* Re: [PATCH v8 08/19] ima: Use mac_admin_ns_capable() to check corresponding capability
[not found] <20220104170416.1923685-9-stefanb@linux.vnet.ibm.com>
@ 2022-01-05 20:55 ` kernel test robot
0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2022-01-05 20:55 UTC (permalink / raw)
To: Stefan Berger, linux-integrity
Cc: llvm, kbuild-all, zohar, serge, christian.brauner, containers,
dmitry.kasatkin, ebiederm, krzysztof.struczynski, roberto.sassu,
mpeters
Hi Stefan,
Thank you for the patch! Perhaps something to improve:
[auto build test WARNING on linux/master]
[also build test WARNING on linus/master v5.16-rc8]
[cannot apply to zohar-integrity/next-integrity jmorris-security/next-testing next-20220105]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Stefan-Berger/ima-Namespace-IMA-with-audit-support-in-IMA-ns/20220105-010946
base: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git 136057256686de39cc3a07c2e39ef6bc43003ff6
config: mips-randconfig-r002-20220105 (https://download.01.org/0day-ci/archive/20220106/202201060430.LHZbFhad-lkp@intel.com/config)
compiler: clang version 14.0.0 (https://github.com/llvm/llvm-project d5b6e30ed3acad794dd0aec400e617daffc6cc3d)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install mips cross compiling tool for clang build
# apt-get install binutils-mips-linux-gnu
# https://github.com/0day-ci/linux/commit/fa09a3da70380ef32e9a644c08a04cc8f4630baf
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Stefan-Berger/ima-Namespace-IMA-with-audit-support-in-IMA-ns/20220105-010946
git checkout fa09a3da70380ef32e9a644c08a04cc8f4630baf
# save the config file to linux build tree
mkdir build_dir
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=mips SHELL=/bin/bash drivers/nvmem/ security/integrity/ima/
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> security/integrity/ima/ima_fs.c:380:25: warning: unused variable 'user_ns'
struct user_namespace = ima_user_ns_from_file(filp);
^
fatal error: error in backend: Nested variants found in inline asm string: ' .set push
.set mips64r2
.if ( 0x00 ) != -1)) 0x00 ) != -1)) : ($( static struct ftrace_branch_data __attribute__((__aligned__(4))) __attribute__((__section__("_ftrace_branch"))) __if_trace = $( .func = __func__, .file = "arch/mips/include/asm/bitops.h", .line = 192, $); 0x00 ) != -1)) : $))) ) && ( 0 ); .set push; .set mips64r2; .rept 1; sync 0x00; .endr; .set pop; .else; ; .endif
1: ll $0, $2
or $1, $0, $3
sc $1, $2
beqz $1, 1b
.set pop
'
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
Stack dump:
0. Program arguments: clang -Wp,-MMD,security/integrity/ima/.ima_fs.o.d -nostdinc -Iarch/mips/include -I./arch/mips/include/generated -Iinclude -I./include -Iarch/mips/include/uapi -I./arch/mips/include/generated/uapi -Iinclude/uapi -I./include/generated/uapi -include include/linux/compiler-version.h -include include/linux/kconfig.h -include include/linux/compiler_types.h -D__KERNEL__ -DVMLINUX_LOAD_ADDRESS=0xffffffff84000000 -DLINKER_LOAD_ADDRESS=0x84000000 -DDATAOFFSET=0 -Qunused-arguments -fmacro-prefix-map== -DKBUILD_EXTRA_WARN1 -Wall -Wundef -Werror=strict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -fshort-wchar -fno-PIE -Werror=implicit-function-declaration -Werror=implicit-int -Werror=return-type -Wno-format-security -std=gnu89 --target=mipsel-linux -fintegrated-as -Werror=unknown-warning-option -Werror=ignored-optimization-argument -mno-check-zero-division -mabi=32 -G 0 -mno-abicalls -fno-pic -pipe -msoft-float -DGAS_HAS_SET_HARDFLOAT -Wa,-msoft-float -ffreestanding -EL -fno-stack-check -march=mips32 -Wa,--trap -DTOOLCHAIN_SUPPORTS_VIRT -Iarch/mips/include/asm/mach-au1x00 -Iarch/mips/include/asm/mach-generic -fno-asynchronous-unwind-tables -fno-delete-null-pointer-checks -Wno-frame-address -Wno-address-of-packed-member -O2 -Wframe-larger-than=1024 -fno-stack-protector -Wimplicit-fallthrough -Wno-gnu -mno-global-merge -Wno-unused-but-set-variable -Wno-unused-const-variable -ftrivial-auto-var-init=pattern -fno-stack-clash-protection -pg -falign-functions=64 -Wdeclaration-after-statement -Wvla -Wno-pointer-sign -Wno-array-bounds -fno-strict-overflow -fno-stack-check -Werror=date-time -Werror=incompatible-pointer-types -Wextra -Wunused -Wno-unused-parameter -Wmissing-declarations -Wmissing-format-attribute -Wmissing-prototypes -Wold-style-definition -Wmissing-include-dirs -Wunused-but-set-variable -Wunused-const-variable -Wno-missing-field-initializers -Wno-sign-compare -Wno-type-limits -fsanitize=array-bounds -fsanitize=unreachable -fsanitize=object-size -fsanitize=enum -fsanitize-coverage=trace-pc -I security/integrity/ima -I ./security/integrity/ima -ffunction-sections -fdata-sections -DKBUILD_MODFILE="security/integrity/ima/ima" -DKBUILD_BASENAME="ima_fs" -DKBUILD_MODNAME="ima" -D__KBUILD_MODNAME=kmod_ima -c -o security/integrity/ima/ima_fs.o security/integrity/ima/ima_fs.c
1. <eof> parser at end of file
2. Code generation
3. Running pass 'Function Pass Manager' on module 'security/integrity/ima/ima_fs.c'.
4. Running pass 'Mips Assembly Printer' on function '@ima_open_policy'
#0 0x0000557a749c4b3f Signals.cpp:0:0
#1 0x0000557a749c2a8c llvm::sys::CleanupOnSignal(unsigned long) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3401a8c)
#2 0x0000557a74906667 llvm::CrashRecoveryContext::HandleExit(int) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3345667)
#3 0x0000557a749bb13e llvm::sys::Process::Exit(int, bool) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x33fa13e)
#4 0x0000557a7264133b (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x108033b)
#5 0x0000557a7490d10c llvm::report_fatal_error(llvm::Twine const&, bool) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x334c10c)
#6 0x0000557a755ef9b8 llvm::AsmPrinter::emitInlineAsm(llvm::MachineInstr const (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x402e9b8)
#7 0x0000557a755eb759 llvm::AsmPrinter::emitFunctionBody() (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x402a759)
#8 0x0000557a7309c82e llvm::MipsAsmPrinter::runOnMachineFunction(llvm::MachineFunction&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x1adb82e)
#9 0x0000557a73d332fd llvm::MachineFunctionPass::runOnFunction(llvm::Function&) (.part.53) MachineFunctionPass.cpp:0:0
#10 0x0000557a7416b867 llvm::FPPassManager::runOnFunction(llvm::Function&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x2baa867)
#11 0x0000557a7416b9e1 llvm::FPPassManager::runOnModule(llvm::Module&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x2baa9e1)
#12 0x0000557a7416ccbf llvm::legacy::PassManagerImpl::run(llvm::Module&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x2babcbf)
#13 0x0000557a74cd64fa clang::EmitBackendOutput(clang::DiagnosticsEngine&, clang::HeaderSearchOptions const&, clang::CodeGenOptions const&, clang::TargetOptions const&, clang::LangOptions const&, llvm::StringRef, clang::BackendAction, std::unique_ptr<llvm::raw_pwrite_stream, std::default_delete<llvm::raw_pwrite_stream> >) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x37154fa)
#14 0x0000557a75903ea3 clang::BackendConsumer::HandleTranslationUnit(clang::ASTContext&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x4342ea3)
#15 0x0000557a76407fd9 clang::ParseAST(clang::Sema&, bool, bool) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x4e46fd9)
#16 0x0000557a75902cff clang::CodeGenAction::ExecuteAction() (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x4341cff)
#17 0x0000557a75302001 clang::FrontendAction::Execute() (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3d41001)
#18 0x0000557a75299bda clang::CompilerInstance::ExecuteAction(clang::FrontendAction&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3cd8bda)
#19 0x0000557a753cb07b (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3e0a07b)
#20 0x0000557a72642084 cc1_main(llvm::ArrayRef<char char (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x1081084)
#21 0x0000557a7263f5cb ExecuteCC1Tool(llvm::SmallVectorImpl<char driver.cpp:0:0
#22 0x0000557a75136b15 void llvm::function_ref<void ()>::callback_fn<clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> const::'lambda'()>(long) Job.cpp:0:0
#23 0x0000557a74906523 llvm::CrashRecoveryContext::RunSafely(llvm::function_ref<void ()>) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3345523)
#24 0x0000557a7513740e clang::driver::CC1Command::Execute(llvm::ArrayRef<llvm::Optional<llvm::StringRef> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> const (.part.216) Job.cpp:0:0
#25 0x0000557a7510dee7 clang::driver::Compilation::ExecuteCommand(clang::driver::Command const&, clang::driver::Command const (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3b4cee7)
#26 0x0000557a7510e8c7 clang::driver::Compilation::ExecuteJobs(clang::driver::JobList const&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command >&) const (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3b4d8c7)
#27 0x0000557a75118139 clang::driver::Driver::ExecuteCompilation(clang::driver::Compilation&, llvm::SmallVectorImpl<std::pair<int, clang::driver::Command >&) (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x3b57139)
#28 0x0000557a7256a19f main (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0xfa919f)
#29 0x00007fc0e7a42d0a __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x26d0a)
#30 0x0000557a7263f0ea _start (/opt/cross/clang-d5b6e30ed3/bin/clang-14+0x107e0ea)
clang-14: error: clang frontend command failed with exit code 70 (use -v to see invocation)
clang version 14.0.0 (git://gitmirror/llvm_project d5b6e30ed3acad794dd0aec400e617daffc6cc3d)
Target: mipsel-unknown-linux
Thread model: posix
InstalledDir: /opt/cross/clang-d5b6e30ed3/bin
clang-14: note: diagnostic msg:
Makefile arch drivers include kernel nr_bisected scripts security source usr
vim +/user_ns +380 security/integrity/ima/ima_fs.c
374
375 /*
376 * ima_open_policy: sequentialize access to the policy file
377 */
378 static int ima_open_policy(struct inode *inode, struct file *filp)
379 {
> 380 struct user_namespace *user_ns = ima_user_ns_from_file(filp);
381 struct ima_namespace *ns = &init_ima_ns;
382
383 if (!(filp->f_flags & O_WRONLY)) {
384 #ifndef CONFIG_IMA_READ_POLICY
385 return -EACCES;
386 #else
387 if ((filp->f_flags & O_ACCMODE) != O_RDONLY)
388 return -EACCES;
389 if (!mac_admin_ns_capable(user_ns))
390 return -EPERM;
391 return seq_open(filp, &ima_policy_seqops);
392 #endif
393 }
394 if (test_and_set_bit(IMA_FS_BUSY, &ns->ima_fs_flags))
395 return -EBUSY;
396 return 0;
397 }
398
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-01-05 20:56 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20220104170416.1923685-9-stefanb@linux.vnet.ibm.com>
2022-01-05 20:55 ` [PATCH v8 08/19] ima: Use mac_admin_ns_capable() to check corresponding capability kernel test robot
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).