From: kernel test robot <lkp@intel.com>
To: Stefan Berger <stefanb@linux.ibm.com>,
linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-unionfs@vger.kernel.org
Cc: oe-kbuild-all@lists.linux.dev, linux-kernel@vger.kernel.org,
paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
zohar@linux.ibm.com, roberto.sassu@huawei.com,
amir73il@gmail.com, miklos@szeredi.hu,
Stefan Berger <stefanb@linux.ibm.com>
Subject: Re: [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
Date: Thu, 1 Feb 2024 03:06:55 +0800 [thread overview]
Message-ID: <202402010225.BXp3LrvU-lkp@intel.com> (raw)
In-Reply-To: <20240130214620.3155380-2-stefanb@linux.ibm.com>
Hi Stefan,
kernel test robot noticed the following build errors:
[auto build test ERROR on zohar-integrity/next-integrity]
[also build test ERROR on pcmoore-selinux/next linus/master v6.8-rc2 next-20240131]
[cannot apply to mszeredi-vfs/overlayfs-next mszeredi-vfs/next]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Stefan-Berger/security-allow-finer-granularity-in-permitting-copy-up-of-security-xattrs/20240131-054854
base: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity
patch link: https://lore.kernel.org/r/20240130214620.3155380-2-stefanb%40linux.ibm.com
patch subject: [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs
config: x86_64-defconfig (https://download.01.org/0day-ci/archive/20240201/202402010225.BXp3LrvU-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-12) 11.3.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20240201/202402010225.BXp3LrvU-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202402010225.BXp3LrvU-lkp@intel.com/
All errors (new ones prefixed by >>):
security/security.c: In function 'security_inode_copy_up_xattr':
>> security/security.c:2627:40: error: passing argument 1 of 'evm_inode_copy_up_xattr' from incompatible pointer type [-Werror=incompatible-pointer-types]
2627 | return evm_inode_copy_up_xattr(src, name);
| ^~~
| |
| struct dentry *
In file included from security/security.c:24:
include/linux/evm.h:121:56: note: expected 'const char *' but argument is of type 'struct dentry *'
121 | static inline int evm_inode_copy_up_xattr(const char *name)
| ~~~~~~~~~~~~^~~~
>> security/security.c:2627:16: error: too many arguments to function 'evm_inode_copy_up_xattr'
2627 | return evm_inode_copy_up_xattr(src, name);
| ^~~~~~~~~~~~~~~~~~~~~~~
In file included from security/security.c:24:
include/linux/evm.h:121:20: note: declared here
121 | static inline int evm_inode_copy_up_xattr(const char *name)
| ^~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
vim +/evm_inode_copy_up_xattr +2627 security/security.c
2596
2597 /**
2598 * security_inode_copy_up_xattr() - Filter xattrs in an overlayfs copy-up op
2599 * @src: union dentry of copy-up file
2600 * @name: xattr name
2601 *
2602 * Filter the xattrs being copied up when a unioned file is copied up from a
2603 * lower layer to the union/overlay layer. The caller is responsible for
2604 * reading and writing the xattrs, this hook is merely a filter.
2605 *
2606 * Return: Returns 0 to accept the xattr, 1 to discard the xattr, -EOPNOTSUPP
2607 * if the security module does not know about attribute, or a negative
2608 * error code to abort the copy up.
2609 */
2610 int security_inode_copy_up_xattr(struct dentry *src, const char *name)
2611 {
2612 struct security_hook_list *hp;
2613 int rc;
2614
2615 /*
2616 * The implementation can return 0 (accept the xattr), 1 (discard the
2617 * xattr), -EOPNOTSUPP if it does not know anything about the xattr or
2618 * any other error code in case of an error.
2619 */
2620 hlist_for_each_entry(hp,
2621 &security_hook_heads.inode_copy_up_xattr, list) {
2622 rc = hp->hook.inode_copy_up_xattr(src, name);
2623 if (rc != LSM_RET_DEFAULT(inode_copy_up_xattr))
2624 return rc;
2625 }
2626
> 2627 return evm_inode_copy_up_xattr(src, name);
2628 }
2629 EXPORT_SYMBOL(security_inode_copy_up_xattr);
2630
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
next prev parent reply other threads:[~2024-01-31 19:07 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-30 21:46 [PATCH 0/5] evm: Support signatures on stacked filesystem Stefan Berger
2024-01-30 21:46 ` [PATCH 1/5] security: allow finer granularity in permitting copy-up of security xattrs Stefan Berger
2024-01-31 13:25 ` Amir Goldstein
2024-01-31 14:25 ` Christian Brauner
2024-01-31 14:56 ` Stefan Berger
2024-02-01 13:35 ` Christian Brauner
2024-02-01 14:18 ` Amir Goldstein
2024-02-02 11:58 ` Christian Brauner
2024-02-01 15:41 ` Stefan Berger
2024-01-31 16:47 ` kernel test robot
2024-01-31 19:06 ` kernel test robot [this message]
2024-01-30 21:46 ` [PATCH 2/5] evm: Implement per signature type decision in security_inode_copy_up_xattr Stefan Berger
2024-01-31 13:28 ` Amir Goldstein
2024-01-30 21:46 ` [PATCH 3/5] ima: Reset EVM status upon detecting changes to overlay backing file Stefan Berger
2024-01-31 13:56 ` Amir Goldstein
2024-01-31 14:46 ` Stefan Berger
2024-01-30 21:46 ` [PATCH 4/5] evm: Use the real inode's metadata to calculate metadata hash Stefan Berger
2024-01-31 2:10 ` Stefan Berger
2024-01-31 13:16 ` Amir Goldstein
2024-01-31 14:40 ` Stefan Berger
2024-01-31 15:54 ` Amir Goldstein
2024-01-31 17:23 ` Amir Goldstein
2024-01-31 17:46 ` Stefan Berger
2024-02-01 12:10 ` Amir Goldstein
2024-02-01 13:36 ` Stefan Berger
2024-02-01 14:11 ` Amir Goldstein
2024-02-01 20:35 ` Stefan Berger
2024-02-02 9:24 ` Amir Goldstein
2024-02-02 14:59 ` Stefan Berger
2024-02-02 15:51 ` Amir Goldstein
2024-02-02 16:06 ` Stefan Berger
2024-02-02 16:17 ` Amir Goldstein
2024-02-02 16:30 ` Stefan Berger
2024-01-31 17:25 ` Stefan Berger
2024-01-30 21:46 ` [PATCH 5/5] evm: Enforce signatures on unsupported filesystem for EVM_INIT_X509 Stefan Berger
2024-01-31 14:06 ` Amir Goldstein
2024-02-01 17:53 ` Mimi Zohar
2024-01-31 13:18 ` [PATCH 0/5] evm: Support signatures on stacked filesystem Amir Goldstein
2024-01-31 14:52 ` Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202402010225.BXp3LrvU-lkp@intel.com \
--to=lkp@intel.com \
--cc=amir73il@gmail.com \
--cc=jmorris@namei.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-unionfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=oe-kbuild-all@lists.linux.dev \
--cc=paul@paul-moore.com \
--cc=roberto.sassu@huawei.com \
--cc=serge@hallyn.com \
--cc=stefanb@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox