linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* linux-next: build failure after merge of the selinux tree
@ 2019-03-19  1:40 Stephen Rothwell
  2019-03-19 17:11 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2019-03-19  1:40 UTC (permalink / raw)
  To: Paul Moore
  Cc: Linux Next Mailing List, Linux Kernel Mailing List,
	Stephen Smalley, Dominick Grift

[-- Attachment #1: Type: text/plain, Size: 534 bytes --]

Hi all,

After merging the selinux tree, today's linux-next build (x86_64
allmodconfig) failed like this:

In file included from /home/sfr/next/next/scripts/selinux/mdp/mdp.c:35:
/home/sfr/next/next/include/linux/kconfig.h:5:10: fatal error: generated/autoconf.h: No such file or directory
 #include <generated/autoconf.h>
          ^~~~~~~~~~~~~~~~~~~~~~

Caused by commit

  e37c1877ba5b ("scripts/selinux: modernize mdp")

I have used the selinux tree from next-20190318 for today.

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2024-03-27  2:10 Stephen Rothwell
  2024-03-27 13:13 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2024-03-27  2:10 UTC (permalink / raw)
  To: Paul Moore
  Cc: Christian Göttsche, Linux Kernel Mailing List,
	Linux Next Mailing List

[-- Attachment #1: Type: text/plain, Size: 1669 bytes --]

Hi all,

After merging the selinux tree, today's linux-next build (i386 defconfig)
failed like this:

In file included from include/linux/kernel.h:31,
                 from security/selinux/ss/ebitmap.c:16:
security/selinux/ss/ebitmap.c: In function 'ebitmap_read':
include/linux/kern_levels.h:5:25: error: format '%ld' expects argument of type 'long int', but argument 3 has type 'u32' {aka 'unsigned int'} [-Werror=format=]
    5 | #define KERN_SOH        "\001"          /* ASCII Start Of Header */
      |                         ^~~~~~
include/linux/printk.h:429:25: note: in definition of macro 'printk_index_wrap'
  429 |                 _p_func(_fmt, ##__VA_ARGS__);                           \
      |                         ^~~~
include/linux/printk.h:500:9: note: in expansion of macro 'printk'
  500 |         printk(KERN_ERR pr_fmt(fmt), ##__VA_ARGS__)
      |         ^~~~~~
include/linux/kern_levels.h:11:25: note: in expansion of macro 'KERN_SOH'
   11 | #define KERN_ERR        KERN_SOH "3"    /* error conditions */
      |                         ^~~~~~~~
include/linux/printk.h:500:16: note: in expansion of macro 'KERN_ERR'
  500 |         printk(KERN_ERR pr_fmt(fmt), ##__VA_ARGS__)
      |                ^~~~~~~~
security/selinux/ss/ebitmap.c:464:17: note: in expansion of macro 'pr_err'
  464 |                 pr_err("SELinux: ebitmap: high bit %d is not equal to the expected value %ld\n",
      |                 ^~~~~~
cc1: all warnings being treated as errors

Caused by commit

  0142c56682fb ("selinux: reject invalid ebitmaps")

I have reverted that commit for today.

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2021-10-05  3:10 Stephen Rothwell
  2021-10-05 13:57 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2021-10-05  3:10 UTC (permalink / raw)
  To: Paul Moore, Jens Axboe
  Cc: Linux Kernel Mailing List, Linux Next Mailing List, Pavel Begunkov

[-- Attachment #1: Type: text/plain, Size: 1433 bytes --]

Hi all,

After merging the selinux tree, today's linux-next build (powerpc
ppc64_defconfig) failed like this:

fs/io_uring.c: In function 'io_init_req':
fs/io_uring.c:7069:3: error: 'ret' undeclared (first use in this function); did you mean 'req'?
 7069 |   ret = security_uring_override_creds(req->creds);
      |   ^~~
      |   req
fs/io_uring.c:7069:3: note: each undeclared identifier is reported only once for each function it appears in

Caused by commit

  cdc1404a4046 ("lsm,io_uring: add LSM hooks to io_uring")

interacting with commit

  1e1e4658e108 ("io_uring: init opcode in io_init_req()")

from the block tree.

I have applied the following merge fix patch:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Tue, 5 Oct 2021 14:01:10 +1100
Subject: [PATCH] fixup for "io_uring: init opcode in io_init_req()"

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 fs/io_uring.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/io_uring.c b/fs/io_uring.c
index 9a3c3198ff90..c36ae439e64f 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -7062,6 +7062,8 @@ static int io_init_req(struct io_ring_ctx *ctx, struct io_kiocb *req,
 
 	personality = READ_ONCE(sqe->personality);
 	if (personality) {
+		int ret;
+
 		req->creds = xa_load(&ctx->personalities, personality);
 		if (!req->creds)
 			return -EINVAL;
-- 
2.33.0

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply related	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2019-12-10  1:40 Stephen Rothwell
  2019-12-10  2:25 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2019-12-10  1:40 UTC (permalink / raw)
  To: Paul Moore
  Cc: Linux Next Mailing List, Linux Kernel Mailing List,
	Stephen Smalley, James Morris

[-- Attachment #1: Type: text/plain, Size: 1238 bytes --]

Hi all,

After merging the selinux tree, today's linux-next build (powerpc
pseries_le_defconfig) failed like this:

ld: security/lsm_audit.o:(.toc+0x0): undefined reference to `lockdown_reasons'

Caused by commit

  59438b46471a ("security,lockdown,selinux: implement SELinux lockdown")

CONFIG_SECURITY is not set for this build, but CONFIG_AUDIT is set.

I applied the following hack for today:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Tue, 10 Dec 2019 12:28:16 +1100
Subject: [PATCH] security,lockdown,selinux: hack for !CONFIG_SECURITY

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 security/lsm_audit.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/security/lsm_audit.c b/security/lsm_audit.c
index 2d2bf49016f4..f97a3337f307 100644
--- a/security/lsm_audit.c
+++ b/security/lsm_audit.c
@@ -427,8 +427,10 @@ static void dump_common_audit_data(struct audit_buffer *ab,
 				 a->u.ibendport->port);
 		break;
 	case LSM_AUDIT_DATA_LOCKDOWN:
+#ifdef CONFIG_SECURITY
 		audit_log_format(ab, " lockdown_reason=");
 		audit_log_string(ab, lockdown_reasons[a->u.reason]);
+#endif
 		break;
 	} /* switch (a->type) */
 }
-- 
2.24.0

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply related	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2019-04-03  1:22 Stephen Rothwell
  2019-04-03  1:25 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2019-04-03  1:22 UTC (permalink / raw)
  To: Paul Moore
  Cc: Linux Next Mailing List, Linux Kernel Mailing List, Ondrej Mosnacek

[-- Attachment #1: Type: text/plain, Size: 633 bytes --]

Hi Paul,

After merging the selinux tree, today's linux-next build (x86_64
allmodconfig) failed like this:

x86_64-linux-gnu-ld: security/selinux/hooks.o: in function `selinux_kernfs_init_security':
hooks.c:(.text+0x8f7d): undefined reference to `kernfs_xattr_get'
x86_64-linux-gnu-ld: hooks.c:(.text+0x8ff5): undefined reference to `kernfs_xattr_get'
x86_64-linux-gnu-ld: hooks.c:(.text+0x91b5): undefined reference to `kernfs_xattr_set'

Caused by commit

  1991af34fa26 ("kernfs: fix xattr name handling in LSM helpers")

I have used the selinux tree from next-20190402 for today.

-- 
Cheers,
Stephen Rothwell

[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2017-05-22  2:48 Stephen Rothwell
  2017-05-22 21:12 ` Paul Moore
  0 siblings, 1 reply; 18+ messages in thread
From: Stephen Rothwell @ 2017-05-22  2:48 UTC (permalink / raw)
  To: Paul Moore
  Cc: Linux-Next Mailing List, Linux Kernel Mailing List,
	Daniel Jurgens, Matan Barak, Doug Ledford

Hi Paul,

After merging the selinux tree, today's linux-next build (powerpc
ppc64_defconfig) failed like this:

drivers/infiniband/core/uverbs_cmd.c: In function 'create_qp':
drivers/infiniband/core/uverbs_cmd.c:1513:4: error: label 'err_destroy' used but not defined
    goto err_destroy;
    ^

Caused by commit

  89b54b4d09bd ("IB/core: Enforce PKey security on QPs")

interacting with commit

  fd3c7904db6e ("IB/core: Change idr objects to use the new schema")

from Linus' tree.

I have applied the following merge fix patch for today:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Mon, 22 May 2017 12:45:57 +1000
Subject: [PATCH] IB/core: fix up for create_qp label changes

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 drivers/infiniband/core/uverbs_cmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/infiniband/core/uverbs_cmd.c b/drivers/infiniband/core/uverbs_cmd.c
index 558fd5204b32..0ad3b05405d8 100644
--- a/drivers/infiniband/core/uverbs_cmd.c
+++ b/drivers/infiniband/core/uverbs_cmd.c
@@ -1510,7 +1510,7 @@ static int create_qp(struct ib_uverbs_file *file,
 	if (cmd->qp_type != IB_QPT_XRC_TGT) {
 		ret = ib_create_qp_security(qp, device);
 		if (ret)
-			goto err_destroy;
+			goto err_cb;
 
 		qp->real_qp	  = qp;
 		qp->device	  = device;
-- 
2.11.0

-- 
Cheers,
Stephen Rothwell

^ permalink raw reply related	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2017-01-10  1:27 Stephen Rothwell
  2017-01-11  3:11 ` Paul Moore
  2017-02-10  2:50 ` Stephen Rothwell
  0 siblings, 2 replies; 18+ messages in thread
From: Stephen Rothwell @ 2017-01-10  1:27 UTC (permalink / raw)
  To: Paul Moore, David Miller, Networking
  Cc: linux-next, linux-kernel, Ursula Braun, Stephen Smalley

Hi Paul,

After merging the selinux tree, today's linux-next build (x86_64
allmodconfig) failed like this:

In file included from /home/sfr/next/next/security/selinux/avc.c:35:0:
/home/sfr/next/next/security/selinux/include/classmap.h:242:2: error: #error New address family defined, please update secclass_map.
 #error New address family defined, please update secclass_map.
  ^
/home/sfr/next/next/security/selinux/hooks.c: In function 'socket_type_to_security_class':
/home/sfr/next/next/security/selinux/hooks.c:1409:2: error: #error New address family defined, please update this function.

Caused by commit

  da69a5306ab9 ("selinux: support distinctions among all network address families")

interacting with commit

  ac7138746e14 ("smc: establish new socket family")

from the net-next tree.

I added the following merge fix patch:

From: Stephen Rothwell <sfr@canb.auug.org.au>
Date: Tue, 10 Jan 2017 12:22:21 +1100
Subject: [PATCH] selinux: merge fix for "smc: establish new socket family"

Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au>
---
 security/selinux/hooks.c            | 4 +++-
 security/selinux/include/classmap.h | 4 +++-
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index bada3cd42b9c..712fd0e7c91d 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1405,7 +1405,9 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
 			return SECCLASS_KCM_SOCKET;
 		case PF_QIPCRTR:
 			return SECCLASS_QIPCRTR_SOCKET;
-#if PF_MAX > 43
+		case PF_SMC:
+			return SECCLASS_SMC_SOCKET;
+#if PF_MAX > 44
 #error New address family defined, please update this function.
 #endif
 		}
diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h
index 0dfd26d0b8d8..40f1d4f8bc2a 100644
--- a/security/selinux/include/classmap.h
+++ b/security/selinux/include/classmap.h
@@ -235,9 +235,11 @@ struct security_class_mapping secclass_map[] = {
 	  { COMMON_SOCK_PERMS, NULL } },
 	{ "qipcrtr_socket",
 	  { COMMON_SOCK_PERMS, NULL } },
+	{ "smc_socket",
+	  { COMMON_SOCK_PERMS, NULL } },
 	{ NULL }
   };
 
-#if PF_MAX > 43
+#if PF_MAX > 44
 #error New address family defined, please update secclass_map.
 #endif
-- 
2.10.2

-- 
Cheers,
Stephen Rothwell

^ permalink raw reply related	[flat|nested] 18+ messages in thread
* linux-next: build failure after merge of the selinux tree
@ 2012-01-05  4:24 Stephen Rothwell
  0 siblings, 0 replies; 18+ messages in thread
From: Stephen Rothwell @ 2012-01-05  4:24 UTC (permalink / raw)
  To: Eric Paris; +Cc: linux-next, linux-kernel, Steffen Klassert, Herbert Xu

[-- Attachment #1: Type: text/plain, Size: 1681 bytes --]

Hi Eric,

After merging the selinux tree, today's linux-next build (x86_64
allmodconfig) failed like this:

crypto/crypto_user.c: In function 'crypto_user_rcv_msg':
crypto/crypto_user.c:385:2: error: implicit declaration of function 'security_netlink_recv' [-Werror=implicit-function-declaration]

Caused by commit f452f33b1f3a ("security: remove the
security_netlink_recv hook as it is equivalent to capable()") interacting
with commit a38f7907b926 ("crypto: Add userspace configuration API")
which was added to Linus' tree before v3.2-rc1.

I applied the following (supplied) fix as a merge fix.

From: Eric Paris <eparis@redhat.com>
Subject: selinux tree pull for 2012-01-05, known build issue
Date: Wed, 04 Jan 2012 17:47:18 -0500

I updated my SELinux tree which is based on 3.1.  I know there is a
build problem after it is merged with current Linus.  The following
patch is also needed as the security function is removed by my tree, but
this caller was added by someone else.  I figured you could carry this
patch and I'd make sure Linus does the same when he merges...

diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index 0605a2b..c7e5b66 100644
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -382,7 +382,7 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
 	type -= CRYPTO_MSG_BASE;
 	link = &crypto_dispatch[type];
 
-	if (security_netlink_recv(skb, CAP_NET_ADMIN))
+	if (!capable(CAP_NET_ADMIN))
 		return -EPERM;
 
 	if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&


-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/

[-- Attachment #2: Type: application/pgp-signature, Size: 836 bytes --]

^ permalink raw reply related	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2024-03-27 13:12 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-03-19  1:40 linux-next: build failure after merge of the selinux tree Stephen Rothwell
2019-03-19 17:11 ` Paul Moore
  -- strict thread matches above, loose matches on Subject: below --
2024-03-27  2:10 Stephen Rothwell
2024-03-27 13:13 ` Paul Moore
2021-10-05  3:10 Stephen Rothwell
2021-10-05 13:57 ` Paul Moore
2019-12-10  1:40 Stephen Rothwell
2019-12-10  2:25 ` Paul Moore
2019-04-03  1:22 Stephen Rothwell
2019-04-03  1:25 ` Paul Moore
2017-05-22  2:48 Stephen Rothwell
2017-05-22 21:12 ` Paul Moore
2017-05-22 21:16   ` Daniel Jurgens
2017-01-10  1:27 Stephen Rothwell
2017-01-11  3:11 ` Paul Moore
2017-02-10  2:50 ` Stephen Rothwell
2017-02-10 12:34   ` Paul Moore
2012-01-05  4:24 Stephen Rothwell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).