| Message ID | 20241203060350.69472-1-laoar.shao@gmail.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Delegated to: | Paul Moore |
| Headers | show |
| Series | auditsc: Implement a workaround for a GCC bug triggered by task comm changes | expand |
On Tue, Dec 3, 2024 at 1:04 AM Yafang Shao <laoar.shao@gmail.com> wrote: > > From: Yafang shao <laoar.shao@gmail.com> > > A build failure has been reported with the following details: > > In file included from include/linux/string.h:390, > from include/linux/bitmap.h:13, > from include/linux/cpumask.h:12, > from include/linux/smp.h:13, > from include/linux/lockdep.h:14, > from include/linux/spinlock.h:63, > from include/linux/wait.h:9, > from include/linux/wait_bit.h:8, > from include/linux/fs.h:6, > from kernel/auditsc.c:37: > In function 'sized_strscpy', > inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2: > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > 293 | __write_overflow(); > | ^~~~~~~~~~~~~~~~~~ > In function 'sized_strscpy', > inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3: > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > 293 | __write_overflow(); > | ^~~~~~~~~~~~~~~~~~ > > The issue appears to be a GCC bug, though the root cause remains > unclear at this time. For now, let's implement a workaround. > > Reported-by: kernel test robot <lkp@intel.com> > Closes: https://lore.kernel.org/oe-kbuild-all/202410171420.1V00ICVG-lkp@intel.com/ > Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> > Closes: https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ > Reported-by: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> > Closes: https://lore.kernel.org/all/CY8PR11MB71348E568DBDA576F17DAFF389362@CY8PR11MB7134.namprd11.prod.outlook.com/ > Originally-by: Kees Cook <kees@kernel.org> > Link: https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/ > Signed-off-by: Yafang shao <laoar.shao@gmail.com> > Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> > --- > kernel/auditsc.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Thanks, does anyone have a link to the GCC bug report? We really should mention that in the commit description and/or metadata. > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index 279ba5c420a4..561d96affe9f 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -2728,8 +2728,8 @@ void __audit_ptrace(struct task_struct *t) > context->target_auid = audit_get_loginuid(t); > context->target_uid = task_uid(t); > context->target_sessionid = audit_get_sessionid(t); > - security_task_getlsmprop_obj(t, &context->target_ref); > strscpy(context->target_comm, t->comm); > + security_task_getlsmprop_obj(t, &context->target_ref); > } > > /** > @@ -2755,8 +2755,8 @@ int audit_signal_info_syscall(struct task_struct *t) > ctx->target_auid = audit_get_loginuid(t); > ctx->target_uid = t_uid; > ctx->target_sessionid = audit_get_sessionid(t); > - security_task_getlsmprop_obj(t, &ctx->target_ref); > strscpy(ctx->target_comm, t->comm); > + security_task_getlsmprop_obj(t, &ctx->target_ref); > return 0; > } > > -- > 2.43.5
On Wed, Dec 4, 2024 at 6:06 AM Paul Moore <paul@paul-moore.com> wrote: > > On Tue, Dec 3, 2024 at 1:04 AM Yafang Shao <laoar.shao@gmail.com> wrote: > > > > From: Yafang shao <laoar.shao@gmail.com> > > > > A build failure has been reported with the following details: > > > > In file included from include/linux/string.h:390, > > from include/linux/bitmap.h:13, > > from include/linux/cpumask.h:12, > > from include/linux/smp.h:13, > > from include/linux/lockdep.h:14, > > from include/linux/spinlock.h:63, > > from include/linux/wait.h:9, > > from include/linux/wait_bit.h:8, > > from include/linux/fs.h:6, > > from kernel/auditsc.c:37: > > In function 'sized_strscpy', > > inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2: > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > 293 | __write_overflow(); > > | ^~~~~~~~~~~~~~~~~~ > > In function 'sized_strscpy', > > inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3: > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > 293 | __write_overflow(); > > | ^~~~~~~~~~~~~~~~~~ > > > > The issue appears to be a GCC bug, though the root cause remains > > unclear at this time. For now, let's implement a workaround. > > > > Reported-by: kernel test robot <lkp@intel.com> > > Closes: https://lore.kernel.org/oe-kbuild-all/202410171420.1V00ICVG-lkp@intel.com/ > > Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > Closes: https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ > > Reported-by: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> > > Closes: https://lore.kernel.org/all/CY8PR11MB71348E568DBDA576F17DAFF389362@CY8PR11MB7134.namprd11.prod.outlook.com/ > > Originally-by: Kees Cook <kees@kernel.org> > > Link: https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/ > > Signed-off-by: Yafang shao <laoar.shao@gmail.com> > > Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > --- > > kernel/auditsc.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > Thanks, does anyone have a link to the GCC bug report? We really > should mention that in the commit description and/or metadata. I came across a GCC bug report [0] while researching online. This issue was reportedly fixed in GCC-12.1 [1], yet it seems the same bug is still being triggered in GCC-14.2.0[2]. Should I file a new bug report with GCC to address this? [0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101941 [1] https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=76fe494230477a69f8fa8c8ca2d493acaf343eb1 [2] https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ -- Regards Yafang
On Tue, Dec 3, 2024 at 10:00 PM Yafang Shao <laoar.shao@gmail.com> wrote: > On Wed, Dec 4, 2024 at 6:06 AM Paul Moore <paul@paul-moore.com> wrote: > > On Tue, Dec 3, 2024 at 1:04 AM Yafang Shao <laoar.shao@gmail.com> wrote: > > > > > > From: Yafang shao <laoar.shao@gmail.com> > > > > > > A build failure has been reported with the following details: > > > > > > In file included from include/linux/string.h:390, > > > from include/linux/bitmap.h:13, > > > from include/linux/cpumask.h:12, > > > from include/linux/smp.h:13, > > > from include/linux/lockdep.h:14, > > > from include/linux/spinlock.h:63, > > > from include/linux/wait.h:9, > > > from include/linux/wait_bit.h:8, > > > from include/linux/fs.h:6, > > > from kernel/auditsc.c:37: > > > In function 'sized_strscpy', > > > inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2: > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > 293 | __write_overflow(); > > > | ^~~~~~~~~~~~~~~~~~ > > > In function 'sized_strscpy', > > > inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3: > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > 293 | __write_overflow(); > > > | ^~~~~~~~~~~~~~~~~~ > > > > > > The issue appears to be a GCC bug, though the root cause remains > > > unclear at this time. For now, let's implement a workaround. > > > > > > Reported-by: kernel test robot <lkp@intel.com> > > > Closes: https://lore.kernel.org/oe-kbuild-all/202410171420.1V00ICVG-lkp@intel.com/ > > > Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > Closes: https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ > > > Reported-by: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> > > > Closes: https://lore.kernel.org/all/CY8PR11MB71348E568DBDA576F17DAFF389362@CY8PR11MB7134.namprd11.prod.outlook.com/ > > > Originally-by: Kees Cook <kees@kernel.org> > > > Link: https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/ > > > Signed-off-by: Yafang shao <laoar.shao@gmail.com> > > > Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > --- > > > kernel/auditsc.c | 4 ++-- > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > Thanks, does anyone have a link to the GCC bug report? We really > > should mention that in the commit description and/or metadata. > > I came across a GCC bug report [0] while researching online. This > issue was reportedly fixed in GCC-12.1 [1], yet it seems the same bug > is still being triggered in GCC-14.2.0[2]. > Should I file a new bug report with GCC to address this? I was under the impression that this had already been reported, if it hasn't, then yes, please report the bug to the GCC team so we can get this fixed. Once you have the bug report, please post it here so it can be included in the commit. > [0] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101941 > [1] https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=76fe494230477a69f8fa8c8ca2d493acaf343eb1 > [2] https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/
On Wed, Dec 4, 2024 at 11:43 AM Paul Moore <paul@paul-moore.com> wrote: > > On Tue, Dec 3, 2024 at 10:00 PM Yafang Shao <laoar.shao@gmail.com> wrote: > > On Wed, Dec 4, 2024 at 6:06 AM Paul Moore <paul@paul-moore.com> wrote: > > > On Tue, Dec 3, 2024 at 1:04 AM Yafang Shao <laoar.shao@gmail.com> wrote: > > > > > > > > From: Yafang shao <laoar.shao@gmail.com> > > > > > > > > A build failure has been reported with the following details: > > > > > > > > In file included from include/linux/string.h:390, > > > > from include/linux/bitmap.h:13, > > > > from include/linux/cpumask.h:12, > > > > from include/linux/smp.h:13, > > > > from include/linux/lockdep.h:14, > > > > from include/linux/spinlock.h:63, > > > > from include/linux/wait.h:9, > > > > from include/linux/wait_bit.h:8, > > > > from include/linux/fs.h:6, > > > > from kernel/auditsc.c:37: > > > > In function 'sized_strscpy', > > > > inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2: > > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > > 293 | __write_overflow(); > > > > | ^~~~~~~~~~~~~~~~~~ > > > > In function 'sized_strscpy', > > > > inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3: > > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > > 293 | __write_overflow(); > > > > | ^~~~~~~~~~~~~~~~~~ > > > > > > > > The issue appears to be a GCC bug, though the root cause remains > > > > unclear at this time. For now, let's implement a workaround. > > > > > > > > Reported-by: kernel test robot <lkp@intel.com> > > > > Closes: https://lore.kernel.org/oe-kbuild-all/202410171420.1V00ICVG-lkp@intel.com/ > > > > Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > > Closes: https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ > > > > Reported-by: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> > > > > Closes: https://lore.kernel.org/all/CY8PR11MB71348E568DBDA576F17DAFF389362@CY8PR11MB7134.namprd11.prod.outlook.com/ > > > > Originally-by: Kees Cook <kees@kernel.org> > > > > Link: https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/ > > > > Signed-off-by: Yafang shao <laoar.shao@gmail.com> > > > > Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > > --- > > > > kernel/auditsc.c | 4 ++-- > > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > > > Thanks, does anyone have a link to the GCC bug report? We really > > > should mention that in the commit description and/or metadata. > > > > I came across a GCC bug report [0] while researching online. This > > issue was reportedly fixed in GCC-12.1 [1], yet it seems the same bug > > is still being triggered in GCC-14.2.0[2]. > > Should I file a new bug report with GCC to address this? > > I was under the impression that this had already been reported, if it > hasn't, then yes, please report the bug to the GCC team so we can get > this fixed. Once you have the bug report, please post it here so it > can be included in the commit. Sure, I’ll file a new report. However, it seems I need to create a new account for the bug tracker and wait for its approval. Please bear with me—I’ll provide an update as soon as it’s completed. -- Regards Yafang
On Wed, Dec 4, 2024 at 2:07 PM Yafang Shao <laoar.shao@gmail.com> wrote: > > On Wed, Dec 4, 2024 at 11:43 AM Paul Moore <paul@paul-moore.com> wrote: > > > > On Tue, Dec 3, 2024 at 10:00 PM Yafang Shao <laoar.shao@gmail.com> wrote: > > > On Wed, Dec 4, 2024 at 6:06 AM Paul Moore <paul@paul-moore.com> wrote: > > > > On Tue, Dec 3, 2024 at 1:04 AM Yafang Shao <laoar.shao@gmail.com> wrote: > > > > > > > > > > From: Yafang shao <laoar.shao@gmail.com> > > > > > > > > > > A build failure has been reported with the following details: > > > > > > > > > > In file included from include/linux/string.h:390, > > > > > from include/linux/bitmap.h:13, > > > > > from include/linux/cpumask.h:12, > > > > > from include/linux/smp.h:13, > > > > > from include/linux/lockdep.h:14, > > > > > from include/linux/spinlock.h:63, > > > > > from include/linux/wait.h:9, > > > > > from include/linux/wait_bit.h:8, > > > > > from include/linux/fs.h:6, > > > > > from kernel/auditsc.c:37: > > > > > In function 'sized_strscpy', > > > > > inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2: > > > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > > > 293 | __write_overflow(); > > > > > | ^~~~~~~~~~~~~~~~~~ > > > > > In function 'sized_strscpy', > > > > > inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3: > > > > > >> include/linux/fortify-string.h:293:17: error: call to '__write_overflow' declared with attribute error: detected write beyond size of object (1st parameter) > > > > > 293 | __write_overflow(); > > > > > | ^~~~~~~~~~~~~~~~~~ > > > > > > > > > > The issue appears to be a GCC bug, though the root cause remains > > > > > unclear at this time. For now, let's implement a workaround. > > > > > > > > > > Reported-by: kernel test robot <lkp@intel.com> > > > > > Closes: https://lore.kernel.org/oe-kbuild-all/202410171420.1V00ICVG-lkp@intel.com/ > > > > > Reported-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > > > Closes: https://lore.kernel.org/all/20241128182435.57a1ea6f@gandalf.local.home/ > > > > > Reported-by: "Zhuo, Qiuxu" <qiuxu.zhuo@intel.com> > > > > > Closes: https://lore.kernel.org/all/CY8PR11MB71348E568DBDA576F17DAFF389362@CY8PR11MB7134.namprd11.prod.outlook.com/ > > > > > Originally-by: Kees Cook <kees@kernel.org> > > > > > Link: https://lore.kernel.org/linux-hardening/202410171059.C2C395030@keescook/ > > > > > Signed-off-by: Yafang shao <laoar.shao@gmail.com> > > > > > Tested-by: Steven Rostedt (Google) <rostedt@goodmis.org> > > > > > --- > > > > > kernel/auditsc.c | 4 ++-- > > > > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > > > > > Thanks, does anyone have a link to the GCC bug report? We really > > > > should mention that in the commit description and/or metadata. > > > > > > I came across a GCC bug report [0] while researching online. This > > > issue was reportedly fixed in GCC-12.1 [1], yet it seems the same bug > > > is still being triggered in GCC-14.2.0[2]. > > > Should I file a new bug report with GCC to address this? > > > > I was under the impression that this had already been reported, if it > > hasn't, then yes, please report the bug to the GCC team so we can get > > this fixed. Once you have the bug report, please post it here so it > > can be included in the commit. > > Sure, I’ll file a new report. However, it seems I need to create a new > account for the bug tracker and wait for its approval. Please bear > with me—I’ll provide an update as soon as it’s completed. JFYI, the bug report has been filed: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=117912
diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 279ba5c420a4..561d96affe9f 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -2728,8 +2728,8 @@ void __audit_ptrace(struct task_struct *t) context->target_auid = audit_get_loginuid(t); context->target_uid = task_uid(t); context->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &context->target_ref); strscpy(context->target_comm, t->comm); + security_task_getlsmprop_obj(t, &context->target_ref); } /** @@ -2755,8 +2755,8 @@ int audit_signal_info_syscall(struct task_struct *t) ctx->target_auid = audit_get_loginuid(t); ctx->target_uid = t_uid; ctx->target_sessionid = audit_get_sessionid(t); - security_task_getlsmprop_obj(t, &ctx->target_ref); strscpy(ctx->target_comm, t->comm); + security_task_getlsmprop_obj(t, &ctx->target_ref); return 0; }