Re: linux-next: manual merge of the apparmor tree with the security tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/28/23 08:32, Paul Moore wrote:
On Thu, Oct 26, 2023 at 10:03 PM Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:

Hi all,

Today's linux-next merge of the apparmor tree got a conflict in:

   security/apparmor/lsm.c

between commit:

   3c3bda37ca1d ("AppArmor: Add selfattr hooks")

from the security tree and commits:

   bd7bd201ca46 ("apparmor: combine common_audit_data and apparmor_audit_data")
   d20f5a1a6e79 ("apparmor: rename audit_data->label to audit_data->subj_label")

from the apparmor tree.

I fixed it up (see below) and can carry the fix as necessary. This
is now fixed as far as linux-next is concerned, but any non trivial
conflicts should be mentioned to your upstream maintainer when your tree
is submitted for merging.  You may also want to consider cooperating
with the maintainer of the conflicting tree to minimise any particularly
complex conflicts.

Thanks Stephen.

John, can you take a look and make sure this is correct (it looks okay to me)?

yes its good, thanks Stephan.

Acked-by: John Johansen <john.johansen@xxxxxxxxxxxxx>

Paul just to double check, to make sure we get ordering on this right
   3c3bda37ca1d ("AppArmor: Add selfattr hooks")

is part of the Three basic syscalls series, the plan is still to have that
series bake in next for a full cycle?

Regardless, I will wait until security-ext gets merged to send my pull
request, and handle the conflict if its present.

diff --cc security/apparmor/lsm.c
index 5e16c03936b9,4d34180e9799..000000000000
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@@ -771,16 -868,11 +917,16 @@@ out
         return error;

   fail:
-       aad(&sa)->label = begin_current_label_crit_section();
+       ad.subj_label = begin_current_label_crit_section();
  -      ad.info = name;
  +      if (attr == LSM_ATTR_CURRENT)
-               aad(&sa)->info = "current";
++              ad.info = "current";
  +      else if (attr == LSM_ATTR_EXEC)
-               aad(&sa)->info = "exec";
++              ad.info = "exec";
  +      else
-               aad(&sa)->info = "invalid";
-       aad(&sa)->error = error = -EINVAL;
-       aa_audit_msg(AUDIT_APPARMOR_DENIED, &sa, NULL);
-       end_current_label_crit_section(aad(&sa)->label);
++              ad.info = "invalid";
+       ad.error = error = -EINVAL;
+       aa_audit_msg(AUDIT_APPARMOR_DENIED, &ad, NULL);
+       end_current_label_crit_section(ad.subj_label);
         goto out;
   }





[Index of Archives]     [Linux Kernel]     [Linux USB Development]     [Yosemite News]     [Linux SCSI]

  Powered by Linux