lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241121085228-327b3d62-4e9b-4f4e-9100-b62bcedfab1d@linutronix.de>
Date: Thu, 21 Nov 2024 09:09:33 +0100
From: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
To: Masahiro Yamada <masahiroy@...nel.org>
Cc: Paul Moore <paul@...l-moore.com>, 
	Stephen Smalley <stephen.smalley.work@...il.com>, Ondrej Mosnacek <omosnace@...hat.com>, 
	Nathan Chancellor <nathan@...nel.org>, Nicolas Schier <nicolas@...sle.eu>, linux-kbuild@...r.kernel.org, 
	selinux@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] selinux: explicitly clean generated av_permissions.h

Hi,

On Wed, Nov 20, 2024 at 08:55:00PM +0900, Masahiro Yamada wrote:
> On Wed, Nov 20, 2024 at 6:15 PM Thomas Weißschuh
> <thomas.weissschuh@...utronix.de> wrote:
> >
> > av_permissions.h is not declared as a target and therefore won't be
> > added to clean-files automatically by kbuild.
> > For details why it is not a target see the Makefile itself.
> >
> > Signed-off-by: Thomas Weißschuh <thomas.weissschuh@...utronix.de>
> > ---
> >  security/selinux/Makefile | 3 +++
> >  1 file changed, 3 insertions(+)
> >
> > diff --git a/security/selinux/Makefile b/security/selinux/Makefile
> > index 86f0575f670da66a9dc57e13a236d6a5551af38e..58129a7c8cfa08f9caf5444f7df776f41056b77a 100644
> > --- a/security/selinux/Makefile
> > +++ b/security/selinux/Makefile
> > @@ -41,5 +41,8 @@ targets += flask.h
> >  $(obj)/flask.h: $(obj)/genheaders FORCE
> >         $(call if_changed,genhdrs)
> >
> > +# see the note above, remove this line
> > +clean-files += av_permissions.h
> > +
> >  hostprogs := genheaders
> >  HOST_EXTRACFLAGS += -I$(srctree)/security/selinux/include
> 
> 
> 
> Presumably, the attached fixup.diff (comment in 'targets' assignment)
> would align with the intention of the maintainer of this Makefile
> because you can do
> 
>   targets += $(genhdrs)
> 
> without the need of the grouped target feature.
> 'make clean' removes files listed in 'targets'.
> 
> 
> 
> BTW, the NOTE in this Makefile is not true.
>   https://github.com/torvalds/linux/blob/v6.12/security/selinux/Makefile#L7
> 
> 
> Even if you use GNU Make 4.3, the grouped target does not work with
> the if_changed macro.
> 
> With GNU Make 4.4, it will work as a side-effect of commit
> fabb03eac412b5ea19f1a97be31dc8c6fa7fc047
> 
> 
> I asked about this behavior some time ago in GNU Make ML.
> 
> https://lists.gnu.org/archive/html/help-make/2024-08/msg00001.html
>   or
> https://savannah.gnu.org/bugs/index.php?66073
> 
> 
> The combination of the grouped target and if_changed
> is working with GNU Make 4.4+, but I do not know if
> it is future promising.

Thanks for all the insights!

> IMHO, I do not see much benefits for using the group target in this case
> because you can still generate flask.h and av_permissions.h
> separately.

I'm fine either way.

@Selinux maintainers:

What do you prefer? Also feel free to just commit whatever you think is
best.


Thomas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ