Re: [PATCH v37 18/33] LSM: Use lsmcontext in security_dentry_init_security
From: kernel test robot
Date: Tue Jun 28 2022 - 01:37:16 EST
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on pcmoore-selinux/next linus/master v5.19-rc4 next-20220627]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: i386-defconfig (https://download.01.org/0day-ci/archive/20220628/202206281302.ApiPUdom-lkp@xxxxxxxxx/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce (this is a W=1 build):
# https://github.com/intel-lab-lkp/linux/commit/c930a07cebde69363d3633fba8bd4cac46dd1520
git remote add linux-review https://github.com/intel-lab-lkp/linux
git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
git checkout c930a07cebde69363d3633fba8bd4cac46dd1520
# save the config file
mkdir build_dir && cp config build_dir/.config
make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash
If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@xxxxxxxxx>
All warnings (new ones prefixed by >>):
security/security.c: In function 'security_setprocattr':
>> security/security.c:2285:21: warning: variable 'slotname' set but not used [-Wunused-but-set-variable]
2285 | const char *slotname;
| ^~~~~~~~
vim +/slotname +2285 security/security.c
2266
2267 /**
2268 * security_setprocattr - Set process attributes via /proc
2269 * @lsm: name of module involved, or NULL
2270 * @name: name of the attribute
2271 * @value: value to set the attribute to
2272 * @size: size of the value
2273 *
2274 * Set the process attribute for the specified security module
2275 * to the specified value. Note that this can only be used to set
2276 * the process attributes for the current, or "self" process.
2277 * The /proc code has already done this check.
2278 *
2279 * Returns 0 on success, an appropriate code otherwise.
2280 */
2281 int security_setprocattr(const char *lsm, const char *name, void *value,
2282 size_t size)
2283 {
2284 struct security_hook_list *hp;
> 2285 const char *slotname;
2286 char *termed;
2287 char *copy;
2288 int *ilsm = current->security;
2289 int rc = -EINVAL;
2290 int slot = 0;
2291
2292 if (!strcmp(name, "interface_lsm")) {
2293 /*
2294 * Change the "interface_lsm" value only if all the security
2295 * modules that support setting a procattr allow it.
2296 * It is assumed that all such security modules will be
2297 * cooperative.
2298 */
2299 if (size == 0)
2300 return -EINVAL;
2301
2302 hlist_for_each_entry(hp, &security_hook_heads.setprocattr,
2303 list) {
2304 rc = hp->hook.setprocattr(name, value, size);
2305 if (rc < 0 && rc != LSM_RET_DEFAULT(setprocattr))
2306 return rc;
2307 }
2308
2309 rc = -EINVAL;
2310
2311 copy = kmemdup_nul(value, size, GFP_KERNEL);
2312 if (copy == NULL)
2313 return -ENOMEM;
2314
2315 termed = strsep(©, " \n");
2316
2317 for (slot = 0; slot < lsm_slot; slot++) {
2318 slotname = lsm_slot_to_name(slot);
2319 if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
2320 *ilsm = slot;
2321 rc = size;
2322 break;
2323 }
2324 }
2325
2326 kfree(termed);
2327 return rc;
2328 }
2329
2330 hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
2331 if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm))
2332 continue;
2333 if (lsm == NULL && *ilsm != LSMBLOB_INVALID &&
2334 *ilsm != hp->lsmid->slot)
2335 continue;
2336 return hp->hook.setprocattr(name, value, size);
2337 }
2338 return LSM_RET_DEFAULT(setprocattr);
2339 }
2340
--
0-DAY CI Kernel Test Service
https://01.org/lkp