From: Paul Moore <paul@paul-moore.com>
To: Stephen Rothwell <sfr@canb.auug.org.au>
Cc: John Johansen <john.johansen@canonical.com>,
Casey Schaufler <casey@schaufler-ca.com>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Linux Next Mailing List <linux-next@vger.kernel.org>,
linux-security-module@vger.kernel.org
Subject: Re: linux-next: manual merge of the apparmor tree with the security tree
Date: Sat, 28 Oct 2023 11:32:10 -0400 [thread overview]
Message-ID: <CAHC9VhQ+Nt7CrLxSZcOVNEtAypruOmM0ST0P0JJMrOq4XYmAkw@mail.gmail.com> (raw)
In-Reply-To: <20231027130320.69469330@canb.auug.org.au>
On Thu, Oct 26, 2023 at 10:03 PM Stephen Rothwell <sfr@canb.auug.org.au> wrote:
>
> Hi all,
>
> Today's linux-next merge of the apparmor tree got a conflict in:
>
> security/apparmor/lsm.c
>
> between commit:
>
> 3c3bda37ca1d ("AppArmor: Add selfattr hooks")
>
> from the security tree and commits:
>
> bd7bd201ca46 ("apparmor: combine common_audit_data and apparmor_audit_data")
> d20f5a1a6e79 ("apparmor: rename audit_data->label to audit_data->subj_label")
>
> from the apparmor tree.
>
> I fixed it up (see below) and can carry the fix as necessary. This
> is now fixed as far as linux-next is concerned, but any non trivial
> conflicts should be mentioned to your upstream maintainer when your tree
> is submitted for merging. You may also want to consider cooperating
> with the maintainer of the conflicting tree to minimise any particularly
> complex conflicts.
Thanks Stephen.
John, can you take a look and make sure this is correct (it looks okay to me)?
> diff --cc security/apparmor/lsm.c
> index 5e16c03936b9,4d34180e9799..000000000000
> --- a/security/apparmor/lsm.c
> +++ b/security/apparmor/lsm.c
> @@@ -771,16 -868,11 +917,16 @@@ out
> return error;
>
> fail:
> - aad(&sa)->label = begin_current_label_crit_section();
> + ad.subj_label = begin_current_label_crit_section();
> - ad.info = name;
> + if (attr == LSM_ATTR_CURRENT)
> - aad(&sa)->info = "current";
> ++ ad.info = "current";
> + else if (attr == LSM_ATTR_EXEC)
> - aad(&sa)->info = "exec";
> ++ ad.info = "exec";
> + else
> - aad(&sa)->info = "invalid";
> - aad(&sa)->error = error = -EINVAL;
> - aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL);
> - end_current_label_crit_section(aad(&sa)->label);
> ++ ad.info = "invalid";
> + ad.error = error = -EINVAL;
> + aa_audit_msg(AUDIT_APPARMOR_DENIED, &ad, NULL);
> + end_current_label_crit_section(ad.subj_label);
> goto out;
> }
--
paul-moore.com
next prev parent reply other threads:[~2023-10-28 15:32 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-27 2:03 linux-next: manual merge of the apparmor tree with the security tree Stephen Rothwell
2023-10-28 15:32 ` Paul Moore [this message]
2023-10-29 21:09 ` John Johansen
2023-10-30 16:52 ` Paul Moore
2023-10-30 20:46 ` Stephen Rothwell
2023-10-30 21:04 ` Paul Moore
2023-11-05 23:14 ` Stephen Rothwell
2023-11-05 23:36 ` Paul Moore
2023-11-06 0:28 ` Stephen Rothwell
2023-11-05 23:09 ` Stephen Rothwell
-- strict thread matches above, loose matches on Subject: below --
2022-11-21 3:26 Stephen Rothwell
2022-11-21 18:51 ` Paul Moore
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAHC9VhQ+Nt7CrLxSZcOVNEtAypruOmM0ST0P0JJMrOq4XYmAkw@mail.gmail.com \
--to=paul@paul-moore.com \
--cc=casey@schaufler-ca.com \
--cc=john.johansen@canonical.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-next@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sfr@canb.auug.org.au \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).