Re: [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs

From: kernel test robot
Date: Wed Jan 31 2024 - 11:49:13 EST


Hi Stefan,

kernel test robot noticed the following build errors:

[auto build test ERROR on zohar-integrity/next-integrity]
[also build test ERROR on pcmoore-selinux/next linus/master v6.8-rc2 next-20240131]
[cannot apply to mszeredi-vfs/overlayfs-next mszeredi-vfs/next]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url: https://github.com/intel-lab-lkp/linux/commits/Stefan-Berger/security-allow-finer-granularity-in-permitting-copy-up-of-security-xattrs/20240131-054854
base: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity
patch link: https://lore.kernel.org/r/20240130214620.3155380-2-stefanb%40linux.ibm.com
patch subject: [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
config: i386-buildonly-randconfig-002-20240131 (https://download.01.org/0day-ci/archive/20240201/202402010014.MArAf4UB-lkp@xxxxxxxxx/config)
compiler: clang version 17.0.6 (https://github.com/llvm/llvm-project 6009708b4367171ccdbf4b5905cb6a803753fe18)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240201/202402010014.MArAf4UB-lkp@xxxxxxxxx/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Closes: https://lore.kernel.org/oe-kbuild-all/202402010014.MArAf4UB-lkp@xxxxxxxxx/

All errors (new ones prefixed by >>):

>> security/security.c:2627:38: error: too many arguments to function call, expected single argument 'name', have 2 arguments
2627 | return evm_inode_copy_up_xattr(src, name);
| ~~~~~~~~~~~~~~~~~~~~~~~ ^~~~
include/linux/evm.h:121:20: note: 'evm_inode_copy_up_xattr' declared here
121 | static inline int evm_inode_copy_up_xattr(const char *name)
| ^ ~~~~~~~~~~~~~~~~
1 error generated.


vim +/name +2627 security/security.c

2596
2597 /**
2598 * security_inode_copy_up_xattr() - Filter xattrs in an overlayfs copy-up op
2599 * @src: union dentry of copy-up file
2600 * @name: xattr name
2601 *
2602 * Filter the xattrs being copied up when a unioned file is copied up from a
2603 * lower layer to the union/overlay layer. The caller is responsible for
2604 * reading and writing the xattrs, this hook is merely a filter.
2605 *
2606 * Return: Returns 0 to accept the xattr, 1 to discard the xattr, -EOPNOTSUPP
2607 * if the security module does not know about attribute, or a negative
2608 * error code to abort the copy up.
2609 */
2610 int security_inode_copy_up_xattr(struct dentry *src, const char *name)
2611 {
2612 struct security_hook_list *hp;
2613 int rc;
2614
2615 /*
2616 * The implementation can return 0 (accept the xattr), 1 (discard the
2617 * xattr), -EOPNOTSUPP if it does not know anything about the xattr or
2618 * any other error code in case of an error.
2619 */
2620 hlist_for_each_entry(hp,
2621 &security_hook_heads.inode_copy_up_xattr, list) {
2622 rc = hp->hook.inode_copy_up_xattr(src, name);
2623 if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
2624 return rc;
2625 }
2626
> 2627 return evm_inode_copy_up_xattr(src, name);
2628 }
2629 EXPORT_SYMBOL(security_inode_copy_up_xattr);
2630

--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki