Message ID | 20250307183701.16970-4-casey@schaufler-ca.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Delegated to: | Paul Moore |
Headers | show |
Series | [v2,1/6] Audit: Create audit_stamp structure | expand |
Hi Casey, kernel test robot noticed the following build warnings: [auto build test WARNING on pcmoore-selinux/next] [also build test WARNING on linus/master v6.14-rc5 next-20250307] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/Audit-Create-audit_stamp-structure/20250308-024950 base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git next patch link: https://lore.kernel.org/r/20250307183701.16970-4-casey%40schaufler-ca.com patch subject: [PATCH v2 3/6] LSM: security_lsmblob_to_secctx module selection config: arc-randconfig-001-20250308 (https://download.01.org/0day-ci/archive/20250308/202503082328.C7GyGU63-lkp@intel.com/config) compiler: arc-elf-gcc (GCC) 13.2.0 reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250308/202503082328.C7GyGU63-lkp@intel.com/reproduce) If you fix the issue in a separate patch/commit (i.e. not just a new version of the same patch/commit), kindly add following tags | Reported-by: kernel test robot <lkp@intel.com> | Closes: https://lore.kernel.org/oe-kbuild-all/202503082328.C7GyGU63-lkp@intel.com/ All warnings (new ones prefixed by >>): >> security/security.c:4325: warning: Excess function parameter 'lsmid' description in 'security_secid_to_secctx' >> security/security.c:4344: warning: Function parameter or struct member 'lsmid' not described in 'security_lsmprop_to_secctx' vim +4325 security/security.c 746df9b59c8a5f1 David Quigley 2013-05-22 4310 e261301c851aee4 Paul Moore 2023-02-16 4311 /** e261301c851aee4 Paul Moore 2023-02-16 4312 * security_secid_to_secctx() - Convert a secid to a secctx e261301c851aee4 Paul Moore 2023-02-16 4313 * @secid: secid 2d470c778120d3c Casey Schaufler 2024-10-23 4314 * @cp: the LSM context c6b93968f3f6d88 Casey Schaufler 2025-03-07 4315 * @lsmid: which security module to report e261301c851aee4 Paul Moore 2023-02-16 4316 * 2d470c778120d3c Casey Schaufler 2024-10-23 4317 * Convert secid to security context. If @cp is NULL the length of the 2d470c778120d3c Casey Schaufler 2024-10-23 4318 * result will be returned, but no data will be returned. This e261301c851aee4 Paul Moore 2023-02-16 4319 * does mean that the length could change between calls to check the length and 2d470c778120d3c Casey Schaufler 2024-10-23 4320 * the next call which actually allocates and returns the data. e261301c851aee4 Paul Moore 2023-02-16 4321 * 2d470c778120d3c Casey Schaufler 2024-10-23 4322 * Return: Return length of data on success, error on failure. e261301c851aee4 Paul Moore 2023-02-16 4323 */ 2d470c778120d3c Casey Schaufler 2024-10-23 4324 int security_secid_to_secctx(u32 secid, struct lsm_context *cp) 20510f2f4e2dabb James Morris 2007-10-16 @4325 { 2d470c778120d3c Casey Schaufler 2024-10-23 4326 return call_int_hook(secid_to_secctx, secid, cp); 20510f2f4e2dabb James Morris 2007-10-16 4327 } 20510f2f4e2dabb James Morris 2007-10-16 4328 EXPORT_SYMBOL(security_secid_to_secctx); 20510f2f4e2dabb James Morris 2007-10-16 4329 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4330 /** 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4331 * security_lsmprop_to_secctx() - Convert a lsm_prop to a secctx 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4332 * @prop: lsm specific information 2d470c778120d3c Casey Schaufler 2024-10-23 4333 * @cp: the LSM context 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4334 * 2d470c778120d3c Casey Schaufler 2024-10-23 4335 * Convert a @prop entry to security context. If @cp is NULL the 2d470c778120d3c Casey Schaufler 2024-10-23 4336 * length of the result will be returned. This does mean that the 2d470c778120d3c Casey Schaufler 2024-10-23 4337 * length could change between calls to check the length and the 2d470c778120d3c Casey Schaufler 2024-10-23 4338 * next call which actually allocates and returns the @cp. 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4339 * 2d470c778120d3c Casey Schaufler 2024-10-23 4340 * Return: Return length of data on success, error on failure. 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4341 */ c6b93968f3f6d88 Casey Schaufler 2025-03-07 4342 int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, c6b93968f3f6d88 Casey Schaufler 2025-03-07 4343 int lsmid) 6f2f724f0e116d9 Casey Schaufler 2024-10-09 @4344 { c6b93968f3f6d88 Casey Schaufler 2025-03-07 4345 struct lsm_static_call *scall; c6b93968f3f6d88 Casey Schaufler 2025-03-07 4346 c6b93968f3f6d88 Casey Schaufler 2025-03-07 4347 lsm_for_each_hook(scall, lsmprop_to_secctx) { c6b93968f3f6d88 Casey Schaufler 2025-03-07 4348 if (lsmid != 0 && lsmid != scall->hl->lsmid->id) c6b93968f3f6d88 Casey Schaufler 2025-03-07 4349 continue; c6b93968f3f6d88 Casey Schaufler 2025-03-07 4350 return scall->hl->hook.lsmprop_to_secctx(prop, cp); c6b93968f3f6d88 Casey Schaufler 2025-03-07 4351 } c6b93968f3f6d88 Casey Schaufler 2025-03-07 4352 return LSM_RET_DEFAULT(lsmprop_to_secctx); 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4353 } 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4354 EXPORT_SYMBOL(security_lsmprop_to_secctx); 6f2f724f0e116d9 Casey Schaufler 2024-10-09 4355
On Mar 7, 2025 Casey Schaufler <casey@schaufler-ca.com> wrote: > > Add a parameter lsmid to security_lsmblob_to_secctx() to identify which > of the security modules that may be active should provide the security > context. If the value of lsmid is LSM_ID_UNDEF the first LSM providing > a hook is used. security_secid_to_secctx() is unchanged, and will > always report the first LSM providing a hook. > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > --- > include/linux/security.h | 6 ++++-- > kernel/audit.c | 4 ++-- > kernel/auditsc.c | 8 +++++--- > net/netlabel/netlabel_user.c | 3 ++- > security/security.c | 13 +++++++++++-- > 5 files changed, 24 insertions(+), 10 deletions(-) ... > diff --git a/security/security.c b/security/security.c > index 143561ebc3e8..55f9c7ad3f89 100644 > --- a/security/security.c > +++ b/security/security.c > @@ -4338,9 +4339,17 @@ EXPORT_SYMBOL(security_secid_to_secctx); > * > * Return: Return length of data on success, error on failure. > */ > -int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp) > +int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, > + int lsmid) > { > - return call_int_hook(lsmprop_to_secctx, prop, cp); > + struct lsm_static_call *scall; > + > + lsm_for_each_hook(scall, lsmprop_to_secctx) { > + if (lsmid != 0 && lsmid != scall->hl->lsmid->id) Let's use LSM_ID_UNDEF instead of 0 here to add some clarity on how an undefined ID is handled. The function header comment should also explain the special handling when LSM_ID_UNDEF is specified. -- paul-moore.com
diff --git a/include/linux/security.h b/include/linux/security.h index 980b6c207cad..540894695c4b 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -566,7 +566,8 @@ int security_setprocattr(int lsmid, const char *name, void *value, size_t size); int security_netlink_send(struct sock *sk, struct sk_buff *skb); int security_ismaclabel(const char *name); int security_secid_to_secctx(u32 secid, struct lsm_context *cp); -int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp); +int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, + int lsmid); int security_secctx_to_secid(const char *secdata, u32 seclen, u32 *secid); void security_release_secctx(struct lsm_context *cp); void security_inode_invalidate_secctx(struct inode *inode); @@ -1543,7 +1544,8 @@ static inline int security_secid_to_secctx(u32 secid, struct lsm_context *cp) } static inline int security_lsmprop_to_secctx(struct lsm_prop *prop, - struct lsm_context *cp) + struct lsm_context *cp, + int lsmid) { return -EOPNOTSUPP; } diff --git a/kernel/audit.c b/kernel/audit.c index a4945f1c3ec0..293364bba961 100644 --- a/kernel/audit.c +++ b/kernel/audit.c @@ -1475,7 +1475,7 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh, case AUDIT_SIGNAL_INFO: if (lsmprop_is_set(&audit_sig_lsm)) { err = security_lsmprop_to_secctx(&audit_sig_lsm, - &lsmctx); + &lsmctx, LSM_ID_UNDEF); if (err < 0) return err; } @@ -2247,7 +2247,7 @@ int audit_log_task_context(struct audit_buffer *ab) if (!lsmprop_is_set(&prop)) return 0; - error = security_lsmprop_to_secctx(&prop, &ctx); + error = security_lsmprop_to_secctx(&prop, &ctx, LSM_ID_UNDEF); if (error < 0) { if (error != -EINVAL) goto error_path; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 2ec3a0d85447..d98ce7097a2d 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -1109,7 +1109,7 @@ static int audit_log_pid_context(struct audit_context *context, pid_t pid, from_kuid(&init_user_ns, auid), from_kuid(&init_user_ns, uid), sessionid); if (lsmprop_is_set(prop)) { - if (security_lsmprop_to_secctx(prop, &ctx) < 0) { + if (security_lsmprop_to_secctx(prop, &ctx, LSM_ID_UNDEF) < 0) { audit_log_format(ab, " obj=(none)"); rc = 1; } else { @@ -1395,7 +1395,8 @@ static void show_special(struct audit_context *context, int *call_panic) struct lsm_context lsmctx; if (security_lsmprop_to_secctx(&context->ipc.oprop, - &lsmctx) < 0) { + &lsmctx, + LSM_ID_UNDEF) < 0) { *call_panic = 1; } else { audit_log_format(ab, " obj=%s", lsmctx.context); @@ -1560,7 +1561,8 @@ static void audit_log_name(struct audit_context *context, struct audit_names *n, if (lsmprop_is_set(&n->oprop)) { struct lsm_context ctx; - if (security_lsmprop_to_secctx(&n->oprop, &ctx) < 0) { + if (security_lsmprop_to_secctx(&n->oprop, &ctx, + LSM_ID_UNDEF) < 0) { if (call_panic) *call_panic = 2; } else { diff --git a/net/netlabel/netlabel_user.c b/net/netlabel/netlabel_user.c index 0d04d23aafe7..6d6545297ee3 100644 --- a/net/netlabel/netlabel_user.c +++ b/net/netlabel/netlabel_user.c @@ -98,7 +98,8 @@ struct audit_buffer *netlbl_audit_start_common(int type, audit_info->sessionid); if (lsmprop_is_set(&audit_info->prop) && - security_lsmprop_to_secctx(&audit_info->prop, &ctx) > 0) { + security_lsmprop_to_secctx(&audit_info->prop, &ctx, + LSM_ID_UNDEF) > 0) { audit_log_format(audit_buf, " subj=%s", ctx.context); security_release_secctx(&ctx); } diff --git a/security/security.c b/security/security.c index 143561ebc3e8..55f9c7ad3f89 100644 --- a/security/security.c +++ b/security/security.c @@ -4312,6 +4312,7 @@ EXPORT_SYMBOL(security_ismaclabel); * security_secid_to_secctx() - Convert a secid to a secctx * @secid: secid * @cp: the LSM context + * @lsmid: which security module to report * * Convert secid to security context. If @cp is NULL the length of the * result will be returned, but no data will be returned. This @@ -4338,9 +4339,17 @@ EXPORT_SYMBOL(security_secid_to_secctx); * * Return: Return length of data on success, error on failure. */ -int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp) +int security_lsmprop_to_secctx(struct lsm_prop *prop, struct lsm_context *cp, + int lsmid) { - return call_int_hook(lsmprop_to_secctx, prop, cp); + struct lsm_static_call *scall; + + lsm_for_each_hook(scall, lsmprop_to_secctx) { + if (lsmid != 0 && lsmid != scall->hl->lsmid->id) + continue; + return scall->hl->hook.lsmprop_to_secctx(prop, cp); + } + return LSM_RET_DEFAULT(lsmprop_to_secctx); } EXPORT_SYMBOL(security_lsmprop_to_secctx);
Add a parameter lsmid to security_lsmblob_to_secctx() to identify which of the security modules that may be active should provide the security context. If the value of lsmid is LSM_ID_UNDEF the first LSM providing a hook is used. security_secid_to_secctx() is unchanged, and will always report the first LSM providing a hook. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> --- include/linux/security.h | 6 ++++-- kernel/audit.c | 4 ++-- kernel/auditsc.c | 8 +++++--- net/netlabel/netlabel_user.c | 3 ++- security/security.c | 13 +++++++++++-- 5 files changed, 24 insertions(+), 10 deletions(-)