[PATCH 4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks.
kernel test robot
lkp at intel.com
Mon Nov 20 23:36:30 UTC 2023
Hi Tetsuo,
kernel test robot noticed the following build errors:
[auto build test ERROR on bpf/master]
[also build test ERROR on pcmoore-audit/next pcmoore-selinux/next linus/master v6.7-rc2]
[cannot apply to bpf-next/master next-20231120]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Tetsuo-Handa/LSM-Auto-undef-LSM_HOOK-macro/20231120-214522
base: https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git master
patch link: https://lore.kernel.org/r/34be5cd8-1fdd-4323-82a3-40f2e7d35db3%40I-love.SAKURA.ne.jp
patch subject: [PATCH 4/4] LSM: Add a LSM module which handles dynamically appendable LSM hooks.
config: arc-randconfig-002-20231121 (https://download.01.org/0day-ci/archive/20231121/202311210740.Mxc4WM7v-lkp@intel.com/config)
compiler: arc-elf-gcc (GCC) 13.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20231121/202311210740.Mxc4WM7v-lkp@intel.com/reproduce)
If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp at intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202311210740.Mxc4WM7v-lkp@intel.com/
All error/warnings (new ones prefixed by >>):
>> security/security.c:784:13: warning: no previous prototype for 'security_bprm_check_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:114:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
114 | LSM_PLAIN_INT_HOOK(int, 0, bprm_check_security, struct linux_binprm *bprm)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_sb_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:123:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
123 | LSM_PLAIN_INT_HOOK(int, 0, sb_alloc_security, struct super_block *sb)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_sb_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:125:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
125 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, sb_free_security, struct super_block *sb)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_sb_free_mnt_opts' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:126:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
126 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, sb_free_mnt_opts, void *mnt_opts)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_inode_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:174:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
174 | LSM_PLAIN_INT_HOOK(int, 0, inode_alloc_security, struct inode *inode)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_inode_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:175:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
175 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, inode_free_security, struct inode *inode)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_file_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:231:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
231 | LSM_PLAIN_INT_HOOK(int, 0, file_alloc_security, struct file *file)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_file_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:232:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
232 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, file_free_security, struct file *file)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_cred_prepare' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:254:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
254 | LSM_PLAIN_INT_HOOK(int, 0, cred_prepare, struct cred *new, const struct cred *old,
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_msg_msg_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:300:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
300 | LSM_PLAIN_INT_HOOK(int, 0, msg_msg_alloc_security, struct msg_msg *msg)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_msg_msg_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:301:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
301 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, msg_msg_free_security, struct msg_msg *msg)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_msg_queue_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:302:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
302 | LSM_PLAIN_INT_HOOK(int, 0, msg_queue_alloc_security, struct kern_ipc_perm *perm)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_msg_queue_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:303:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
303 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, msg_queue_free_security,
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_shm_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:311:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
311 | LSM_PLAIN_INT_HOOK(int, 0, shm_alloc_security, struct kern_ipc_perm *perm)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_shm_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:312:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
312 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, shm_free_security, struct kern_ipc_perm *perm)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_sem_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:317:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
317 | LSM_PLAIN_INT_HOOK(int, 0, sem_alloc_security, struct kern_ipc_perm *perm)
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_sem_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:318:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
318 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, sem_free_security, struct kern_ipc_perm *perm)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:799:14: warning: no previous prototype for 'security_sk_getsecid' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:381:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
381 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, sk_getsecid, const struct sock *sk, u32 *secid)
| ^~~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_xfrm_policy_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:420:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
420 | LSM_PLAIN_INT_HOOK(int, 0, xfrm_policy_alloc_security, struct xfrm_sec_ctx **ctxp,
| ^~~~~~~~~~~~~~~~~~
>> security/security.c:784:13: warning: no previous prototype for 'security_xfrm_policy_clone_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:422:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
422 | LSM_PLAIN_INT_HOOK(int, 0, xfrm_policy_clone_security, struct xfrm_sec_ctx *old_ctx,
| ^~~~~~~~~~~~~~~~~~
security/security.c:799:14: warning: no previous prototype for 'security_xfrm_policy_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:424:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
424 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, xfrm_policy_free_security,
| ^~~~~~~~~~~~~~~~~~~
security/security.c:784:13: warning: no previous prototype for 'security_xfrm_policy_delete_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:426:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
426 | LSM_PLAIN_INT_HOOK(int, 0, xfrm_policy_delete_security, struct xfrm_sec_ctx *ctx)
| ^~~~~~~~~~~~~~~~~~
security/security.c:799:14: warning: no previous prototype for 'security_xfrm_state_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:431:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
431 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, xfrm_state_free_security, struct xfrm_state *x)
| ^~~~~~~~~~~~~~~~~~~
security/security.c:784:13: warning: no previous prototype for 'security_xfrm_state_delete_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:432:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
432 | LSM_PLAIN_INT_HOOK(int, 0, xfrm_state_delete_security, struct xfrm_state *x)
| ^~~~~~~~~~~~~~~~~~
security/security.c:784:13: error: conflicting types for 'security_xfrm_decode_session'; have 'int(struct sk_buff *, u32 *, int)' {aka 'int(struct sk_buff *, unsigned int *, int)'}
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:436:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
436 | LSM_PLAIN_INT_HOOK(int, 0, xfrm_decode_session, struct sk_buff *skb, u32 *secid,
| ^~~~~~~~~~~~~~~~~~
In file included from include/linux/lsm_hooks.h:28,
from security/security.c:21:
include/linux/security.h:1753:5: note: previous declaration of 'security_xfrm_decode_session' with type 'int(struct sk_buff *, u32 *)' {aka 'int(struct sk_buff *, unsigned int *)'}
1753 | int security_xfrm_decode_session(struct sk_buff *skb, u32 *secid);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~
security/security.c:784:13: warning: no previous prototype for 'security_bpf_map_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:462:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
462 | LSM_PLAIN_INT_HOOK(int, 0, bpf_map_alloc_security, struct bpf_map *map)
| ^~~~~~~~~~~~~~~~~~
security/security.c:799:14: warning: no previous prototype for 'security_bpf_map_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:463:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
463 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, bpf_map_free_security, struct bpf_map *map)
| ^~~~~~~~~~~~~~~~~~~
security/security.c:784:13: warning: no previous prototype for 'security_bpf_prog_alloc_security' [-Wmissing-prototypes]
784 | int security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:464:1: note: in expansion of macro 'LSM_PLAIN_INT_HOOK'
464 | LSM_PLAIN_INT_HOOK(int, 0, bpf_prog_alloc_security, struct bpf_prog_aux *aux)
| ^~~~~~~~~~~~~~~~~~
security/security.c:799:14: warning: no previous prototype for 'security_bpf_prog_free_security' [-Wmissing-prototypes]
799 | void security_##NAME(__VA_ARGS__) \
| ^~~~~~~~~
include/linux/lsm_hook_defs.h:465:1: note: in expansion of macro 'LSM_PLAIN_VOID_HOOK'
465 | LSM_PLAIN_VOID_HOOK(void, LSM_RET_VOID, bpf_prog_free_security, struct bpf_prog_aux *aux)
| ^~~~~~~~~~~~~~~~~~~
vim +784 security/security.c
781
782 #include <linux/lsm_hook_args.h>
783 #define LSM_PLAIN_INT_HOOK(RET, DEFAULT, NAME, ...) \
> 784 int security_##NAME(__VA_ARGS__) \
785 { \
786 struct security_hook_list *P; \
787 \
788 hlist_for_each_entry(P, &security_hook_heads.NAME, list) { \
789 int RC = P->hook.NAME(LSM_CALL_ARGS_##NAME); \
790 \
791 if (RC != DEFAULT) \
792 return RC; \
793 } \
794 return DEFAULT; \
795 }
796 #define LSM_CUSTOM_INT_HOOK(RET, DEFAULT, NAME, ...) DECLARE_LSM_RET_DEFAULT_int(DEFAULT, NAME)
797 #define LSM_SPECIAL_INT_HOOK(RET, DEFAULT, NAME, ...) DECLARE_LSM_RET_DEFAULT_int(DEFAULT, NAME)
798 #define LSM_PLAIN_VOID_HOOK(RET, DEFAULT, NAME, ...) \
> 799 void security_##NAME(__VA_ARGS__) \
800 { \
801 struct security_hook_list *P; \
802 \
803 hlist_for_each_entry(P, &security_hook_heads.NAME, list) \
804 P->hook.NAME(LSM_CALL_ARGS_##NAME); \
805 }
806 #define LSM_CUSTOM_VOID_HOOK(RET, DEFAULT, NAME, ...)
807 #define LSM_SPECIAL_VOID_HOOK(RET, DEFAULT, NAME, ...)
808 #include <linux/lsm_hook_defs.h>
809
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki
More information about the Linux-security-module-archive
mailing list