lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202301100738.euY5nW7B-lkp@intel.com>
Date:   Tue, 10 Jan 2023 08:14:06 +0800
From:   kernel test robot <lkp@...el.com>
To:     "T.J. Mercier" <tjmercier@...gle.com>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Arve Hjønnevåg <arve@...roid.com>,
        Todd Kjos <tkjos@...roid.com>,
        Martijn Coenen <maco@...roid.com>,
        Joel Fernandes <joel@...lfernandes.org>,
        Christian Brauner <brauner@...nel.org>,
        Carlos Llamas <cmllamas@...gle.com>,
        Suren Baghdasaryan <surenb@...gle.com>,
        Paul Moore <paul@...l-moore.com>,
        James Morris <jmorris@...ei.org>,
        "Serge E. Hallyn" <serge@...lyn.com>,
        Stephen Smalley <stephen.smalley.work@...il.com>,
        Eric Paris <eparis@...isplace.org>
Cc:     llvm@...ts.linux.dev, oe-kbuild-all@...ts.linux.dev,
        hannes@...xchg.org, daniel.vetter@...ll.ch, android-mm@...gle.com,
        jstultz@...gle.com, linux-kernel@...r.kernel.org,
        linux-security-module@...r.kernel.org, selinux@...r.kernel.org
Subject: Re: [PATCH 4/4] security: binder: Add transfer_charge SElinux hook

Hi Mercier",

Thank you for the patch! Yet something to improve:

[auto build test ERROR on b7bfaa761d760e72a969d116517eaa12e404c262]

url:    https://github.com/intel-lab-lkp/linux/commits/T-J-Mercier/memcg-Track-exported-dma-buffers/20230110-054247
base:   b7bfaa761d760e72a969d116517eaa12e404c262
patch link:    https://lore.kernel.org/r/20230109213809.418135-5-tjmercier%40google.com
patch subject: [PATCH 4/4] security: binder: Add transfer_charge SElinux hook
config: arm64-randconfig-r036-20230109
compiler: clang version 16.0.0 (https://github.com/llvm/llvm-project 8d9828ef5aa9688500657d36cd2aefbe12bbd162)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # install arm64 cross compiling tool for clang build
        # apt-get install binutils-aarch64-linux-gnu
        # https://github.com/intel-lab-lkp/linux/commit/e412f67c5a40d34925284b62dde89448b8b7e208
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review T-J-Mercier/memcg-Track-exported-dma-buffers/20230110-054247
        git checkout e412f67c5a40d34925284b62dde89448b8b7e208
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=arm64 olddefconfig
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=arm64 SHELL=/bin/bash drivers/android/

If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@...el.com>

All errors (new ones prefixed by >>):

>> drivers/android/binder.c:2282:7: error: call to undeclared function 'security_binder_transfer_charge'; ISO C99 and later do not support implicit function declarations [-Wimplicit-function-declaration]
                   if (security_binder_transfer_charge(proc->cred, target_proc->cred)) {
                       ^
   drivers/android/binder.c:2282:7: note: did you mean 'security_binder_transfer_file'?
   include/linux/security.h:545:19: note: 'security_binder_transfer_file' declared here
   static inline int security_binder_transfer_file(const struct cred *from,
                     ^
   1 error generated.


vim +/security_binder_transfer_charge +2282 drivers/android/binder.c

  2240	
  2241	static int binder_translate_fd(u32 fd, binder_size_t fd_offset, __u32 flags,
  2242				       struct binder_transaction *t,
  2243				       struct binder_thread *thread,
  2244				       struct binder_transaction *in_reply_to)
  2245	{
  2246		struct binder_proc *proc = thread->proc;
  2247		struct binder_proc *target_proc = t->to_proc;
  2248		struct binder_txn_fd_fixup *fixup;
  2249		struct file *file;
  2250		int ret = 0;
  2251		bool target_allows_fd;
  2252	
  2253		if (in_reply_to)
  2254			target_allows_fd = !!(in_reply_to->flags & TF_ACCEPT_FDS);
  2255		else
  2256			target_allows_fd = t->buffer->target_node->accept_fds;
  2257		if (!target_allows_fd) {
  2258			binder_user_error("%d:%d got %s with fd, %d, but target does not allow fds\n",
  2259					  proc->pid, thread->pid,
  2260					  in_reply_to ? "reply" : "transaction",
  2261					  fd);
  2262			ret = -EPERM;
  2263			goto err_fd_not_accepted;
  2264		}
  2265	
  2266		file = fget(fd);
  2267		if (!file) {
  2268			binder_user_error("%d:%d got transaction with invalid fd, %d\n",
  2269					  proc->pid, thread->pid, fd);
  2270			ret = -EBADF;
  2271			goto err_fget;
  2272		}
  2273		ret = security_binder_transfer_file(proc->cred, target_proc->cred, file);
  2274		if (ret < 0) {
  2275			ret = -EPERM;
  2276			goto err_security;
  2277		}
  2278	
  2279		if (IS_ENABLED(CONFIG_MEMCG) && (flags & BINDER_FD_FLAG_XFER_CHARGE)) {
  2280			struct dma_buf *dmabuf;
  2281	
> 2282			if (security_binder_transfer_charge(proc->cred, target_proc->cred)) {
  2283				ret = -EPERM;
  2284				goto err_security;
  2285			}
  2286	
  2287			if (unlikely(!is_dma_buf_file(file))) {
  2288				binder_user_error(
  2289					"%d:%d got transaction with XFER_CHARGE for non-dmabuf fd, %d\n",
  2290					proc->pid, thread->pid, fd);
  2291				ret = -EINVAL;
  2292				goto err_dmabuf;
  2293			}
  2294	
  2295			dmabuf = file->private_data;
  2296			ret = dma_buf_transfer_charge(dmabuf, target_proc->tsk);
  2297			if (ret) {
  2298				pr_warn("%d:%d Unable to transfer DMA-BUF fd charge to %d\n",
  2299					proc->pid, thread->pid, target_proc->pid);
  2300				goto err_xfer;
  2301			}
  2302		}
  2303	
  2304		/*
  2305		 * Add fixup record for this transaction. The allocation
  2306		 * of the fd in the target needs to be done from a
  2307		 * target thread.
  2308		 */
  2309		fixup = kzalloc(sizeof(*fixup), GFP_KERNEL);
  2310		if (!fixup) {
  2311			ret = -ENOMEM;
  2312			goto err_alloc;
  2313		}
  2314		fixup->file = file;
  2315		fixup->offset = fd_offset;
  2316		fixup->target_fd = -1;
  2317		trace_binder_transaction_fd_send(t, fd, fixup->offset);
  2318		list_add_tail(&fixup->fixup_entry, &t->fd_fixups);
  2319	
  2320		return ret;
  2321	
  2322	err_alloc:
  2323	err_xfer:
  2324	err_dmabuf:
  2325	err_security:
  2326		fput(file);
  2327	err_fget:
  2328	err_fd_not_accepted:
  2329		return ret;
  2330	}
  2331	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests

View attachment "config" of type "text/plain" (195380 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ