[PATCH v22 20/23] Audit: Add new record for multiple process LSM attributes
kernel test robot
lkp at intel.com
Wed Nov 11 06:37:07 UTC 2020
Hi Casey,
I love your patch! Perhaps something to improve:
[auto build test WARNING on nf-next/master]
[also build test WARNING on nf/master linus/master v5.10-rc3 next-20201110]
[cannot apply to security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Casey-Schaufler/LSM-Module-stacking-for-AppArmor/20201105-091817
base: https://git.kernel.org/pub/scm/linux/kernel/git/pablo/nf-next.git master
config: i386-randconfig-a004-20201104 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce (this is a W=1 build):
# https://github.com/0day-ci/linux/commit/3fc93335d8a4090601fe221c305017ca73c23c61
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Casey-Schaufler/LSM-Module-stacking-for-AppArmor/20201105-091817
git checkout 3fc93335d8a4090601fe221c305017ca73c23c61
# save the attached .config to linux build tree
make W=1 ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp at intel.com>
All warnings (new ones prefixed by >>):
In file included from security/integrity/ima/ima.h:22,
from security/integrity/ima/ima_api.c:18:
include/linux/audit.h:585:1: error: expected identifier or '(' before '+' token
585 | +static inline struct audit_context *audit_alloc_local(gfp_t gfpflags)
| ^
security/integrity/ima/ima_api.c: In function 'ima_audit_measurement':
security/integrity/ima/ima_api.c:360:12: error: implicit declaration of function 'audit_alloc_for_lsm'; did you mean 'audit_log_lsm'? [-Werror=implicit-function-declaration]
360 | context = audit_alloc_for_lsm(GFP_KERNEL);
| ^~~~~~~~~~~~~~~~~~~
| audit_log_lsm
>> security/integrity/ima/ima_api.c:360:10: warning: assignment to 'struct audit_context *' from 'int' makes pointer from integer without a cast [-Wint-conversion]
360 | context = audit_alloc_for_lsm(GFP_KERNEL);
| ^
In file included from security/integrity/ima/ima.h:22,
from security/integrity/ima/ima_api.c:18:
At top level:
include/linux/audit.h:261:13: warning: 'audit_log_lsm' defined but not used [-Wunused-function]
261 | static void audit_log_lsm(struct audit_context *context)
| ^~~~~~~~~~~~~
cc1: some warnings being treated as errors
vim +360 security/integrity/ima/ima_api.c
339
340 void ima_audit_measurement(struct integrity_iint_cache *iint,
341 const unsigned char *filename)
342 {
343 struct audit_context *context;
344 struct audit_buffer *ab;
345 char *hash;
346 const char *algo_name = hash_algo_name[iint->ima_hash->algo];
347 int i;
348
349 if (iint->flags & IMA_AUDITED)
350 return;
351
352 hash = kzalloc((iint->ima_hash->length * 2) + 1, GFP_KERNEL);
353 if (!hash)
354 return;
355
356 for (i = 0; i < iint->ima_hash->length; i++)
357 hex_byte_pack(hash + (i * 2), iint->ima_hash->digest[i]);
358 hash[i * 2] = '\0';
359
> 360 context = audit_alloc_for_lsm(GFP_KERNEL);
361 ab = audit_log_start(context, GFP_KERNEL, AUDIT_INTEGRITY_RULE);
362 if (!ab)
363 goto out;
364
365 audit_log_format(ab, "file=");
366 audit_log_untrustedstring(ab, filename);
367 audit_log_format(ab, " hash=\"%s:%s\"", algo_name, hash);
368
369 audit_log_task_info(ab);
370 audit_log_end_local(ab, context);
371
372 iint->flags |= IMA_AUDITED;
373 out:
374 kfree(hash);
375 return;
376 }
377
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
More information about the Linux-security-module-archive
mailing list