Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp5989438ybv; Wed, 12 Feb 2020 04:05:54 -0800 (PST) X-Google-Smtp-Source: APXvYqzmRV1MpYMsd9Szbm/bs+xmPE/lbRic8WmM3kMvZjmXvChqSWhXisucF9gVM9fLQ8FtWtfQ X-Received: by 2002:aca:b608:: with SMTP id g8mr6110707oif.142.1581509154173; Wed, 12 Feb 2020 04:05:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581509154; cv=none; d=google.com; s=arc-20160816; b=NhXtzPp0S+jGx+YA7hx5jwZFMBN4iEVw09yvcF4IuvG0wDYDY3hm34UbQ2TVs7zH5y FMtEcCHtGVGLTi763VTHB7wvIoBhOcpvplhSexIQRb+Pp4S4wcWWdKtQwxt6Qkv0MaKA MvlvNqQcDOulC2Xd44jEV6QtLcoNy+fxLncAG5YLwMn2LAnm5n5Z/C6qkdb8kBu5l/np bxQqppuy++3QD9orjW98UebyDs/b8jxT6f2Eo1A9k7D46JdNepQ1kmKrQ4QNhW+87pVL +yippolxY85vftgLT4iV3KljDzqGRcN2ItoOIrT0rvlfhUZzegKAMK+iAw4Qk9sl4wMK rRtQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:date:cc:to:from:subject :message-id:dkim-signature; bh=kHGdWcUTXHR3UL14kLf9Zry9N63KEVIVP1LWL5DkSqQ=; b=C1c6LyRC9BracUaBWiJj3Tqc0We4jg9CM347Fbq+iFzsXcKc+TeMANqXGNmiEPFxnl muq0c57ULIrApuGlkyEPUdFCxnnZEDDCmIsGScjHlbdHNJXUiX0L3e7v/6XIlB45Kbn9 S98XTBeNy9WGVRaBgeeKqCXNMs0kzassqgIyWFA2MXEvj5I608sod4wIXryGOIytmOWj xvDTFbbmWxgt3rmCTchep2xeDp9wC7cccw9rwDWiGDbqwhMgOQ5C09oobz62H7wrz/Ie i2ZFZRexezRRLZBVPPU3+kAuTXNX4NV751SgwLSJ8bQCp8j4vzoMBuDdabl3sv6H+3qL EpDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@btinternet.com header.s=btmx201904 header.b=WtlM0Xyh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=btinternet.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f14si133351oto.46.2020.02.12.04.05.41; Wed, 12 Feb 2020 04:05:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@btinternet.com header.s=btmx201904 header.b=WtlM0Xyh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=btinternet.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727874AbgBLMDh (ORCPT + 99 others); Wed, 12 Feb 2020 07:03:37 -0500 Received: from mailomta12-re.btinternet.com ([213.120.69.105]:38858 "EHLO re-prd-fep-047.btinternet.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726470AbgBLMDh (ORCPT ); Wed, 12 Feb 2020 07:03:37 -0500 Received: from re-prd-rgout-004.btmx-prd.synchronoss.net ([10.2.54.7]) by re-prd-fep-047.btinternet.com with ESMTP id <20200212120334.PPOK16580.re-prd-fep-047.btinternet.com@re-prd-rgout-004.btmx-prd.synchronoss.net>; Wed, 12 Feb 2020 12:03:34 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btinternet.com; s=btmx201904; t=1581509014; bh=kHGdWcUTXHR3UL14kLf9Zry9N63KEVIVP1LWL5DkSqQ=; h=Message-ID:Subject:From:To:Cc:Date:In-Reply-To:References:MIME-Version; b=WtlM0Xyht+vuAwdt/l8f1czhehZX34hzsp9kCVtmGoM91BcQRd0eVw0SfDA0hgWa4i+Q2A5EN/3fG1KpGHmDPkyLvwio5Yt7/2GLYX38G7p47HyhlMR69Q2vT9cWk88EcPVevMNPocTs3T+BX3Bjg+4jTOaRenLqqO27ATrF8XEPKXPiOI/HWuOd5Fd5LY+GnAlIb1jbqTKRt5nuWZw2CzeqXqWzQCEH2pRwa7rWmB5hUrZV6ABquYod3KE7x+1euxIGk0q1njvgF6MXQs5U37Z3PDwVTWPtIQjkE/LlteHp1jiTSzUBD95vvFHD2XRIoUo/kDKIisuNnEnNpXOBZw== Authentication-Results: btinternet.com; auth=pass (PLAIN) smtp.auth=richard_c_haines@btinternet.com X-Originating-IP: [31.49.60.248] X-OWM-Source-IP: 31.49.60.248 (GB) X-OWM-Env-Sender: richard_c_haines@btinternet.com X-VadeSecure-score: verdict=clean score=0/300, class=clean X-RazorGate-Vade: gggruggvucftvghtrhhoucdtuddrgedugedrieehgdefiecutefuodetggdotefrodftvfcurfhrohhfihhlvgemuceutffkvffkuffjvffgnffgvefqofdpqfgfvfenuceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhepkffuhffvffgjfhgtfggggfesthejredttderjeenucfhrhhomheptfhitghhrghrugcujfgrihhnvghsuceorhhitghhrghruggptggphhgrihhnvghssegsthhinhhtvghrnhgvthdrtghomheqnecukfhppeefuddrgeelrdeitddrvdegkeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhephhgvlhhopehlohgtrghlhhhoshhtrdhlohgtrghlughomhgrihhnpdhinhgvthepfedurdegledriedtrddvgeekpdhmrghilhhfrhhomhepoehrihgthhgrrhgupggtpghhrghinhgvshessghtihhnthgvrhhnvghtrdgtohhmqecuuefqffgjpeekuefkvffokffogfdprhgtphhtthhopeeotghgiihonhgvshesghhoohhglhgvmhgrihhlrdgtohhmqedprhgtphhtthhopeeoughhohifvghllhhssehrvgguhhgrthdrtghomheqpdhrtghpthhtohepoehlihhnuhigqdhkvghrnhgvlhesvhhgvghrrdhkvghrnhgvlhdrohhrgheqpdhrtghpthhtohepoehlihhnuhigqdhnvgigthesvhhgvghrrdhkvghrnhgvlhdrohhrgheqpdhrtghpthhtohepoehprghulhesphgruhhlqdhmohhorhgvrdgtohhmqedprhgtphhtthho peeorhhitghhrghruggptggphhgrihhnvghssehhohhtmhgrihhlrdgtohhmqedprhgtphhtthhopeeoshgushesthihtghhohdrnhhsrgdrghhovheqpdhrtghpthhtohepoehsfhhrsegtrghnsgdrrghuuhhgrdhorhhgrdgruheq X-RazorGate-Vade-Verdict: clean 0 X-RazorGate-Vade-Classification: clean Received: from localhost.localdomain (31.49.60.248) by re-prd-rgout-004.btmx-prd.synchronoss.net (5.8.340) (authenticated as richard_c_haines@btinternet.com) id 5E3A181A01289E90; Wed, 12 Feb 2020 12:03:34 +0000 Message-ID: <1d0b80d272a8e8c4a7b322d2d2bcc483d9e41a28.camel@btinternet.com> Subject: Re: linux-next: manual merge of the selinux tree with the keys tree From: Richard Haines To: Stephen Rothwell , Paul Moore , David Howells , sds@tycho.nsa.gov Cc: Linux Next Mailing List , Linux Kernel Mailing List , Christian =?ISO-8859-1?Q?G=F6ttsche?= , Stephen Smalley Date: Wed, 12 Feb 2020 12:03:33 +0000 In-Reply-To: <20200212103548.266f81fd@canb.auug.org.au> References: <20200212103548.266f81fd@canb.auug.org.au> Content-Type: text/plain; charset="UTF-8" User-Agent: Evolution 3.34.2 (3.34.2-1.fc31) MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 2020-02-12 at 10:35 +1100, Stephen Rothwell wrote: > Hi all, > > Today's linux-next merge of the selinux tree got conflicts in: > > security/selinux/include/security.h > security/selinux/ss/services.c > > between commit: > > 87b14da5b76a ("security/selinux: Add support for new key > permissions") > > from the keys tree and commit: > > 7470d0d13fb6 ("selinux: allow kernfs symlinks to inherit parent > directory context") > > from the selinux tree. > > I fixed it up (see below) and can carry the fix as necessary. This > is now fixed as far as linux-next is concerned, but any non trivial > conflicts should be mentioned to your upstream maintainer when your > tree > is submitted for merging. You may also want to consider cooperating > with the maintainer of the conflicting tree to minimise any > particularly > complex conflicts. > I think 87b14da5b76a ("security/selinux: Add support for new key permissions") should be revoked and resubmitted via selinux as it was never ack'ed there and produced before 7470d0d13fb6 ("selinux: allow kernfs symlinks to inherit parent directory context"), that has been ack'ed. Because of this the policy capability ids are out of sync with what has been committed in userspace libsepol. Plus as Paul mentioned there is an outstanding query on the permission loop that David needs to answer.