Message ID | 20201105004924.11651-20-casey@schaufler-ca.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [v22,01/23] LSM: Infrastructure management of the sock security | expand |
Hi Casey, I love your patch! Yet something to improve: [auto build test ERROR on nf-next/master] [also build test ERROR on nf/master linus/master v5.10-rc3 next-20201113] [cannot apply to security/next-testing] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Casey-Schaufler/LSM-Module-stacking-for-AppArmor/20201105-091817 base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master config: alpha-randconfig-r021-20201104 (attached as .config) compiler: alpha-linux-gcc (GCC) 9.3.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/0day-ci/linux/commit/cf770098fb2f8114b0ac138baec96c9891bf56ba git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Casey-Schaufler/LSM-Module-stacking-for-AppArmor/20201105-091817 git checkout cf770098fb2f8114b0ac138baec96c9891bf56ba # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=alpha If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All errors (new ones prefixed by >>): In file included from include/linux/fsnotify.h:16, from fs/nfs/unlink.c:18: >> include/linux/audit.h:563:1: error: expected identifier or '(' before '+' token 563 | +static inline struct audit_context *audit_alloc_local(gfp_t gfpflags) | ^ vim +563 include/linux/audit.h 559 560 extern int audit_n_rules; 561 extern int audit_signals; 562 #else /* CONFIG_AUDITSYSCALL */ > 563 +static inline struct audit_context *audit_alloc_local(gfp_t gfpflags) 564 { 565 return NULL; 566 } 567 static inline void audit_free_context(struct audit_context *context) 568 { } 569 static inline int audit_alloc(struct task_struct *task) 570 { 571 return 0; 572 } 573 static inline void audit_free(struct task_struct *task) 574 { } 575 static inline void audit_syscall_entry(int major, unsigned long a0, 576 unsigned long a1, unsigned long a2, 577 unsigned long a3) 578 { } 579 static inline void audit_syscall_exit(void *pt_regs) 580 { } 581 static inline bool audit_dummy_context(void) 582 { 583 return true; 584 } 585 static inline void audit_set_context(struct task_struct *task, struct audit_context *ctx) 586 { } 587 static inline struct audit_context *audit_context(void) 588 { 589 return NULL; 590 } 591 static inline struct filename *audit_reusename(const __user char *name) 592 { 593 return NULL; 594 } 595 static inline void audit_getname(struct filename *name) 596 { } 597 static inline void audit_getcwd(void) 598 { } 599 static inline void audit_inode(struct filename *name, 600 const struct dentry *dentry, 601 unsigned int aflags) 602 { } 603 static inline void audit_file(struct file *file) 604 { 605 } 606 static inline void audit_inode_parent_hidden(struct filename *name, 607 const struct dentry *dentry) 608 { } 609 static inline void audit_inode_child(struct inode *parent, 610 const struct dentry *dentry, 611 const unsigned char type) 612 { } 613 static inline void audit_core_dumps(long signr) 614 { } 615 static inline void audit_seccomp(unsigned long syscall, long signr, int code) 616 { } 617 static inline void audit_seccomp_actions_logged(const char *names, 618 const char *old_names, int res) 619 { } 620 static inline void audit_ipc_obj(struct kern_ipc_perm *ipcp) 621 { } 622 static inline void audit_ipc_set_perm(unsigned long qbytes, uid_t uid, 623 gid_t gid, umode_t mode) 624 { } 625 static inline void audit_bprm(struct linux_binprm *bprm) 626 { } 627 static inline int audit_socketcall(int nargs, unsigned long *args) 628 { 629 return 0; 630 } 631 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
diff --git a/include/linux/audit.h b/include/linux/audit.h index ba1cd38d601b..786d065a64ef 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -289,6 +289,8 @@ static inline int audit_signal_info(int sig, struct task_struct *t) /* Public API */ extern int audit_alloc(struct task_struct *task); extern void __audit_free(struct task_struct *task); +extern struct audit_context *audit_alloc_local(gfp_t gfpflags); +extern void audit_free_context(struct audit_context *context); extern void __audit_syscall_entry(int major, unsigned long a0, unsigned long a1, unsigned long a2, unsigned long a3); extern void __audit_syscall_exit(int ret_success, long ret_value); @@ -558,6 +560,12 @@ static inline void audit_log_nfcfg(const char *name, u8 af, extern int audit_n_rules; extern int audit_signals; #else /* CONFIG_AUDITSYSCALL */ ++static inline struct audit_context *audit_alloc_local(gfp_t gfpflags) +{ + return NULL; +} +static inline void audit_free_context(struct audit_context *context) +{ } static inline int audit_alloc(struct task_struct *task) { return 0; diff --git a/kernel/audit.h b/kernel/audit.h index ce41886807bb..3f2285e1c6e0 100644 --- a/kernel/audit.h +++ b/kernel/audit.h @@ -99,6 +99,7 @@ struct audit_proctitle { struct audit_context { int dummy; /* must be the first element */ int in_syscall; /* 1 if task is in a syscall */ + bool local; /* local context needed */ enum audit_state state, current_state; unsigned int serial; /* serial number for record */ int major; /* syscall number */ diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 4af5861bcb9a..5bfee5d0812d 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -929,11 +929,13 @@ static inline void audit_free_aux(struct audit_context *context) } } -static inline struct audit_context *audit_alloc_context(enum audit_state state) +static inline struct audit_context *audit_alloc_context(enum audit_state state, + gfp_t gfpflags) { struct audit_context *context; - context = kzalloc(sizeof(*context), GFP_KERNEL); + /* We can be called in atomic context via audit_tg() */ + context = kzalloc(sizeof(*context), gfpflags); if (!context) return NULL; context->state = state; @@ -967,7 +969,8 @@ int audit_alloc(struct task_struct *tsk) return 0; } - if (!(context = audit_alloc_context(state))) { + context = audit_alloc_context(state, GFP_KERNEL); + if (!context) { kfree(key); audit_log_lost("out of memory in audit_alloc"); return -ENOMEM; @@ -979,8 +982,27 @@ int audit_alloc(struct task_struct *tsk) return 0; } -static inline void audit_free_context(struct audit_context *context) +struct audit_context *audit_alloc_local(gfp_t gfpflags) { + struct audit_context *context = NULL; + + context = audit_alloc_context(AUDIT_RECORD_CONTEXT, gfpflags); + if (!context) { + audit_log_lost("out of memory in audit_alloc_local"); + goto out; + } + context->serial = audit_serial(); + ktime_get_coarse_real_ts64(&context->ctime); + context->local = true; +out: + return context; +} +EXPORT_SYMBOL(audit_alloc_local); + +void audit_free_context(struct audit_context *context) +{ + if (!context) + return; audit_free_module(context); audit_free_names(context); unroll_tree_refs(context, NULL, 0); @@ -991,6 +1013,7 @@ static inline void audit_free_context(struct audit_context *context) audit_proctitle_free(context); kfree(context); } +EXPORT_SYMBOL(audit_free_context); static int audit_log_pid_context(struct audit_context *context, pid_t pid, kuid_t auid, kuid_t uid, @@ -2228,7 +2251,7 @@ EXPORT_SYMBOL_GPL(__audit_inode_child); int auditsc_get_stamp(struct audit_context *ctx, struct timespec64 *t, unsigned int *serial) { - if (!ctx->in_syscall) + if (!ctx->in_syscall && !ctx->local) return 0; if (!ctx->serial) ctx->serial = audit_serial();