lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <4153e658-0ca9-469c-ae96-4ac615d894b8@app.fastmail.com>
Date: Tue, 26 Nov 2024 17:26:41 +0100
From: "Arnd Bergmann" <arnd@...db.de>
To: "Naresh Kamboju" <naresh.kamboju@...aro.org>, audit@...r.kernel.org,
 "open list" <linux-kernel@...r.kernel.org>, lkft-triage@...ts.linaro.org,
 "Linux Regressions" <regressions@...ts.linux.dev>
Cc: "Eric Paris" <eparis@...hat.com>, "Paul Moore" <paul@...l-moore.com>,
 "Dan Carpenter" <dan.carpenter@...aro.org>,
 "Anders Roxell" <anders.roxell@...aro.org>,
 "Yafang Shao" <laoar.shao@...il.com>,
 "Gustavo A. R. Silva" <gustavoars@...nel.org>, "Kees Cook" <kees@...nel.org>
Subject: Re: include/linux/fortify-string.h:293:17: error: call to '__write_overflow'
 declared with attribute error: detected write beyond size of object (1st
 parameter)

On Tue, Nov 26, 2024, at 16:12, Arnd Bergmann wrote:
> On Tue, Nov 26, 2024, at 15:58, Naresh Kamboju wrote:
>> Build error:
>> ---------
>> In function 'sized_strscpy',
>>     inlined from '__audit_ptrace' at kernel/auditsc.c:2732:2:
>> include/linux/fortify-string.h:293:17: error: call to
>> '__write_overflow' declared with attribute error: detected write
>> beyond size of object (1st parameter)
>>   293 |                 __write_overflow();
>>       |                 ^~~~~~~~~~~~~~~~~~
>> In function 'sized_strscpy',
>>     inlined from 'audit_signal_info_syscall' at kernel/auditsc.c:2759:3:
>> include/linux/fortify-string.h:293:17: error: call to
>> '__write_overflow' declared with attribute error: detected write
>> beyond size of object (1st parameter)
>>   293 |                 __write_overflow();
>>       |                 ^~~~~~~~~~~~~~~~~~
>> make[4]: *** [scripts/Makefile.build:229: kernel/auditsc.o] Error 1
>
> I have run into this specific one before but failed to
> come up with a working fix.
>
> I think the specific warning started with
>
> https://lore.kernel.org/all/20240828030321.20688-3-laoar.shao@gmail.com/
>
> but reverting that just replaces it with a slightly different
> warning. In my randconfig tree I have a patch that comments out
> the two security_task_getlsmprop_obj(), and I don't think I get
> warnings at the moment, but I no longer see why I would have done
> that.

Update: this seems to reliably avoid the warning, but I'm
still a bit lost about what exactly gcc warns about. I assume
this is a false-positive warning somewhere.

Added Kees and Gustavo to Cc in case they know what's going on.

      Arnd

diff --git a/kernel/audit.h b/kernel/audit.h
index 0211cb307d30..31cc41b167ae 100644
--- a/kernel/audit.h
+++ b/kernel/audit.h
@@ -145,7 +145,9 @@ struct audit_context {
 	kuid_t		    target_uid;
 	unsigned int	    target_sessionid;
 	struct lsm_prop	    target_ref;
-	char		    target_comm[TASK_COMM_LEN];
+	struct_group(_target_comm,
+		char	    target_comm[TASK_COMM_LEN];
+	);
 
 	struct audit_tree_refs *trees, *first_trees;
 	struct list_head killed_trees;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ