diff options
| author | Masahiro Yamada <masahiroy@kernel.org> | 2024-09-07 02:29:13 +0900 |
|---|---|---|
| committer | Paul Moore <paul@paul-moore.com> | 2024-10-03 15:34:24 -0400 |
| commit | 541b57e313683b3d4c365fe3109fb34828b165cd (patch) | |
| tree | c444dd571c507f9e7a44fb28044203bdac7ce9a5 /security/selinux/Makefile | |
| parent | 9852d85ec9d492ebef56dc5f229416c925758edc (diff) | |
selinux: do not include <linux/*.h> headers from host programs
The header, security/selinux/include/classmap.h, is included not only
from kernel space but also from host programs.
It includes <linux/capability.h> and <linux/socket.h>, which pull in
more <linux/*.h> headers. This makes the host programs less portable,
specifically causing build errors on macOS.
Those headers are included for the following purposes:
- <linux/capability.h> for checking CAP_LAST_CAP
- <linux/socket.h> for checking PF_MAX
These checks can be guarded by __KERNEL__ so they are skipped when
building host programs. Testing them when building the kernel should
be sufficient.
The header, security/selinux/include/initial_sid_to_string.h, includes
<linux/stddef.h> for the NULL definition, but this is not portable
either. Instead, <stddef.h> should be included for host programs.
Reported-by: Daniel Gomez <da.gomez@samsung.com>
Closes: https://lore.kernel.org/lkml/20240807-macos-build-support-v1-6-4cd1ded85694@samsung.com/
Closes: https://lore.kernel.org/lkml/20240807-macos-build-support-v1-7-4cd1ded85694@samsung.com/
Signed-off-by: Masahiro Yamada <masahiroy@kernel.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'security/selinux/Makefile')
0 files changed, 0 insertions, 0 deletions