/xattr_security.c:69:2: error: implicit declaration of function 'security_old_inode_init_security'
Caused by commit 9d8f13ba3f48 ("security: new
security_inode_init_security API adds function callback"). Forgotten
include?
I have used the security-testing tree from next-20110809 for today.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2011-06-29 4:16 ` Tetsuo Handa
@ 2011-06-29 7:36 ` James Morris
0 siblings, 0 replies; 20+ messages in thread
From: James Morris @ 2011-06-29 7:36 UTC (permalink / raw)
To: Tetsuo Handa; +Cc: sfr, linux-next, linux-kernel
On Wed, 29 Jun 2011, Tetsuo Handa wrote:
> From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Date: Wed, 29 Jun 2011 13:07:52 +0900
> Subject: [PATCH] TOMOYO: Fix build error with CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER=y .
>
> I forgot to add #ifndef in commit 0e4ae0e0 "TOMOYO: Make several options
> configurable.", resulting
>
> security/built-in.o: In function `tomoyo_bprm_set_creds':
> tomoyo.c:(.text+0x4698e): undefined reference to `tomoyo_load_policy'
>
Applied to
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#next
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2011-06-29 3:48 Stephen Rothwell
@ 2011-06-29 4:16 ` Tetsuo Handa
2011-06-29 7:36 ` James Morris
0 siblings, 1 reply; 20+ messages in thread
From: Tetsuo Handa @ 2011-06-29 4:16 UTC (permalink / raw)
To: sfr, jmorris; +Cc: linux-next, linux-kernel, penguin-kernel
Stephen Rothwell wrote:
> Hi James,
>
> After merging the security-testing tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> security/built-in.o: In function `tomoyo_bprm_set_creds':
> tomoyo.c:(.text+0x4698e): undefined reference to `tomoyo_load_policy'
>
Sorry. I forgot to add #ifndef there.
It is for embedded systems where running userspace policy loader is difficult.
Below patch fixes the error.
Regards.
---
From 262f32874cd073fe2684e07dc838381f1dd01fd4 Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Wed, 29 Jun 2011 13:07:52 +0900
Subject: [PATCH] TOMOYO: Fix build error with CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER=y .
I forgot to add #ifndef in commit 0e4ae0e0 "TOMOYO: Make several options
configurable.", resulting
security/built-in.o: In function `tomoyo_bprm_set_creds':
tomoyo.c:(.text+0x4698e): undefined reference to `tomoyo_load_policy'
error.
Reported-by: Stephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
---
security/tomoyo/tomoyo.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c
index 2615c7d..d6f68a0 100644
--- a/security/tomoyo/tomoyo.c
+++ b/security/tomoyo/tomoyo.c
@@ -51,12 +51,14 @@ static int tomoyo_bprm_set_creds(struct linux_binprm *bprm)
*/
if (bprm->cred_prepared)
return 0;
+#ifndef CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER
/*
* Load policy if /sbin/tomoyo-init exists and /sbin/init is requested
* for the first time.
*/
if (!tomoyo_policy_loaded)
tomoyo_load_policy(bprm->filename);
+#endif
/*
* Release reference to "struct tomoyo_domain_info" stored inside
* "bprm->cred->security". New reference to "struct tomoyo_domain_info"
--
1.6.1
^ permalink raw reply related [flat|nested] 20+ messages in thread
* linux-next: build failure after merge of the security-testing tree
@ 2011-06-29 3:48 Stephen Rothwell
2011-06-29 4:16 ` Tetsuo Handa
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2011-06-29 3:48 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, Tetsuo Handa
[-- Attachment #1: Type: text/plain, Size: 590 bytes --]
Hi James,
After merging the security-testing tree, today's linux-next build (x86_64
allmodconfig) failed like this:
security/built-in.o: In function `tomoyo_bprm_set_creds':
tomoyo.c:(.text+0x4698e): undefined reference to `tomoyo_load_policy'
I am not sure what caused this (but tomoyo_load_policy is guarded by
#ifndef CONFIG_SECURITY_TOMOYO_OMIT_USERSPACE_LOADER
and that is set in this build).
I have used the security-testing tree from next-20110628 for today.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-10-19 3:57 Stephen Rothwell
@ 2010-10-19 4:09 ` Eric Paris
0 siblings, 0 replies; 20+ messages in thread
From: Eric Paris @ 2010-10-19 4:09 UTC (permalink / raw)
To: Stephen Rothwell
Cc: James Morris, linux-next, linux-kernel, Paul Moore, Patrick McHardy
On Tue, 2010-10-19 at 14:57 +1100, Stephen Rothwell wrote:
> Hi James,
>
> After merging the security-testing tree, today's linux-next build (powerpc_ppc64_defconfig)
> failed like this:
>
> net/netfilter/nf_conntrack_netlink.c: In function 'ctnetlink_conntrack_event':
> net/netfilter/nf_conntrack_netlink.c:585: error: 'struct nf_conn' has no member named 'secmark'
>
> Caused by commit fd0194de4cf2e64514aec35f40de458fca766656 ("conntrack:
> export lsm context rather than internal secid via netlink"). This build
> has CONFIG_NF_CONNTRACK_SECMARK not set ...
>
> If you change a dependency on a CONFIG option, it is always worth build
> testing with and without the option set.
>
> I have used the security-testing tree from next-20101018 for today.
Ohhh, poop. I didn't think I changed any config options but I see it
now. Will fix by tomorrow. Sorry and thanks for catching it.
-Eric
^ permalink raw reply [flat|nested] 20+ messages in thread
* linux-next: build failure after merge of the security-testing tree
@ 2010-10-19 3:57 Stephen Rothwell
2010-10-19 4:09 ` Eric Paris
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2010-10-19 3:57 UTC (permalink / raw)
To: James Morris
Cc: linux-next, linux-kernel, Eric Paris, Paul Moore, Patrick McHardy
[-- Attachment #1: Type: text/plain, Size: 792 bytes --]
Hi James,
After merging the security-testing tree, today's linux-next build (powerpc_ppc64_defconfig)
failed like this:
net/netfilter/nf_conntrack_netlink.c: In function 'ctnetlink_conntrack_event':
net/netfilter/nf_conntrack_netlink.c:585: error: 'struct nf_conn' has no member named 'secmark'
Caused by commit fd0194de4cf2e64514aec35f40de458fca766656 ("conntrack:
export lsm context rather than internal secid via netlink"). This build
has CONFIG_NF_CONNTRACK_SECMARK not set ...
If you change a dependency on a CONFIG option, it is always worth build
testing with and without the option set.
I have used the security-testing tree from next-20101018 for today.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-07-30 3:54 ` James Morris
2010-07-30 6:01 ` Stephen Rothwell
@ 2010-07-30 7:31 ` John Johansen
1 sibling, 0 replies; 20+ messages in thread
From: John Johansen @ 2010-07-30 7:31 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel
On 07/29/2010 08:54 PM, James Morris wrote:
> On Fri, 30 Jul 2010, Stephen Rothwell wrote:
>
>> Hi James,
>>
>> After merging the security-testing tree, today's linux-next build
>> (powerpc ppc64_defconfig) failed like this:
>>
>> security/Kconfig:144: can't open file "security/apparmor/Kconfig"
>>
>> Caused by commit 32bd8e5273c0be4189274ab55c4d16862f0dd87d ("AppArmor:
>> Enable configuring and building of the AppArmor security module"). Looks
>> like a file was missed.
>
> I don't know how to use git.
>
> Should be fixed now.
>
works for me,
thanks James
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-07-30 3:54 ` James Morris
@ 2010-07-30 6:01 ` Stephen Rothwell
2010-07-30 7:31 ` John Johansen
1 sibling, 0 replies; 20+ messages in thread
From: Stephen Rothwell @ 2010-07-30 6:01 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, John Johansen
[-- Attachment #1: Type: text/plain, Size: 283 bytes --]
Hi James,
On Fri, 30 Jul 2010 13:54:01 +1000 (EST) James Morris <jmorris@namei.org> wrote:
>
> I don't know how to use git.
:-)
> Should be fixed now.
Thanks.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: linux-next: build failure after merge of the security-testing tree
2010-07-30 2:06 Stephen Rothwell
@ 2010-07-30 3:54 ` James Morris
2010-07-30 6:01 ` Stephen Rothwell
2010-07-30 7:31 ` John Johansen
0 siblings, 2 replies; 20+ messages in thread
From: James Morris @ 2010-07-30 3:54 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: linux-next, linux-kernel, John Johansen
On Fri, 30 Jul 2010, Stephen Rothwell wrote:
> Hi James,
>
> After merging the security-testing tree, today's linux-next build
> (powerpc ppc64_defconfig) failed like this:
>
> security/Kconfig:144: can't open file "security/apparmor/Kconfig"
>
> Caused by commit 32bd8e5273c0be4189274ab55c4d16862f0dd87d ("AppArmor:
> Enable configuring and building of the AppArmor security module"). Looks
> like a file was missed.
I don't know how to use git.
Should be fixed now.
>
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 20+ messages in thread
* linux-next: build failure after merge of the security-testing tree
@ 2010-07-30 2:06 Stephen Rothwell
2010-07-30 3:54 ` James Morris
0 siblings, 1 reply; 20+ messages in thread
From: Stephen Rothwell @ 2010-07-30 2:06 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, John Johansen
[-- Attachment #1: Type: text/plain, Size: 540 bytes --]
Hi James,
After merging the security-testing tree, today's linux-next build
(powerpc ppc64_defconfig) failed like this:
security/Kconfig:144: can't open file "security/apparmor/Kconfig"
Caused by commit 32bd8e5273c0be4189274ab55c4d16862f0dd87d ("AppArmor:
Enable configuring and building of the AppArmor security module"). Looks
like a file was missed.
I have used the security-testing from next-20100729 for today.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/
[-- Attachment #2: Type: application/pgp-signature, Size: 490 bytes --]
^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2011-08-15 4:05 UTC | newest]
Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-02 2:16 linux-next: build failure after merge of the security-testing tree Stephen Rothwell
2010-08-03 0:04 ` John Johansen
2010-08-05 1:37 ` Stephen Rothwell
2010-08-03 2:40 ` linux-next: Fix AppArmor build warnings " John Johansen
2010-08-18 0:56 ` Stephen Rothwell
2010-08-18 1:00 ` Stephen Rothwell
-- strict thread matches above, loose matches on Subject: below --
2011-08-12 2:47 linux-next: build failure " Stephen Rothwell
2011-08-15 4:04 ` Stephen Rothwell
2011-08-10 0:58 Stephen Rothwell
2011-08-10 1:48 ` Mimi Zohar
2011-08-10 7:21 ` James Morris
2011-06-29 3:48 Stephen Rothwell
2011-06-29 4:16 ` Tetsuo Handa
2011-06-29 7:36 ` James Morris
2010-10-19 3:57 Stephen Rothwell
2010-10-19 4:09 ` Eric Paris
2010-07-30 2:06 Stephen Rothwell
2010-07-30 3:54 ` James Morris
2010-07-30 6:01 ` Stephen Rothwell
2010-07-30 7:31 ` John Johansen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).