lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAK7LNATUnCPt03BRFSKh1EH=+Sy0Q48wE4ER0BZdJqOb_44L8w@mail.gmail.com>
Date: Wed, 20 Nov 2024 20:55:00 +0900
From: Masahiro Yamada <masahiroy@...nel.org>
To: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
Cc: Paul Moore <paul@...l-moore.com>, Stephen Smalley <stephen.smalley.work@...il.com>, 
	Ondrej Mosnacek <omosnace@...hat.com>, Nathan Chancellor <nathan@...nel.org>, 
	Nicolas Schier <nicolas@...sle.eu>, linux-kbuild@...r.kernel.org, selinux@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] selinux: explicitly clean generated av_permissions.h

On Wed, Nov 20, 2024 at 6:15 PM Thomas Weißschuh
<thomas.weissschuh@...utronix.de> wrote:
>
> av_permissions.h is not declared as a target and therefore won't be
> added to clean-files automatically by kbuild.
> For details why it is not a target see the Makefile itself.
>
> Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
> ---
>  security/selinux/Makefile | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/security/selinux/Makefile b/security/selinux/Makefile
> index 86f0575f670da66a9dc57e13a236d6a5551af38e..58129a7c8cfa08f9caf5444f7df776f41056b77a 100644
> --- a/security/selinux/Makefile
> +++ b/security/selinux/Makefile
> @@ -41,5 +41,8 @@ targets += flask.h
>  $(obj)/flask.h: $(obj)/genheaders FORCE
>         $(call if_changed,genhdrs)
>
> +# see the note above, remove this line
> +clean-files += av_permissions.h
> +
>  hostprogs := genheaders
>  HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include



Presumably, the attached fixup.diff (comment in 'targets' assignment)
would align with the intention of the maintainer of this Makefile
because you can do

  targets += $(genhdrs)

without the need of the grouped target feature.
'make clean' removes files listed in 'targets'.



BTW, the NOTE in this Makefile is not true.
  https://github.com/torvalds/linux/blob/v6.12/security/selinux/Makefile#L7


Even if you use GNU Make 4.3, the grouped target does not work with
the if_changed macro.

With GNU Make 4.4, it will work as a side-effect of commit
fabb03eac412b5ea19f1a97be31dc8c6fa7fc047


I asked about this behavior some time ago in GNU Make ML.

https://lists.gnu.org/archive/html/help-make/2024-08/msg00001.html
  or
https://savannah.gnu.org/bugs/index.php?66073


The combination of the grouped target and if_changed
is working with GNU Make 4.4+, but I do not know if
it is future promising.



IMHO, I do not see much benefits for using the group target in this case
because you can still generate flask.h and av_permissions.h
separately.






>
> ---
> base-commit: bf9aa14fc523d2763fc9a10672a709224e8fcaf4
> change-id: 20241120-selinux-clean-dfcd0e7a344b
>
> Best regards,
> --
> Thomas Weißschuh <thomas.weissschuh@...utronix.de>
>


-- 
Best Regards
Masahiro Yamada

View attachment "fixup.diff" of type "text/x-patch" (717 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ