* linux-next: build failure after merge of the security tree
@ 2020-07-08 4:00 Stephen Rothwell
2020-07-13 2:04 ` Stephen Rothwell
0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-08 4:00 UTC (permalink / raw)
To: James Morris
Cc: Linux Next Mailing List, Linux Kernel Mailing List, Daniel Colascione
[-- Attachment #1: Type: text/plain, Size: 2134 bytes --]
Hi all,
After merging the security tree, today's linux-next build (powerpc
ppc64_defconfig) failed like this:
fs/anon_inodes.c: In function 'anon_inode_make_secure_inode':
fs/anon_inodes.c:70:10: error: implicit declaration of function 'security_inode_init_security_anon'; did you mean 'security_inode_init_security'? [-Werror=implicit-function-declaration]
70 | error = security_inode_init_security_anon(
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| security_inode_init_security
Caused by commit
2749d3f84a70 ("Add a new LSM-supporting anonymous inode interface")
# CONFIG_SECURITY is not set
Also, the explicit include of linux/security.h is missing ...
I have added the following patch for today.
From b2bae25c9b715e06f7e802ec7b51cfbfec046e6c Mon Sep 17 00:00:00 2001
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Wed, 8 Jul 2020 13:43:01 +1000
Subject: [PATCH] fix up for "Add a new LSM-supporting anonymous inode interface"
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
fs/anon_inodes.c | 1 +
include/linux/security.h | 7 +++++++
2 files changed, 8 insertions(+)
diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
index f87f221167cf..25d92c64411e 100644
--- a/fs/anon_inodes.c
+++ b/fs/anon_inodes.c
@@ -21,6 +21,7 @@
#include <linux/magic.h>
#include <linux/anon_inodes.h>
#include <linux/pseudo_fs.h>
+#include <linux/security.h>
#include <linux/uaccess.h>
diff --git a/include/linux/security.h b/include/linux/security.h
index 95c133a8f8bb..7c6b3dcf4721 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -735,6 +735,13 @@ static inline int security_inode_init_security(struct inode *inode,
return 0;
}
+static inline int security_inode_init_security_anon(struct inode *inode,
+ const struct qstr *name,
+ const struct inode *context_inode)
+{
+ return 0;
+}
+
static inline int security_old_inode_init_security(struct inode *inode,
struct inode *dir,
const struct qstr *qstr,
--
2.27.0
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-08 4:00 linux-next: build failure after merge of the security tree Stephen Rothwell
@ 2020-07-13 2:04 ` Stephen Rothwell
2020-07-13 2:06 ` Stephen Rothwell
2020-07-29 23:35 ` Stephen Rothwell
0 siblings, 2 replies; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-13 2:04 UTC (permalink / raw)
To: James Morris
Cc: Linux Next Mailing List, Linux Kernel Mailing List, Daniel Colascione
[-- Attachment #1: Type: text/plain, Size: 2369 bytes --]
Hi all,
On Wed, 8 Jul 2020 14:00:34 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> After merging the security tree, today's linux-next build (powerpc
> ppc64_defconfig) failed like this:
>
> fs/anon_inodes.c: In function 'anon_inode_make_secure_inode':
> fs/anon_inodes.c:70:10: error: implicit declaration of function 'security_inode_init_security_anon'; did you mean 'security_inode_init_security'? [-Werror=implicit-function-declaration]
> 70 | error = security_inode_init_security_anon(
> | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> | security_inode_init_security
>
> Caused by commit
>
> 2749d3f84a70 ("Add a new LSM-supporting anonymous inode interface")
>
> # CONFIG_SECURITY is not set
>
> Also, the explicit include of linux/security.h is missing ...
>
> I have added the following patch for today.
>
> From b2bae25c9b715e06f7e802ec7b51cfbfec046e6c Mon Sep 17 00:00:00 2001
> From: Stephen Rothwell <sfr@canb.auug.org.au>
> Date: Wed, 8 Jul 2020 13:43:01 +1000
> Subject: [PATCH] fix up for "Add a new LSM-supporting anonymous inode interface"
>
> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
> ---
> fs/anon_inodes.c | 1 +
> include/linux/security.h | 7 +++++++
> 2 files changed, 8 insertions(+)
>
> diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> index f87f221167cf..25d92c64411e 100644
> --- a/fs/anon_inodes.c
> +++ b/fs/anon_inodes.c
> @@ -21,6 +21,7 @@
> #include <linux/magic.h>
> #include <linux/anon_inodes.h>
> #include <linux/pseudo_fs.h>
> +#include <linux/security.h>
>
> #include <linux/uaccess.h>
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 95c133a8f8bb..7c6b3dcf4721 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -735,6 +735,13 @@ static inline int security_inode_init_security(struct inode *inode,
> return 0;
> }
>
> +static inline int security_inode_init_security_anon(struct inode *inode,
> + const struct qstr *name,
> + const struct inode *context_inode)
> +{
> + return 0;
> +}
> +
> static inline int security_old_inode_init_security(struct inode *inode,
> struct inode *dir,
> const struct qstr *qstr,
I am still applying the above patch ...
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-13 2:04 ` Stephen Rothwell
@ 2020-07-13 2:06 ` Stephen Rothwell
2020-07-29 23:35 ` Stephen Rothwell
1 sibling, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-13 2:06 UTC (permalink / raw)
To: James Morris
Cc: Linux Next Mailing List, Linux Kernel Mailing List, Daniel Colascione
[-- Attachment #1: Type: text/plain, Size: 245 bytes --]
Hi all,
On Mon, 13 Jul 2020 12:04:19 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> I am still applying the above patch ...
And the mail address Daniel Colascione <dancol@google.com> bounces.
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-13 2:04 ` Stephen Rothwell
2020-07-13 2:06 ` Stephen Rothwell
@ 2020-07-29 23:35 ` Stephen Rothwell
2020-07-30 2:35 ` James Morris
1 sibling, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-29 23:35 UTC (permalink / raw)
To: James Morris; +Cc: Linux Next Mailing List, Linux Kernel Mailing List
[-- Attachment #1: Type: text/plain, Size: 2668 bytes --]
Hi all,
On Mon, 13 Jul 2020 12:04:19 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> On Wed, 8 Jul 2020 14:00:34 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> >
> > After merging the security tree, today's linux-next build (powerpc
> > ppc64_defconfig) failed like this:
> >
> > fs/anon_inodes.c: In function 'anon_inode_make_secure_inode':
> > fs/anon_inodes.c:70:10: error: implicit declaration of function 'security_inode_init_security_anon'; did you mean 'security_inode_init_security'? [-Werror=implicit-function-declaration]
> > 70 | error = security_inode_init_security_anon(
> > | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> > | security_inode_init_security
> >
> > Caused by commit
> >
> > 2749d3f84a70 ("Add a new LSM-supporting anonymous inode interface")
> >
> > # CONFIG_SECURITY is not set
> >
> > Also, the explicit include of linux/security.h is missing ...
> >
> > I have added the following patch for today.
> >
> > From b2bae25c9b715e06f7e802ec7b51cfbfec046e6c Mon Sep 17 00:00:00 2001
> > From: Stephen Rothwell <sfr@canb.auug.org.au>
> > Date: Wed, 8 Jul 2020 13:43:01 +1000
> > Subject: [PATCH] fix up for "Add a new LSM-supporting anonymous inode interface"
> >
> > Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
> > ---
> > fs/anon_inodes.c | 1 +
> > include/linux/security.h | 7 +++++++
> > 2 files changed, 8 insertions(+)
> >
> > diff --git a/fs/anon_inodes.c b/fs/anon_inodes.c
> > index f87f221167cf..25d92c64411e 100644
> > --- a/fs/anon_inodes.c
> > +++ b/fs/anon_inodes.c
> > @@ -21,6 +21,7 @@
> > #include <linux/magic.h>
> > #include <linux/anon_inodes.h>
> > #include <linux/pseudo_fs.h>
> > +#include <linux/security.h>
> >
> > #include <linux/uaccess.h>
> >
> > diff --git a/include/linux/security.h b/include/linux/security.h
> > index 95c133a8f8bb..7c6b3dcf4721 100644
> > --- a/include/linux/security.h
> > +++ b/include/linux/security.h
> > @@ -735,6 +735,13 @@ static inline int security_inode_init_security(struct inode *inode,
> > return 0;
> > }
> >
> > +static inline int security_inode_init_security_anon(struct inode *inode,
> > + const struct qstr *name,
> > + const struct inode *context_inode)
> > +{
> > + return 0;
> > +}
> > +
> > static inline int security_old_inode_init_security(struct inode *inode,
> > struct inode *dir,
> > const struct qstr *qstr,
>
> I am still applying the above patch ...
The merge window is coming up fast ... is anything happening about this
failure?
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-29 23:35 ` Stephen Rothwell
@ 2020-07-30 2:35 ` James Morris
2020-07-30 2:59 ` Stephen Rothwell
0 siblings, 1 reply; 24+ messages in thread
From: James Morris @ 2020-07-30 2:35 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: Linux Next Mailing List, Linux Kernel Mailing List
On Thu, 30 Jul 2020, Stephen Rothwell wrote:
> > I am still applying the above patch ...
>
> The merge window is coming up fast ... is anything happening about this
> failure?
A new patch is coming, but I'm not sure this code has had enough review
from the core VFS folk.
Please drop secure_uffd_v5.9 for the time being.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-30 2:35 ` James Morris
@ 2020-07-30 2:59 ` Stephen Rothwell
2020-07-30 5:03 ` Stephen Rothwell
2020-08-04 3:36 ` James Morris
0 siblings, 2 replies; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-30 2:59 UTC (permalink / raw)
To: James Morris; +Cc: Linux Next Mailing List, Linux Kernel Mailing List
[-- Attachment #1: Type: text/plain, Size: 645 bytes --]
Hi James,
On Thu, 30 Jul 2020 12:35:03 +1000 (AEST) James Morris <jmorris@namei.org> wrote:
>
> On Thu, 30 Jul 2020, Stephen Rothwell wrote:
>
> > > I am still applying the above patch ...
> >
> > The merge window is coming up fast ... is anything happening about this
> > failure?
>
> A new patch is coming, but I'm not sure this code has had enough review
> from the core VFS folk.
>
> Please drop secure_uffd_v5.9 for the time being.
You just need to remove/revert it from your security tree
(git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git#next-testing).
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-30 2:59 ` Stephen Rothwell
@ 2020-07-30 5:03 ` Stephen Rothwell
2020-08-04 3:36 ` James Morris
1 sibling, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2020-07-30 5:03 UTC (permalink / raw)
To: James Morris; +Cc: Linux Next Mailing List, Linux Kernel Mailing List
[-- Attachment #1: Type: text/plain, Size: 1023 bytes --]
Hi Stephen,
On Thu, 30 Jul 2020 12:59:04 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> Hi James,
>
> On Thu, 30 Jul 2020 12:35:03 +1000 (AEST) James Morris <jmorris@namei.org> wrote:
> >
> > On Thu, 30 Jul 2020, Stephen Rothwell wrote:
> >
> > > > I am still applying the above patch ...
> > >
> > > The merge window is coming up fast ... is anything happening about this
> > > failure?
> >
> > A new patch is coming, but I'm not sure this code has had enough review
> > from the core VFS folk.
> >
> > Please drop secure_uffd_v5.9 for the time being.
>
> You just need to remove/revert it from your security tree
> (git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git#next-testing).
In today's linux-next I have reverted the three commits in that branch:
d08ac70b1e0d Wire UFFD up to SELinux
2b72259a271a Teach SELinux about anonymous inodes
2749d3f84a70 Add a new LSM-supporting anonymous inode interface
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2020-07-30 2:59 ` Stephen Rothwell
2020-07-30 5:03 ` Stephen Rothwell
@ 2020-08-04 3:36 ` James Morris
1 sibling, 0 replies; 24+ messages in thread
From: James Morris @ 2020-08-04 3:36 UTC (permalink / raw)
To: Stephen Rothwell; +Cc: Linux Next Mailing List, Linux Kernel Mailing List
On Thu, 30 Jul 2020, Stephen Rothwell wrote:
> Hi James,
>
> On Thu, 30 Jul 2020 12:35:03 +1000 (AEST) James Morris <jmorris@namei.org> wrote:
> >
> > On Thu, 30 Jul 2020, Stephen Rothwell wrote:
> >
> > > > I am still applying the above patch ...
> > >
> > > The merge window is coming up fast ... is anything happening about this
> > > failure?
> >
> > A new patch is coming, but I'm not sure this code has had enough review
> > from the core VFS folk.
> >
> > Please drop secure_uffd_v5.9 for the time being.
>
> You just need to remove/revert it from your security tree
> (git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security.git#next-testing).
Done.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2019-08-12 4:58 Stephen Rothwell
2019-08-12 17:34 ` Kees Cook
0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2019-08-12 4:58 UTC (permalink / raw)
To: James Morris
Cc: Linux Next Mailing List, Linux Kernel Mailing List,
Matthew Garrett, Kees Cook, Casey Schaufler
[-- Attachment #1: Type: text/plain, Size: 1354 bytes --]
Hi all,
After merging the security tree, today's linux-next build (arm
multi_v7_defconfig) failed like below.
Caused by commit
45d29f9e9b8b ("security: Support early LSMs")
I have added the following fix for today:
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 12 Aug 2019 14:54:20 +1000
Subject: [PATCH] early_security_init() needs a stub got !CONFIG_SECURITY
An arm multi_v7_defconfig fails like this:
init/main.c: In function 'start_kernel':
init/main.c:596:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'? [-Werror=implicit-function-declaration]
early_security_init();
^~~~~~~~~~~~~~~~~~~
security_init
Fixes: 45d29f9e9b8b ("security: Support early LSMs")
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
include/linux/security.h | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/include/linux/security.h b/include/linux/security.h
index 807dc0d24982..23e1c3f17d48 100644
--- a/include/linux/security.h
+++ b/include/linux/security.h
@@ -473,6 +473,11 @@ static inline int security_init(void)
return 0;
}
+static inline int early_security_init(void)
+{
+ return 0;
+}
+
static inline int security_binder_set_context_mgr(struct task_struct *mgr)
{
return 0;
--
2.20.1
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2019-08-12 4:58 Stephen Rothwell
@ 2019-08-12 17:34 ` Kees Cook
2019-08-19 3:21 ` Stephen Rothwell
0 siblings, 1 reply; 24+ messages in thread
From: Kees Cook @ 2019-08-12 17:34 UTC (permalink / raw)
To: Stephen Rothwell
Cc: James Morris, Linux Next Mailing List, Linux Kernel Mailing List,
Matthew Garrett, Casey Schaufler
On Mon, Aug 12, 2019 at 02:58:23PM +1000, Stephen Rothwell wrote:
> Hi all,
>
> After merging the security tree, today's linux-next build (arm
> multi_v7_defconfig) failed like below.
>
> Caused by commit
>
> 45d29f9e9b8b ("security: Support early LSMs")
>
> I have added the following fix for today:
>
> From: Stephen Rothwell <sfr@canb.auug.org.au>
> Date: Mon, 12 Aug 2019 14:54:20 +1000
> Subject: [PATCH] early_security_init() needs a stub got !CONFIG_SECURITY
>
> An arm multi_v7_defconfig fails like this:
>
> init/main.c: In function 'start_kernel':
> init/main.c:596:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'? [-Werror=implicit-function-declaration]
> early_security_init();
> ^~~~~~~~~~~~~~~~~~~
> security_init
>
> Fixes: 45d29f9e9b8b ("security: Support early LSMs")
> Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
Acked-by: Kees Cook <keescook@chromium.org>
-Kees
> ---
> include/linux/security.h | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/include/linux/security.h b/include/linux/security.h
> index 807dc0d24982..23e1c3f17d48 100644
> --- a/include/linux/security.h
> +++ b/include/linux/security.h
> @@ -473,6 +473,11 @@ static inline int security_init(void)
> return 0;
> }
>
> +static inline int early_security_init(void)
> +{
> + return 0;
> +}
> +
> static inline int security_binder_set_context_mgr(struct task_struct *mgr)
> {
> return 0;
> --
> 2.20.1
>
> --
> Cheers,
> Stephen Rothwell
--
Kees Cook
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2019-08-12 17:34 ` Kees Cook
@ 2019-08-19 3:21 ` Stephen Rothwell
2019-08-19 3:38 ` Stephen Rothwell
2019-08-21 16:39 ` James Morris
0 siblings, 2 replies; 24+ messages in thread
From: Stephen Rothwell @ 2019-08-19 3:21 UTC (permalink / raw)
To: James Morris
Cc: Kees Cook, Linux Next Mailing List, Linux Kernel Mailing List,
Matthew Garrett, Casey Schaufler
[-- Attachment #1: Type: text/plain, Size: 1808 bytes --]
Hi all,
On Mon, 12 Aug 2019 10:34:17 -0700 Kees Cook <keescook@chromium.org> wrote:
>
> On Mon, Aug 12, 2019 at 02:58:23PM +1000, Stephen Rothwell wrote:
> > Hi all,
> >
> > After merging the security tree, today's linux-next build (arm
> > multi_v7_defconfig) failed like below.
> >
> > Caused by commit
> >
> > 45d29f9e9b8b ("security: Support early LSMs")
> >
> > I have added the following fix for today:
> >
> > From: Stephen Rothwell <sfr@canb.auug.org.au>
> > Date: Mon, 12 Aug 2019 14:54:20 +1000
> > Subject: [PATCH] early_security_init() needs a stub got !CONFIG_SECURITY
> >
> > An arm multi_v7_defconfig fails like this:
> >
> > init/main.c: In function 'start_kernel':
> > init/main.c:596:2: error: implicit declaration of function 'early_security_init'; did you mean 'security_init'? [-Werror=implicit-function-declaration]
> > early_security_init();
> > ^~~~~~~~~~~~~~~~~~~
> > security_init
> >
> > Fixes: 45d29f9e9b8b ("security: Support early LSMs")
> > Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
>
> Acked-by: Kees Cook <keescook@chromium.org>
>
> -Kees
>
> > ---
> > include/linux/security.h | 5 +++++
> > 1 file changed, 5 insertions(+)
> >
> > diff --git a/include/linux/security.h b/include/linux/security.h
> > index 807dc0d24982..23e1c3f17d48 100644
> > --- a/include/linux/security.h
> > +++ b/include/linux/security.h
> > @@ -473,6 +473,11 @@ static inline int security_init(void)
> > return 0;
> > }
> >
> > +static inline int early_security_init(void)
> > +{
> > + return 0;
> > +}
> > +
> > static inline int security_binder_set_context_mgr(struct task_struct *mgr)
> > {
> > return 0;
> > --
> > 2.20.1
I am still applying that patch ...
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2019-08-19 3:21 ` Stephen Rothwell
@ 2019-08-19 3:38 ` Stephen Rothwell
2019-08-21 16:39 ` James Morris
1 sibling, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2019-08-19 3:38 UTC (permalink / raw)
To: James Morris
Cc: Kees Cook, Linux Next Mailing List, Linux Kernel Mailing List,
Matthew Garrett, Casey Schaufler
[-- Attachment #1: Type: text/plain, Size: 901 bytes --]
Hi James,
On Mon, 19 Aug 2019 13:21:19 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> On Mon, 12 Aug 2019 10:34:17 -0700 Kees Cook <keescook@chromium.org> wrote:
> >
> > On Mon, Aug 12, 2019 at 02:58:23PM +1000, Stephen Rothwell wrote:
> > >
> > > After merging the security tree, today's linux-next build (arm
> > > multi_v7_defconfig) failed like below.
> > >
> > > Caused by commit
> > >
> > > 45d29f9e9b8b ("security: Support early LSMs")
> > >
> > > I have added the following fix for today:
> > >
> > > From: Stephen Rothwell <sfr@canb.auug.org.au>
> > > Date: Mon, 12 Aug 2019 14:54:20 +1000
> > > Subject: [PATCH] early_security_init() needs a stub got !CONFIG_SECURITY
^^^
for
If you do decide to apply this patch, please fix the subject typo, thanks :-)
--
Cheers,
Stephen Rothwell
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2019-08-19 3:21 ` Stephen Rothwell
2019-08-19 3:38 ` Stephen Rothwell
@ 2019-08-21 16:39 ` James Morris
1 sibling, 0 replies; 24+ messages in thread
From: James Morris @ 2019-08-21 16:39 UTC (permalink / raw)
To: Stephen Rothwell
Cc: Kees Cook, Linux Next Mailing List, Linux Kernel Mailing List,
Matthew Garrett, Casey Schaufler
On Mon, 19 Aug 2019, Stephen Rothwell wrote:
> > > 2.20.1
>
> I am still applying that patch ...
>
Matthew folded it into commit e6b1db98cf4d54d9ea59cfcc195f70dc946fdd38.
--
James Morris
<jmorris@namei.org>
^ permalink raw reply [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2017-08-23 11:12 Stephen Rothwell
0 siblings, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2017-08-23 11:12 UTC (permalink / raw)
To: James Morris
Cc: Linux-Next Mailing List, Linux Kernel Mailing List, John Johansen
Hi James,
After merging the security tree, today's linux-next build (sparc64
allmodconfig) failed like this:
In file included from security/apparmor/ipc.c:23:0:
security/apparmor/include/sig_names.h:26:3: error: 'SIGSTKFLT' undeclared here (not in a function)
[SIGSTKFLT] = 16, /* -, 16, - */
^
security/apparmor/include/sig_names.h:26:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:26:3: note: (near initialization for 'sig_map')
security/apparmor/include/sig_names.h:51:3: error: 'SIGUNUSED' undeclared here (not in a function)
[SIGUNUSED] = 34, /* -, 31, - */
^
security/apparmor/include/sig_names.h:51:3: error: array index in initializer not of integer type
security/apparmor/include/sig_names.h:51:3: note: (near initialization for 'sig_map')
Caused by commit
c6bf1adaecaa ("apparmor: add the ability to mediate signals")
--
Cheers,
Stephen Rothwell
^ permalink raw reply [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2017-08-17 2:51 Stephen Rothwell
2017-08-17 3:24 ` Kees Cook
0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2017-08-17 2:51 UTC (permalink / raw)
To: James Morris
Cc: Linux-Next Mailing List, Linux Kernel Mailing List, Kees Cook
Hi James,
After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:
In file included from samples/seccomp/bpf-fancy.c:12:0:
samples/seccomp/bpf-fancy.c: In function 'main':
samples/seccomp/bpf-helper.h:47:26: error: 'SECCOMP_RET_KILL_THREAD' undeclared (first use in this function)
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
^
./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
#define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
^
samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
DENY, /* Don't passthrough into a label */
^~~~
samples/seccomp/bpf-helper.h:47:26: note: each undeclared identifier is reported only once for each function it appears in
BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
^
./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
#define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
^
samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
DENY, /* Don't passthrough into a label */
^~~~
[Note: this is a cross build, if that is relevant ...]
Presumably caused by commit
fd76875ca289 ("seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD")
I have used the security tree from next-20170816 for today.
--
Cheers,
Stephen Rothwell
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2017-08-17 2:51 Stephen Rothwell
@ 2017-08-17 3:24 ` Kees Cook
0 siblings, 0 replies; 24+ messages in thread
From: Kees Cook @ 2017-08-17 3:24 UTC (permalink / raw)
To: Stephen Rothwell
Cc: James Morris, Linux-Next Mailing List, Linux Kernel Mailing List
On Wed, Aug 16, 2017 at 7:51 PM, Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> Hi James,
>
> After merging the security tree, today's linux-next build (x86_64
> allmodconfig) failed like this:
>
> In file included from samples/seccomp/bpf-fancy.c:12:0:
> samples/seccomp/bpf-fancy.c: In function 'main':
> samples/seccomp/bpf-helper.h:47:26: error: 'SECCOMP_RET_KILL_THREAD' undeclared (first use in this function)
> BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
> ^
> ./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
> #define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
> ^
> samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
> DENY, /* Don't passthrough into a label */
> ^~~~
> samples/seccomp/bpf-helper.h:47:26: note: each undeclared identifier is reported only once for each function it appears in
> BPF_STMT(BPF_RET+BPF_K, SECCOMP_RET_KILL_THREAD)
> ^
> ./usr/include/linux/filter.h:48:59: note: in definition of macro 'BPF_STMT'
> #define BPF_STMT(code, k) { (unsigned short)(code), 0, 0, k }
> ^
> samples/seccomp/bpf-fancy.c:41:3: note: in expansion of macro 'DENY'
> DENY, /* Don't passthrough into a label */
> ^~~~
>
> [Note: this is a cross build, if that is relevant ...]
>
> Presumably caused by commit
>
> fd76875ca289 ("seccomp: Rename SECCOMP_RET_KILL to SECCOMP_RET_KILL_THREAD")
>
> I have used the security tree from next-20170816 for today.
Hmmm, I think we've had problems like this before due to samples being
built before the headers have been installed. Regardless, I'll
un-rename that macro in the samples...
-Kees
--
Kees Cook
Pixel Security
^ permalink raw reply [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2016-05-19 4:01 Stephen Rothwell
[not found] ` <20160519140120.23b345a1-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org>
0 siblings, 1 reply; 24+ messages in thread
From: Stephen Rothwell @ 2016-05-19 4:01 UTC (permalink / raw)
To: James Morris, Steve French, linux-cifs
Cc: linux-next, linux-kernel, Sachin Prabhu, David Howells
Hi James,
After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:
fs/cifs/cifs_spnego.c: In function 'init_cifs_spnego':
fs/cifs/cifs_spnego.c:206:12: error: too few arguments to function 'keyring_alloc'
keyring = keyring_alloc(".cifs_spnego",
^
In file included from include/linux/cred.h:17:0,
from include/linux/sched.h:56,
from include/linux/kasan.h:4,
from include/linux/slab.h:118,
from fs/cifs/cifs_spnego.c:23:
include/linux/key.h:302:20: note: declared here
extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid,
^
Caused by commit
5b82c5cbcfe4 ("cifs: Create dedicated keyring for spnego operations")
from the cifs tree interacting with commit
5ac7eace2d00 ("KEYS: Add a facility to restrict new links into a keyring")
from the security tree.
I added the following merge fix patch (and someone will have to let
Linus know):
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Thu, 19 May 2016 13:45:10 +1000
Subject: [PATCH] cifs: fix for keyringalloc() API change
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
fs/cifs/cifs_spnego.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifs/cifs_spnego.c b/fs/cifs/cifs_spnego.c
index 248ab431930c..9ef0dfcb2f95 100644
--- a/fs/cifs/cifs_spnego.c
+++ b/fs/cifs/cifs_spnego.c
@@ -207,7 +207,7 @@ init_cifs_spnego(void)
GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred,
(KEY_POS_ALL & ~KEY_POS_SETATTR) |
KEY_USR_VIEW | KEY_USR_READ,
- KEY_ALLOC_NOT_IN_QUOTA, NULL);
+ KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL);
if (IS_ERR(keyring)) {
ret = PTR_ERR(keyring);
goto failed_put_cred;
--
2.7.0
--
Cheers,
Stephen Rothwell
^ permalink raw reply related [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2015-08-17 5:29 Stephen Rothwell
2015-08-17 6:04 ` Stephen Rothwell
2015-08-26 14:45 ` David Howells
0 siblings, 2 replies; 24+ messages in thread
From: Stephen Rothwell @ 2015-08-17 5:29 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, David Howells, David Woodhouse
Hi James,
After merging the security tree, today's linux-next build (x86_64
allmodconfig) failed like this:
scripts/extract-cert.c:23:25: fatal error: openssl/bio.h: No such file or directory
#include <openssl/bio.h>
^
compilation terminated.
scripts/sign-file.c:20:25: fatal error: openssl/bio.h: No such file or directory
#include <openssl/bio.h>
^
Caused by commits:
1329e8cc69b9 ("modsign: Extract signing cert from CONFIG_MODULE_SIG_KEY if needed")
bc1c373dd2a5 ("MODSIGN: Provide a utility to append a PKCS#7 signature to a module")
After a bit of digging, I installed libssl-dev on my Debian build
machines.
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2015-08-17 5:29 Stephen Rothwell
@ 2015-08-17 6:04 ` Stephen Rothwell
2015-08-26 14:45 ` David Howells
1 sibling, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2015-08-17 6:04 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, David Howells, David Woodhouse
Hi all,
On Mon, 17 Aug 2015 15:29:53 +1000 Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> After a bit of digging, I installed libssl-dev on my Debian build
> machines.
Is this worth a mention in Documentation/Changes along with all the
other prerequisites?
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: linux-next: build failure after merge of the security tree
2015-08-17 5:29 Stephen Rothwell
2015-08-17 6:04 ` Stephen Rothwell
@ 2015-08-26 14:45 ` David Howells
1 sibling, 0 replies; 24+ messages in thread
From: David Howells @ 2015-08-26 14:45 UTC (permalink / raw)
To: Stephen Rothwell
Cc: dhowells, James Morris, linux-next, linux-kernel, David Woodhouse
Stephen Rothwell <sfr@canb.auug.org.au> wrote:
> > After a bit of digging, I installed libssl-dev on my Debian build
> > machines.
>
> Is this worth a mention in Documentation/Changes along with all the
> other prerequisites?
Could be. It's mentioned in the Kconfig and Documentation/module-signing.txt
already, but this looks like a good place.
David
^ permalink raw reply [flat|nested] 24+ messages in thread
* linux-next: build failure after merge of the security tree
@ 2014-07-25 9:21 Stephen Rothwell
0 siblings, 0 replies; 24+ messages in thread
From: Stephen Rothwell @ 2014-07-25 9:21 UTC (permalink / raw)
To: James Morris; +Cc: linux-next, linux-kernel, David Howells
[-- Attachment #1: Type: text/plain, Size: 1489 bytes --]
Hi James,
After merging the security tree, today's linux-next build (powerpc
allyesconfig) failed like this:
crypto/asymmetric_keys/pkcs7_key_type.c: In function 'pkcs7_preparse':
crypto/asymmetric_keys/pkcs7_key_type.c:36:2: error: implicit declaration of function 'IS_ERR' [-Werror=implicit-function-declaration]
if (IS_ERR(pkcs7)) {
^
crypto/asymmetric_keys/pkcs7_key_type.c:37:3: error: implicit declaration of function 'PTR_ERR' [-Werror=implicit-function-declaration]
ret = PTR_ERR(pkcs7);
^
Caused by commit 22d01afb210f ("PKCS#7: Provide a key type for testing
PKCS#7"). See Rule 1 in Documentation/SubmitChecklist.
I have added this fix patch for today:
From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Fri, 25 Jul 2014 19:17:04 +1000
Subject: [PATCH] PKCS#7: include linux-err.h for PTR_ERR and IS_ERR
Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
crypto/asymmetric_keys/pkcs7_key_type.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/asymmetric_keys/pkcs7_key_type.c b/crypto/asymmetric_keys/pkcs7_key_type.c
index c2091f7bd15d..8605ff6cf869 100644
--- a/crypto/asymmetric_keys/pkcs7_key_type.c
+++ b/crypto/asymmetric_keys/pkcs7_key_type.c
@@ -10,6 +10,7 @@
*/
#define pr_fmt(fmt) "PKCS7key: "fmt
+#include <linux/err.h>
#include <linux/key.h>
#include <linux/key-type.h>
#include <crypto/pkcs7.h>
--
2.0.1
--
Cheers,
Stephen Rothwell sfr@canb.auug.org.au
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 819 bytes --]
^ permalink raw reply related [flat|nested] 24+ messages in thread
end of thread, other threads:[~2020-08-04 3:36 UTC | newest]
Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-08 4:00 linux-next: build failure after merge of the security tree Stephen Rothwell
2020-07-13 2:04 ` Stephen Rothwell
2020-07-13 2:06 ` Stephen Rothwell
2020-07-29 23:35 ` Stephen Rothwell
2020-07-30 2:35 ` James Morris
2020-07-30 2:59 ` Stephen Rothwell
2020-07-30 5:03 ` Stephen Rothwell
2020-08-04 3:36 ` James Morris
-- strict thread matches above, loose matches on Subject: below --
2019-08-12 4:58 Stephen Rothwell
2019-08-12 17:34 ` Kees Cook
2019-08-19 3:21 ` Stephen Rothwell
2019-08-19 3:38 ` Stephen Rothwell
2019-08-21 16:39 ` James Morris
2017-08-23 11:12 Stephen Rothwell
2017-08-17 2:51 Stephen Rothwell
2017-08-17 3:24 ` Kees Cook
2016-05-19 4:01 Stephen Rothwell
[not found] ` <20160519140120.23b345a1-3FnU+UHB4dNDw9hX6IcOSA@public.gmane.org>
2016-05-19 10:11 ` David Howells
2016-05-19 23:14 ` Stephen Rothwell
2016-05-20 3:07 ` Steve French
2015-08-17 5:29 Stephen Rothwell
2015-08-17 6:04 ` Stephen Rothwell
2015-08-26 14:45 ` David Howells
2014-07-25 9:21 Stephen Rothwell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).