From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-audit-bounces@redhat.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.lore.kernel.org (Postfix) with ESMTPS id 41194CCA479
	for <linux-audit@archiver.kernel.org>; Tue, 28 Jun 2022 12:37:46 +0000 (UTC)
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-81-jGtOl0qZPhqc3Y1OhY9dmg-1; Tue, 28 Jun 2022 08:37:41 -0400
X-MC-Unique: jGtOl0qZPhqc3Y1OhY9dmg-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 73D923817A73;
	Tue, 28 Jun 2022 12:37:40 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (unknown [10.30.29.100])
	by smtp.corp.redhat.com (Postfix) with ESMTP id 0A78740C141F;
	Tue, 28 Jun 2022 12:37:39 +0000 (UTC)
Received: from mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (localhost [IPv6:::1])
	by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with ESMTP id 9ECE2194704D;
	Tue, 28 Jun 2022 12:37:38 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
 by mm-prod-listman-01.mail-001.prod.us-east-1.aws.redhat.com (Postfix) with
 ESMTP id 66E2819466DF for <linux-audit@listman.corp.redhat.com>;
 Tue, 28 Jun 2022 05:37:14 +0000 (UTC)
Received: by smtp.corp.redhat.com (Postfix)
 id 56A492024CB6; Tue, 28 Jun 2022 05:37:14 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
 (mimecast04.extmail.prod.ext.rdu2.redhat.com [10.11.55.20])
 by smtp.corp.redhat.com (Postfix) with ESMTPS id 52A342026D64
 for <linux-audit@redhat.com>; Tue, 28 Jun 2022 05:37:14 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
 [207.211.31.120])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 36BFB101AA4E
 for <linux-audit@redhat.com>; Tue, 28 Jun 2022 05:37:14 +0000 (UTC)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by
 relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-361-o85qCqAWMhGw6hVWCN88qA-1; Tue, 28 Jun 2022 01:37:11 -0400
X-MC-Unique: o85qCqAWMhGw6hVWCN88qA-1
X-IronPort-AV: E=McAfee;i="6400,9594,10391"; a="261442649"
X-IronPort-AV: E=Sophos;i="5.92,227,1650956400"; d="scan'208";a="261442649"
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 27 Jun 2022 22:37:10 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.92,227,1650956400"; d="scan'208";a="540368709"
Received: from lkp-server01.sh.intel.com (HELO 68b931ab7ac1) ([10.239.97.150])
 by orsmga003.jf.intel.com with ESMTP; 27 Jun 2022 22:37:07 -0700
Received: from kbuild by 68b931ab7ac1 with local (Exim 4.95)
 (envelope-from <lkp@intel.com>) id 1o63uM-0009YY-Dj;
 Tue, 28 Jun 2022 05:37:06 +0000
Date: Tue, 28 Jun 2022 13:36:55 +0800
From: kernel test robot <lkp@intel.com>
To: Casey Schaufler <casey@schaufler-ca.com>, casey.schaufler@intel.com,
 jmorris@namei.org, linux-security-module@vger.kernel.org,
 selinux@vger.kernel.org
Subject: Re: [PATCH v37 18/33] LSM: Use lsmcontext in
 security_dentry_init_security
Message-ID: <202206281302.ApiPUdom-lkp@intel.com>
References: <20220628005611.13106-19-casey@schaufler-ca.com>
MIME-Version: 1.0
In-Reply-To: <20220628005611.13106-19-casey@schaufler-ca.com>
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
 Definition; Similar Internal Domain=false;
 Similar Monitored External Domain=false; Custom External Domain=false;
 Mimecast External Domain=false; Newly Observed Domain=false;
 Internal User Name=false; Custom Display Name List=false;
 Reply-to Address Mismatch=false; Targeted Threat Dictionary=false;
 Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-Mailman-Approved-At: Tue, 28 Jun 2022 12:37:37 +0000
X-BeenThere: linux-audit@redhat.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Linux Audit Discussion <linux-audit.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/linux-audit>,
 <mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <http://listman.redhat.com/archives/linux-audit/>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/linux-audit>,
 <mailto:linux-audit-request@redhat.com?subject=subscribe>
Cc: john.johansen@canonical.com, kbuild-all@lists.01.org,
 linux-kernel@vger.kernel.org, linux-audit@redhat.com
Errors-To: linux-audit-bounces@redhat.com
Sender: "Linux-audit" <linux-audit-bounces@redhat.com>
X-Scanned-By: MIMEDefang 2.84 on 10.11.54.2
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=linux-audit-bounces@redhat.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Disposition: inline
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi Casey,

I love your patch! Perhaps something to improve:

[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on pcmoore-selinux/next linus/master v5.19-rc4 next-20220627]
[cannot apply to jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: i386-defconfig (https://download.01.org/0day-ci/archive/20220628/202206281302.ApiPUdom-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-3) 11.3.0
reproduce (this is a W=1 build):
        # https://github.com/intel-lab-lkp/linux/commit/c930a07cebde69363d3633fba8bd4cac46dd1520
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220628-095614
        git checkout c930a07cebde69363d3633fba8bd4cac46dd1520
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        make W=1 O=build_dir ARCH=i386 SHELL=/bin/bash

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

   security/security.c: In function 'security_setprocattr':
>> security/security.c:2285:21: warning: variable 'slotname' set but not used [-Wunused-but-set-variable]
    2285 |         const char *slotname;
         |                     ^~~~~~~~


vim +/slotname +2285 security/security.c

  2266	
  2267	/**
  2268	 * security_setprocattr - Set process attributes via /proc
  2269	 * @lsm: name of module involved, or NULL
  2270	 * @name: name of the attribute
  2271	 * @value: value to set the attribute to
  2272	 * @size: size of the value
  2273	 *
  2274	 * Set the process attribute for the specified security module
  2275	 * to the specified value. Note that this can only be used to set
  2276	 * the process attributes for the current, or "self" process.
  2277	 * The /proc code has already done this check.
  2278	 *
  2279	 * Returns 0 on success, an appropriate code otherwise.
  2280	 */
  2281	int security_setprocattr(const char *lsm, const char *name, void *value,
  2282				 size_t size)
  2283	{
  2284		struct security_hook_list *hp;
> 2285		const char *slotname;
  2286		char *termed;
  2287		char *copy;
  2288		int *ilsm = current->security;
  2289		int rc = -EINVAL;
  2290		int slot = 0;
  2291	
  2292		if (!strcmp(name, "interface_lsm")) {
  2293			/*
  2294			 * Change the "interface_lsm" value only if all the security
  2295			 * modules that support setting a procattr allow it.
  2296			 * It is assumed that all such security modules will be
  2297			 * cooperative.
  2298			 */
  2299			if (size == 0)
  2300				return -EINVAL;
  2301	
  2302			hlist_for_each_entry(hp, &security_hook_heads.setprocattr,
  2303					     list) {
  2304				rc = hp->hook.setprocattr(name, value, size);
  2305				if (rc < 0 && rc != LSM_RET_DEFAULT(setprocattr))
  2306					return rc;
  2307			}
  2308	
  2309			rc = -EINVAL;
  2310	
  2311			copy = kmemdup_nul(value, size, GFP_KERNEL);
  2312			if (copy == NULL)
  2313				return -ENOMEM;
  2314	
  2315			termed = strsep(&copy, " \n");
  2316	
  2317			for (slot = 0; slot < lsm_slot; slot++) {
  2318				slotname = lsm_slot_to_name(slot);
  2319				if (!strcmp(termed, lsm_slotlist[slot]->lsm)) {
  2320					*ilsm = slot;
  2321					rc = size;
  2322					break;
  2323				}
  2324			}
  2325	
  2326			kfree(termed);
  2327			return rc;
  2328		}
  2329	
  2330		hlist_for_each_entry(hp, &security_hook_heads.setprocattr, list) {
  2331			if (lsm != NULL && strcmp(lsm, hp->lsmid->lsm))
  2332				continue;
  2333			if (lsm == NULL && *ilsm != LSMBLOB_INVALID &&
  2334			    *ilsm != hp->lsmid->slot)
  2335				continue;
  2336			return hp->hook.setprocattr(name, value, size);
  2337		}
  2338		return LSM_RET_DEFAULT(setprocattr);
  2339	}
  2340	

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

--
Linux-audit mailing list
Linux-audit@redhat.com
https://listman.redhat.com/mailman/listinfo/linux-audit