Message ID | 20211124014332.36128-7-casey@schaufler-ca.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | LSM: Module stacking for AppArmor | expand |
Hi Casey, I love your patch! Yet something to improve: [auto build test ERROR on nf-next/master] [also build test ERROR on nf/master linus/master v5.16-rc2] [cannot apply to pcmoore-audit/next jmorris-security/next-testing next-20211124] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20211124-104307 base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master config: riscv-randconfig-r042-20211124 (https://download.01.org/0day-ci/archive/20211124/202111242150.wktMJDSN-lkp@intel.com/config) compiler: riscv32-linux-gcc (GCC) 11.2.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/0day-ci/linux/commit/4d65fc1987e5710b2911159149f0de12d2202631 git remote add linux-review https://github.com/0day-ci/linux git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20211124-104307 git checkout 4d65fc1987e5710b2911159149f0de12d2202631 # save the config file to linux build tree mkdir build_dir COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=riscv SHELL=/bin/bash drivers/android/ kernel/ net/bridge/ If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All errors (new ones prefixed by >>): In file included from kernel/fork.c:50: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/fork.c:161:13: warning: no previous prototype for 'arch_release_task_struct' [-Wmissing-prototypes] 161 | void __weak arch_release_task_struct(struct task_struct *tsk) | ^~~~~~~~~~~~~~~~~~~~~~~~ kernel/fork.c:763:20: warning: no previous prototype for 'arch_task_cache_init' [-Wmissing-prototypes] 763 | void __init __weak arch_task_cache_init(void) { } | ^~~~~~~~~~~~~~~~~~~~ -- In file included from include/linux/perf_event.h:59, from include/linux/trace_events.h:10, from include/trace/syscall.h:7, from include/linux/syscalls.h:88, from kernel/exec_domain.c:19: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ -- In file included from include/linux/perf_event.h:59, from include/linux/trace_events.h:10, from include/trace/syscall.h:7, from include/linux/syscalls.h:88, from kernel/exit.c:42: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/exit.c:1817:13: warning: no previous prototype for 'abort' [-Wmissing-prototypes] 1817 | __weak void abort(void) | ^~~~~ -- In file included from include/net/scm.h:8, from include/linux/netlink.h:9, from include/uapi/linux/neighbour.h:6, from include/linux/netdevice.h:45, from include/linux/if_vlan.h:10, from include/linux/filter.h:19, from kernel/kallsyms.c:25: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/kallsyms.c:586:12: warning: no previous prototype for 'arch_get_kallsym' [-Wmissing-prototypes] 586 | int __weak arch_get_kallsym(unsigned int symnum, unsigned long *value, | ^~~~~~~~~~~~~~~~ kernel/kallsyms.c:874:30: warning: 'kallsyms_proc_ops' defined but not used [-Wunused-const-variable=] 874 | static const struct proc_ops kallsyms_proc_ops = { | ^~~~~~~~~~~~~~~~~ -- In file included from include/linux/perf_event.h:59, from include/linux/trace_events.h:10, from include/trace/syscall.h:7, from include/linux/syscalls.h:88, from kernel/audit.c:44: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/audit.c: In function 'audit_log_vformat': kernel/audit.c:1926:9: warning: function 'audit_log_vformat' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format] 1926 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args); | ^~~ kernel/audit.c:1935:17: warning: function 'audit_log_vformat' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format] 1935 | len = vsnprintf(skb_tail_pointer(skb), avail, fmt, args2); | ^~~ -- In file included from include/linux/audit.h:14, from kernel/auditfilter.c:12: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/auditfilter.c: In function 'audit_filter': >> kernel/auditfilter.c:1376:50: error: implicit declaration of function 'security_audit_rule_match'; did you mean 'security_audit_rule_free'? [-Werror=implicit-function-declaration] 1376 | result = security_audit_rule_match( | ^~~~~~~~~~~~~~~~~~~~~~~~~ | security_audit_rule_free cc1: some warnings being treated as errors -- In file included from include/linux/audit.h:14, from kernel/auditsc.c:45: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/auditsc.c: In function 'audit_filter_rules': >> kernel/auditsc.c:674:42: error: implicit declaration of function 'security_audit_rule_match'; did you mean 'security_audit_rule_free'? [-Werror=implicit-function-declaration] 674 | result = security_audit_rule_match(&blob, | ^~~~~~~~~~~~~~~~~~~~~~~~~ | security_audit_rule_free cc1: some warnings being treated as errors -- In file included from include/net/scm.h:8, from include/linux/netlink.h:9, from include/uapi/linux/neighbour.h:6, from include/linux/netdevice.h:45, from include/linux/etherdevice.h:21, from net/bridge/br_netlink_tunnel.c:11: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ net/bridge/br_netlink_tunnel.c:29:6: warning: no previous prototype for 'vlan_tunid_inrange' [-Wmissing-prototypes] 29 | bool vlan_tunid_inrange(const struct net_bridge_vlan *v_curr, | ^~~~~~~~~~~~~~~~~~ net/bridge/br_netlink_tunnel.c:196:5: warning: no previous prototype for 'br_vlan_tunnel_info' [-Wmissing-prototypes] 196 | int br_vlan_tunnel_info(const struct net_bridge_port *p, int cmd, | ^~~~~~~~~~~~~~~~~~~ -- In file included from include/net/scm.h:8, from include/linux/netlink.h:9, from include/uapi/linux/neighbour.h:6, from include/linux/netdevice.h:45, from include/linux/if_vlan.h:10, from include/linux/filter.h:19, from kernel/bpf/core.c:21: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/bpf/core.c:1368:12: warning: no previous prototype for 'bpf_probe_read_kernel' [-Wmissing-prototypes] 1368 | u64 __weak bpf_probe_read_kernel(void *dst, u32 size, const void *unsafe_ptr) | ^~~~~~~~~~~~~~~~~~~~~ -- In file included from include/net/scm.h:8, from include/linux/netlink.h:9, from include/uapi/linux/neighbour.h:6, from include/linux/netdevice.h:45, from include/linux/if_vlan.h:10, from include/linux/filter.h:19, from include/linux/bpf_verifier.h:9, from kernel/bpf/btf.c:19: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/bpf/btf.c: In function 'btf_seq_show': kernel/bpf/btf.c:5888:29: warning: function 'btf_seq_show' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format] 5888 | seq_vprintf((struct seq_file *)show->target, fmt, args); | ^~~~~~~~ kernel/bpf/btf.c: In function 'btf_snprintf_show': kernel/bpf/btf.c:5925:9: warning: function 'btf_snprintf_show' might be a candidate for 'gnu_printf' format attribute [-Wsuggest-attribute=format] 5925 | len = vsnprintf(show->target, ssnprintf->len_left, fmt, args); | ^~~ -- In file included from kernel/sched/sched.h:62, from kernel/sched/core.c:13: >> include/linux/security.h:1974:66: error: expected ';', ',' or ')' before 'secid' 1974 | static inline int security_audit_rule_match(struct lsmblob *blob secid, | ^~~~~ kernel/sched/core.c:3439:6: warning: no previous prototype for 'sched_set_stop_task' [-Wmissing-prototypes] 3439 | void sched_set_stop_task(int cpu, struct task_struct *stop) | ^~~~~~~~~~~~~~~~~~~ .. vim +1974 include/linux/security.h 1973 > 1974 static inline int security_audit_rule_match(struct lsmblob *blob secid, 1975 u32 field, u32 op, 1976 struct audit_rules *lsmrules) 1977 { 1978 return 0; 1979 } 1980 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
On Tue, Nov 23, 2021 at 8:50 PM Casey Schaufler <casey@schaufler-ca.com> wrote: > > Change the secid parameter of security_audit_rule_match > to a lsmblob structure pointer. Pass the entry from the > lsmblob structure for the approprite slot to the LSM hook. > > Change the users of security_audit_rule_match to use the > lsmblob instead of a u32. The scaffolding function lsmblob_init() > fills the blob with the value of the old secid, ensuring that > it is available to the appropriate module hook. The sources of > the secid, security_task_getsecid() and security_inode_getsecid(), > will be converted to use the blob structure later in the series. > At the point the use of lsmblob_init() is dropped. > > Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> > Cc: linux-audit@redhat.com > --- > include/linux/security.h | 5 +++-- > kernel/auditfilter.c | 6 ++++-- > kernel/auditsc.c | 16 +++++++++++----- > security/security.c | 5 +++-- > 4 files changed, 21 insertions(+), 11 deletions(-) > > diff --git a/include/linux/security.h b/include/linux/security.h > index ddd4cf48413c..d846d90f5624 100644 > --- a/include/linux/security.h > +++ b/include/linux/security.h > @@ -1954,7 +1954,7 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) > int security_audit_rule_init(u32 field, u32 op, char *rulestr, > struct audit_rules *lsmrules); > int security_audit_rule_known(struct audit_krule *krule); > -int security_audit_rule_match(u32 secid, u32 field, u32 op, > +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, > struct audit_rules *lsmrules); > void security_audit_rule_free(struct audit_rules *lsmrules); > > @@ -1971,7 +1971,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) > return 0; > } > > -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, > +static inline int security_audit_rule_match(struct lsmblob *blob secid, > + u32 field, u32 op, > struct audit_rules *lsmrules) > { > return 0; Assuming you fixup the typo above that the test robot found it looks reasonable to me. Acked-by: Paul Moore <paul@paul-moore.com> -- paul moore www.paul-moore.com
diff --git a/include/linux/security.h b/include/linux/security.h index ddd4cf48413c..d846d90f5624 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -1954,7 +1954,7 @@ static inline int security_key_getsecurity(struct key *key, char **_buffer) int security_audit_rule_init(u32 field, u32 op, char *rulestr, struct audit_rules *lsmrules); int security_audit_rule_known(struct audit_krule *krule); -int security_audit_rule_match(u32 secid, u32 field, u32 op, +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, struct audit_rules *lsmrules); void security_audit_rule_free(struct audit_rules *lsmrules); @@ -1971,7 +1971,8 @@ static inline int security_audit_rule_known(struct audit_krule *krule) return 0; } -static inline int security_audit_rule_match(u32 secid, u32 field, u32 op, +static inline int security_audit_rule_match(struct lsmblob *blob secid, + u32 field, u32 op, struct audit_rules *lsmrules) { return 0; diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index db427e136368..ffbd8396bdc9 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -1338,6 +1338,7 @@ int audit_filter(int msgtype, unsigned int listtype) for (i = 0; i < e->rule.field_count; i++) { struct audit_field *f = &e->rule.fields[i]; + struct lsmblob blob; pid_t pid; u32 sid; @@ -1371,8 +1372,9 @@ int audit_filter(int msgtype, unsigned int listtype) if (f->lsm_isset) { security_task_getsecid_subj(current, &sid); - result = security_audit_rule_match(sid, - f->type, f->op, + lsmblob_init(&blob, sid); + result = security_audit_rule_match( + &blob, f->type, f->op, &f->lsm_rules); } break; diff --git a/kernel/auditsc.c b/kernel/auditsc.c index 1aa8ffdae0ad..de22e852373a 100644 --- a/kernel/auditsc.c +++ b/kernel/auditsc.c @@ -468,6 +468,7 @@ static int audit_filter_rules(struct task_struct *tsk, const struct cred *cred; int i, need_sid = 1; u32 sid; + struct lsmblob blob; unsigned int sessionid; if (ctx && rule->prio <= ctx->prio) @@ -669,8 +670,10 @@ static int audit_filter_rules(struct task_struct *tsk, security_task_getsecid_subj(tsk, &sid); need_sid = 0; } - result = security_audit_rule_match(sid, f->type, - f->op, &f->lsm_rules); + lsmblob_init(&blob, sid); + result = security_audit_rule_match(&blob, + f->type, f->op, + &f->lsm_rules); } break; case AUDIT_OBJ_USER: @@ -683,15 +686,17 @@ static int audit_filter_rules(struct task_struct *tsk, if (f->lsm_isset) { /* Find files that match */ if (name) { + lsmblob_init(&blob, name->osid); result = security_audit_rule_match( - name->osid, + &blob, f->type, f->op, &f->lsm_rules); } else if (ctx) { list_for_each_entry(n, &ctx->names_list, list) { + lsmblob_init(&blob, n->osid); if (security_audit_rule_match( - n->osid, f->type, f->op, + &blob, f->type, f->op, &f->lsm_rules)) { ++result; break; @@ -701,7 +706,8 @@ static int audit_filter_rules(struct task_struct *tsk, /* Find ipc objects that match */ if (!ctx || ctx->type != AUDIT_IPC) break; - if (security_audit_rule_match(ctx->ipc.osid, + lsmblob_init(&blob, ctx->ipc.osid); + if (security_audit_rule_match(&blob, f->type, f->op, &f->lsm_rules)) ++result; diff --git a/security/security.c b/security/security.c index c472cac72641..238541218ca5 100644 --- a/security/security.c +++ b/security/security.c @@ -2680,7 +2680,7 @@ void security_audit_rule_free(struct audit_rules *lsmrules) } } -int security_audit_rule_match(u32 secid, u32 field, u32 op, +int security_audit_rule_match(struct lsmblob *blob, u32 field, u32 op, struct audit_rules *lsmrules) { struct security_hook_list *hp; @@ -2691,7 +2691,8 @@ int security_audit_rule_match(u32 secid, u32 field, u32 op, continue; if (lsmrules->rule[hp->lsmid->slot] == NULL) continue; - rc = hp->hook.audit_rule_match(secid, field, op, + rc = hp->hook.audit_rule_match(blob->secid[hp->lsmid->slot], + field, op, &lsmrules->rule[hp->lsmid->slot]); if (rc) return rc;
Change the secid parameter of security_audit_rule_match to a lsmblob structure pointer. Pass the entry from the lsmblob structure for the approprite slot to the LSM hook. Change the users of security_audit_rule_match to use the lsmblob instead of a u32. The scaffolding function lsmblob_init() fills the blob with the value of the old secid, ensuring that it is available to the appropriate module hook. The sources of the secid, security_task_getsecid() and security_inode_getsecid(), will be converted to use the blob structure later in the series. At the point the use of lsmblob_init() is dropped. Signed-off-by: Casey Schaufler <casey@schaufler-ca.com> Cc: linux-audit@redhat.com --- include/linux/security.h | 5 +++-- kernel/auditfilter.c | 6 ++++-- kernel/auditsc.c | 16 +++++++++++----- security/security.c | 5 +++-- 4 files changed, 21 insertions(+), 11 deletions(-)