CC: llvm(a)lists.linux.dev CC: kbuild-all(a)lists.01.org BCC: lkp(a)intel.com CC: Linux Memory Management List TO: Arnd Bergmann CC: Masahiro Yamada CC: Alex Shi CC: Nick Desaulniers CC: Miguel Ojeda CC: Nathan Chancellor tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master head: 71941773e143369a73c9c4a3b62fbb60736a1182 commit: 6992f0b3f0fd879b31095263986ba1aedb27c83b [11110/11953] Kbuild: move to -std=gnu11 :::::: branch date: 33 hours ago :::::: commit date: 2 days ago config: arm-randconfig-c002-20220310 (https://download.01.org/0day-ci/archive/20220312/202203120215.DGwSrRQQ-lkp(a)intel.com/config) compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project 276ca87382b8f16a65bddac700202924228982f6) reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # install arm cross compiling tool for clang build # apt-get install binutils-arm-linux-gnueabi # https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=6992f0b3f0fd879b31095263986ba1aedb27c83b git remote add linux-next https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git git fetch --no-tags linux-next master git checkout 6992f0b3f0fd879b31095263986ba1aedb27c83b # save the config file to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=arm clang-analyzer If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot clang-analyzer warnings: (new ones prefixed by >>) ^~~~~~ drivers/video/hdmi.c:306:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(ptr, frame->vendor, sizeof(frame->vendor)); ^~~~~~ drivers/video/hdmi.c:307:2: warning: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memcpy(ptr + 8, frame->product, sizeof(frame->product)); ^~~~~~ drivers/video/hdmi.c:307:2: note: Call to function 'memcpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memcpy_s' in case of C11 memcpy(ptr + 8, frame->product, sizeof(frame->product)); ^~~~~~ drivers/video/hdmi.c:355:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:355:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:421:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:421:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:490:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:490:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:583:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:583:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:662:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:662:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(frame, 0, sizeof(*frame)); ^~~~~~ drivers/video/hdmi.c:723:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:723:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(buffer, 0, size); ^~~~~~ drivers/video/hdmi.c:1274:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(buf, 0, sizeof(buf)); ^~~~~~ drivers/video/hdmi.c:1274:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(buf, 0, sizeof(buf)); ^~~~~~ drivers/video/hdmi.c:1276:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] strncpy(buf, frame->vendor, 8); ^~~~~~~ drivers/video/hdmi.c:1276:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 strncpy(buf, frame->vendor, 8); ^~~~~~~ drivers/video/hdmi.c:1278:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] strncpy(buf, frame->product, 16); ^~~~~~~ drivers/video/hdmi.c:1278:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 strncpy(buf, frame->product, 16); ^~~~~~~ Suppressed 11 warnings (11 in non-user code). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 94 warnings generated. security/smack/smack_access.c:472:2: warning: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] strncpy(smack, string, i); ^~~~~~~ security/smack/smack_access.c:472:2: note: Call to function 'strncpy' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'strncpy_s' in case of C11 strncpy(smack, string, i); ^~~~~~~ Suppressed 93 warnings (92 in non-user code, 1 with check filters). Use -header-filter=.* to display errors from all non-system headers. Use -system-headers to display errors from system headers as well. 114 warnings generated. security/smack/smackfs.c:887:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] ret = sscanf(rule, "%d", &maplevel); ^~~~~~ security/smack/smackfs.c:887:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 ret = sscanf(rule, "%d", &maplevel); ^~~~~~ security/smack/smackfs.c:897:8: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] ret = sscanf(rule, "%d", &catlen); ^~~~~~ security/smack/smackfs.c:897:8: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 ret = sscanf(rule, "%d", &catlen); ^~~~~~ security/smack/smackfs.c:905:2: warning: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] memset(mapcatset, 0, sizeof(mapcatset)); ^~~~~~ security/smack/smackfs.c:905:2: note: Call to function 'memset' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'memset_s' in case of C11 memset(mapcatset, 0, sizeof(mapcatset)); ^~~~~~ security/smack/smackfs.c:913:9: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] ret = sscanf(rule, "%u", &cat); ^~~~~~ security/smack/smackfs.c:913:9: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 ret = sscanf(rule, "%u", &cat); ^~~~~~ >> security/smack/smackfs.c:1186:7: warning: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", ^~~~~~ security/smack/smackfs.c:1186:7: note: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd/%u %s", ^~~~~~ security/smack/smackfs.c:1189:8: warning: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", ^~~~~~ security/smack/smackfs.c:1189:8: note: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 rc = sscanf(data, "%hhd.%hhd.%hhd.%hhd %s", ^~~~~~ security/smack/smackfs.c:1195:3: warning: Value stored to 'm' is never read [clang-analyzer-deadcode.DeadStores] m = BEBITS; ^ security/smack/smackfs.c:1195:3: note: Value stored to 'm' is never read security/smack/smackfs.c:1446:6: warning: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", ^~~~~~ security/smack/smackfs.c:1446:6: note: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x/%u %s", ^~~~~~ security/smack/smackfs.c:1451:7: warning: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", ^~~~~~ security/smack/smackfs.c:1451:7: note: Call to function 'sscanf' is insecure as it does not provide bounding of the memory buffer or security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 i = sscanf(data, "%x:%x:%x:%x:%x:%x:%x:%x %s", ^~~~~~ security/smack/smackfs.c:1579:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] sprintf(temp, "%d", smk_cipso_doi_value); ^~~~~~~ security/smack/smackfs.c:1579:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 sprintf(temp, "%d", smk_cipso_doi_value); ^~~~~~~ security/smack/smackfs.c:1611:6: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:1611:6: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:1645:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] sprintf(temp, "%d", smack_cipso_direct); ^~~~~~~ security/smack/smackfs.c:1645:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 sprintf(temp, "%d", smack_cipso_direct); ^~~~~~~ security/smack/smackfs.c:1678:6: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:1678:6: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:1723:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] sprintf(temp, "%d", smack_cipso_mapped); ^~~~~~~ security/smack/smackfs.c:1723:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 sprintf(temp, "%d", smack_cipso_mapped); ^~~~~~~ security/smack/smackfs.c:1756:6: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:1756:6: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:2161:2: warning: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] sprintf(temp, "%d\n", log_policy); ^~~~~~~ security/smack/smackfs.c:2161:2: note: Call to function 'sprintf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sprintf_s' in case of C11 sprintf(temp, "%d\n", log_policy); ^~~~~~~ security/smack/smackfs.c:2192:6: warning: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 [clang-analyzer-security.insecureAPI.DeprecatedOrUnsafeBufferHandling] if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:2192:6: note: Call to function 'sscanf' is insecure as it does not provide security checks introduced in the C11 standard. Replace with analogous functions that support length arguments or provides boundary checks such as 'sscanf_s' in case of C11 if (sscanf(temp, "%d", &i) != 1) ^~~~~~ security/smack/smackfs.c:2313:9: warning: 1st function call argument is an uninitialized value [clang-analyzer-core.CallAndMessage] res = smk_access(rule.smk_subject, rule.smk_object, ^ security/smack/smackfs.c:2341:9: note: Calling 'smk_user_access' return smk_user_access(file, buf, count, ppos, SMK_FIXED24_FMT); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ security/smack/smackfs.c:2298:6: note: Calling 'IS_ERR' if (IS_ERR(data)) ^~~~~~~~~~~~ include/linux/err.h:36:9: note: Assuming the condition is false return IS_ERR_VALUE((unsigned long)ptr); ^ include/linux/err.h:22:34: note: expanded from macro 'IS_ERR_VALUE' #define IS_ERR_VALUE(x) unlikely((unsigned long)(void *)(x) >= (unsigned long)-MAX_ERRNO) ~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/compiler.h:78:42: note: expanded from macro 'unlikely' # define unlikely(x) __builtin_expect(!!(x), 0) ^ include/linux/err.h:36:2: note: Returning zero, which participates in a condition later return IS_ERR_VALUE((unsigned long)ptr); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ security/smack/smackfs.c:2298:6: note: Returning from 'IS_ERR' if (IS_ERR(data)) ^~~~~~~~~~~~ security/smack/smackfs.c:2298:2: note: Taking false branch vim +1186 security/smack/smackfs.c 113a0e4590881c etienne 2009-03-04 1131 113a0e4590881c etienne 2009-03-04 1132 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1133 /** 21abb1ec414c75 Casey Schaufler 2015-07-22 1134 * smk_write_net4addr - write() for /smack/netlabel 251a2a958b0455 Randy Dunlap 2009-02-18 1135 * @file: file pointer, not actually used 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1136 * @buf: where to get the data from 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1137 * @count: bytes sent 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1138 * @ppos: where to start 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1139 * 21abb1ec414c75 Casey Schaufler 2015-07-22 1140 * Accepts only one net4addr per write call. 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1141 * Returns number of bytes written or error code, as appropriate 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1142 */ 21abb1ec414c75 Casey Schaufler 2015-07-22 1143 static ssize_t smk_write_net4addr(struct file *file, const char __user *buf, 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1144 size_t count, loff_t *ppos) 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1145 { 21abb1ec414c75 Casey Schaufler 2015-07-22 1146 struct smk_net4addr *snp; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1147 struct sockaddr_in newname; f7112e6c9abf1c Casey Schaufler 2012-05-06 1148 char *smack; 21abb1ec414c75 Casey Schaufler 2015-07-22 1149 struct smack_known *skp = NULL; f7112e6c9abf1c Casey Schaufler 2012-05-06 1150 char *data; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1151 char *host = (char *)&newname.sin_addr.s_addr; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1152 int rc; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1153 struct netlbl_audit audit_info; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1154 struct in_addr mask; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1155 unsigned int m; 21abb1ec414c75 Casey Schaufler 2015-07-22 1156 unsigned int masks; 7198e2eeb44b3f Etienne Basset 2009-03-24 1157 int found; 113a0e4590881c etienne 2009-03-04 1158 u32 mask_bits = (1<<31); 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1159 __be32 nsa; 113a0e4590881c etienne 2009-03-04 1160 u32 temp_mask; 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1161 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1162 /* 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1163 * Must have privilege. 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1164 * No partial writes. 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1165 * Enough data must be present. 6d3dc07cbb1e88 Casey Schaufler 2008-12-31 1166 * "