From: kbuild test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: [brauner:fsid_mappings_v3_v1 4/21] kernel/user_namespace.c:1483:17: error: 'map_fsid' undeclared; did you mean 'cap_setid'?
Date: Tue, 18 Feb 2020 01:07:30 +0800 [thread overview]
Message-ID: <202002180128.JbX0RInt%lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 4756 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/brauner/linux.git fsid_mappings_v3_v1
head: 49bef2381d5d8e71b4612898c7087563ea068447
commit: 7d87f90cbe112621e8f48eea8d20fba3376a94f4 [4/21] fsuidgid: add fsid mapping helpers
config: s390-defconfig (attached as .config)
compiler: s390-linux-gcc (GCC) 7.5.0
reproduce:
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
git checkout 7d87f90cbe112621e8f48eea8d20fba3376a94f4
# save the attached .config to linux build tree
GCC_VERSION=7.5.0 make.cross ARCH=s390
If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
kernel/user_namespace.c: In function 'proc_uid_map_write':
kernel/user_namespace.c:1387:32: error: 'struct user_namespace' has no member named 'fsuid_map'; did you mean 'uid_map'?
&ns->parent->uid_map, &ns->fsuid_map,
^~~~~~~~~
uid_map
kernel/user_namespace.c:1388:18: error: 'struct user_namespace' has no member named 'fsuid_map'; did you mean 'uid_map'?
&ns->parent->fsuid_map);
^~~~~~~~~
uid_map
kernel/user_namespace.c: In function 'proc_gid_map_write':
kernel/user_namespace.c:1405:32: error: 'struct user_namespace' has no member named 'fsgid_map'; did you mean 'gid_map'?
&ns->parent->gid_map, &ns->fsgid_map,
^~~~~~~~~
gid_map
kernel/user_namespace.c:1406:18: error: 'struct user_namespace' has no member named 'fsgid_map'; did you mean 'gid_map'?
&ns->parent->fsgid_map);
^~~~~~~~~
gid_map
kernel/user_namespace.c: In function 'new_idmap_permitted':
>> kernel/user_namespace.c:1483:17: error: 'map_fsid' undeclared (first use in this function); did you mean 'cap_setid'?
kuid_t uid = map_fsid ? make_kfsuid(ns->parent, id) :
^~~~~~~~
cap_setid
kernel/user_namespace.c:1483:17: note: each undeclared identifier is reported only once for each function it appears in
kernel/user_namespace.c: In function 'proc_uid_map_write':
kernel/user_namespace.c:1389:1: warning: control reaches end of non-void function [-Wreturn-type]
}
^
kernel/user_namespace.c: In function 'proc_gid_map_write':
kernel/user_namespace.c:1407:1: warning: control reaches end of non-void function [-Wreturn-type]
}
^
vim +1483 kernel/user_namespace.c
1462
1463 static bool new_idmap_permitted(const struct file *file,
1464 struct user_namespace *ns, int cap_setid,
1465 struct uid_gid_map *new_map,
1466 struct uid_gid_map *fsid_map)
1467 {
1468 const struct cred *cred = file->f_cred;
1469
1470 if (cap_setid == CAP_SETUID && !fsid_map && idmap_exists(&ns->uid_map))
1471 return false;
1472
1473 if (cap_setid == CAP_SETGID && !fsid_map && idmap_exists(&ns->gid_map))
1474 return false;
1475
1476 /* Don't allow mappings that would allow anything that wouldn't
1477 * be allowed without the establishment of unprivileged mappings.
1478 */
1479 if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1) &&
1480 uid_eq(ns->owner, cred->euid)) {
1481 u32 id = new_map->extent[0].lower_first;
1482 if (cap_setid == CAP_SETUID) {
> 1483 kuid_t uid = map_fsid ? make_kfsuid(ns->parent, id) :
1484 make_kuid(ns->parent, id);
1485 if (uid_eq(uid, cred->euid))
1486 return true;
1487 } else if (cap_setid == CAP_SETGID) {
1488 kgid_t gid = map_fsid ? make_kfsgid(ns->parent, id) :
1489 make_kgid(ns->parent, id);
1490 if (!(ns->flags & USERNS_SETGROUPS_ALLOWED) &&
1491 gid_eq(gid, cred->egid))
1492 return true;
1493 }
1494 }
1495
1496 /* Allow anyone to set a mapping that doesn't require privilege */
1497 if (!cap_valid(cap_setid))
1498 return true;
1499
1500 /* Allow the specified ids if we have the appropriate capability
1501 * (CAP_SETUID or CAP_SETGID) over the parent user namespace.
1502 * And the opener of the id file also had the approprpiate capability.
1503 */
1504 if (ns_capable(ns->parent, cap_setid) &&
1505 file_ns_capable(file, ns->parent, cap_setid))
1506 return true;
1507
1508 return false;
1509 }
1510
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 19140 bytes --]
reply other threads:[~2020-02-17 17:07 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202002180128.JbX0RInt%lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.