* [ssmalley-selinuxns:working-selinuxns 35/42] security/selinux/avc.c:1606: warning: Function parameter or struct member 'ad' not described in 'cred_obj_has_perm'
@ 2025-02-22 15:26 kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2025-02-22 15:26 UTC (permalink / raw)
To: stephen.smalley.work; +Cc: oe-kbuild-all
tree: https://github.com/stephensmalley/selinux-kernel working-selinuxns
head: 8e33da6864e173556431920c74deb653617db98e
commit: 211533f0f5ee0a6424d42082f37da03d397f1ae8 [35/42] selinux: split cred_ssid_has_perm() into two cases
config: i386-buildonly-randconfig-001-20250222 (https://download.01.org/0day-ci/archive/20250222/202502222318.2f2ygMSQ-lkp@intel.com/config)
compiler: clang version 19.1.3 (https://github.com/llvm/llvm-project ab51eccf88f5321e7c60591c5546b254b6afab99)
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250222/202502222318.2f2ygMSQ-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202502222318.2f2ygMSQ-lkp@intel.com/
All warnings (new ones prefixed by >>):
security/selinux/avc.c:1286: warning: Function parameter or struct member 'ad' not described in 'cred_task_has_perm'
security/selinux/avc.c:1286: warning: Excess function parameter 'auditdata' description in 'cred_task_has_perm'
security/selinux/avc.c:1342: warning: Function parameter or struct member 'ad' not described in 'task_obj_has_perm'
security/selinux/avc.c:1342: warning: Excess function parameter 'auditdata' description in 'task_obj_has_perm'
security/selinux/avc.c:1401: warning: Function parameter or struct member 'base_perm' not described in 'cred_has_extended_perms'
security/selinux/avc.c:1401: warning: Function parameter or struct member 'ad' not described in 'cred_has_extended_perms'
security/selinux/avc.c:1401: warning: Excess function parameter 'auditdata' description in 'cred_has_extended_perms'
security/selinux/avc.c:1440: warning: Function parameter or struct member 'ad' not described in 'cred_self_has_perm'
security/selinux/avc.c:1440: warning: Excess function parameter 'auditdata' description in 'cred_self_has_perm'
security/selinux/avc.c:1518: warning: Function parameter or struct member 'ad' not described in 'cred_tsid_has_perm'
security/selinux/avc.c:1518: warning: Excess function parameter 'auditdata' description in 'cred_tsid_has_perm'
>> security/selinux/avc.c:1606: warning: Function parameter or struct member 'ad' not described in 'cred_obj_has_perm'
>> security/selinux/avc.c:1606: warning: Excess function parameter 'auditdata' description in 'cred_obj_has_perm'
security/selinux/avc.c:1645: warning: Function parameter or struct member 'ad' not described in 'cred_ssid_has_perm'
security/selinux/avc.c:1645: warning: Excess function parameter 'auditdata' description in 'cred_ssid_has_perm'
security/selinux/avc.c:1710: warning: Function parameter or struct member 'ad' not described in 'cred_other_has_perm'
security/selinux/avc.c:1710: warning: Excess function parameter 'auditdata' description in 'cred_other_has_perm'
security/selinux/avc.c:1755: warning: Function parameter or struct member 'ad' not described in 'selinux_state_has_perm'
security/selinux/avc.c:1755: warning: Excess function parameter 'auditdata' description in 'selinux_state_has_perm'
vim +1606 security/selinux/avc.c
ea5452c91df1901 Stephen Smalley 2024-09-25 1584
77119259f8191e6 Stephen Smalley 2024-09-30 1585 /**
211533f0f5ee0a6 Stephen Smalley 2024-10-07 1586 * cred_obj_has_perm - Check and audit permissions on a (ssid, tsid) pair
77119259f8191e6 Stephen Smalley 2024-09-30 1587 * @cred: subject credentials
77119259f8191e6 Stephen Smalley 2024-09-30 1588 * @ssid: source security identifier
77119259f8191e6 Stephen Smalley 2024-09-30 1589 * @tsid: target security identifier
77119259f8191e6 Stephen Smalley 2024-09-30 1590 * @tclass: target security class
77119259f8191e6 Stephen Smalley 2024-09-30 1591 * @requested: requested permissions, interpreted based on @tclass
77119259f8191e6 Stephen Smalley 2024-09-30 1592 * @auditdata: auxiliary audit data
77119259f8191e6 Stephen Smalley 2024-09-30 1593 *
77119259f8191e6 Stephen Smalley 2024-09-30 1594 * Check permissions between a source SID @ssid and a target SID @tsid for
77119259f8191e6 Stephen Smalley 2024-09-30 1595 * @cred's namespace and all ancestors to determine whether the
77119259f8191e6 Stephen Smalley 2024-09-30 1596 * @requested permissions are granted.
77119259f8191e6 Stephen Smalley 2024-09-30 1597 * Audit the granting or denial of permissions in accordance with the policy.
77119259f8191e6 Stephen Smalley 2024-09-30 1598 * Return %0 if all @requested permissions are granted, -%EACCES if any
77119259f8191e6 Stephen Smalley 2024-09-30 1599 * permissions are denied, or another -errno upon other errors.
77119259f8191e6 Stephen Smalley 2024-09-30 1600 * DO NOT USE when checking permissions involving cred/task SIDs; this
77119259f8191e6 Stephen Smalley 2024-09-30 1601 * helper is only for object-to-object checks.
77119259f8191e6 Stephen Smalley 2024-09-30 1602 */
211533f0f5ee0a6 Stephen Smalley 2024-10-07 1603 int cred_obj_has_perm(const struct cred *cred, u32 ssid, u32 tsid,
211533f0f5ee0a6 Stephen Smalley 2024-10-07 1604 u16 tclass, u32 requested,
211533f0f5ee0a6 Stephen Smalley 2024-10-07 1605 struct common_audit_data *ad)
f7b87de4186db2b Stephen Smalley 2024-09-27 @1606 {
f7b87de4186db2b Stephen Smalley 2024-09-27 1607 struct task_security_struct *tsec;
f7b87de4186db2b Stephen Smalley 2024-09-27 1608 struct selinux_state *state;
f7b87de4186db2b Stephen Smalley 2024-09-27 1609 int rc;
f7b87de4186db2b Stephen Smalley 2024-09-27 1610
f7b87de4186db2b Stephen Smalley 2024-09-27 1611 do {
f7b87de4186db2b Stephen Smalley 2024-09-27 1612 tsec = selinux_cred(cred);
f7b87de4186db2b Stephen Smalley 2024-09-27 1613 state = tsec->state;
f7b87de4186db2b Stephen Smalley 2024-09-27 1614 rc = avc_has_perm(state, ssid, tsid, tclass, requested, ad);
f7b87de4186db2b Stephen Smalley 2024-09-27 1615 if (rc)
f7b87de4186db2b Stephen Smalley 2024-09-27 1616 return rc;
f7b87de4186db2b Stephen Smalley 2024-09-27 1617
f7b87de4186db2b Stephen Smalley 2024-09-27 1618 cred = tsec->parent_cred;
f7b87de4186db2b Stephen Smalley 2024-09-27 1619 } while (cred);
f7b87de4186db2b Stephen Smalley 2024-09-27 1620
f7b87de4186db2b Stephen Smalley 2024-09-27 1621 return 0;
f7b87de4186db2b Stephen Smalley 2024-09-27 1622 }
f7b87de4186db2b Stephen Smalley 2024-09-27 1623
:::::: The code at line 1606 was first introduced by commit
:::::: f7b87de4186db2b1cb21bc7239f9a08e60f5dfb0 selinux: introduce cred_ssid_has_perm() and cred_other_has_perm()
:::::: TO: Stephen Smalley <stephen.smalley.work@gmail.com>
:::::: CC: Stephen Smalley <stephen.smalley.work@gmail.com>
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-02-22 15:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-02-22 15:26 [ssmalley-selinuxns:working-selinuxns 35/42] security/selinux/avc.c:1606: warning: Function parameter or struct member 'ad' not described in 'cred_obj_has_perm' kernel test robot
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.