| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 12 Dec 2022 10:52:33 -0700
From: Shuah Khan <skhan@...uxfoundation.org>
To: John Johansen <john.johansen@...onical.com>,
Stephen Rothwell <sfr@...b.auug.org.au>,
Brendan Higgins <brendanhiggins@...gle.com>,
David Gow <davidgow@...gle.com>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux Next Mailing List <linux-next@...r.kernel.org>,
Rae Moar <rmoar@...gle.com>,
Shuah Khan <skhan@...uxfoundation.org>
Subject: Re: linux-next: manual merge of the kunit-next tree with the apparmor
tree
Hi David,
On 12/8/22 13:10, John Johansen wrote:
> On 12/7/22 18:53, Stephen Rothwell wrote:
>> Hi all,
>>
>> Today's linux-next merge of the kunit-next tree got a conflict in:
>>
>> security/apparmor/policy_unpack.c
>>
>> between commits:
>>
>> 371e50a0b19f ("apparmor: make unpack_array return a trianary value")
>> 73c7e91c8bc9 ("apparmor: Remove unnecessary size check when unpacking trans_table")
>> 217af7e2f4de ("apparmor: refactor profile rules and attachments")
>> (and probably others)
>>
>> from the apparmor tree and commit:
>>
>> 2c92044683f5 ("apparmor: test: make static symbols visible during kunit testing")
>>
>> from the kunit-next tree.
>>
>> This is somewhat of a mess ... pity there is not a shared branch (or
>> better routing if the patches).
>>
> sorry, there was a miscommunication/misunderstanding, probably all on me, I
> thought the kunit stuff that is conflicting here was going to merge next
> cycle.
>
Sorry for not noticing David isn't on the cc - added David now. What's the
best way to resolve this?
>> I fixed it up (hopefully - see below) and can carry the fix as
>> necessary. This is now fixed as far as linux-next is concerned, but any
>> non trivial conflicts should be mentioned to your upstream maintainer
>> when your tree is submitted for merging. You may also want to consider
>> cooperating with the maintainer of the conflicting tree to minimise any
>> particularly complex conflicts.
>>
>> I also had to add this patch:
>>
> this needs to be modified to build if kunit is not enabled, basically
> the defines need to move up outside the #if IS_ENABLED(CONFIG_KUNIT)
>
> ie.
> diff --git a/security/apparmor/include/policy_unpack.h b/security/apparmor/include/policy_unpack.h
> index 8fdf8f703bd0..dcf7d1bbf96b 100644
> --- a/security/apparmor/include/policy_unpack.h
> +++ b/security/apparmor/include/policy_unpack.h
> @@ -165,6 +165,11 @@ static inline void aa_put_loaddata(struct aa_loaddata *data)
> kref_put(&data->count, aa_loaddata_kref);
> }
>
> +#define tri int
> +#define TRI_TRUE 1
> +#define TRI_NONE 0
> +#define TRI_FALSE -1
> +
> #if IS_ENABLED(CONFIG_KUNIT)
> bool aa_inbounds(struct aa_ext *e, size_t size);
> size_t aa_unpack_u16_chunk(struct aa_ext *e, char **chunk);
> @@ -173,11 +178,6 @@ bool aa_unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name);
> bool aa_unpack_u32(struct aa_ext *e, u32 *data, const char *name);
> bool aa_unpack_u64(struct aa_ext *e, u64 *data, const char *name);
>
> -#define tri int
> -#define TRI_TRUE 1
> -#define TRI_NONE 0
> -#define TRI_FALSE -1
> -
> tri aa_unpack_array(struct aa_ext *e, const char *name, u16 *size);
> size_t aa_unpack_blob(struct aa_ext *e, char **blob, const char *name);
> int aa_unpack_str(struct aa_ext *e, const char **string, const char *name);
>
>
> feel free to apply that to your patch and then add my
> Acked-by: John Johansen <john.johansen@...onical.com>
>
>> From: Stephen Rothwell <sfr@...b.auug.org.au>
>> Date: Thu, 8 Dec 2022 13:47:43 +1100
>> Subject: [PATCH] fixup for "apparmor: make unpack_array return a trianary value"
>>
>> Signed-off-by: Stephen Rothwell <sfr@...b.auug.org.au>
>> ---
>> security/apparmor/include/policy_unpack.h | 8 +++++++-
>> security/apparmor/policy_unpack.c | 5 -----
>> 2 files changed, 7 insertions(+), 6 deletions(-)
>>
>> diff --git a/security/apparmor/include/policy_unpack.h b/security/apparmor/include/policy_unpack.h
>> index 940da8a33e0c..8fdf8f703bd0 100644
>> --- a/security/apparmor/include/policy_unpack.h
>> +++ b/security/apparmor/include/policy_unpack.h
>> @@ -172,7 +172,13 @@ bool aa_unpack_X(struct aa_ext *e, enum aa_code code);
>> bool aa_unpack_nameX(struct aa_ext *e, enum aa_code code, const char *name);
>> bool aa_unpack_u32(struct aa_ext *e, u32 *data, const char *name);
>> bool aa_unpack_u64(struct aa_ext *e, u64 *data, const char *name);
>> -size_t aa_unpack_array(struct aa_ext *e, const char *name);
>> +
>> +#define tri int
>> +#define TRI_TRUE 1
>> +#define TRI_NONE 0
>> +#define TRI_FALSE -1
>> +
>> +tri aa_unpack_array(struct aa_ext *e, const char *name, u16 *size);
>> size_t aa_unpack_blob(struct aa_ext *e, char **blob, const char *name);
>> int aa_unpack_str(struct aa_ext *e, const char **string, const char *name);
>> int aa_unpack_strdup(struct aa_ext *e, char **string, const char *name);
>> diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
>> index 6513545dad5e..173d832fc4ee 100644
>> --- a/security/apparmor/policy_unpack.c
>> +++ b/security/apparmor/policy_unpack.c
>> @@ -30,11 +30,6 @@
>> #include "include/policy_unpack.h"
>> #include "include/policy_compat.h"
>> -#define tri int
>> -#define TRI_TRUE 1
>> -#define TRI_NONE 0
>> -#define TRI_FALSE -1
>> -
>> /* audit callback for unpack fields */
>> static void audit_cb(struct audit_buffer *ab, void *va)
>> {
>
thanks,
-- Shuah
Powered by blists - more mailing lists