lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4d565066-5e4a-48fb-a0dc-17c4380ccd65@collabora.com>
Date: Mon, 6 May 2024 09:52:13 +0500
From: Muhammad Usama Anjum <usama.anjum@...labora.com>
To: Amer Al Shanawany <amer.shanawany@...il.com>
Cc: Muhammad Usama Anjum <usama.anjum@...labora.com>,
 linux-kselftest@...r.kernel.org, linux-kernel@...r.kernel.org,
 Javier Carrasco <javier.carrasco.cruz@...il.com>,
 Shuah Khan <shuah@...nel.org>,
 Swarup Laxman Kotiaklapudi <swarupkotikalapudi@...il.com>
Subject: Re: [PATCH] selftests/capabilities: fix warn_unused_result build
 warnings

Thanks for the patch!

On 5/4/24 10:09 PM, Amer Al Shanawany wrote:
> Fix the following warnings by adding return check and error handling.
> 
> test_execve.c: In function ‘do_tests’:
> test_execve.c:100:17: warning: ignoring return value of
>  ‘capng_get_caps_process’
>  declared with attribute ‘warn_unused_result’ [-Wunused-result]
>   100 |                 capng_get_caps_process();
>       |                 ^~~~~~~~~~~~~~~~~~~~~~~~
> validate_cap.c: In function ‘main’:
> validate_cap.c:47:9: warning: ignoring return value of
>  ‘capng_get_caps_process’
> declared with attribute ‘warn_unused_result’ [-Wunused-result]
>    47 |         capng_get_caps_process();
>       |         ^~~~~~~~~~~~~~~~~~~~~~~~
> 
> Signed-off-by: Amer Al Shanawany <amer.shanawany@...il.com>

LGTM
Reviewed-by: Muhammad Usama Anjum <usama.anjum@...labora.com>

> ---
>  tools/testing/selftests/capabilities/test_execve.c  | 12 +++++++++---
>  tools/testing/selftests/capabilities/validate_cap.c |  7 ++++++-
>  2 files changed, 15 insertions(+), 4 deletions(-)
> 
> diff --git a/tools/testing/selftests/capabilities/test_execve.c b/tools/testing/selftests/capabilities/test_execve.c
> index 7cde07a5df78..47bad7ddc5bc 100644
> --- a/tools/testing/selftests/capabilities/test_execve.c
> +++ b/tools/testing/selftests/capabilities/test_execve.c
> @@ -82,7 +82,7 @@ static bool create_and_enter_ns(uid_t inner_uid)
>  {
>  	uid_t outer_uid;
>  	gid_t outer_gid;
> -	int i;
> +	int i, ret;
>  	bool have_outer_privilege;
>  
>  	outer_uid = getuid();
> @@ -97,7 +97,10 @@ static bool create_and_enter_ns(uid_t inner_uid)
>  			ksft_exit_fail_msg("setresuid - %s\n", strerror(errno));
>  
>  		// Re-enable effective caps
> -		capng_get_caps_process();
> +		ret = capng_get_caps_process();
> +		if (ret == -1)
> +			ksft_exit_fail_msg("capng_get_caps_process failed\n");
> +
>  		for (i = 0; i < CAP_LAST_CAP; i++)
>  			if (capng_have_capability(CAPNG_PERMITTED, i))
>  				capng_update(CAPNG_ADD, CAPNG_EFFECTIVE, i);
> @@ -207,6 +210,7 @@ static void exec_validate_cap(bool eff, bool perm, bool inh, bool ambient)
>  
>  static int do_tests(int uid, const char *our_path)
>  {
> +	int ret;
>  	bool have_outer_privilege = create_and_enter_ns(uid);
>  
>  	int ourpath_fd = open(our_path, O_RDONLY | O_DIRECTORY);
> @@ -250,7 +254,9 @@ static int do_tests(int uid, const char *our_path)
>  			ksft_exit_fail_msg("chmod - %s\n", strerror(errno));
>  	}
>  
> -	capng_get_caps_process();
> +	ret = capng_get_caps_process();
> +	if (ret == -1)
> +		ksft_exit_fail_msg("capng_get_caps_process failed\n");
>  
>  	/* Make sure that i starts out clear */
>  	capng_update(CAPNG_DROP, CAPNG_INHERITABLE, CAP_NET_BIND_SERVICE);
> diff --git a/tools/testing/selftests/capabilities/validate_cap.c b/tools/testing/selftests/capabilities/validate_cap.c
> index 60b4e7b716a7..65f2a1c89239 100644
> --- a/tools/testing/selftests/capabilities/validate_cap.c
> +++ b/tools/testing/selftests/capabilities/validate_cap.c
> @@ -28,6 +28,7 @@ static bool bool_arg(char **argv, int i)
>  int main(int argc, char **argv)
>  {
>  	const char *atsec = "";
> +	int ret;
>  
>  	/*
>  	 * Be careful just in case a setgid or setcapped copy of this
> @@ -44,7 +45,11 @@ int main(int argc, char **argv)
>  		atsec = " (AT_SECURE is not set)";
>  #endif
>  
> -	capng_get_caps_process();
> +	ret = capng_get_caps_process();
> +	if (ret == -1) {
> +		ksft_print_msg("capng_get_caps_process failed\n");
> +		return 1;
> +	}
>  
>  	if (capng_have_capability(CAPNG_EFFECTIVE, CAP_NET_BIND_SERVICE) != bool_arg(argv, 1)) {
>  		ksft_print_msg("Wrong effective state%s\n", atsec);

-- 
BR,
Muhammad Usama Anjum

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ