tree: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git keys-acl head: 2a3c3edfc979691a7dc4733da827f508da90995a commit: 0c172f6031ad95d98e74806335feb64d461816b8 [1/5] keys: Move permissions checking decisions into the checking code config: i386-allyesconfig (attached as .config) compiler: gcc-9 (Debian 9.3.0-14) 9.3.0 reproduce (this is a W=1 build): git checkout 0c172f6031ad95d98e74806335feb64d461816b8 # save the attached .config to linux build tree make W=1 ARCH=i386 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot All error/warnings (new ones prefixed by >>): security/smack/smack_lsm.c: In function 'smack_key_permission': >> security/smack/smack_lsm.c:4258:3: error: 'auth_can_override' undeclared (first use in this function) 4258 | auth_can_override = true; | ^~~~~~~~~~~~~~~~~ security/smack/smack_lsm.c:4258:3: note: each undeclared identifier is reported only once for each function it appears in >> security/smack/smack_lsm.c:4309:10: error: dereferencing pointer to incomplete type 'struct request_key_auth' 4309 | if (rka->target_key == key) | ^~ >> security/smack/smack_lsm.c:4309:26: error: 'key' undeclared (first use in this function) 4309 | if (rka->target_key == key) | ^~~ >> security/smack/smack_lsm.c:4310:5: error: '_perm' undeclared (first use in this function) 4310 | *_perm = 0; | ^~~~~ -- security/selinux/hooks.c: In function 'selinux_keyperm_to_av': >> security/selinux/hooks.c:6548:7: warning: variable 'sysadmin_can_override' set but not used [-Wunused-but-set-variable] 6548 | bool sysadmin_can_override = false; | ^~~~~~~~~~~~~~~~~~~~~ In file included from arch/x86/include/asm/page_32.h:35, from arch/x86/include/asm/page.h:14, from arch/x86/include/asm/thread_info.h:12, from include/linux/thread_info.h:38, from arch/x86/include/asm/preempt.h:7, from include/linux/preempt.h:78, from include/linux/rcupdate.h:27, from include/linux/rculist.h:11, from include/linux/pid.h:5, from include/linux/sched.h:14, from include/linux/tracehook.h:46, from security/selinux/hooks.c:27: In function 'strncpy', inlined from 'selinux_ib_endport_manage_subnet' at security/selinux/hooks.c:6769:2: include/linux/string.h:297:30: warning: '__builtin_strncpy' specified bound 64 equals destination size [-Wstringop-truncation] 297 | #define __underlying_strncpy __builtin_strncpy | ^ include/linux/string.h:307:9: note: in expansion of macro '__underlying_strncpy' 307 | return __underlying_strncpy(p, q, size); | ^~~~~~~~~~~~~~~~~~~~ vim +/auth_can_override +4258 security/smack/smack_lsm.c 4212 4213 /** 4214 * smack_key_permission - Smack access on a key 4215 * @key_ref: gets to the object 4216 * @cred: the credentials to use 4217 * @need_perm: requested key permission 4218 * 4219 * Return 0 if the task has read and write to the object, 4220 * an error code otherwise 4221 */ 4222 static int smack_key_permission(key_ref_t key_ref, 4223 const struct cred *cred, 4224 enum key_need_perm need_perm, 4225 unsigned int flags) 4226 { 4227 struct key *keyp; 4228 struct smk_audit_info ad; 4229 struct smack_known *tkp = smk_of_task(smack_cred(cred)); 4230 int request = 0; 4231 int rc; 4232 4233 keyp = key_ref_to_ptr(key_ref); 4234 if (keyp == NULL) 4235 return -EINVAL; 4236 /* 4237 * If the key hasn't been initialized give it access so that 4238 * it may do so. 4239 */ 4240 if (keyp->security == NULL) 4241 return 0; 4242 /* 4243 * This should not occur 4244 */ 4245 if (tkp == NULL) 4246 return -EACCES; 4247 4248 /* 4249 * Validate requested permissions 4250 */ 4251 switch (need_perm) { 4252 case KEY_NEED_ASSUME_AUTHORITY: 4253 return 0; 4254 4255 case KEY_NEED_DESCRIBE: 4256 case KEY_NEED_GET_SECURITY: 4257 request |= MAY_READ; > 4258 auth_can_override = true; 4259 break; 4260 4261 case KEY_NEED_CHOWN: 4262 case KEY_NEED_INVALIDATE: 4263 case KEY_NEED_JOIN: 4264 case KEY_NEED_LINK: 4265 case KEY_NEED_KEYRING_ADD: 4266 case KEY_NEED_KEYRING_CLEAR: 4267 case KEY_NEED_KEYRING_DELETE: 4268 case KEY_NEED_REVOKE: 4269 case KEY_NEED_SETPERM: 4270 case KEY_NEED_SET_RESTRICTION: 4271 case KEY_NEED_UPDATE: 4272 request |= MAY_WRITE; 4273 break; 4274 4275 case KEY_NEED_INSTANTIATE: 4276 auth_can_override = true; 4277 break; 4278 4279 case KEY_NEED_READ: 4280 case KEY_NEED_SEARCH: 4281 case KEY_NEED_USE: 4282 case KEY_NEED_WATCH: 4283 request |= MAY_READ; 4284 break; 4285 4286 case KEY_NEED_SET_TIMEOUT: 4287 request |= MAY_WRITE; 4288 auth_can_override = true; 4289 break; 4290 4291 case KEY_NEED_UNLINK: 4292 return 0; /* Mustn't prevent this; KEY_FLAG_KEEP is already 4293 * dealt with. */ 4294 4295 default: 4296 WARN_ON(1); 4297 return -EINVAL; 4298 } 4299 4300 /* Just allow the operation if the process has an authorisation token. 4301 * The presence of the token means that the kernel delegated 4302 * instantiation of a key to the process - which is problematic if we 4303 * then say that the process isn't allowed to get the description of 4304 * the key or actually instantiate it. 4305 */ 4306 if (auth_can_override && cred->request_key_auth) { 4307 struct request_key_auth *rka = 4308 cred->request_key_auth->payload.data[0]; > 4309 if (rka->target_key == key) > 4310 *_perm = 0; 4311 } 4312 4313 if (smack_privileged_cred(CAP_MAC_OVERRIDE, cred)) 4314 return 0; 4315 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org