From: kernel test robot <lkp@intel.com>
To: "Günther Noack" <gnoack@google.com>,
linux-security-module@vger.kernel.org,
"Mickaël Salaün" <mic@digikod.net>
Cc: oe-kbuild-all@lists.linux.dev, "Jeff Xu" <jeffxu@google.com>,
"Jorge Lucangeli Obes" <jorgelo@chromium.org>,
"Allen Webb" <allenwebb@google.com>,
"Dmitry Torokhov" <dtor@google.com>,
"Paul Moore" <paul@paul-moore.com>,
"Konstantin Meskhidze" <konstantin.meskhidze@huawei.com>,
"Matt Bobrowski" <repnop@google.com>,
linux-fsdevel@vger.kernel.org,
"Günther Noack" <gnoack@google.com>
Subject: Re: [PATCH v4 6/7] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL
Date: Sat, 4 Nov 2023 09:50:28 +0800 [thread overview]
Message-ID: <202311040923.tlGduM5r-lkp@intel.com> (raw)
In-Reply-To: <20231103155717.78042-7-gnoack@google.com>
Hi Günther,
kernel test robot noticed the following build errors:
[auto build test ERROR on f12f8f84509a084399444c4422661345a15cc713]
url: https://github.com/intel-lab-lkp/linux/commits/G-nther-Noack/landlock-Optimize-the-number-of-calls-to-get_access_mask-slightly/20231104-000659
base: f12f8f84509a084399444c4422661345a15cc713
patch link: https://lore.kernel.org/r/20231103155717.78042-7-gnoack%40google.com
patch subject: [PATCH v4 6/7] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL
config: x86_64-randconfig-011-20231104 (https://download.01.org/0day-ci/archive/20231104/202311040923.tlGduM5r-lkp@intel.com/config)
compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231104/202311040923.tlGduM5r-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311040923.tlGduM5r-lkp@intel.com/
All error/warnings (new ones prefixed by >>):
samples/landlock/sandboxer.c: In function 'main':
>> samples/landlock/sandboxer.c:332:2: error: duplicate case value
332 | case LANDLOCK_ABI_LAST:
| ^~~~
samples/landlock/sandboxer.c:322:2: note: previously used here
322 | case 4:
| ^~~~
>> samples/landlock/sandboxer.c:331:3: warning: attribute 'fallthrough' not preceding a case label or default label
331 | __attribute__((fallthrough));
| ^~~~~~~~~~~~~
vim +332 samples/landlock/sandboxer.c
903cfe8a7aa889 Mickaël Salaün 2022-09-23 209
ba84b0bf5a164f Mickaël Salaün 2021-04-22 210 int main(const int argc, char *const argv[], char *const *const envp)
ba84b0bf5a164f Mickaël Salaün 2021-04-22 211 {
ba84b0bf5a164f Mickaël Salaün 2021-04-22 212 const char *cmd_path;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 213 char *const *cmd_argv;
76b902f874ff4d Mickaël Salaün 2022-05-06 214 int ruleset_fd, abi;
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 215 char *env_port_name;
76b902f874ff4d Mickaël Salaün 2022-05-06 216 __u64 access_fs_ro = ACCESS_FS_ROUGHLY_READ,
76b902f874ff4d Mickaël Salaün 2022-05-06 217 access_fs_rw = ACCESS_FS_ROUGHLY_READ | ACCESS_FS_ROUGHLY_WRITE;
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 218
ba84b0bf5a164f Mickaël Salaün 2021-04-22 219 struct landlock_ruleset_attr ruleset_attr = {
76b902f874ff4d Mickaël Salaün 2022-05-06 220 .handled_access_fs = access_fs_rw,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 221 .handled_access_net = LANDLOCK_ACCESS_NET_BIND_TCP |
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 222 LANDLOCK_ACCESS_NET_CONNECT_TCP,
ba84b0bf5a164f Mickaël Salaün 2021-04-22 223 };
ba84b0bf5a164f Mickaël Salaün 2021-04-22 224
ba84b0bf5a164f Mickaël Salaün 2021-04-22 225 if (argc < 2) {
81709f3dccacf4 Mickaël Salaün 2022-05-06 226 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 227 "usage: %s=\"...\" %s=\"...\" %s=\"...\" %s=\"...\"%s "
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 228 "<cmd> [args]...\n\n",
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 229 ENV_FS_RO_NAME, ENV_FS_RW_NAME, ENV_TCP_BIND_NAME,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 230 ENV_TCP_CONNECT_NAME, argv[0]);
81709f3dccacf4 Mickaël Salaün 2022-05-06 231 fprintf(stderr,
81709f3dccacf4 Mickaël Salaün 2022-05-06 232 "Launch a command in a restricted environment.\n\n");
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 233 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 234 "Environment variables containing paths and ports "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 235 "each separated by a colon:\n");
81709f3dccacf4 Mickaël Salaün 2022-05-06 236 fprintf(stderr,
81709f3dccacf4 Mickaël Salaün 2022-05-06 237 "* %s: list of paths allowed to be used in a read-only way.\n",
ba84b0bf5a164f Mickaël Salaün 2021-04-22 238 ENV_FS_RO_NAME);
81709f3dccacf4 Mickaël Salaün 2022-05-06 239 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 240 "* %s: list of paths allowed to be used in a read-write way.\n\n",
ba84b0bf5a164f Mickaël Salaün 2021-04-22 241 ENV_FS_RW_NAME);
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 242 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 243 "Environment variables containing ports are optional "
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 244 "and could be skipped.\n");
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 245 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 246 "* %s: list of ports allowed to bind (server).\n",
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 247 ENV_TCP_BIND_NAME);
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 248 fprintf(stderr,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 249 "* %s: list of ports allowed to connect (client).\n",
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 250 ENV_TCP_CONNECT_NAME);
81709f3dccacf4 Mickaël Salaün 2022-05-06 251 fprintf(stderr,
81709f3dccacf4 Mickaël Salaün 2022-05-06 252 "\nexample:\n"
ba84b0bf5a164f Mickaël Salaün 2021-04-22 253 "%s=\"/bin:/lib:/usr:/proc:/etc:/dev/urandom\" "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 254 "%s=\"/dev/null:/dev/full:/dev/zero:/dev/pts:/tmp\" "
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 255 "%s=\"9418\" "
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 256 "%s=\"80:443\" "
903cfe8a7aa889 Mickaël Salaün 2022-09-23 257 "%s bash -i\n\n",
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 258 ENV_FS_RO_NAME, ENV_FS_RW_NAME, ENV_TCP_BIND_NAME,
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 259 ENV_TCP_CONNECT_NAME, argv[0]);
903cfe8a7aa889 Mickaël Salaün 2022-09-23 260 fprintf(stderr,
903cfe8a7aa889 Mickaël Salaün 2022-09-23 261 "This sandboxer can use Landlock features "
903cfe8a7aa889 Mickaël Salaün 2022-09-23 262 "up to ABI version %d.\n",
903cfe8a7aa889 Mickaël Salaün 2022-09-23 263 LANDLOCK_ABI_LAST);
ba84b0bf5a164f Mickaël Salaün 2021-04-22 264 return 1;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 265 }
ba84b0bf5a164f Mickaël Salaün 2021-04-22 266
76b902f874ff4d Mickaël Salaün 2022-05-06 267 abi = landlock_create_ruleset(NULL, 0, LANDLOCK_CREATE_RULESET_VERSION);
76b902f874ff4d Mickaël Salaün 2022-05-06 268 if (abi < 0) {
ba84b0bf5a164f Mickaël Salaün 2021-04-22 269 const int err = errno;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 270
76b902f874ff4d Mickaël Salaün 2022-05-06 271 perror("Failed to check Landlock compatibility");
ba84b0bf5a164f Mickaël Salaün 2021-04-22 272 switch (err) {
ba84b0bf5a164f Mickaël Salaün 2021-04-22 273 case ENOSYS:
81709f3dccacf4 Mickaël Salaün 2022-05-06 274 fprintf(stderr,
81709f3dccacf4 Mickaël Salaün 2022-05-06 275 "Hint: Landlock is not supported by the current kernel. "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 276 "To support it, build the kernel with "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 277 "CONFIG_SECURITY_LANDLOCK=y and prepend "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 278 "\"landlock,\" to the content of CONFIG_LSM.\n");
ba84b0bf5a164f Mickaël Salaün 2021-04-22 279 break;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 280 case EOPNOTSUPP:
81709f3dccacf4 Mickaël Salaün 2022-05-06 281 fprintf(stderr,
81709f3dccacf4 Mickaël Salaün 2022-05-06 282 "Hint: Landlock is currently disabled. "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 283 "It can be enabled in the kernel configuration by "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 284 "prepending \"landlock,\" to the content of CONFIG_LSM, "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 285 "or at boot time by setting the same content to the "
ba84b0bf5a164f Mickaël Salaün 2021-04-22 286 "\"lsm\" kernel parameter.\n");
ba84b0bf5a164f Mickaël Salaün 2021-04-22 287 break;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 288 }
ba84b0bf5a164f Mickaël Salaün 2021-04-22 289 return 1;
ba84b0bf5a164f Mickaël Salaün 2021-04-22 290 }
903cfe8a7aa889 Mickaël Salaün 2022-09-23 291
76b902f874ff4d Mickaël Salaün 2022-05-06 292 /* Best-effort security. */
903cfe8a7aa889 Mickaël Salaün 2022-09-23 293 switch (abi) {
903cfe8a7aa889 Mickaël Salaün 2022-09-23 294 case 1:
f6e53fb2d7bd70 Günther Noack 2022-11-07 295 /*
f6e53fb2d7bd70 Günther Noack 2022-11-07 296 * Removes LANDLOCK_ACCESS_FS_REFER for ABI < 2
f6e53fb2d7bd70 Günther Noack 2022-11-07 297 *
f6e53fb2d7bd70 Günther Noack 2022-11-07 298 * Note: The "refer" operations (file renaming and linking
f6e53fb2d7bd70 Günther Noack 2022-11-07 299 * across different directories) are always forbidden when using
f6e53fb2d7bd70 Günther Noack 2022-11-07 300 * Landlock with ABI 1.
f6e53fb2d7bd70 Günther Noack 2022-11-07 301 *
f6e53fb2d7bd70 Günther Noack 2022-11-07 302 * If only ABI 1 is available, this sandboxer knowingly forbids
f6e53fb2d7bd70 Günther Noack 2022-11-07 303 * refer operations.
f6e53fb2d7bd70 Günther Noack 2022-11-07 304 *
f6e53fb2d7bd70 Günther Noack 2022-11-07 305 * If a program *needs* to do refer operations after enabling
f6e53fb2d7bd70 Günther Noack 2022-11-07 306 * Landlock, it can not use Landlock at ABI level 1. To be
f6e53fb2d7bd70 Günther Noack 2022-11-07 307 * compatible with different kernel versions, such programs
f6e53fb2d7bd70 Günther Noack 2022-11-07 308 * should then fall back to not restrict themselves at all if
f6e53fb2d7bd70 Günther Noack 2022-11-07 309 * the running kernel only supports ABI 1.
f6e53fb2d7bd70 Günther Noack 2022-11-07 310 */
903cfe8a7aa889 Mickaël Salaün 2022-09-23 311 ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_REFER;
faeb9197669c23 Günther Noack 2022-10-18 312 __attribute__((fallthrough));
faeb9197669c23 Günther Noack 2022-10-18 313 case 2:
faeb9197669c23 Günther Noack 2022-10-18 314 /* Removes LANDLOCK_ACCESS_FS_TRUNCATE for ABI < 3 */
faeb9197669c23 Günther Noack 2022-10-18 315 ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_TRUNCATE;
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 316 __attribute__((fallthrough));
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 317 case 3:
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 318 /* Removes network support for ABI < 4 */
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 319 ruleset_attr.handled_access_net &=
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 320 ~(LANDLOCK_ACCESS_NET_BIND_TCP |
5e990dcef12eeb Konstantin Meskhidze 2023-10-26 321 LANDLOCK_ACCESS_NET_CONNECT_TCP);
c5aa323f1f3126 Günther Noack 2023-11-03 322 case 4:
c5aa323f1f3126 Günther Noack 2023-11-03 323 /* Removes LANDLOCK_ACCESS_FS_IOCTL for ABI < 5 */
c5aa323f1f3126 Günther Noack 2023-11-03 324 ruleset_attr.handled_access_fs &= ~LANDLOCK_ACCESS_FS_IOCTL;
c5aa323f1f3126 Günther Noack 2023-11-03 325
903cfe8a7aa889 Mickaël Salaün 2022-09-23 326 fprintf(stderr,
903cfe8a7aa889 Mickaël Salaün 2022-09-23 327 "Hint: You should update the running kernel "
903cfe8a7aa889 Mickaël Salaün 2022-09-23 328 "to leverage Landlock features "
903cfe8a7aa889 Mickaël Salaün 2022-09-23 329 "provided by ABI version %d (instead of %d).\n",
903cfe8a7aa889 Mickaël Salaün 2022-09-23 330 LANDLOCK_ABI_LAST, abi);
903cfe8a7aa889 Mickaël Salaün 2022-09-23 @331 __attribute__((fallthrough));
903cfe8a7aa889 Mickaël Salaün 2022-09-23 @332 case LANDLOCK_ABI_LAST:
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next prev parent reply other threads:[~2023-11-04 1:51 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-03 15:57 [PATCH v4 0/7] Landlock: IOCTL support Günther Noack
2023-11-03 15:57 ` [PATCH v4 1/7] landlock: Optimize the number of calls to get_access_mask slightly Günther Noack
2023-11-16 21:49 ` Mickaël Salaün
2023-11-17 10:54 ` Günther Noack
2023-11-03 15:57 ` [PATCH v4 2/7] landlock: Add IOCTL access right Günther Noack
2023-11-16 21:50 ` Mickaël Salaün
2023-11-17 10:49 ` Günther Noack
2023-11-03 15:57 ` [PATCH v4 3/7] selftests/landlock: Test IOCTL support Günther Noack
2023-11-03 15:57 ` [PATCH v4 4/7] selftests/landlock: Test IOCTL with memfds Günther Noack
2023-11-03 15:57 ` [PATCH v4 5/7] selftests/landlock: Test ioctl(2) and ftruncate(2) with open(O_PATH) Günther Noack
2023-11-03 15:57 ` [PATCH v4 6/7] samples/landlock: Add support for LANDLOCK_ACCESS_FS_IOCTL Günther Noack
2023-11-04 1:50 ` kernel test robot [this message]
2023-11-16 21:50 ` Mickaël Salaün
2023-11-17 10:52 ` Günther Noack
2023-11-03 15:57 ` [PATCH v4 7/7] landlock: Document IOCTL support Günther Noack
2023-11-16 21:49 ` [PATCH v4 0/7] Landlock: " Mickaël Salaün
2023-11-17 14:44 ` Günther Noack
2023-11-17 20:44 ` Mickaël Salaün
2023-11-24 13:02 ` Günther Noack
2023-11-30 9:26 ` Mickaël Salaün
2023-12-08 14:39 ` Günther Noack
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202311040923.tlGduM5r-lkp@intel.com \
--to=lkp@intel.com \
--cc=allenwebb@google.com \
--cc=dtor@google.com \
--cc=gnoack@google.com \
--cc=jeffxu@google.com \
--cc=jorgelo@chromium.org \
--cc=konstantin.meskhidze@huawei.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mic@digikod.net \
--cc=oe-kbuild-all@lists.linux.dev \
--cc=paul@paul-moore.com \
--cc=repnop@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.