On Mon, Dec 9, 2019 at 8:40 PM Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:
> Hi all,
>
> After merging the selinux tree, today's linux-next build (powerpc
> pseries_le_defconfig) failed like this:
>
> ld: security/lsm_audit.o:(.toc+0x0): undefined reference to `lockdown_reasons'
>
> Caused by commit
>
> 59438b46471a ("security,lockdown,selinux: implement SELinux lockdown")
>
> CONFIG_SECURITY is not set for this build, but CONFIG_AUDIT is set.
>
> I applied the following hack for today:
>
> From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
> Date: Tue, 10 Dec 2019 12:28:16 +1100
> Subject: [PATCH] security,lockdown,selinux: hack for !CONFIG_SECURITY
>
> Signed-off-by: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
> ---
> security/lsm_audit.c | 2 ++
> 1 file changed, 2 insertions(+)
>
> diff --git a/security/lsm_audit.c b/security/lsm_audit.c
> index 2d2bf49016f4..f97a3337f307 100644
> --- a/security/lsm_audit.c
> +++ b/security/lsm_audit.c
> @@ -427,8 +427,10 @@ static void dump_common_audit_data(struct audit_buffer *ab,
> a->u.ibendport->port);
> break;
> case LSM_AUDIT_DATA_LOCKDOWN:
> +#ifdef CONFIG_SECURITY
> audit_log_format(ab, " lockdown_reason=");
> audit_log_string(ab, lockdown_reasons[a->u.reason]);
> +#endif
> break;
> } /* switch (a->type) */
> }
Thanks for letting me know. I'm sorry about that Stephen, I'll send
out a little more generic patch in just a minute as a RFC.
--
paul moore
www.paul-moore.com
