All of lore.kernel.org
 help / color / mirror / Atom feed
From: kernel test robot <lkp@intel.com>
To: Max Kellermann <max.kellermann@ionos.com>,
	serge@hallyn.com, paul@paul-moore.com, jmorris@namei.org,
	linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org
Cc: oe-kbuild-all@lists.linux.dev, Max Kellermann <max.kellermann@ionos.com>
Subject: Re: [PATCH] security/commoncap: don't assume "setid" if all ids are identical
Date: Fri, 7 Mar 2025 18:32:04 +0800	[thread overview]
Message-ID: <202503071808.FE4vwUc4-lkp@intel.com> (raw)
In-Reply-To: <20250306082615.174777-1-max.kellermann@ionos.com>

Hi Max,

kernel test robot noticed the following build warnings:

[auto build test WARNING on pcmoore-selinux/next]
[also build test WARNING on linus/master v6.14-rc5 next-20250306]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]

url:    https://github.com/intel-lab-lkp/linux/commits/Max-Kellermann/security-commoncap-don-t-assume-setid-if-all-ids-are-identical/20250306-162826
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git next
patch link:    https://lore.kernel.org/r/20250306082615.174777-1-max.kellermann%40ionos.com
patch subject: [PATCH] security/commoncap: don't assume "setid" if all ids are identical
config: arc-allnoconfig (https://download.01.org/0day-ci/archive/20250307/202503071808.FE4vwUc4-lkp@intel.com/config)
compiler: arc-elf-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250307/202503071808.FE4vwUc4-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202503071808.FE4vwUc4-lkp@intel.com/

All warnings (new ones prefixed by >>):

>> security/commoncap.c:865: warning: This comment starts with '/**', but isn't a kernel-doc comment. Refer Documentation/doc-guide/kernel-doc.rst
    * Are all user/group ids in both cred instances identical?


vim +865 security/commoncap.c

   863	
   864	/**
 > 865	 * Are all user/group ids in both cred instances identical?
   866	 *
   867	 * It can be used after __is_setuid() / __is_setgid() to check whether
   868	 * this is really a set*id operation or whether both processes just
   869	 * have differing real/effective ids.  It is safe to keep differing
   870	 * real/effective ids in "unsafe" program execution.
   871	 */
   872	static bool has_identical_uids_gids(const struct cred *a, const struct cred *b)
   873	{
   874		return uid_eq(a->uid, b->uid) &&
   875			gid_eq(a->gid, b->gid) &&
   876			uid_eq(a->suid, b->suid) &&
   877			gid_eq(a->sgid, b->sgid) &&
   878			uid_eq(a->euid, b->euid) &&
   879			gid_eq(a->egid, b->egid) &&
   880			uid_eq(a->fsuid, b->fsuid) &&
   881			gid_eq(a->fsgid, b->fsgid);
   882	}
   883	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

  reply	other threads:[~2025-03-07 10:32 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-03-06  8:26 [PATCH] security/commoncap: don't assume "setid" if all ids are identical Max Kellermann
2025-03-07 10:32 ` kernel test robot [this message]
2025-03-09 15:19 ` Serge E. Hallyn
2025-04-28 11:43   ` Max Kellermann
2025-05-06 13:21     ` Serge E. Hallyn
2025-05-06 14:51       ` Max Kellermann
2025-05-07  3:16         ` Andrew G. Morgan
2025-05-07  6:33           ` Max Kellermann
2025-05-08  3:32             ` Andrew G. Morgan
2025-05-08  6:38               ` Max Kellermann
2025-05-08  8:37               ` Max Kellermann
2025-05-09 17:50             ` Max Kellermann
2025-05-08 22:12         ` sergeh
2025-05-09  6:15           ` Max Kellermann
2025-05-09 14:44             ` Eric W. Biederman
2025-05-09 16:53               ` Max Kellermann
2025-05-09 20:17                 ` Serge E. Hallyn
2025-05-09 18:41               ` [PATCH] Documentation/no_new_privs.rst: document dropping effective ids Max Kellermann
2025-05-15 16:24 ` [PATCH] exec: Correct the permission check for unsafe exec Eric W. Biederman
2025-05-15 22:09   ` Kees Cook
2025-05-16 15:26     ` Eric W. Biederman
2025-05-16 18:06       ` Jann Horn
2025-05-16 18:08         ` Jann Horn
2025-05-16 21:46         ` sergeh
2025-05-20 22:38           ` Jann Horn
2025-05-20 22:43             ` Kees Cook
2025-05-16 23:29         ` Eric W. Biederman
2025-05-20 20:20           ` Kees Cook
2025-05-20 22:13             ` [PATCH v2] " Eric W. Biederman
2025-05-20 22:35               ` Kees Cook
2025-05-20 23:53               ` Jann Horn
2025-05-21 15:27                 ` Eric W. Biederman
2025-05-21 15:36                   ` Jann Horn
2025-06-11  0:18                     ` Paul Moore
2025-06-11 14:23                       ` Max Kellermann
2025-06-13 15:07                         ` Eric W. Biederman
2025-06-12 21:26                       ` Serge E. Hallyn
2025-06-13  1:48                         ` Kees Cook
2025-06-13 15:28                           ` Paul Moore
2025-06-16 19:57                             ` Kees Cook
2025-06-16 20:16                               ` Paul Moore
2025-05-16 21:48     ` [PATCH] " sergeh
2025-05-16 21:49   ` sergeh
     [not found] <CAKPOu+_p6D-s9k_rokup+7JC-GDJMCxweBrR2JthLGtSufrUCQ@mail.gmail.com>
     [not found] ` <20250509180150.GA707254@mail.hallyn.com>
     [not found]   ` <CAKPOu+_MEX-KC-Mp+Pn0=mKRoNQcrAs0nEUmyU84EZC=2CMkXA@mail.gmail.com>
     [not found]     ` <20250509192642.GA707808@mail.hallyn.com>
     [not found]       ` <CAKPOu+-iV8daKn_TVR5QStoBNWD-MDpG6Bmj4zoe4QQL_PLJtw@mail.gmail.com>
     [not found]         ` <20250510130938.GA712334@mail.hallyn.com>
     [not found]           ` <CAKPOu+_U6AAf5MTSi8mmUTbLdGEw0w=5mqnaCZ3YjvxgCN6WeA@mail.gmail.com>
     [not found]             ` <20250510160809.GA713084@mail.hallyn.com>
     [not found]               ` <CAKPOu+9ooP6yH6qHgAEaX_3W+kGxYjJX9UuTeGS_BPc3BhTDyA@mail.gmail.com>
     [not found]                 ` <20250510192919.GA714187@mail.hallyn.com>
     [not found]                   ` <202505121725.34FC22D2D@keescook>
2025-05-13  6:25                     ` [PATCH] security/commoncap: don't assume "setid" if all ids are identical Max Kellermann

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202503071808.FE4vwUc4-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=max.kellermann@ionos.com \
    --cc=oe-kbuild-all@lists.linux.dev \
    --cc=paul@paul-moore.com \
    --cc=serge@hallyn.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.