From: Nathan Chancellor <nathan@kernel.org>
To: John Johansen <john.johansen@canonical.com>
Cc: Ryan Lee <ryan.lee@canonical.com>,
apparmor@lists.ubuntu.com,
linux-security-module@vger.kernel.org, llvm@lists.linux.dev,
patches@lists.linux.dev, kernel test robot <lkp@intel.com>,
Nathan Chancellor <nathan@kernel.org>
Subject: [PATCH] apparmor: Add empty statement between label and declaration in profile_transition(()
Date: Mon, 11 Nov 2024 07:49:43 -0700 [thread overview]
Message-ID: <20241111-apparmor-fix-label-declaration-warning-v1-1-adb64ab6482b@kernel.org> (raw)
Clang 18 and newer warns (or errors with CONFIG_WERROR=y):
security/apparmor/domain.c:695:3: error: label followed by a declaration is a C23 extension [-Werror,-Wc23-extensions]
695 | struct aa_profile *new_profile = NULL;
| ^
With Clang 17 and older, this is just an unconditional hard error:
security/apparmor/domain.c:695:3: error: expected expression
695 | struct aa_profile *new_profile = NULL;
| ^
security/apparmor/domain.c:697:3: error: use of undeclared identifier 'new_profile'
697 | new_profile = aa_new_learning_profile(profile, false, name,
| ^
security/apparmor/domain.c:699:8: error: use of undeclared identifier 'new_profile'
699 | if (!new_profile) {
| ^
security/apparmor/domain.c:704:11: error: use of undeclared identifier 'new_profile'
704 | new = &new_profile->label;
| ^
Add a semicolon directly after the label to create an empty statement,
which keeps the original intent of the code while clearing up the
warning/error on all clang versions.
Fixes: ee650b3820f3 ("apparmor: properly handle cx/px lookup failure for complain")
Reported-by: kernel test robot <lkp@intel.com>
Closes: https://lore.kernel.org/oe-kbuild-all/202411101808.AI8YG6cs-lkp@intel.com/
Signed-off-by: Nathan Chancellor <nathan@kernel.org>
---
security/apparmor/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 602d7a1bb44823a9b81e34d270b03c5f3aff3a34..eb0f222aa29442686b0a6751001c879f5b366c59 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -691,7 +691,7 @@ static struct aa_label *profile_transition(const struct cred *subj_cred,
error = -EACCES;
}
} else if (COMPLAIN_MODE(profile)) {
-create_learning_profile:
+create_learning_profile:;
/* no exec permission - learning mode */
struct aa_profile *new_profile = NULL;
---
base-commit: 8c4f7960ae8a7a03a43f814e4af471b8e6ea3391
change-id: 20241111-apparmor-fix-label-declaration-warning-fcd24ce2d447
Best regards,
--
Nathan Chancellor <nathan@kernel.org>
next reply other threads:[~2024-11-11 14:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-11 14:49 Nathan Chancellor [this message]
2024-11-16 2:17 ` [PATCH] apparmor: Add empty statement between label and declaration in profile_transition(() John Johansen
2024-11-16 2:34 ` Nathan Chancellor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241111-apparmor-fix-label-declaration-warning-v1-1-adb64ab6482b@kernel.org \
--to=nathan@kernel.org \
--cc=apparmor@lists.ubuntu.com \
--cc=john.johansen@canonical.com \
--cc=linux-security-module@vger.kernel.org \
--cc=lkp@intel.com \
--cc=llvm@lists.linux.dev \
--cc=patches@lists.linux.dev \
--cc=ryan.lee@canonical.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox