[d-kernel] [PATCH] AltHa: nosuid handles capabilities as well

[Vladimir D. Seleznev]

On Mon, May 09, 2022 at 02:47:07PM +0300, Vitaly Chikunov wrote:
> Vladimir,

Hi!

> On Fri, May 06, 2022 at 02:45:36AM +0300, Vladimir D. Seleznev wrote:
> > On Thu, May 05, 2022 at 06:55:05PM +0300, Vitaly Chikunov wrote:
> > 
> > > On Thu, Apr 28, 2022 at 02:59:55PM +0000, Vladimir D. Seleznev wrote:
> > > [skip]
> > > 
> > >   CC      security/altha/altha_lsm.o
> > > security/altha/altha_lsm.c: In function 'altha_bprm_creds_from_file':
> > > security/altha/altha_lsm.c:284:32: error: unused variable 'cur_euid' [-Werror=unused-variable]
> > >   284 |                 uid_t cur_uid, cur_euid;
> > >       |                                ^~~~~~~~
> > > cc1: all warnings being treated as errors
> > > make[2]: *** [scripts/Makefile.build:277: security/altha/altha_lsm.o] Error 1
> > > make[1]: *** [scripts/Makefile.build:540: security/altha] Error 2
> > > make: *** [Makefile:1868: security] Error 2
> > > make: *** Waiting for unfinished jobs....
> > 
> > Hmm, interesting. My build is OK. I'll see on this tomorrow.
> 
> While you will look at it tomorrow,

I did look at it that day. When I built and tested it, it was
std-def-5.15.34-alt2 and it was successfully built. The same patch is
failing on 5.15.37-alt1. When I fixed it on 5.15.37-alt1, I found that
there are some bugs in the logic that should be fixed, and I postponed
it because of several reasons. Obviously I can't send a buggy patch.
I'll fix it as soon as I have time, hope it will be very soon.

I also notice that the first version of the patch, that I sent in
private mail, has no these issue, but we rejected it for other reasons.

> please also add minimal tests, for positive and negative case, also
> preferable make them self-contained enough to be runnable in vm-run.
> Example of the test in security/kiosk/kiosk-test.sh

Tests are good, but I consider it as a separate task, I would like to
not mixing them.

> Thanks,

-- 
   WBR,
   Vladimir D. Seleznev