From: kernel test robot <lkp@intel.com> To: Mimi Zohar <zohar@linux.ibm.com> Cc: kbuild-all@lists.01.org, clang-built-linux@googlegroups.com, linux-integrity@vger.kernel.org, Lakshmi Ramasubramanian <nramas@linux.microsoft.com> Subject: [integrity:next-integrity-testing 13/13] security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' Date: Sat, 19 Jun 2021 06:46:45 +0800 [thread overview] Message-ID: <202106190637.Sg2c2F2k-lkp@intel.com> (raw) [-- Attachment #1: Type: text/plain, Size: 9461 bytes --] tree: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity-testing head: 5b5aed323646d2240eb70913841ef06c94d6e9a5 commit: 5b5aed323646d2240eb70913841ef06c94d6e9a5 [13/13] evm: output EVM digest calculation info config: riscv-randconfig-r003-20210618 (attached as .config) compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 64720f57bea6a6bf033feef4a5751ab9c0c3b401) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install riscv cross compiling tool for clang build # apt-get install binutils-riscv64-linux-gnu # https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git/commit/?id=5b5aed323646d2240eb70913841ef06c94d6e9a5 git remote add integrity https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git git fetch --no-tags integrity next-integrity-testing git checkout 5b5aed323646d2240eb70913841ef06c94d6e9a5 # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All warnings (new ones prefixed by >>): >> security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' [-Wformat] pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc), ~~~ ^~~~~~~~~~~~~~~~~~~~~ %u include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ >> security/integrity/evm/evm_crypto.c:261:7: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat] req_xattr_value_len, ^~~~~~~~~~~~~~~~~~~ include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ security/integrity/evm/evm_crypto.c:286:47: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat] pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size, ~~~ ^~~~~~~~~~ %u include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ 3 warnings generated. vim +181 security/integrity/evm/evm_crypto.c 138 139 /* Protect against 'cutting & pasting' security.evm xattr, include inode 140 * specific info. 141 * 142 * (Additional directory/file metadata needs to be added for more complete 143 * protection.) 144 */ 145 static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, 146 char type, char *digest) 147 { 148 struct h_misc { 149 unsigned long ino; 150 __u32 generation; 151 uid_t uid; 152 gid_t gid; 153 umode_t mode; 154 } hmac_misc; 155 156 memset(&hmac_misc, 0, sizeof(hmac_misc)); 157 /* Don't include the inode or generation number in portable 158 * signatures 159 */ 160 if (type != EVM_XATTR_PORTABLE_DIGSIG) { 161 hmac_misc.ino = inode->i_ino; 162 hmac_misc.generation = inode->i_generation; 163 } 164 /* The hmac uid and gid must be encoded in the initial user 165 * namespace (not the filesystems user namespace) as encoding 166 * them in the filesystems user namespace allows an attack 167 * where first they are written in an unprivileged fuse mount 168 * of a filesystem and then the system is tricked to mount the 169 * filesystem for real on next boot and trust it because 170 * everything is signed. 171 */ 172 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); 173 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); 174 hmac_misc.mode = inode->i_mode; 175 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc)); 176 if ((evm_hmac_attrs & EVM_ATTR_FSUUID) && 177 type != EVM_XATTR_PORTABLE_DIGSIG) 178 crypto_shash_update(desc, (u8 *)&inode->i_sb->s_uuid, UUID_SIZE); 179 crypto_shash_final(desc, digest); 180 > 181 pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc), 182 (int) sizeof(struct h_misc), &hmac_misc); 183 } 184 185 /* 186 * Dump large security xattr values as a continuous ascii hexademical string. 187 * (pr_debug is limited to 64 bytes.) 188 */ 189 static void dump_security_xattr(const char *prefix, const void *src, size_t count) 190 { 191 #if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG) 192 char *asciihex, *p; 193 194 p = asciihex = kmalloc(count * 2 + 1, GFP_KERNEL); 195 if (!asciihex) 196 return; 197 198 p = bin2hex(p, src, count); 199 *p = 0; 200 pr_debug("%s: (%lu) %.*s\n", prefix, count, (int) count * 2, asciihex); 201 kfree(asciihex); 202 #endif 203 } 204 205 /* 206 * Calculate the HMAC value across the set of protected security xattrs. 207 * 208 * Instead of retrieving the requested xattr, for performance, calculate 209 * the hmac using the requested xattr value. Don't alloc/free memory for 210 * each xattr, but attempt to re-use the previously allocated memory. 211 */ 212 static int evm_calc_hmac_or_hash(struct dentry *dentry, 213 const char *req_xattr_name, 214 const char *req_xattr_value, 215 size_t req_xattr_value_len, 216 uint8_t type, struct evm_digest *data) 217 { 218 struct inode *inode = d_backing_inode(dentry); 219 struct xattr_list *xattr; 220 struct shash_desc *desc; 221 size_t xattr_size = 0; 222 char *xattr_value = NULL; 223 int error; 224 int size; 225 bool ima_present = false; 226 227 if (!(inode->i_opflags & IOP_XATTR) || 228 inode->i_sb->s_user_ns != &init_user_ns) 229 return -EOPNOTSUPP; 230 231 desc = init_desc(type, data->hdr.algo); 232 if (IS_ERR(desc)) 233 return PTR_ERR(desc); 234 235 data->hdr.length = crypto_shash_digestsize(desc->tfm); 236 237 error = -ENODATA; 238 list_for_each_entry_lockless(xattr, &evm_config_xattrnames, list) { 239 bool is_ima = false; 240 241 if (strcmp(xattr->name, XATTR_NAME_IMA) == 0) 242 is_ima = true; 243 244 /* 245 * Skip non-enabled xattrs for locally calculated 246 * signatures/HMACs. 247 */ 248 if (type != EVM_XATTR_PORTABLE_DIGSIG && !xattr->enabled) 249 continue; 250 251 if ((req_xattr_name && req_xattr_value) 252 && !strcmp(xattr->name, req_xattr_name)) { 253 error = 0; 254 crypto_shash_update(desc, (const u8 *)req_xattr_value, 255 req_xattr_value_len); 256 if (is_ima) 257 ima_present = true; 258 259 if (req_xattr_value_len < 64) 260 pr_debug("%s: (%lu) [%*phN]\n", req_xattr_name, > 261 req_xattr_value_len, 262 (int)req_xattr_value_len, 263 req_xattr_value); 264 else 265 dump_security_xattr(req_xattr_name, 266 req_xattr_value, 267 req_xattr_value_len); 268 continue; 269 } 270 size = vfs_getxattr_alloc(&init_user_ns, dentry, xattr->name, 271 &xattr_value, xattr_size, GFP_NOFS); 272 if (size == -ENOMEM) { 273 error = -ENOMEM; 274 goto out; 275 } 276 if (size < 0) 277 continue; 278 279 error = 0; 280 xattr_size = size; 281 crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size); 282 if (is_ima) 283 ima_present = true; 284 285 if (xattr_size < 64) 286 pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size, 287 (int)xattr_size, xattr_value); 288 else 289 dump_security_xattr(xattr->name, xattr_value, 290 xattr_size); 291 } 292 hmac_add_misc(desc, inode, type, data->digest); 293 294 /* Portable EVM signatures must include an IMA hash */ 295 if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present) 296 error = -EPERM; 297 out: 298 kfree(xattr_value); 299 kfree(desc); 300 return error; 301 } 302 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org [-- Attachment #2: .config.gz --] [-- Type: application/gzip, Size: 34991 bytes --]
WARNING: multiple messages have this Message-ID (diff)
From: kernel test robot <lkp@intel.com> To: kbuild-all@lists.01.org Subject: [integrity:next-integrity-testing 13/13] security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' Date: Sat, 19 Jun 2021 06:46:45 +0800 [thread overview] Message-ID: <202106190637.Sg2c2F2k-lkp@intel.com> (raw) [-- Attachment #1: Type: text/plain, Size: 9688 bytes --] tree: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity-testing head: 5b5aed323646d2240eb70913841ef06c94d6e9a5 commit: 5b5aed323646d2240eb70913841ef06c94d6e9a5 [13/13] evm: output EVM digest calculation info config: riscv-randconfig-r003-20210618 (attached as .config) compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 64720f57bea6a6bf033feef4a5751ab9c0c3b401) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install riscv cross compiling tool for clang build # apt-get install binutils-riscv64-linux-gnu # https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git/commit/?id=5b5aed323646d2240eb70913841ef06c94d6e9a5 git remote add integrity https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git git fetch --no-tags integrity next-integrity-testing git checkout 5b5aed323646d2240eb70913841ef06c94d6e9a5 # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <lkp@intel.com> All warnings (new ones prefixed by >>): >> security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' [-Wformat] pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc), ~~~ ^~~~~~~~~~~~~~~~~~~~~ %u include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ >> security/integrity/evm/evm_crypto.c:261:7: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat] req_xattr_value_len, ^~~~~~~~~~~~~~~~~~~ include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ security/integrity/evm/evm_crypto.c:286:47: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat] pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size, ~~~ ^~~~~~~~~~ %u include/linux/printk.h:430:38: note: expanded from macro 'pr_debug' no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__) ~~~ ^~~~~~~~~~~ include/linux/printk.h:140:17: note: expanded from macro 'no_printk' printk(fmt, ##__VA_ARGS__); \ ~~~ ^~~~~~~~~~~ 3 warnings generated. vim +181 security/integrity/evm/evm_crypto.c 138 139 /* Protect against 'cutting & pasting' security.evm xattr, include inode 140 * specific info. 141 * 142 * (Additional directory/file metadata needs to be added for more complete 143 * protection.) 144 */ 145 static void hmac_add_misc(struct shash_desc *desc, struct inode *inode, 146 char type, char *digest) 147 { 148 struct h_misc { 149 unsigned long ino; 150 __u32 generation; 151 uid_t uid; 152 gid_t gid; 153 umode_t mode; 154 } hmac_misc; 155 156 memset(&hmac_misc, 0, sizeof(hmac_misc)); 157 /* Don't include the inode or generation number in portable 158 * signatures 159 */ 160 if (type != EVM_XATTR_PORTABLE_DIGSIG) { 161 hmac_misc.ino = inode->i_ino; 162 hmac_misc.generation = inode->i_generation; 163 } 164 /* The hmac uid and gid must be encoded in the initial user 165 * namespace (not the filesystems user namespace) as encoding 166 * them in the filesystems user namespace allows an attack 167 * where first they are written in an unprivileged fuse mount 168 * of a filesystem and then the system is tricked to mount the 169 * filesystem for real on next boot and trust it because 170 * everything is signed. 171 */ 172 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid); 173 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); 174 hmac_misc.mode = inode->i_mode; 175 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc)); 176 if ((evm_hmac_attrs & EVM_ATTR_FSUUID) && 177 type != EVM_XATTR_PORTABLE_DIGSIG) 178 crypto_shash_update(desc, (u8 *)&inode->i_sb->s_uuid, UUID_SIZE); 179 crypto_shash_final(desc, digest); 180 > 181 pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc), 182 (int) sizeof(struct h_misc), &hmac_misc); 183 } 184 185 /* 186 * Dump large security xattr values as a continuous ascii hexademical string. 187 * (pr_debug is limited to 64 bytes.) 188 */ 189 static void dump_security_xattr(const char *prefix, const void *src, size_t count) 190 { 191 #if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG) 192 char *asciihex, *p; 193 194 p = asciihex = kmalloc(count * 2 + 1, GFP_KERNEL); 195 if (!asciihex) 196 return; 197 198 p = bin2hex(p, src, count); 199 *p = 0; 200 pr_debug("%s: (%lu) %.*s\n", prefix, count, (int) count * 2, asciihex); 201 kfree(asciihex); 202 #endif 203 } 204 205 /* 206 * Calculate the HMAC value across the set of protected security xattrs. 207 * 208 * Instead of retrieving the requested xattr, for performance, calculate 209 * the hmac using the requested xattr value. Don't alloc/free memory for 210 * each xattr, but attempt to re-use the previously allocated memory. 211 */ 212 static int evm_calc_hmac_or_hash(struct dentry *dentry, 213 const char *req_xattr_name, 214 const char *req_xattr_value, 215 size_t req_xattr_value_len, 216 uint8_t type, struct evm_digest *data) 217 { 218 struct inode *inode = d_backing_inode(dentry); 219 struct xattr_list *xattr; 220 struct shash_desc *desc; 221 size_t xattr_size = 0; 222 char *xattr_value = NULL; 223 int error; 224 int size; 225 bool ima_present = false; 226 227 if (!(inode->i_opflags & IOP_XATTR) || 228 inode->i_sb->s_user_ns != &init_user_ns) 229 return -EOPNOTSUPP; 230 231 desc = init_desc(type, data->hdr.algo); 232 if (IS_ERR(desc)) 233 return PTR_ERR(desc); 234 235 data->hdr.length = crypto_shash_digestsize(desc->tfm); 236 237 error = -ENODATA; 238 list_for_each_entry_lockless(xattr, &evm_config_xattrnames, list) { 239 bool is_ima = false; 240 241 if (strcmp(xattr->name, XATTR_NAME_IMA) == 0) 242 is_ima = true; 243 244 /* 245 * Skip non-enabled xattrs for locally calculated 246 * signatures/HMACs. 247 */ 248 if (type != EVM_XATTR_PORTABLE_DIGSIG && !xattr->enabled) 249 continue; 250 251 if ((req_xattr_name && req_xattr_value) 252 && !strcmp(xattr->name, req_xattr_name)) { 253 error = 0; 254 crypto_shash_update(desc, (const u8 *)req_xattr_value, 255 req_xattr_value_len); 256 if (is_ima) 257 ima_present = true; 258 259 if (req_xattr_value_len < 64) 260 pr_debug("%s: (%lu) [%*phN]\n", req_xattr_name, > 261 req_xattr_value_len, 262 (int)req_xattr_value_len, 263 req_xattr_value); 264 else 265 dump_security_xattr(req_xattr_name, 266 req_xattr_value, 267 req_xattr_value_len); 268 continue; 269 } 270 size = vfs_getxattr_alloc(&init_user_ns, dentry, xattr->name, 271 &xattr_value, xattr_size, GFP_NOFS); 272 if (size == -ENOMEM) { 273 error = -ENOMEM; 274 goto out; 275 } 276 if (size < 0) 277 continue; 278 279 error = 0; 280 xattr_size = size; 281 crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size); 282 if (is_ima) 283 ima_present = true; 284 285 if (xattr_size < 64) 286 pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size, 287 (int)xattr_size, xattr_value); 288 else 289 dump_security_xattr(xattr->name, xattr_value, 290 xattr_size); 291 } 292 hmac_add_misc(desc, inode, type, data->digest); 293 294 /* Portable EVM signatures must include an IMA hash */ 295 if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present) 296 error = -EPERM; 297 out: 298 kfree(xattr_value); 299 kfree(desc); 300 return error; 301 } 302 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org [-- Attachment #2: config.gz --] [-- Type: application/gzip, Size: 34991 bytes --]
next reply other threads:[~2021-06-18 22:47 UTC|newest] Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top 2021-06-18 22:46 kernel test robot [this message] 2021-06-18 22:46 ` [integrity:next-integrity-testing 13/13] security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' kernel test robot
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=202106190637.Sg2c2F2k-lkp@intel.com \ --to=lkp@intel.com \ --cc=clang-built-linux@googlegroups.com \ --cc=kbuild-all@lists.01.org \ --cc=linux-integrity@vger.kernel.org \ --cc=nramas@linux.microsoft.com \ --cc=zohar@linux.ibm.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.