| Message ID | 164330770248.138929.14950299877825278226.stgit@olly (mailing list archive) |
|---|---|
| State | Accepted |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | [v2] selinux: fix a type cast problem in cred_init_security() | expand |
On Thu, Jan 27, 2022 at 1:21 PM Paul Moore <paul@paul-moore.com> wrote: > > In the process of removing an explicit type cast to preserve a cred > const qualifier in cred_init_security() we ran into a problem where > the task_struct::real_cred field is defined with the "__rcu" > attribute but the selinux_cred() function parameter is not, leading > to a sparse warning: > > security/selinux/hooks.c:216:36: sparse: sparse: > incorrect type in argument 1 (different address spaces) > @@ expected struct cred const *cred > @@ got struct cred const [noderef] __rcu *real_cred > > As we don't want to add the "__rcu" attribute to the selinux_cred() > parameter, we're going to add an explicit cast back to > cred_init_security(). > > Fixes: b084e189b01a ("selinux: simplify cred_init_security") > Reported-by: kernel test robot <lkp@intel.com> > Signed-off-by: Paul Moore <paul@paul-moore.com> > --- > security/selinux/hooks.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Merged.
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index eae7dbd62df1..221e642025f5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -213,7 +213,7 @@ static void cred_init_security(void) { struct task_security_struct *tsec; - tsec = selinux_cred(current->real_cred); + tsec = selinux_cred(unrcu_pointer(current->real_cred)); tsec->osid = tsec->sid = SECINITSID_KERNEL; }
In the process of removing an explicit type cast to preserve a cred const qualifier in cred_init_security() we ran into a problem where the task_struct::real_cred field is defined with the "__rcu" attribute but the selinux_cred() function parameter is not, leading to a sparse warning: security/selinux/hooks.c:216:36: sparse: sparse: incorrect type in argument 1 (different address spaces) @@ expected struct cred const *cred @@ got struct cred const [noderef] __rcu *real_cred As we don't want to add the "__rcu" attribute to the selinux_cred() parameter, we're going to add an explicit cast back to cred_init_security(). Fixes: b084e189b01a ("selinux: simplify cred_init_security") Reported-by: kernel test robot <lkp@intel.com> Signed-off-by: Paul Moore <paul@paul-moore.com> --- security/selinux/hooks.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)