Without this patch building a kernel emits millions of warning like:
include/linux/selinux.h:92: warning: ‘selinux_is_enabled’ defined but not used
When it is build without CONFIG_SECURITY_SELINUX. This is harmless, but
the function should be inlined, so it gets compiled out.
Reported-by: Linus Torvalds <[email protected]>
Signed-off-by: Eric Paris <[email protected]>
---
include/linux/selinux.h | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/include/linux/selinux.h b/include/linux/selinux.h
index 223d06a..82e0f26 100644
--- a/include/linux/selinux.h
+++ b/include/linux/selinux.h
@@ -89,7 +89,7 @@ static inline void selinux_secmark_refcount_dec(void)
return;
}
-static bool selinux_is_enabled(void)
+static inline bool selinux_is_enabled(void)
{
return false;
}
On Mon, 14 Sep 2009, Eric Paris wrote:
> Without this patch building a kernel emits millions of warning like:
>
> include/linux/selinux.h:92: warning: ?selinux_is_enabled? defined but not used
>
> When it is build without CONFIG_SECURITY_SELINUX. This is harmless, but
> the function should be inlined, so it gets compiled out.
>
> Reported-by: Linus Torvalds <[email protected]>
> Signed-off-by: Eric Paris <[email protected]>
Acked-by: James Morris <[email protected]>
Linus, I'll assume you'll want to apply this directly.
--
James Morris
<[email protected]>
On Tue, 15 Sep 2009, James Morris wrote:
>
> Linus, I'll assume you'll want to apply this directly.
What I want is to just get pull requests that were well tested in the
first place. When I see an error in a pull request, my reaction is to just
reset awat from it, and not wanting to have anything what-so-ever to do
with the git tree I pulled from.
Give me a few days to get over the disgust.
Linus
On Mon, 14 Sep 2009, Linus Torvalds wrote:
>
>
> On Tue, 15 Sep 2009, James Morris wrote:
> >
> > Linus, I'll assume you'll want to apply this directly.
>
> What I want is to just get pull requests that were well tested in the
> first place. When I see an error in a pull request, my reaction is to just
> reset awat from it, and not wanting to have anything what-so-ever to do
> with the git tree I pulled from.
>
> Give me a few days to get over the disgust.
Sorry about this mess.
These fixes fix build problems, so here's the latest (also, I'll be
on a long haul flight in a few days). Boot tested with and without
SELinux enabled.
The following changes since commit 86d710146fb9975f04c505ec78caa43d227c1018:
Linus Torvalds (1):
Merge git://git.linux-nfs.org/projects/trondmy/nfs-2.6
are available in the git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6 for-linus3
David Howells (2):
CRED: Allow put_cred() to cope with a NULL groups list
KEYS: Fix garbage collector
Eric Paris (4):
Creds: creds->security can be NULL is selinux is disabled
SELinux: seperate avc_cache flushing
SELinux: flush the avc before disabling SELinux
SELinux: inline selinux_is_enabled in !CONFIG_SECURITY_SELINUX
Marc Dionne (1):
KEYS: Unlock tasklist when exiting early from keyctl_session_to_parent
include/linux/cred.h | 13 ++++---
include/linux/selinux.h | 9 +++++
kernel/cred.c | 3 +-
security/keys/gc.c | 78 ++++++++++++++++++++++++++++---------------
security/keys/key.c | 4 +-
security/keys/keyctl.c | 3 +-
security/keys/keyring.c | 24 +++++++++++---
security/selinux/avc.c | 26 +++++++++++----
security/selinux/exports.c | 6 +++
9 files changed, 118 insertions(+), 48 deletions(-)
--
James Morris
<[email protected]>