lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Sep 2021 14:22:01 +0200
From:   Ondrej Mosnacek <omosnace@...hat.com>
To:     kernel test robot <lkp@...el.com>
Cc:     kbuild-all@...ts.01.org,
        Linux kernel mailing list <linux-kernel@...r.kernel.org>,
        Paul Moore <paul@...l-moore.com>
Subject: Re: [selinuxproject-selinux:stable-5.15 1/1] include/linux/rcupdate.h:395:2:
 warning: passing argument 1 of 'security_locked_down' discards 'const'
 qualifier from pointer target type

On Thu, Sep 16, 2021 at 2:08 PM kernel test robot <lkp@...el.com> wrote:
> tree:   https://github.com/SELinuxProject/selinux-kernel stable-5.15
> head:   c491f0a471580712a4254adece400c3ebb3d8e44
> commit: c491f0a471580712a4254adece400c3ebb3d8e44 [1/1] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
> config: um-x86_64_defconfig (attached as .config)
> compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> reproduce (this is a W=1 build):
>         # https://github.com/SELinuxProject/selinux-kernel/commit/c491f0a471580712a4254adece400c3ebb3d8e44
>         git remote add selinuxproject-selinux https://github.com/SELinuxProject/selinux-kernel
>         git fetch --no-tags selinuxproject-selinux stable-5.15
>         git checkout c491f0a471580712a4254adece400c3ebb3d8e44
>         # save the attached .config to linux build tree
>         make W=1 ARCH=um SUBARCH=x86_64
>
> If you fix the issue, kindly add following tag as appropriate
> Reported-by: kernel test robot <lkp@...el.com>
>
> All warnings (new ones prefixed by >>):
>
>    In file included from include/linux/rbtree.h:24,
>                     from include/linux/mm_types.h:10,
>                     from include/linux/mmzone.h:21,
>                     from include/linux/gfp.h:6,
>                     from include/linux/mm.h:10,
>                     from drivers/char/mem.c:12:
>    drivers/char/mem.c: In function 'open_port':
> >> include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
>      395 | ({ \
>          | ~^~~
>      396 |  RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
>          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      397 |  rcu_check_sparse(p, space); \
>          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      398 |  ((typeof(*p) __force __kernel *)(p)); \
>          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>      399 | })
>          | ~~
>    include/linux/rcupdate.h:587:2: note: in expansion of macro '__rcu_dereference_protected'
>      587 |  __rcu_dereference_protected((p), (c), __rcu)
>          |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~
>    include/linux/cred.h:299:2: note: in expansion of macro 'rcu_dereference_protected'
>      299 |  rcu_dereference_protected(current->cred, 1)
>          |  ^~~~~~~~~~~~~~~~~~~~~~~~~
>    drivers/char/mem.c:620:28: note: in expansion of macro 'current_cred'
>      620 |  rc = security_locked_down(current_cred(), LOCKDOWN_DEV_MEM);
>          |                            ^~~~~~~~~~~~
>    In file included from include/linux/fs_context.h:14,
>                     from include/linux/fs_parser.h:11,
>                     from include/linux/shmem_fs.h:11,
>                     from drivers/char/mem.c:25:
>    include/linux/security.h:1347:53: note: expected 'struct cred *' but argument is of type 'const struct cred *'
>     1347 | static inline int security_locked_down(struct cred *cred, enum lockdown_reason what)
>          |                                        ~~~~~~~~~~~~~^~~~

Ah, I forgot to add the const qualifier to the function definition in
the CONFIG_SECURITY=n branch... Paul, will you amend the commit or
should I send an updated patch?

>
>
> vim +395 include/linux/rcupdate.h
>
> 76c8eaafe4f061 Paul E. McKenney        2021-04-21  379
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  380  #define __rcu_access_pointer(p, space) \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  381  ({ \
> 7d0ae8086b8283 Paul E. McKenney        2015-03-03  382          typeof(*p) *_________p1 = (typeof(*p) *__force)READ_ONCE(p); \
> 423a86a610cad1 Joel Fernandes (Google  2018-12-12  383)         rcu_check_sparse(p, space); \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  384          ((typeof(*p) __force __kernel *)(_________p1)); \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  385  })
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  386  #define __rcu_dereference_check(p, c, space) \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  387  ({ \
> ac59853c06993a Pranith Kumar           2014-11-13  388          /* Dependency order vs. p above. */ \
> 506458efaf153c Will Deacon             2017-10-24  389          typeof(*p) *________p1 = (typeof(*p) *__force)READ_ONCE(p); \
> f78f5b90c4ffa5 Paul E. McKenney        2015-06-18  390          RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_check() usage"); \
> 423a86a610cad1 Joel Fernandes (Google  2018-12-12  391)         rcu_check_sparse(p, space); \
> ac59853c06993a Pranith Kumar           2014-11-13  392          ((typeof(*p) __force __kernel *)(________p1)); \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  393  })
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  394  #define __rcu_dereference_protected(p, c, space) \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28 @395  ({ \
> f78f5b90c4ffa5 Paul E. McKenney        2015-06-18  396          RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
> 423a86a610cad1 Joel Fernandes (Google  2018-12-12  397)         rcu_check_sparse(p, space); \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  398          ((typeof(*p) __force __kernel *)(p)); \
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  399  })
> 995f1405610bd8 Paul E. McKenney        2016-07-01  400  #define rcu_dereference_raw(p) \
> 995f1405610bd8 Paul E. McKenney        2016-07-01  401  ({ \
> 995f1405610bd8 Paul E. McKenney        2016-07-01  402          /* Dependency order vs. p above. */ \
> 506458efaf153c Will Deacon             2017-10-24  403          typeof(p) ________p1 = READ_ONCE(p); \
> 995f1405610bd8 Paul E. McKenney        2016-07-01  404          ((typeof(*p) __force __kernel *)(________p1)); \
> 995f1405610bd8 Paul E. McKenney        2016-07-01  405  })
> ca5ecddfa8fcbd Paul E. McKenney        2010-04-28  406
>
> :::::: The code at line 395 was first introduced by commit
> :::::: ca5ecddfa8fcbd948c95530e7e817cee9fb43a3d rcu: define __rcu address space modifier for sparse
>
> :::::: TO: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
> :::::: CC: Paul E. McKenney <paulmck@...ux.vnet.ibm.com>
>
> ---
> 0-DAY CI Kernel Test Service, Intel Corporation
> https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

-- 
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ