# git rev-parse -q --verify a430d95c5efa2b545d26a094eb5f624e36732af0^{commit} a430d95c5efa2b545d26a094eb5f624e36732af0 already have revision, skipping fetch # git checkout -q -f -B kisskb a430d95c5efa2b545d26a094eb5f624e36732af0 # git clean -qxdf # < git log -1 # commit a430d95c5efa2b545d26a094eb5f624e36732af0 # Merge: ad060dbbcfcf 19c9d55d72a9 # Author: Linus Torvalds # Date: Mon Sep 16 18:19:47 2024 +0200 # # Merge tag 'lsm-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm # # Pull lsm updates from Paul Moore: # # - Move the LSM framework to static calls # # This transitions the vast majority of the LSM callbacks into static # calls. Those callbacks which haven't been converted were left as-is # due to the general ugliness of the changes required to support the # static call conversion; we can revisit those callbacks at a future # date. # # - Add the Integrity Policy Enforcement (IPE) LSM # # This adds a new LSM, Integrity Policy Enforcement (IPE). There is # plenty of documentation about IPE in this patches, so I'll refrain # from going into too much detail here, but the basic motivation behind # IPE is to provide a mechanism such that administrators can restrict # execution to only those binaries which come from integrity protected # storage, e.g. a dm-verity protected filesystem. You will notice that # IPE requires additional LSM hooks in the initramfs, dm-verity, and # fs-verity code, with the associated patches carrying ACK/review tags # from the associated maintainers. We couldn't find an obvious # maintainer for the initramfs code, but the IPE patchset has been # widely posted over several years. # # Both Deven Bowers and Fan Wu have contributed to IPE's development # over the past several years, with Fan Wu agreeing to serve as the IPE # maintainer moving forward. Once IPE is accepted into your tree, I'll # start working with Fan to ensure he has the necessary accounts, keys, # etc. so that he can start submitting IPE pull requests to you # directly during the next merge window. # # - Move the lifecycle management of the LSM blobs to the LSM framework # # Management of the LSM blobs (the LSM state buffers attached to # various kernel structs, typically via a void pointer named "security" # or similar) has been mixed, some blobs were allocated/managed by # individual LSMs, others were managed by the LSM framework itself. # # Starting with this pull we move management of all the LSM blobs, # minus the XFRM blob, into the framework itself, improving consistency # across LSMs, and reducing the amount of duplicated code across LSMs. # Due to some additional work required to migrate the XFRM blob, it has # been left as a todo item for a later date; from a practical # standpoint this omission should have little impact as only SELinux # provides a XFRM LSM implementation. # # - Fix problems with the LSM's handling of F_SETOWN # # The LSM hook for the fcntl(F_SETOWN) operation had a couple of # problems: it was racy with itself, and it was disconnected from the # associated DAC related logic in such a way that the LSM state could # be updated in cases where the DAC state would not. We fix both of # these problems by moving the security_file_set_fowner() hook into the # same section of code where the DAC attributes are updated. Not only # does this resolve the DAC/LSM synchronization issue, but as that code # block is protected by a lock, it also resolve the race condition. # # - Fix potential problems with the security_inode_free() LSM hook # # Due to use of RCU to protect inodes and the placement of the LSM hook # associated with freeing the inode, there is a bit of a challenge when # it comes to managing any LSM state associated with an inode. The VFS # folks are not open to relocating the LSM hook so we have to get # creative when it comes to releasing an inode's LSM state. # Traditionally we have used a single LSM callback within the hook that # is triggered when the inode is "marked for death", but not actually # released due to RCU. # # Unfortunately, this causes problems for LSMs which want to take an # action when the inode's associated LSM state is actually released; so # we add an additional LSM callback, inode_free_security_rcu(), that is # called when the inode's LSM state is released in the RCU free # callback. # # - Refactor two LSM hooks to better fit the LSM return value patterns # # The vast majority of the LSM hooks follow the "return 0 on success, # negative values on failure" pattern, however, there are a small # handful that have unique return value behaviors which has caused # confusion in the past and makes it difficult for the BPF verifier to # properly vet BPF LSM programs. This includes patches to # convert two of these"special" LSM hooks to the common 0/-ERRNO pattern. # # - Various cleanups and improvements # # A handful of patches to remove redundant code, better leverage the # IS_ERR_OR_NULL() helper, add missing "static" markings, and do some # minor style fixups. # # * tag 'lsm-pr-20240911' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/lsm: (40 commits) # security: Update file_set_fowner documentation # fs: Fix file_set_fowner LSM hook inconsistencies # lsm: Use IS_ERR_OR_NULL() helper function # lsm: remove LSM_COUNT and LSM_CONFIG_COUNT # ipe: Remove duplicated include in ipe.c # lsm: replace indirect LSM hook calls with static calls # lsm: count the LSMs enabled at compile time # kernel: Add helper macros for loop unrolling # init/main.c: Initialize early LSMs after arch code, static keys and calls. # MAINTAINERS: add IPE entry with Fan Wu as maintainer # documentation: add IPE documentation # ipe: kunit test for parser # scripts: add boot policy generation program # ipe: enable support for fs-verity as a trust provider # fsverity: expose verified fsverity built-in signatures to LSMs # lsm: add security_inode_setintegrity() hook # ipe: add support for dm-verity as a trust provider # dm-verity: expose root hash digest and signature data to LSMs # block,lsm: add LSM blob and new LSM hooks for block devices # ipe: add permissive toggle # ... # < /opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux-ld --version # < git log --format=%s --max-count=1 a430d95c5efa2b545d26a094eb5f624e36732af0 # make -s -j 160 ARCH=sh O=/kisskb/build/linus_allyesconfig_sh4-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux- allyesconfig # Added to kconfig CONFIG_BUILD_DOCSRC=n # Added to kconfig CONFIG_MODULE_SIG=n # < make -s -j 160 ARCH=sh O=/kisskb/build/linus_allyesconfig_sh4-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux- help # make -s -j 160 ARCH=sh O=/kisskb/build/linus_allyesconfig_sh4-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux- olddefconfig # make -s -j 160 ARCH=sh O=/kisskb/build/linus_allyesconfig_sh4-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux- Generating include/generated/machtypes.h :1519:2: warning: #warning syscall clone3 not implemented [-Wcpp] /kisskb/src/arch/sh/kernel/cpu/sh2/../../entry-common.S: Assembler messages: /kisskb/src/arch/sh/kernel/cpu/sh2/../../entry-common.S:85: Warning: overflow in branch to __restore_all; converted into longer instruction sequence /kisskb/src/arch/sh/kernel/cpu/sh2/../../entry-common.S:357: Warning: overflow in branch to syscall_exit_work; converted into longer instruction sequence /kisskb/src/arch/sh/kernel/cpu/sh2/../../entry-common.S:360: Warning: overflow in branch to syscall_exit_work; converted into longer instruction sequence /kisskb/src/kernel/fork.c: In function '__do_sys_clone3': /kisskb/src/kernel/fork.c:3072:2: error: #warning clone3() entry point is missing, please fix [-Werror=cpp] 3072 | #warning clone3() entry point is missing, please fix | ^~~~~~~ cc1: all warnings being treated as errors make[4]: *** [/kisskb/src/scripts/Makefile.build:244: kernel/fork.o] Error 1 make[4]: *** Waiting for unfinished jobs.... make[3]: *** [/kisskb/src/scripts/Makefile.build:485: kernel] Error 2 make[3]: *** Waiting for unfinished jobs.... {standard input}: Assembler messages: {standard input}: Warning: end of file not at end of a line; newline inserted {standard input}:1111: Error: unknown pseudo-op: `.l18' {standard input}: Error: open CFI at the end of file; missing .cfi_endproc directive {standard input}:1070: Error: displacement to undefined symbol .L142 overflows 8-bit field {standard input}:1075: Error: displacement to undefined symbol .L161 overflows 8-bit field {standard input}:1059: Error: pcrel too far {standard input}:1060: Error: pcrel too far {standard input}:1061: Error: pcrel too far sh4-linux-gcc: internal compiler error: Segmentation fault signal terminated program cc1 Please submit a full bug report, with preprocessed source (by using -freport-bug). See for instructions. make[6]: *** [/kisskb/src/scripts/Makefile.build:244: drivers/net/pcs/pcs-xpcs.o] Error 4 make[5]: *** [/kisskb/src/scripts/Makefile.build:485: drivers/net/pcs] Error 2 make[5]: *** Waiting for unfinished jobs.... {standard input}: Assembler messages: {standard input}: Warning: end of file not at end of a line; newline inserted {standard input}:1273: Error: unknown pseudo-op: `.siz' sh4-linux-gcc: internal compiler error: Segmentation fault signal terminated program cc1 Please submit a full bug report, with preprocessed source (by using -freport-bug). See for instructions. make[6]: *** [/kisskb/src/scripts/Makefile.build:244: drivers/hwmon/pmbus/mp2975.o] Error 4 make[6]: *** Waiting for unfinished jobs.... make[5]: *** [/kisskb/src/scripts/Makefile.build:485: drivers/hwmon/pmbus] Error 2 make[5]: *** Waiting for unfinished jobs.... make[4]: *** [/kisskb/src/scripts/Makefile.build:485: drivers/hwmon] Error 2 make[4]: *** Waiting for unfinished jobs.... make[4]: *** [/kisskb/src/scripts/Makefile.build:485: drivers/net] Error 2 make[3]: *** [/kisskb/src/scripts/Makefile.build:485: drivers] Error 2 make[2]: *** [/kisskb/src/Makefile:1926: .] Error 2 make[1]: *** [/kisskb/src/Makefile:224: __sub-make] Error 2 make: *** [Makefile:224: __sub-make] Error 2 Command 'make -s -j 160 ARCH=sh O=/kisskb/build/linus_allyesconfig_sh4-gcc13 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-13.1.0-nolibc/sh4-linux/bin/sh4-linux- ' returned non-zero exit status 2. # rm -rf /kisskb/build/linus_allyesconfig_sh4-gcc13 # Build took: 0:05:25.795217