[Bug runtime/27001] New: 4.4 runtime/transport/transport.c: security_locked_down can be undeclared depending the kernel config
guillaume at morinfr dot org
sourceware-bugzilla@sourceware.org
Wed Dec 2 21:13:40 GMT 2020
https://sourceware.org/bugzilla/show_bug.cgi?id=27001
Bug ID: 27001
Summary: 4.4 runtime/transport/transport.c:
security_locked_down can be undeclared depending the
kernel config
Product: systemtap
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: runtime
Assignee: systemtap at sourceware dot org
Reporter: guillaume at morinfr dot org
Target Milestone: ---
I am having issues running systemtap on a custom built 5.4.80 kernel:
Pass 1: parsed user script and 481 library scripts using
111236virt/97444res/7328shr/90372data kb, in 150usr/10sys/140real ms.
Pass 2: analyzed script: 1 probe, 35 functions, 0 embeds, 0 globals using
114764virt/102084res/8288shr/93900data kb, in 30usr/70sys/447real ms.
Pass 3: translated to C into
"/tmp/stapSd29oh/stap_5e4f23ab5591f24875927e0341ccd64a_7093_src.c" using
120836virt/108472res/8476shr/99972data kb, in 310usr/40sys/325real ms.
In file included from /usr/share/systemtap/runtime/linux/print.c:17,
from /usr/share/systemtap/runtime/print.c:17,
from /usr/share/systemtap/runtime/runtime_context.h:22,
from
/tmp/stapSd29oh/stap_5e4f23ab5591f24875927e0341ccd64a_7093_src.c:282:
/usr/share/systemtap/runtime/transport/transport.c: In function
‘_stp_transport_fs_init’:
/usr/share/systemtap/runtime/transport/transport.c:121:27: error: implicit
declaration of function ‘security_locked_down’; did you mean ‘get_locked_pte’?
[-Werror=implicit-function-declaration]
if (!debugfs_p && security_locked_down (LOCKDOWN_DEBUGFS)) {
^~~~~~~~~~~~~~~~~~~~
get_locked_pte
/usr/share/systemtap/runtime/transport/transport.c:121:49: error:
‘LOCKDOWN_DEBUGFS’ undeclared (first use in this function); did you mean
‘LOGLEVEL_DEBUG’?
if (!debugfs_p && security_locked_down (LOCKDOWN_DEBUGFS)) {
^~~~~~~~~~~~~~~~
LOGLEVEL_DEBUG
/usr/share/systemtap/runtime/transport/transport.c:121:49: note: each
undeclared identifier is reported only once for each function it appears in
cc1: all warnings being treated as errors
This appears to be due a recent change:
https://sourceware.org/git/?p=systemtap.git;a=commit;h=7615cae790c899bc8a82841c75c8ea9c6fa54df3
security_locked_down and LOCKDOWN_DEBUGFS are declared in linux/security.h but
with my kernel config they’re not included because the #include is protected
by:
#ifdef CONFIG_SECURITY_LOCKDOWN_LSM
#include <linux/security.h>
#endif
CONFIG_SECURITY_LOCKDOWN_LSM does not appear in my config.
However the detector code does not protect that include the same way so it
builds fine and STAPCONF_LOCKDOWN_DEBUGFS gets defined.
#include <linux/security.h>
int foo(void) {
return security_locked_down(LOCKDOWN_DEBUGFS);
}
The simplest fix seems to protect the include the same way in the detector.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the Systemtap
mailing list