| Message ID | 20211124014332.36128-7-casey@schaufler-ca.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | [v30,01/28] integrity: disassociate ima_filter_rule from security_audit_rule | expand |
Hi Casey,
I love your patch! Yet something to improve:
[auto build test ERROR on nf-next/master]
[also build test ERROR on nf/master linus/master v5.16-rc2]
[cannot apply to pcmoore-audit/next jmorris-security/next-testing next-20211124]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20211124-104307
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master
config: riscv-randconfig-r042-20211124 (https://download.01.org/0day-ci/archive/20211124/202111242150.wktMJDSN-lkp@intel.com/config)
compiler: riscv32-linux-gcc (GCC) 11.2.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/4d65fc1987e5710b2911159149f0de12d2202631
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20211124-104307
git checkout 4d65fc1987e5710b2911159149f0de12d2202631
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=riscv SHELL=/bin/bash drivers/android/ kernel/ net/bridge/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
In file included from kernel/fork.c:50:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/fork.c:161:13: warning: no previous prototype for 'arch_release_task_struct' [-Wmissing-prototypes]
161 | void __weak arch_release_task_struct(struct task_struct *tsk)
| ^~~~~~~~~~~~~~~~~~~~~~~~
kernel/fork.c:763:20: warning: no previous prototype for 'arch_task_cache_init' [-Wmissing-prototypes]
763 | void __init __weak arch_task_cache_init(void) { }
| ^~~~~~~~~~~~~~~~~~~~
--
In file included from include/linux/perf_event.h:59,
from include/linux/trace_events.h:10,
from include/trace/syscall.h:7,
from include/linux/syscalls.h:88,
from kernel/exec_domain.c:19:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
--
In file included from include/linux/perf_event.h:59,
from include/linux/trace_events.h:10,
from include/trace/syscall.h:7,
from include/linux/syscalls.h:88,
from kernel/exit.c:42:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/exit.c:1817:13: warning: no previous prototype for 'abort' [-Wmissing-prototypes]
1817 | __weak void abort(void)
| ^~~~~
--
In file included from include/net/scm.h:8,
from include/linux/netlink.h:9,
from include/uapi/linux/neighbour.h:6,
from include/linux/netdevice.h:45,
from include/linux/if_vlan.h:10,
from include/linux/filter.h:19,
from kernel/kallsyms.c:25:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/kallsyms.c:586:12: warning: no previous prototype for 'arch_get_kallsym' [-Wmissing-prototypes]
586 | int __weak arch_get_kallsym(unsigned int symnum, unsigned long *value,
| ^~~~~~~~~~~~~~~~
kernel/kallsyms.c:874:30: warning: 'kallsyms_proc_ops' defined but not used [-Wunused-const-variable=]
874 | static const struct proc_ops kallsyms_proc_ops = {
| ^~~~~~~~~~~~~~~~~
--
In file included from include/linux/perf_event.h:59,
from include/linux/trace_events.h:10,
from include/trace/syscall.h:7,
from include/linux/syscalls.h:88,
from kernel/audit.c:44:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/audit.c: In function 'audit_log_vformat':
kernel/audit.c:1926:9: warning: function 'audit_log_vformat' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format]
1926 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args);
| ^~~
kernel/audit.c:1935:17: warning: function 'audit_log_vformat' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format]
1935 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2);
| ^~~
--
In file included from include/linux/audit.h:14,
from kernel/auditfilter.c:12:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/auditfilter.c: In function 'audit_filter':
>> kernel/auditfilter.c:1376:50: error: implicit declaration of function 'security_audit_rule_match'; did you mean 'security_audit_rule_free'? [-Werror=implicit-function-declaration]
1376 | result = security_audit_rule_match(
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| security_audit_rule_free
cc1: some warnings being treated as errors
--
In file included from include/linux/audit.h:14,
from kernel/auditsc.c:45:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/auditsc.c: In function 'audit_filter_rules':
>> kernel/auditsc.c:674:42: error: implicit declaration of function 'security_audit_rule_match'; did you mean 'security_audit_rule_free'? [-Werror=implicit-function-declaration]
674 | result = security_audit_rule_match(&blob,
| ^~~~~~~~~~~~~~~~~~~~~~~~~
| security_audit_rule_free
cc1: some warnings being treated as errors
--
In file included from include/net/scm.h:8,
from include/linux/netlink.h:9,
from include/uapi/linux/neighbour.h:6,
from include/linux/netdevice.h:45,
from include/linux/etherdevice.h:21,
from net/bridge/br_netlink_tunnel.c:11:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
net/bridge/br_netlink_tunnel.c:29:6: warning: no previous prototype for 'vlan_tunid_inrange' [-Wmissing-prototypes]
29 | bool vlan_tunid_inrange(const struct net_bridge_vlan *v_curr,
| ^~~~~~~~~~~~~~~~~~
net/bridge/br_netlink_tunnel.c:196:5: warning: no previous prototype for 'br_vlan_tunnel_info' [-Wmissing-prototypes]
196 | int br_vlan_tunnel_info(const struct net_bridge_port *p, int cmd,
| ^~~~~~~~~~~~~~~~~~~
--
In file included from include/net/scm.h:8,
from include/linux/netlink.h:9,
from include/uapi/linux/neighbour.h:6,
from include/linux/netdevice.h:45,
from include/linux/if_vlan.h:10,
from include/linux/filter.h:19,
from kernel/bpf/core.c:21:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/bpf/core.c:1368:12: warning: no previous prototype for 'bpf_probe_read_kernel' [-Wmissing-prototypes]
1368 | u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr)
| ^~~~~~~~~~~~~~~~~~~~~
--
In file included from include/net/scm.h:8,
from include/linux/netlink.h:9,
from include/uapi/linux/neighbour.h:6,
from include/linux/netdevice.h:45,
from include/linux/if_vlan.h:10,
from include/linux/filter.h:19,
from include/linux/bpf_verifier.h:9,
from kernel/bpf/btf.c:19:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/bpf/btf.c: In function 'btf_seq_show':
kernel/bpf/btf.c:5888:29: warning: function 'btf_seq_show' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format]
5888 | seq_vprintf((struct seq_file *)show->target, fmt, args);
| ^~~~~~~~
kernel/bpf/btf.c: In function 'btf_snprintf_show':
kernel/bpf/btf.c:5925:9: warning: function 'btf_snprintf_show' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format]
5925 | len = vsnprintf(show->target, ssnprintf->len_left, fmt, args);
| ^~~
--
In file included from kernel/sched/sched.h:62,
from kernel/sched/core.c:13:
>> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid'
1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid,
| ^~~~~
kernel/sched/core.c:3439:6: warning: no previous prototype for 'sched_set_stop_task' [-Wmissing-prototypes]
3439 | void sched_set_stop_task(int cpu, struct task_struct *stop)
| ^~~~~~~~~~~~~~~~~~~
..
vim +1974 include/linux/security.h
1973
> 1974 static inline int security_audit_rule_match(struct lsmblob *blob secid,
1975 u32 field, u32 op,
1976 struct audit_rules *lsmrules)
1977 {
1978 return 0;
1979 }
1980
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
On Tue, Nov 23, 2021 at 8:50 PM Casey Schaufler <casey@schaufler-ca.com> wrote: > > Change the secid parameter of security_audit_rule_match > to a lsmblob structure pointer. Pass the entry from the > lsmblob structure for the approprite slot to the LSM hook. > > Change the users of security_audit_rule_match to use the > lsmblob instead of a u32. The scaffolding function lsmblob_init() > fills the blob with the value of the old secid, ensuring that > it is available to the appropriate module hook. The sources of > the secid, security_task_getsecid() and security_inode_getsecid(), > will be converted to use the blob structure later in the series. > At the point the use of lsmblob_init() is dropped. > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > Cc: linux-audit@redhat.com > --- > include/linux/security.h | 5 +++-- > kernel/auditfilter.c | 6 ++++-- > kernel/auditsc.c | 16 +++++++++++----- > security/security.c | 5 +++-- > 4 files changed, 21 insertions(+), 11 deletions(-) > > diff --git a/include/linux/security.h b/include/linux/security.h > index ddd4cf48413c..d846d90f5624 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -1954,7 +1954,7 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) > int security_audit_rule_init(u32 field, u32 op, char *rulestr, > struct audit_rules *lsmrules); > int security_audit_rule_known(struct audit_krule *krule); > -int security_audit_rule_match(u32 secid, u32 field, u32 op, > +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, > struct audit_rules *lsmrules); > void security_audit_rule_free(struct audit_rules *lsmrules); > > @@ -1971,7 +1971,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) > return 0; > } > > -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, > +static inline int security_audit_rule_match(struct lsmblob *blob secid, > + u32 field, u32 op, > struct audit_rules *lsmrules) > { > return 0; Assuming you fixup the typo above that the test robot found it looks reasonable to me. Acked-by: Paul Moore <paul@paul-moore.com> -- paul moore www.paul-moore.com
diff --git a/include/linux/security.h b/include/linux/security.h index ddd4cf48413c..d846d90f5624 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1954,7 +1954,7 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) int security_audit_rule_init(u32 field, u32 op, char *rulestr, struct audit_rules *lsmrules); int security_audit_rule_known(struct audit_krule *krule); -int security_audit_rule_match(u32 secid, u32 field, u32 op, +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, struct audit_rules *lsmrules); void security_audit_rule_free(struct audit_rules *lsmrules); @@ -1971,7 +1971,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) return 0; } -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, +static inline int security_audit_rule_match(struct lsmblob *blob secid, + u32 field, u32 op, struct audit_rules *lsmrules) { return 0; diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index db427e136368..ffbd8396bdc9 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1338,6 +1338,7 @@ int audit_filter(int msgtype, unsigned int listtype) for (i = 0; i < e->rule.field_count; i++) { struct audit_field *f = &e->rule.fields[i]; + struct lsmblob blob; pid_t pid; u32 sid; @@ -1371,8 +1372,9 @@ int audit_filter(int msgtype, unsigned int listtype) if (f->lsm_isset) { security_task_getsecid_subj(current, &sid); - result = security_audit_rule_match(sid, - f->type, f->op, + lsmblob_init(&blob, sid); + result = security_audit_rule_match( + &blob, f->type, f->op, &f->lsm_rules); } break; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 1aa8ffdae0ad..de22e852373a 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -468,6 +468,7 @@ static int audit_filter_rules(struct task_struct *tsk, const struct cred *cred; int i, need_sid = 1; u32 sid; + struct lsmblob blob; unsigned int sessionid; if (ctx && rule->prio <= ctx->prio) @@ -669,8 +670,10 @@ static int audit_filter_rules(struct task_struct *tsk, security_task_getsecid_subj(tsk, &sid); need_sid = 0; } - result = security_audit_rule_match(sid, f->type, - f->op, &f->lsm_rules); + lsmblob_init(&blob, sid); + result = security_audit_rule_match(&blob, + f->type, f->op, + &f->lsm_rules); } break; case AUDIT_OBJ_USER: @@ -683,15 +686,17 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_isset) { /* Find files that match */ if (name) { + lsmblob_init(&blob, name->osid); result = security_audit_rule_match( - name->osid, + &blob, f->type, f->op, &f->lsm_rules); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { + lsmblob_init(&blob, n->osid); if (security_audit_rule_match( - n->osid, f->type, f->op, + &blob, f->type, f->op, &f->lsm_rules)) { ++result; break; @@ -701,7 +706,8 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - if (security_audit_rule_match(ctx->ipc.osid, + lsmblob_init(&blob, ctx->ipc.osid); + if (security_audit_rule_match(&blob, f->type, f->op, &f->lsm_rules)) ++result; diff --git a/security/security.c b/security/security.c index c472cac72641..238541218ca5 100644 --- a/security/security.c +++ b/security/security.c @@ -2680,7 +2680,7 @@ void security_audit_rule_free(struct audit_rules *lsmrules) } } -int security_audit_rule_match(u32 secid, u32 field, u32 op, +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, struct audit_rules *lsmrules) { struct security_hook_list *hp; @@ -2691,7 +2691,8 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, continue; if (lsmrules->rule[hp->lsmid->slot] == NULL) continue; - rc = hp->hook.audit_rule_match(secid, field, op, + rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot], + field, op, &lsmrules->rule[hp->lsmid->slot]); if (rc) return rc;
Change the secid parameter of security_audit_rule_match to a lsmblob structure pointer. Pass the entry from the lsmblob structure for the approprite slot to the LSM hook. Change the users of security_audit_rule_match to use the lsmblob instead of a u32. The scaffolding function lsmblob_init() fills the blob with the value of the old secid, ensuring that it is available to the appropriate module hook. The sources of the secid, security_task_getsecid() and security_inode_getsecid(), will be converted to use the blob structure later in the series. At the point the use of lsmblob_init() is dropped. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Cc: linux-audit@redhat.com --- include/linux/security.h | 5 +++-- kernel/auditfilter.c | 6 ++++-- kernel/auditsc.c | 16 +++++++++++----- security/security.c | 5 +++-- 4 files changed, 21 insertions(+), 11 deletions(-)