[PATCH 2/2] ima: add policy support for the new file open MAY_OPENEXEC flag

Mickaël Salaün mic at digikod.net
Thu Apr 30 14:26:42 UTC 2020


OK, I'll add it to the next series.

On 30/04/2020 15:42, Mimi Zohar wrote:
> Hi Mickaël,
> 
> On Thu, 2020-04-30 at 05:24 +0800, kbuild test robot wrote:
>> Hi Mimi,
>>
>> I love your patch! Yet something to improve:
>>
>> [auto build test ERROR on integrity/next-integrity]
>> [also build test ERROR on linus/master v5.7-rc3 next-20200429]
>> [cannot apply to security/next-testing]
>> [if your patch is applied to the wrong git tree, please drop us a note to help
>> improve the system. BTW, we also suggest to use '--base' option to specify the
>> base tree in git format-patch, please see https://stackoverflow.com/a/37406982]
> 
> To prevent this sort of message, in the future could you include this
> patch (2/2) with your patch set?  Please include the "Reviewed-by:
> Lakshmi Ramasubramanian <nramas at linux.microsoft.com>" tag.
> 
> thanks,
> 
> Mimi
> 
>>
>> url:    https://github.com/0day-ci/linux/commits/Mimi-Zohar/ima-extending-IMA-policy-to-support-interpreters/20200430-030608
>> base:   https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity
>> config: arc-allyesconfig (attached as .config)
>> compiler: arc-elf-gcc (GCC) 9.3.0
>> reproduce:
>>         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>>         chmod +x ~/bin/make.cross
>>         # save the attached .config to linux build tree
>>         COMPILER_INSTALL_PATH=$HOME/0day GCC_VERSION=9.3.0 make.cross ARCH=arc 
>>
>> If you fix the issue, kindly add following tag as appropriate
>> Reported-by: kbuild test robot <lkp at intel.com>
>>
>> All error/warnings (new ones prefixed by >>):
>>
>>    security/integrity/ima/ima_main.c: In function 'ima_file_check':
>>>> security/integrity/ima/ima_main.c:442:20: error: 'MAY_OPENEXEC' undeclared (first use in this function); did you mean 'MAY_OPEN'?
>>      442 |         MAY_EXEC | MAY_OPENEXEC |
>>          |                    ^~~~~~~~~~~~
>>          |                    MAY_OPEN
> 



More information about the Linux-security-module-archive mailing list