lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <202204081233.FUUgdt5c-lkp@intel.com>
Date:   Fri, 8 Apr 2022 12:44:29 +0800
From:   kernel test robot <lkp@...el.com>
To:     Casey Schaufler <casey@...aufler-ca.com>,
        casey.schaufler@...el.com, jmorris@...ei.org,
        linux-security-module@...r.kernel.org, selinux@...r.kernel.org
Cc:     kbuild-all@...ts.01.org, casey@...aufler-ca.com,
        linux-audit@...hat.com, keescook@...omium.org,
        john.johansen@...onical.com, penguin-kernel@...ove.sakura.ne.jp,
        paul@...l-moore.com, stephen.smalley.work@...il.com,
        linux-kernel@...r.kernel.org, linux-integrity@...r.kernel.org,
        netdev@...r.kernel.org
Subject: Re: [PATCH v34 11/29] LSM: Use lsmblob in security_current_getsecid

Hi Casey,

I love your patch! Perhaps something to improve:

[auto build test WARNING on pcmoore-selinux/next]
[also build test WARNING on linus/master v5.18-rc1 next-20220407]
[cannot apply to pcmoore-audit/next jmorris-security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/intel-lab-lkp/linux/commits/Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220408-062243
base:   https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux.git next
config: mips-randconfig-r002-20220408 (https://download.01.org/0day-ci/archive/20220408/202204081233.FUUgdt5c-lkp@intel.com/config)
compiler: mips64el-linux-gcc (GCC) 11.2.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/0d4df6ae86e123057cb18eeb5ba1b1eff2641fe4
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review Casey-Schaufler/integrity-disassociate-ima_filter_rule-from-security_audit_rule/20220408-062243
        git checkout 0d4df6ae86e123057cb18eeb5ba1b1eff2641fe4
        # save the config file to linux build tree
        mkdir build_dir
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.2.0 make.cross O=build_dir ARCH=mips SHELL=/bin/bash security/integrity/ima/

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@...el.com>

All warnings (new ones prefixed by >>):

   security/integrity/ima/ima_main.c: In function 'ima_file_check':
>> security/integrity/ima/ima_main.c:521:16: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     521 |         return process_measurement(file, current_cred(), blob.secid[0], NULL, 0,
         |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     522 |                                    mask & (MAY_READ | MAY_WRITE | MAY_EXEC |
         |                                    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     523 |                                            MAY_APPEND), FILE_CHECK);
         |                                            ~~~~~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:517:24: note: defined here 'blob'
     517 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'ima_file_mmap':
   security/integrity/ima/ima_main.c:413:24: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     413 |                 return process_measurement(file, current_cred(), blob.secid[0],
         |                        ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     414 |                                            NULL, 0, MAY_EXEC, MMAP_CHECK);
         |                                            ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:408:24: note: defined here 'blob'
     408 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'ima_file_mprotect':
   security/integrity/ima/ima_main.c:453:18: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     453 |         action = ima_get_action(file_mnt_user_ns(vma->vm_file), inode,
         |                  ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     454 |                                 current_cred(), blob.secid[0], MAY_EXEC,
         |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     455 |                                 MMAP_CHECK, &pcr, &template, NULL, NULL);
         |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:441:24: note: defined here 'blob'
     441 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'ima_bprm_check':
   security/integrity/ima/ima_main.c:495:15: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     495 |         ret = process_measurement(bprm->file, current_cred(), blob.secid[0],
         |               ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     496 |                                   NULL, 0, MAY_EXEC, BPRM_CHECK);
         |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:491:24: note: defined here 'blob'
     491 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'ima_read_file':
   security/integrity/ima/ima_main.c:739:16: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     739 |         return process_measurement(file, current_cred(), blob.secid[0], NULL,
         |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     740 |                                    0, MAY_READ, func);
         |                                    ~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:717:24: note: defined here 'blob'
     717 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'ima_post_read_file':
   security/integrity/ima/ima_main.c:783:16: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     783 |         return process_measurement(file, current_cred(), blob.secid[0], buf,
         |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     784 |                                    size, MAY_READ, func);
         |                                    ~~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:768:24: note: defined here 'blob'
     768 |         struct lsmblob blob;
         |                        ^~~~
   security/integrity/ima/ima_main.c: In function 'process_buffer_measurement':
   security/integrity/ima/ima_main.c:934:26: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
     934 |                 action = ima_get_action(mnt_userns, inode, current_cred(),
         |                          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     935 |                                         blob.secid[0], 0, func, &pcr, &template,
         |                                         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     936 |                                         func_data, NULL);
         |                                         ~~~~~~~~~~~~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_main.c:26:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_main.c:909:24: note: defined here 'blob'
--
   security/integrity/ima/ima_appraise.c: In function 'ima_must_appraise':
>> security/integrity/ima/ima_appraise.c:81:16: warning: array subscript 0 is outside array bounds of 'u32[0]' {aka 'unsigned int[]'} [-Warray-bounds]
      81 |         return ima_match_policy(mnt_userns, inode, current_cred(),
         |                ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      82 |                                 blob.secid[0], func, mask,
         |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~
      83 |                                 IMA_APPRAISE | IMA_HASH, NULL, NULL, NULL,
         |                                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      84 |                                 NULL);
         |                                 ~~~~~
   In file included from include/linux/ima.h:12,
                    from security/integrity/ima/ima_appraise.c:14:
   include/linux/security.h:150:17: note: while referencing 'secid'
     150 |         u32     secid[LSMBLOB_ENTRIES];
         |                 ^~~~~
   security/integrity/ima/ima_appraise.c:74:24: note: defined here 'blob'
      74 |         struct lsmblob blob;
         |                        ^~~~


vim +521 security/integrity/ima/ima_main.c

   504	
   505	/**
   506	 * ima_file_check - based on policy, collect/store measurement.
   507	 * @file: pointer to the file to be measured
   508	 * @mask: contains MAY_READ, MAY_WRITE, MAY_EXEC or MAY_APPEND
   509	 *
   510	 * Measure files based on the ima_must_measure() policy decision.
   511	 *
   512	 * On success return 0.  On integrity appraisal error, assuming the file
   513	 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
   514	 */
   515	int ima_file_check(struct file *file, int mask)
   516	{
   517		struct lsmblob blob;
   518	
   519		security_current_getsecid_subj(&blob);
   520		/* scaffolding until process_measurement changes */
 > 521		return process_measurement(file, current_cred(), blob.secid[0], NULL, 0,
   522					   mask & (MAY_READ | MAY_WRITE | MAY_EXEC |
   523						   MAY_APPEND), FILE_CHECK);
   524	}
   525	EXPORT_SYMBOL_GPL(ima_file_check);
   526	

-- 
0-DAY CI Kernel Test Service
https://01.org/lkp

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ