From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C372C3FCE for ; Wed, 26 Jan 2022 22:05:21 +0000 (UTC) Received: from pps.filterd (m0098399.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.1.2/8.16.1.2) with SMTP id 20QM3dGK014328; Wed, 26 Jan 2022 22:05:14 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=message-id : date : mime-version : subject : to : cc : references : from : in-reply-to : content-type : content-transfer-encoding; s=pp1; bh=RxTuE6rmxVpW/vdK1r884JjG3O3+YWBscTGJnKvckXI=; b=HUAXz694ayH5nVsmPluXJaOjnzJz2ZpRwoFXpQmOSxpvATbk5QqBnw9xw9hczoQt7N7w on80wtOqKSxc287ZJTvoG9SZ7XPjr8ri1eNeg1uZJyRLCab2nIuwPuSt6Hg1AfSzheMS 3KjRkeY+y9BaHFrC1rHuWEHTMPVJ2sIKDMibQ5hvzDMttS4n8Yv+dv7ga91Hc2ACpOHD Puuxjj92iayC+zF3Ly9CQe2sV4euwfqmxhjTlnrL66qyr6T4vPW/O2f5iDx/BT4GQ1Xw NYEPqAav5Fa/1y8tID5OTO/CLyoihlqBVa8Op67REeqHz1VHJESultgkXYwrAJCauvY8 9w== Received: from pps.reinject (localhost [127.0.0.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 3du89mja8h-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jan 2022 22:05:14 +0000 Received: from m0098399.ppops.net (m0098399.ppops.net [127.0.0.1]) by pps.reinject (8.16.0.43/8.16.0.43) with SMTP id 20QM4C7L016478; Wed, 26 Jan 2022 22:05:13 GMT Received: from ppma01dal.us.ibm.com (83.d6.3fa9.ip4.static.sl-reverse.com [169.63.214.131]) by mx0a-001b2d01.pphosted.com with ESMTP id 3du89mja82-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jan 2022 22:05:13 +0000 Received: from pps.filterd (ppma01dal.us.ibm.com [127.0.0.1]) by ppma01dal.us.ibm.com (8.16.1.2/8.16.1.2) with SMTP id 20QM27Xe024020; Wed, 26 Jan 2022 22:05:12 GMT Received: from b03cxnp08025.gho.boulder.ibm.com (b03cxnp08025.gho.boulder.ibm.com [9.17.130.17]) by ppma01dal.us.ibm.com with ESMTP id 3dr9jc12sp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 26 Jan 2022 22:05:12 +0000 Received: from b03ledav001.gho.boulder.ibm.com (b03ledav001.gho.boulder.ibm.com [9.17.130.232]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 20QM5AxF32244212 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 26 Jan 2022 22:05:10 GMT Received: from b03ledav001.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 6B8856E050; Wed, 26 Jan 2022 22:05:10 +0000 (GMT) Received: from b03ledav001.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id C1F436E06D; Wed, 26 Jan 2022 22:05:07 +0000 (GMT) Received: from [9.47.158.152] (unknown [9.47.158.152]) by b03ledav001.gho.boulder.ibm.com (Postfix) with ESMTP; Wed, 26 Jan 2022 22:05:07 +0000 (GMT) Message-ID: Date: Wed, 26 Jan 2022 17:05:05 -0500 Precedence: bulk X-Mailing-List: containers@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.3.0 Subject: Re: [PATCH v9 15/23] ima: Implement hierarchical processing of file accesses Content-Language: en-US To: Christian Brauner , Stefan Berger Cc: linux-integrity@vger.kernel.org, zohar@linux.ibm.com, serge@hallyn.com, christian.brauner@ubuntu.com, containers@lists.linux.dev, dmitry.kasatkin@gmail.com, ebiederm@xmission.com, krzysztof.struczynski@huawei.com, roberto.sassu@huawei.com, mpeters@redhat.com, lhinds@redhat.com, lsturman@redhat.com, puiterwi@redhat.com, jejb@linux.ibm.com, jamjoom@us.ibm.com, linux-kernel@vger.kernel.org, paul@paul-moore.com, rgb@redhat.com, linux-security-module@vger.kernel.org, jmorris@namei.org References: <20220125224645.79319-1-stefanb@linux.vnet.ibm.com> <20220125224645.79319-16-stefanb@linux.vnet.ibm.com> <20220126123908.q65wgvr2v52lmxpw@wittgenstein> From: Stefan Berger In-Reply-To: <20220126123908.q65wgvr2v52lmxpw@wittgenstein> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-GUID: GXavbc1DSLqYJR2d4JpfnIWijqqJ4DxH X-Proofpoint-ORIG-GUID: PcRyTm2VOWigvWeJjq8oPa4d08HxmAGl X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-01-26_08,2022-01-26_01,2021-12-02_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 adultscore=0 mlxlogscore=907 impostorscore=0 lowpriorityscore=0 suspectscore=0 mlxscore=0 priorityscore=1501 spamscore=0 bulkscore=0 malwarescore=0 phishscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2201110000 definitions=main-2201260128 On 1/26/22 07:39, Christian Brauner wrote: > > That'll break compilation as youre checking: > > ns == &init_ima_ns below. > > security/integrity/ima/ima_main.c: In function ‘ima_post_read_file’: > security/integrity/ima/ima_main.c:798:7: error: ‘ns’ undeclared (first use in this function); did you mean ‘insl’? > 798 | if (ns == &init_ima_ns && > | ^~ > | insl > security/integrity/ima/ima_main.c:798:7: note: each undeclared identifier is reported only once for each function it appears in > > it's fixed later in the series but you might want to fix this up here as > well. Argh. Fixed. > > Fwiw, a good strategy is to: > > git rebase -i -x "make LOCALVERSION=-imans" v5.16-rc2 I did test it but maybe something distracted me.... while :; do make -j$(nproc) security kernel || break ; git rebase --continue || break; done