qiurui
/
Ubuntu-focal-kernel
mirror of https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Ubuntu-focal-kernel/security
History
Masahiro Yamada cb000069c3 tomoyo: fix broken dependency on *.conf.default 
BugLink: https://bugs.launchpad.net/bugs/2011226

[ Upstream commit eaf2213ba563b2d74a1f2c13a6b258273f689802 ]

If *.conf.default is updated, builtin-policy.h should be rebuilt,
but this does not work when compiled with O= option.

[Without this commit]

  $ touch security/tomoyo/policy/exception_policy.conf.default
  $ make O=/tmp security/tomoyo/
  make[1]: Entering directory '/tmp'
    GEN     Makefile
    CALL    /home/masahiro/ref/linux/scripts/checksyscalls.sh
    DESCEND objtool
  make[1]: Leaving directory '/tmp'

[With this commit]

  $ touch security/tomoyo/policy/exception_policy.conf.default
  $ make O=/tmp security/tomoyo/
  make[1]: Entering directory '/tmp'
    GEN     Makefile
    CALL    /home/masahiro/ref/linux/scripts/checksyscalls.sh
    DESCEND objtool
    POLICY  security/tomoyo/builtin-policy.h
    CC      security/tomoyo/common.o
    AR      security/tomoyo/built-in.a
  make[1]: Leaving directory '/tmp'

$(srctree)/ is essential because $(wildcard ) does not follow VPATH.

Fixes: f02dee2d14 ("tomoyo: Do not generate empty policy files")
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger@canonical.com>
Acked-by: Kamal Mostafa <kamal@canonical.com>
Signed-off-by: Kamal Mostafa <kamal@canonical.com>
 		2023-03-21 10:08:57 +01:00
..
apparmor apparmor: Use pointer to struct aa_label for lbs_cred 2023-02-01 15:22:44 +01:00
integrity ima: Fix a potential NULL pointer access in ima_restore_measurement_list 2023-02-01 15:23:25 +01:00
keys KEYS: fix length validation in keyctl_pkey_params_get_2() 2022-05-20 15:18:16 +02:00
loadpin
lockdown UBUNTU: SAUCE: debug: Lock down kgdb 2022-05-21 11:27:20 -03:00
safesetid
selinux selinux: Add boundary check in put_entry() 2022-10-17 15:00:27 +02:00
smack Fix incorrect type in assignment of ipv6 port for audit 2022-05-20 15:19:18 +02:00
tomoyo tomoyo: fix broken dependency on *.conf.default 2023-03-21 10:08:57 +01:00
yama
Kconfig fortify: Explicitly disable Clang support 2022-01-13 18:42:48 +01:00
Kconfig.hardening
Makefile
commoncap.c capabilities: fix potential memleak on error path from vfs_getxattr_alloc() 2023-01-06 08:44:44 -08:00
device_cgroup.c device_cgroup: Roll back to original exceptions after copy failure 2023-02-01 15:23:28 +01:00
inode.c
lsm_audit.c dump_common_audit_data(): fix racy accesses to ->d_name 2021-02-19 16:44:53 +01:00
min_addr.c
security.c LSM: general protection fault in legacy_parse_param 2022-05-20 15:19:16 +02:00