lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <CAKXUXMyj0kHj=5ifgrajy1bcZzTLk3iVsnRxLA_VEnjpu5WOpQ@mail.gmail.com>
Date:   Fri, 24 Mar 2023 10:25:43 +0100
From:   Lukas Bulwahn <lukas.bulwahn@...il.com>
To:     Paul Moore <paul@...l-moore.com>
Cc:     Stephen Smalley <stephen.smalley.work@...il.com>,
        Eric Paris <eparis@...isplace.org>, selinux@...r.kernel.org,
        kernel-janitors@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] selinux: clean up dead code after removing runtime disable

On Thu, Mar 23, 2023 at 3:55 PM Paul Moore <paul@...l-moore.com> wrote:
>
> On Thu, Mar 23, 2023 at 1:12 AM Lukas Bulwahn <lukas.bulwahn@...il.com> wrote:
> >
> > Commit f22f9aaf6c3d ("selinux: remove the runtime disable functionality")
> > removes the config SECURITY_SELINUX_DISABLE. This results in some dead code
> > in lsm_hooks.h and a reference in the ABI documentation leading nowhere as
> > the help text is simply gone.
> >
> > Remove the dead code and dead reference.
> >
> > Signed-off-by: Lukas Bulwahn <lukas.bulwahn@...il.com>
> > ---
> > Paul, please pick this minor cleanup patch on top of your commit above.
>
> Hi Lukas, thanks for catching this and sending a patch!  For future
> reference, you don't need to add a note asking me to pick up this
> patch, as long as you send it to the right mailing list - you did -
> I'll see it and you'll either get a quick reply when I merge it or a
> longer reply with comments/feedback.
>
> One comment below ...
>
> > diff --git a/Documentation/ABI/removed/sysfs-selinux-disable b/Documentation/ABI/removed/sysfs-selinux-disable
> > index cb783c64cab3..1ae9587231e1 100644
> > --- a/Documentation/ABI/removed/sysfs-selinux-disable
> > +++ b/Documentation/ABI/removed/sysfs-selinux-disable
> > @@ -24,6 +24,3 @@ Description:
> >         SELinux at runtime.  Fedora is in the process of removing the
> >         selinuxfs "disable" node and once that is complete we will start the
> >         slow process of removing this code from the kernel.
> > -
> > -       More information on /sys/fs/selinux/disable can be found under the
> > -       CONFIG_SECURITY_SELINUX_DISABLE Kconfig option.
>
> When I moved the deprecation notice from the "obsolete" to the
> "removed" directory I added a note at the top which read:
>
>   "REMOVAL UPDATE: The SELinux checkreqprot functionality was
>    removed in March 2023, the original deprecation notice is
>    shown below."
>
> My goal was to preserve the original notice as much as possible,
> including the references to the now defunct Kconfig option, to help
> people who are trying to understand how things worked prior to the
> removal.
>
> If you can remove this part of your patch and resubmit I'll happily
> merge it into the selinux/next tree.
>

Okay, I reworked the patch as requested and sent out a PATCH v2:

https://lore.kernel.org/all/20230324092114.13907-1-lukas.bulwahn@gmail.com/T/#u

Thanks,

Lukas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ