lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3748b276-6503-4c50-a394-e5b75c1eb7bf@gmail.com>
Date: Sat, 6 Dec 2025 21:04:13 +0000
From: Yicong Hui <yiconghui@...il.com>
To: Fan Wu <wufan@...nel.org>
Cc: paul@...l-moore.com, jmorris@...ei.org, serge@...lyn.com,
 linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org,
 skhan@...uxfoundation.org, david.hunter.linux@...il.com
Subject: Re: [PATCH] ipe: remove headers that are included but not used

On 12/3/25 10:25 PM, Fan Wu wrote:
> On Wed, Dec 3, 2025 at 11:37 AM Yicong Hui <yiconghui@...il.com> wrote:
> 
> Hi Yicong,
> 
> Thanks for the patch. This kind of cleanup is appreciated.
> 
> Commit message typo: "audit. c, audit.c, policy. c" - audit. c is listed
> twice.

Hi! Thank you for the reply! Yes! My bad, this typo will be fixed in v2.

> I was trying to verify whether ipe.h is really not needed and found
> that these files are missing explicit dependencies. policy.c and
> policy_fs.c use rcu, mutex, and slab functions but rely on transitive
> includes.  After removing ipe.h, they still compile because eval.h
> also happens to provide these dependencies indirectly.
> 
> I'm happy to merge a patch removing unused headers like ipe.h, but
> would like to see the implicit dependencies resolved as well. Would
> you mind tracing the complete dependencies and adding the explicit
> includes in v2?

I have manually read through the functions/macros/filetypes in policy.c, 
policy_fs.c and audit.c and found a few dependencies that are used but 
not explicitly included, like minmax.h, sha2.h, lockdep.h, string.h, 
capability.h, kstrtox.h, sprintf.h, array_size.h and err.h.

This might be a stupid question, but how explicit should I be in my v2 
patch with the dependencies? There's headers like 
"asm-generic/int-ll64.h" "uidgid.h", "gfp_types.h", "rwonce.h", 
"compiler_types.h" or "errno-base.h" but I'm not sure to what extent I 
need to import them, because I shouldn't be including them all, right?

Thank you!
- Yicong

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ