linux-next.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* linux-next: build failure after merge of the security tree
@ 2016-05-19  4:01 Stephen Rothwell
       [not found] ` <20160519140120.23b345a1-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org>
  0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2016-05-19  4:01 UTC (permalink / raw)
  To: James Morris, Steve French, linux-cifs
  Cc: linux-next, linux-kernel, Sachin Prabhu, David Howells

Hi James,

After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:

fs/cifs/cifs_spnego.c: In function 'init_cifs_spnego':
fs/cifs/cifs_spnego.c:206:12: error: too few arguments to function 'keyring_alloc'
  keyring = keyring_alloc(".cifs_spnego",
            ^
In file included from include/linux/cred.h:17:0,
                 from include/linux/sched.h:56,
                 from include/linux/kasan.h:4,
                 from include/linux/slab.h:118,
                 from fs/cifs/cifs_spnego.c:23:
include/linux/key.h:302:20: note: declared here
 extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
                    ^

Caused by commit

  5b82c5cbcfe4 ("cifs: Create dedicated keyring for spnego operations")

from the cifs tree interacting with commit

  5ac7eace2d00 ("KEYS: Add a facility to restrict new links into a keyring")

from the security tree.

I added the following merge fix patch (and someone will have to let
Linus know):

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Thu, 19 May 2016 13:45:10 +1000
Subject: [PATCH] cifs: fix for keyringalloc() API change

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 fs/cifs/cifs_spnego.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
index 248ab431930c..9ef0dfcb2f95 100644
--- a/fs/cifs/cifs_spnego.c
+++ b/fs/cifs/cifs_spnego.c
@@ -207,7 +207,7 @@ init_cifs_spnego(void)
 				GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred,
 				(KEY_POS_ALL & ~KEY_POS_SETATTR) |
 				KEY_USR_VIEW | KEY_USR_READ,
-				KEY_ALLOC_NOT_IN_QUOTA, NULL);
+				KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL);
 	if (IS_ERR(keyring)) {
 		ret = PTR_ERR(keyring);
 		goto failed_put_cred;
-- 
2.7.0

-- 
Cheers,
Stephen Rothwell

^ permalink raw reply related	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2020-07-08  4:00 Stephen Rothwell
  2020-07-13  2:04 ` Stephen Rothwell
  0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-08  4:00 UTC (permalink / raw)
  To: James Morris
  Cc: Linux Next Mailing List, Linux Kernel Mailing List, Daniel Colascione

[-- Attachment #1: Type: text/plain, Size: 2134 bytes --]

Hi all,

After merging the security tree, today's linux-next build (powerpc
ppc64_defconfig) failed like this:

fs/anon_inodes.c: In function 'anon_inode_make_secure_inode':
fs/anon_inodes.c:70:10: error: implicit declaration of function 'security_inode_init_security_anon'; did you mean 'security_inode_init_security'? [-Werror=implicit-function-declaration]
   70 |  error = security_inode_init_security_anon(
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      |          security_inode_init_security

Caused by commit

  2749d3f84a70 ("Add a new LSM-supporting anonymous inode interface")

# CONFIG_SECURITY is not set

Also, the explicit include of linux/security.h is missing ...

I have added the following patch for today.

From b2bae25c9b715e06f7e802ec7b51cfbfec046e6c Mon Sep 17 00:00:00 2001
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Wed, 8 Jul 2020 13:43:01 +1000
Subject: [PATCH] fix up for "Add a new LSM-supporting anonymous inode interface"

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 fs/anon_inodes.c         | 1 +
 include/linux/security.h | 7 +++++++
 2 files changed, 8 insertions(+)

diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index f87f221167cf..25d92c64411e 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -21,6 +21,7 @@
 #include <linux/magic.h>
 #include <linux/anon_inodes.h>
 #include <linux/pseudo_fs.h>
+#include <linux/security.h>
 
 #include <linux/uaccess.h>
 
diff --git a/include/linux/security.h b/include/linux/security.h
index 95c133a8f8bb..7c6b3dcf4721 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -735,6 +735,13 @@ static inline int security_inode_init_security(struct inode *inode,
 	return 0;
 }
 
+static inline int security_inode_init_security_anon(struct inode *inode,
+						    const struct qstr *name,
+						    const struct inode *context_inode)
+{
+	return 0;
+}
+
 static inline int security_old_inode_init_security(struct inode *inode,
 						   struct inode *dir,
 						   const struct qstr *qstr,
-- 
2.27.0

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply related	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2019-08-12  4:58 Stephen Rothwell
  2019-08-12 17:34 ` Kees Cook
  0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2019-08-12  4:58 UTC (permalink / raw)
  To: James Morris
  Cc: Linux Next Mailing List, Linux Kernel Mailing List,
	Matthew Garrett, Kees Cook, Casey Schaufler

[-- Attachment #1: Type: text/plain, Size: 1354 bytes --]

Hi all,

After merging the security tree, today's linux-next build (arm
multi_v7_defconfig) failed like below.

Caused by commit

  45d29f9e9b8b ("security: Support early LSMs")

I have added the following fix for today:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 12 Aug 2019 14:54:20 +1000
Subject: [PATCH] early_security_init() needs a stub got !CONFIG_SECURITY

An arm multi_v7_defconfig fails like this:

init/main.c: In function 'start_kernel':
init/main.c:596:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'? [-Werror=implicit-function-declaration]
  early_security_init();
  ^~~~~~~~~~~~~~~~~~~
  security_init

Fixes: 45d29f9e9b8b ("security: Support early LSMs")
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 include/linux/security.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/include/linux/security.h b/include/linux/security.h
index 807dc0d24982..23e1c3f17d48 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -473,6 +473,11 @@ static inline int security_init(void)
 	return 0;
 }
 
+static inline int early_security_init(void)
+{
+	return 0;
+}
+
 static inline int security_binder_set_context_mgr(struct task_struct *mgr)
 {
 	return 0;
-- 
2.20.1

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply related	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2017-08-23 11:12 Stephen Rothwell
  0 siblings, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2017-08-23 11:12 UTC (permalink / raw)
  To: James Morris
  Cc: Linux-Next Mailing List, Linux Kernel Mailing List, John Johansen

Hi James,

After merging the security tree, today's linux-next build (sparc64
allmodconfig) failed like this:

In file included from security/apparmor/ipc.c:23:0:
security/apparmor/include/sig_names.h:26:3: error: 'SIGSTKFLT' undeclared here (not in a function)
  [SIGSTKFLT] = 16, /* -, 16, - */
   ^
security/apparmor/include/sig_names.h:26:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:26:3: note: (near initialization for 'sig_map')
security/apparmor/include/sig_names.h:51:3: error: 'SIGUNUSED' undeclared here (not in a function)
  [SIGUNUSED] = 34, /* -, 31, - */
   ^
security/apparmor/include/sig_names.h:51:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:51:3: note: (near initialization for 'sig_map')

Caused by commit

  c6bf1adaecaa ("apparmor: add the ability to mediate signals")

-- 
Cheers,
Stephen Rothwell

^ permalink raw reply	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2017-08-17  2:51 Stephen Rothwell
  2017-08-17  3:24 ` Kees Cook
  0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2017-08-17  2:51 UTC (permalink / raw)
  To: James Morris
  Cc: Linux-Next Mailing List, Linux Kernel Mailing List, Kees Cook

Hi James,

After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:

In file included from samples/seccomp/bpf-fancy.c:12:0:
samples/seccomp/bpf-fancy.c: In function 'main':
samples/seccomp/bpf-helper.h:47:26: error: 'SECCOMP_RET_KILL_THREAD' undeclared (first use in this function)
  BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
                          ^
./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
 #define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
                                                           ^
samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
   DENY,  /* Don't passthrough into a label */
   ^~~~
samples/seccomp/bpf-helper.h:47:26: note: each undeclared identifier is reported only once for each function it appears in
  BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
                          ^
./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
 #define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
                                                           ^
samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
   DENY,  /* Don't passthrough into a label */
   ^~~~

[Note: this is a cross build, if that is relevant ...]

Presumably caused by commit

  fd76875ca289 ("seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD")

I have used the security tree from next-20170816 for today.

-- 
Cheers,
Stephen Rothwell

^ permalink raw reply	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2015-08-17  5:29 Stephen Rothwell
  2015-08-17  6:04 ` Stephen Rothwell
  2015-08-26 14:45 ` David Howells
  0 siblings, 2 replies; 24+ messages in thread
From: Stephen Rothwell @ 2015-08-17  5:29 UTC (permalink / raw)
  To: James Morris; +Cc: linux-next, linux-kernel, David Howells, David Woodhouse

Hi James,

After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:

scripts/extract-cert.c:23:25: fatal error: openssl/bio.h: No such file or directory
 #include <openssl/bio.h>
                         ^
compilation terminated.
scripts/sign-file.c:20:25: fatal error: openssl/bio.h: No such file or directory
 #include <openssl/bio.h>
                         ^

Caused by commits:

  1329e8cc69b9 ("modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed")
  bc1c373dd2a5 ("MODSIGN: Provide a utility to append a PKCS#7 signature to a module")

After a bit of digging, I installed libssl-dev on my Debian build
machines.

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

^ permalink raw reply	[flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2014-07-25  9:21 Stephen Rothwell
  0 siblings, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2014-07-25  9:21 UTC (permalink / raw)
  To: James Morris; +Cc: linux-next, linux-kernel, David Howells

[-- Attachment #1: Type: text/plain, Size: 1489 bytes --]

Hi James,

After merging the security tree, today's linux-next build (powerpc
allyesconfig) failed like this:

crypto/asymmetric_keys/pkcs7_key_type.c: In function 'pkcs7_preparse':
crypto/asymmetric_keys/pkcs7_key_type.c:36:2: error: implicit declaration of function 'IS_ERR' [-Werror=implicit-function-declaration]
  if (IS_ERR(pkcs7)) {
  ^
crypto/asymmetric_keys/pkcs7_key_type.c:37:3: error: implicit declaration of function 'PTR_ERR' [-Werror=implicit-function-declaration]
   ret = PTR_ERR(pkcs7);
   ^

Caused by commit 22d01afb210f ("PKCS#7: Provide a key type for testing
PKCS#7").  See Rule 1 in Documentation/SubmitChecklist.

I have added this fix patch for today:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Fri, 25 Jul 2014 19:17:04 +1000
Subject: [PATCH] PKCS#7: include linux-err.h for PTR_ERR and IS_ERR

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 crypto/asymmetric_keys/pkcs7_key_type.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/asymmetric_keys/pkcs7_key_type.c b/crypto/asymmetric_keys/pkcs7_key_type.c
index c2091f7bd15d..8605ff6cf869 100644
--- a/crypto/asymmetric_keys/pkcs7_key_type.c
+++ b/crypto/asymmetric_keys/pkcs7_key_type.c
@@ -10,6 +10,7 @@
  */
 
 #define pr_fmt(fmt) "PKCS7key: "fmt
+#include <linux/err.h>
 #include <linux/key.h>
 #include <linux/key-type.h>
 #include <crypto/pkcs7.h>
-- 
2.0.1

-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]

^ permalink raw reply related	[flat|nested] 24+ messages in thread
end of thread, other threads:[~2020-08-04  3:36 UTC | newest]

Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-05-19  4:01 linux-next: build failure after merge of the security tree Stephen Rothwell
     [not found] ` <20160519140120.23b345a1-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org>
2016-05-19 10:11   ` David Howells
2016-05-19 23:14   ` Stephen Rothwell
2016-05-20  3:07     ` Steve French
  -- strict thread matches above, loose matches on Subject: below --
2020-07-08  4:00 Stephen Rothwell
2020-07-13  2:04 ` Stephen Rothwell
2020-07-13  2:06   ` Stephen Rothwell
2020-07-29 23:35   ` Stephen Rothwell
2020-07-30  2:35     ` James Morris
2020-07-30  2:59       ` Stephen Rothwell
2020-07-30  5:03         ` Stephen Rothwell
2020-08-04  3:36         ` James Morris
2019-08-12  4:58 Stephen Rothwell
2019-08-12 17:34 ` Kees Cook
2019-08-19  3:21   ` Stephen Rothwell
2019-08-19  3:38     ` Stephen Rothwell
2019-08-21 16:39     ` James Morris
2017-08-23 11:12 Stephen Rothwell
2017-08-17  2:51 Stephen Rothwell
2017-08-17  3:24 ` Kees Cook
2015-08-17  5:29 Stephen Rothwell
2015-08-17  6:04 ` Stephen Rothwell
2015-08-26 14:45 ` David Howells
2014-07-25  9:21 Stephen Rothwell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).