lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <ZrSoOM9z4VnqhOf2@fjasle.eu>
Date: Thu, 8 Aug 2024 13:12:56 +0200
From: Nicolas Schier <nicolas@...sle.eu>
To: Daniel Gomez <da.gomez@...sung.com>
Cc: Masahiro Yamada <masahiroy@...nel.org>,
	Nathan Chancellor <nathan@...nel.org>,
	Lucas De Marchi <lucas.demarchi@...el.com>,
	Thomas Hellström <thomas.hellstrom@...ux.intel.com>,
	Rodrigo Vivi <rodrigo.vivi@...el.com>,
	Maarten Lankhorst <maarten.lankhorst@...ux.intel.com>,
	Maxime Ripard <mripard@...nel.org>,
	Thomas Zimmermann <tzimmermann@...e.de>,
	David Airlie <airlied@...il.com>, Daniel Vetter <daniel@...ll.ch>,
	William Hubbs <w.d.hubbs@...il.com>,
	Chris Brannon <chris@...-brannons.com>,
	Kirk Reiser <kirk@...sers.ca>,
	Samuel Thibault <samuel.thibault@...-lyon.org>,
	Paul Moore <paul@...l-moore.com>,
	Stephen Smalley <stephen.smalley.work@...il.com>,
	Ondrej Mosnacek <omosnace@...hat.com>,
	Catalin Marinas <catalin.marinas@....com>,
	Will Deacon <will@...nel.org>, Marc Zyngier <maz@...nel.org>,
	Oliver Upton <oliver.upton@...ux.dev>,
	James Morse <james.morse@....com>,
	Suzuki K Poulose <suzuki.poulose@....com>,
	Zenghui Yu <yuzenghui@...wei.com>,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jiri Slaby <jirislaby@...nel.org>,
	Nick Desaulniers <ndesaulniers@...gle.com>,
	Bill Wendling <morbo@...gle.com>,
	Justin Stitt <justinstitt@...gle.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-kbuild@...r.kernel.org" <linux-kbuild@...r.kernel.org>,
	"intel-xe@...ts.freedesktop.org" <intel-xe@...ts.freedesktop.org>,
	"dri-devel@...ts.freedesktop.org" <dri-devel@...ts.freedesktop.org>,
	"speakup@...ux-speakup.org" <speakup@...ux-speakup.org>,
	"selinux@...r.kernel.org" <selinux@...r.kernel.org>,
	"linux-arm-kernel@...ts.infradead.org" <linux-arm-kernel@...ts.infradead.org>,
	"kvmarm@...ts.linux.dev" <kvmarm@...ts.linux.dev>,
	"linux-serial@...r.kernel.org" <linux-serial@...r.kernel.org>,
	"llvm@...ts.linux.dev" <llvm@...ts.linux.dev>,
	Finn Behrens <me@...enk.dev>,
	"Daniel Gomez (Samsung)" <d+samsung@...ces.com>,
	"gost.dev@...sung.com" <gost.dev@...sung.com>
Subject: Re: [PATCH 06/12] selinux/genheaders: include bitsperlong and
 posix_types headers

Am Wed, Aug 07, 2024 at 09:41:00PM +0000 schrieb Daniel Gomez:
> Date: Wed, 7 Aug 2024 21:41:00 +0000
> From: Daniel Gomez <da.gomez@...sung.com>
> To: Nicolas Schier <nicolas@...sle.eu>
> CC: Masahiro Yamada <masahiroy@...nel.org>, Nathan Chancellor
>  <nathan@...nel.org>, Lucas De Marchi <lucas.demarchi@...el.com>, Thomas
>  Hellström <thomas.hellstrom@...ux.intel.com>, Rodrigo Vivi
>  <rodrigo.vivi@...el.com>, Maarten Lankhorst
>  <maarten.lankhorst@...ux.intel.com>, Maxime Ripard <mripard@...nel.org>,
>  Thomas Zimmermann <tzimmermann@...e.de>, David Airlie <airlied@...il.com>,
>  Daniel Vetter <daniel@...ll.ch>, William Hubbs <w.d.hubbs@...il.com>,
>  Chris Brannon <chris@...-brannons.com>, Kirk Reiser <kirk@...sers.ca>,
>  Samuel Thibault <samuel.thibault@...-lyon.org>, Paul Moore
>  <paul@...l-moore.com>, Stephen Smalley <stephen.smalley.work@...il.com>,
>  Ondrej Mosnacek <omosnace@...hat.com>, Catalin Marinas
>  <catalin.marinas@....com>, Will Deacon <will@...nel.org>, Marc Zyngier
>  <maz@...nel.org>, Oliver Upton <oliver.upton@...ux.dev>, James Morse
>  <james.morse@....com>, Suzuki K Poulose <suzuki.poulose@....com>, Zenghui
>  Yu <yuzenghui@...wei.com>, Greg Kroah-Hartman
>  <gregkh@...uxfoundation.org>, Jiri Slaby <jirislaby@...nel.org>, Nick
>  Desaulniers <ndesaulniers@...gle.com>, Bill Wendling <morbo@...gle.com>,
>  Justin Stitt <justinstitt@...gle.com>, "linux-kernel@...r.kernel.org"
>  <linux-kernel@...r.kernel.org>, "linux-kbuild@...r.kernel.org"
>  <linux-kbuild@...r.kernel.org>, "intel-xe@...ts.freedesktop.org"
>  <intel-xe@...ts.freedesktop.org>, "dri-devel@...ts.freedesktop.org"
>  <dri-devel@...ts.freedesktop.org>, "speakup@...ux-speakup.org"
>  <speakup@...ux-speakup.org>, "selinux@...r.kernel.org"
>  <selinux@...r.kernel.org>, "linux-arm-kernel@...ts.infradead.org"
>  <linux-arm-kernel@...ts.infradead.org>, "kvmarm@...ts.linux.dev"
>  <kvmarm@...ts.linux.dev>, "linux-serial@...r.kernel.org"
>  <linux-serial@...r.kernel.org>, "llvm@...ts.linux.dev"
>  <llvm@...ts.linux.dev>, Finn Behrens <me@...enk.dev>, "Daniel Gomez
>  (Samsung)" <d+samsung@...ces.com>, "gost.dev@...sung.com"
>  <gost.dev@...sung.com>
> Subject: Re: [PATCH 06/12] selinux/genheaders: include bitsperlong and
>  posix_types headers
> Message-ID: <sbj3c3tlafewy2n4pylbnpb4gwylpnyxovdykfy3dhk2wqmpry@...he3mgqnd6>
> 
> On Wed, Aug 07, 2024 at 05:38:28PM GMT, Nicolas Schier wrote:
> > On Wed, Aug 07, 2024 at 01:09:20AM +0200, Daniel Gomez via B4 Relay wrote:
> > > From: Daniel Gomez <da.gomez@...sung.com>
> > > 
> > > The genheaders requires the bitsperlong.h and posix_types.h headers.
> > > To ensure these headers are found during compilation on macOS hosts,
> > > add usr/include to HOST_EXTRACFLAGS in the genheaders Makefile. This
> > > adjustment allows the compiler to locate all necessary headers when they
> > > are not available by default on macOS.
> > > 
> > > Signed-off-by: Daniel Gomez <da.gomez@...sung.com>
> > > ---
> > >  scripts/selinux/genheaders/Makefile | 3 ++-
> > >  1 file changed, 2 insertions(+), 1 deletion(-)
> > > 
> > > diff --git a/scripts/selinux/genheaders/Makefile b/scripts/selinux/genheaders/Makefile
> > > index 1faf7f07e8db..017149c90f8e 100644
> > > --- a/scripts/selinux/genheaders/Makefile
> > > +++ b/scripts/selinux/genheaders/Makefile
> > > @@ -2,4 +2,5 @@
> > >  hostprogs-always-y += genheaders
> > >  HOST_EXTRACFLAGS += \
> > >  	-I$(srctree)/include/uapi -I$(srctree)/include \
> > > -	-I$(srctree)/security/selinux/include
> > > +	-I$(srctree)/security/selinux/include \
> > > +	-I$(srctree)/usr/include
> > 
> > 'make headers' composes the UAPI header tree in $(objtree)/usr/include.
> > So, if you build out-of-source, -I$(srctree)/usr/include will not match.
> > Just remove the '$(srctree)/' prefix as '$(objtree)/' is always '.'.
> 
> The 'headers' target also deploys installs the headers in arch/$(SRCARCH)/
> include/uapi, so I've updated selinux/genheaders/Makefile to the following:
> 
> diff --git a/scripts/selinux/genheaders/Makefile b/scripts/selinux/genheaders/Makefile
> index 1faf7f07e8db..ae1f195b6f67 100644
> --- a/scripts/selinux/genheaders/Makefile
> +++ b/scripts/selinux/genheaders/Makefile
> @@ -2,4 +2,6 @@
>  hostprogs-always-y += genheaders
>  HOST_EXTRACFLAGS += \
>         -I$(srctree)/include/uapi -I$(srctree)/include \
> -       -I$(srctree)/security/selinux/include
> +       -I$(srctree)/security/selinux/include \
> +       -I$(objtree)/arch/$(SRCARCH)/include/generated/uapi \
> +       -I$(objtree)/arch/$(SRCARCH)/include/uapi

SRCARCH is not derived from the host but from $(ARCH) (cp. top-level
Makefile), thus you must not use arch/$(SRCARCH)/include/* for building
host progs as this breaks cross-building (e.g. consider build Linux for
32bit m68k on a arm64 host).

> 
> The include path -I$(objtree)/arch/$(SRCARCH)/include/generated/uapi
> enables locating the asm/types.h.
> 
> The include path -I$(objtree)/arch/$(SRCARCH)/include/uapi enables
> locating the asm/bitsperlong.h and asm/posix_types.h.
> 
> > 
> > But I am suspecting that this break cross-building.
> 
> I’ve tested this change on macOS with ARCH=arm64, as well as on Debian with
> ARCH=arm64 and ARCH=x86_64. Is it enough to just confirm that cross-building
> still works after this change?

No, it isn't.  asm/bitsperlong.h is probably similar (enough) for current
64-bit systems, but 32-bit platforms will have different versions.
Anyway, we must not use target arch/platform-specific header files for
host progs.  If we do, it will break.

You want to use arm64 specific header files for building your arm64 host
progs, as MacOS does not provide these (thus, it's a missing build
dependency).  As this is not common (yet), such a build hack should be limited
to MacOS/Darwin only to not accidentally break other platforms.  (Do you also
have MacOS/amd64 in mind?)

As written elsewhere, another approach could be to create and maintain a Linux
kernel dev kit for MacOS, that delivers (fetches, downloads, generates) all
missing header files.

Kind regards,
Nicolas


Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ