lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <bff89220-df3a-a148-2ba4-6aad3874f322@canonical.com>
Date:   Thu, 8 Dec 2022 12:10:34 -0800
From:   John Johansen <john.johansen@...onical.com>
To:     Stephen Rothwell <sfr@...b.auug.org.au>,
        Shuah Khan <skhan@...uxfoundation.org>,
        Brendan Higgins <brendanhiggins@...gle.com>
Cc:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Next Mailing List <linux-next@...r.kernel.org>,
        Rae Moar <rmoar@...gle.com>
Subject: Re: linux-next: manual merge of the kunit-next tree with the apparmor
 tree

On 12/7/22 18:53, Stephen Rothwell wrote:
> Hi all,
> 
> Today's linux-next merge of the kunit-next tree got a conflict in:
> 
>    security/apparmor/policy_unpack.c
> 
> between commits:
> 
>    371e50a0b19f ("apparmor: make unpack_array return a trianary value")
>    73c7e91c8bc9 ("apparmor: Remove unnecessary size check when unpacking trans_table")
>    217af7e2f4de ("apparmor: refactor profile rules and attachments")
> (and probably others)
> 
> from the apparmor tree and commit:
> 
>    2c92044683f5 ("apparmor: test: make static symbols visible during kunit testing")
> 
> from the kunit-next tree.
> 
> This is somewhat of a mess ... pity there is not a shared branch (or
> better routing if the patches).
> 
sorry, there was a miscommunication/misunderstanding, probably all on me, I
thought the kunit stuff that is conflicting here was going to merge next
cycle.

> I fixed it up (hopefully - see below) and can carry the fix as
> necessary. This is now fixed as far as linux-next is concerned, but any
> non trivial conflicts should be mentioned to your upstream maintainer
> when your tree is submitted for merging.  You may also want to consider
> cooperating with the maintainer of the conflicting tree to minimise any
> particularly complex conflicts.
> 
> I also had to add this patch:
> 
this needs to be modified to build if kunit is not enabled, basically
the defines need to move up outside the #if IS_ENABLED(CONFIG_KUNIT)

ie.
diff --git a/security/apparmor/include/policy_unpack.h b/security/apparmor/include/policy_unpack.h
index 8fdf8f703bd0..dcf7d1bbf96b 100644
--- a/security/apparmor/include/policy_unpack.h
+++ b/security/apparmor/include/policy_unpack.h
@@ -165,6 +165,11 @@ static inline void aa_put_loaddata(struct aa_loaddata *data)
  		kref_put(&data->count, aa_loaddata_kref);
  }
  
+#define tri int
+#define TRI_TRUE 1
+#define TRI_NONE 0
+#define TRI_FALSE -1
+
  #if IS_ENABLED(CONFIG_KUNIT)
  bool aa_inbounds(struct aa_ext *e, size_t size);
  size_t aa_unpack_u16_chunk(struct aa_ext *e, char **chunk);
@@ -173,11 +178,6 @@ bool aa_unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name);
  bool aa_unpack_u32(struct aa_ext *e, u32 *data, const char *name);
  bool aa_unpack_u64(struct aa_ext *e, u64 *data, const char *name);
  
-#define tri int
-#define TRI_TRUE 1
-#define TRI_NONE 0
-#define TRI_FALSE -1
-
  tri aa_unpack_array(struct aa_ext *e, const char *name, u16 *size);
  size_t aa_unpack_blob(struct aa_ext *e, char **blob, const char *name);
  int aa_unpack_str(struct aa_ext *e, const char **string, const char *name);


feel free to apply that to your patch and then add my
Acked-by: John Johansen <john.johansen@...onical.com>

> From: Stephen Rothwell <sfr@...b.auug.org.au>
> Date: Thu, 8 Dec 2022 13:47:43 +1100
> Subject: [PATCH] fixup for "apparmor: make unpack_array return a trianary value"
> 
> Signed-off-by: Stephen Rothwell <sfr@...b.auug.org.au>
> ---
>   security/apparmor/include/policy_unpack.h | 8 +++++++-
>   security/apparmor/policy_unpack.c         | 5 -----
>   2 files changed, 7 insertions(+), 6 deletions(-)
> 
> diff --git a/security/apparmor/include/policy_unpack.h b/security/apparmor/include/policy_unpack.h
> index 940da8a33e0c..8fdf8f703bd0 100644
> --- a/security/apparmor/include/policy_unpack.h
> +++ b/security/apparmor/include/policy_unpack.h
> @@ -172,7 +172,13 @@ bool aa_unpack_X(struct aa_ext *e, enum aa_code code);
>   bool aa_unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name);
>   bool aa_unpack_u32(struct aa_ext *e, u32 *data, const char *name);
>   bool aa_unpack_u64(struct aa_ext *e, u64 *data, const char *name);
> -size_t aa_unpack_array(struct aa_ext *e, const char *name);
> +
> +#define tri int
> +#define TRI_TRUE 1
> +#define TRI_NONE 0
> +#define TRI_FALSE -1
> +
> +tri aa_unpack_array(struct aa_ext *e, const char *name, u16 *size);
>   size_t aa_unpack_blob(struct aa_ext *e, char **blob, const char *name);
>   int aa_unpack_str(struct aa_ext *e, const char **string, const char *name);
>   int aa_unpack_strdup(struct aa_ext *e, char **string, const char *name);
> diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
> index 6513545dad5e..173d832fc4ee 100644
> --- a/security/apparmor/policy_unpack.c
> +++ b/security/apparmor/policy_unpack.c
> @@ -30,11 +30,6 @@
>   #include "include/policy_unpack.h"
>   #include "include/policy_compat.h"
>   
> -#define tri int
> -#define TRI_TRUE 1
> -#define TRI_NONE 0
> -#define TRI_FALSE -1
> -
>   /* audit callback for unpack fields */
>   static void audit_cb(struct audit_buffer *ab, void *va)
>   {

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ