From: kernel test robot <lkp@intel.com>
To: Mimi Zohar <zohar@linux.ibm.com>
Cc: kbuild-all@lists.01.org, clang-built-linux@googlegroups.com,
linux-integrity@vger.kernel.org,
Lakshmi Ramasubramanian <nramas@linux.microsoft.com>
Subject: [integrity:next-integrity-testing 13/13] security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int'
Date: Sat, 19 Jun 2021 06:46:45 +0800 [thread overview]
Message-ID: <202106190637.Sg2c2F2k-lkp@intel.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 9461 bytes --]
tree: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity-testing
head: 5b5aed323646d2240eb70913841ef06c94d6e9a5
commit: 5b5aed323646d2240eb70913841ef06c94d6e9a5 [13/13] evm: output EVM digest calculation info
config: riscv-randconfig-r003-20210618 (attached as .config)
compiler: clang version 13.0.0 (https://github.com/llvm/llvm-project 64720f57bea6a6bf033feef4a5751ab9c0c3b401)
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# install riscv cross compiling tool for clang build
# apt-get install binutils-riscv64-linux-gnu
# https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git/commit/?id=5b5aed323646d2240eb70913841ef06c94d6e9a5
git remote add integrity https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git
git fetch --no-tags integrity next-integrity-testing
git checkout 5b5aed323646d2240eb70913841ef06c94d6e9a5
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross ARCH=riscv
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
>> security/integrity/evm/evm_crypto.c:181:41: warning: format specifies type 'unsigned long' but the argument has type 'unsigned int' [-Wformat]
pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc),
~~~ ^~~~~~~~~~~~~~~~~~~~~
%u
include/linux/printk.h:430:38: note: expanded from macro 'pr_debug'
no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__)
~~~ ^~~~~~~~~~~
include/linux/printk.h:140:17: note: expanded from macro 'no_printk'
printk(fmt, ##__VA_ARGS__); \
~~~ ^~~~~~~~~~~
>> security/integrity/evm/evm_crypto.c:261:7: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat]
req_xattr_value_len,
^~~~~~~~~~~~~~~~~~~
include/linux/printk.h:430:38: note: expanded from macro 'pr_debug'
no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__)
~~~ ^~~~~~~~~~~
include/linux/printk.h:140:17: note: expanded from macro 'no_printk'
printk(fmt, ##__VA_ARGS__); \
~~~ ^~~~~~~~~~~
security/integrity/evm/evm_crypto.c:286:47: warning: format specifies type 'unsigned long' but the argument has type 'size_t' (aka 'unsigned int') [-Wformat]
pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size,
~~~ ^~~~~~~~~~
%u
include/linux/printk.h:430:38: note: expanded from macro 'pr_debug'
no_printk(KERN_DEBUG pr_fmt(fmt), ##__VA_ARGS__)
~~~ ^~~~~~~~~~~
include/linux/printk.h:140:17: note: expanded from macro 'no_printk'
printk(fmt, ##__VA_ARGS__); \
~~~ ^~~~~~~~~~~
3 warnings generated.
vim +181 security/integrity/evm/evm_crypto.c
138
139 /* Protect against 'cutting & pasting' security.evm xattr, include inode
140 * specific info.
141 *
142 * (Additional directory/file metadata needs to be added for more complete
143 * protection.)
144 */
145 static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
146 char type, char *digest)
147 {
148 struct h_misc {
149 unsigned long ino;
150 __u32 generation;
151 uid_t uid;
152 gid_t gid;
153 umode_t mode;
154 } hmac_misc;
155
156 memset(&hmac_misc, 0, sizeof(hmac_misc));
157 /* Don't include the inode or generation number in portable
158 * signatures
159 */
160 if (type != EVM_XATTR_PORTABLE_DIGSIG) {
161 hmac_misc.ino = inode->i_ino;
162 hmac_misc.generation = inode->i_generation;
163 }
164 /* The hmac uid and gid must be encoded in the initial user
165 * namespace (not the filesystems user namespace) as encoding
166 * them in the filesystems user namespace allows an attack
167 * where first they are written in an unprivileged fuse mount
168 * of a filesystem and then the system is tricked to mount the
169 * filesystem for real on next boot and trust it because
170 * everything is signed.
171 */
172 hmac_misc.uid = from_kuid(&init_user_ns, inode->i_uid);
173 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
174 hmac_misc.mode = inode->i_mode;
175 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof(hmac_misc));
176 if ((evm_hmac_attrs & EVM_ATTR_FSUUID) &&
177 type != EVM_XATTR_PORTABLE_DIGSIG)
178 crypto_shash_update(desc, (u8 *)&inode->i_sb->s_uuid, UUID_SIZE);
179 crypto_shash_final(desc, digest);
180
> 181 pr_debug("hmac_misc: (%lu) [%*phN]\n", sizeof(struct h_misc),
182 (int) sizeof(struct h_misc), &hmac_misc);
183 }
184
185 /*
186 * Dump large security xattr values as a continuous ascii hexademical string.
187 * (pr_debug is limited to 64 bytes.)
188 */
189 static void dump_security_xattr(const char *prefix, const void *src, size_t count)
190 {
191 #if defined(DEBUG) || defined(CONFIG_DYNAMIC_DEBUG)
192 char *asciihex, *p;
193
194 p = asciihex = kmalloc(count * 2 + 1, GFP_KERNEL);
195 if (!asciihex)
196 return;
197
198 p = bin2hex(p, src, count);
199 *p = 0;
200 pr_debug("%s: (%lu) %.*s\n", prefix, count, (int) count * 2, asciihex);
201 kfree(asciihex);
202 #endif
203 }
204
205 /*
206 * Calculate the HMAC value across the set of protected security xattrs.
207 *
208 * Instead of retrieving the requested xattr, for performance, calculate
209 * the hmac using the requested xattr value. Don't alloc/free memory for
210 * each xattr, but attempt to re-use the previously allocated memory.
211 */
212 static int evm_calc_hmac_or_hash(struct dentry *dentry,
213 const char *req_xattr_name,
214 const char *req_xattr_value,
215 size_t req_xattr_value_len,
216 uint8_t type, struct evm_digest *data)
217 {
218 struct inode *inode = d_backing_inode(dentry);
219 struct xattr_list *xattr;
220 struct shash_desc *desc;
221 size_t xattr_size = 0;
222 char *xattr_value = NULL;
223 int error;
224 int size;
225 bool ima_present = false;
226
227 if (!(inode->i_opflags & IOP_XATTR) ||
228 inode->i_sb->s_user_ns != &init_user_ns)
229 return -EOPNOTSUPP;
230
231 desc = init_desc(type, data->hdr.algo);
232 if (IS_ERR(desc))
233 return PTR_ERR(desc);
234
235 data->hdr.length = crypto_shash_digestsize(desc->tfm);
236
237 error = -ENODATA;
238 list_for_each_entry_lockless(xattr, &evm_config_xattrnames, list) {
239 bool is_ima = false;
240
241 if (strcmp(xattr->name, XATTR_NAME_IMA) == 0)
242 is_ima = true;
243
244 /*
245 * Skip non-enabled xattrs for locally calculated
246 * signatures/HMACs.
247 */
248 if (type != EVM_XATTR_PORTABLE_DIGSIG && !xattr->enabled)
249 continue;
250
251 if ((req_xattr_name && req_xattr_value)
252 && !strcmp(xattr->name, req_xattr_name)) {
253 error = 0;
254 crypto_shash_update(desc, (const u8 *)req_xattr_value,
255 req_xattr_value_len);
256 if (is_ima)
257 ima_present = true;
258
259 if (req_xattr_value_len < 64)
260 pr_debug("%s: (%lu) [%*phN]\n", req_xattr_name,
> 261 req_xattr_value_len,
262 (int)req_xattr_value_len,
263 req_xattr_value);
264 else
265 dump_security_xattr(req_xattr_name,
266 req_xattr_value,
267 req_xattr_value_len);
268 continue;
269 }
270 size = vfs_getxattr_alloc(&init_user_ns, dentry, xattr->name,
271 &xattr_value, xattr_size, GFP_NOFS);
272 if (size == -ENOMEM) {
273 error = -ENOMEM;
274 goto out;
275 }
276 if (size < 0)
277 continue;
278
279 error = 0;
280 xattr_size = size;
281 crypto_shash_update(desc, (const u8 *)xattr_value, xattr_size);
282 if (is_ima)
283 ima_present = true;
284
285 if (xattr_size < 64)
286 pr_debug("%s: (%lu) [%*phN]", xattr->name, xattr_size,
287 (int)xattr_size, xattr_value);
288 else
289 dump_security_xattr(xattr->name, xattr_value,
290 xattr_size);
291 }
292 hmac_add_misc(desc, inode, type, data->digest);
293
294 /* Portable EVM signatures must include an IMA hash */
295 if (type == EVM_XATTR_PORTABLE_DIGSIG && !ima_present)
296 error = -EPERM;
297 out:
298 kfree(xattr_value);
299 kfree(desc);
300 return error;
301 }
302
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 34991 bytes --]
reply other threads:[~2021-06-18 22:47 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202106190637.Sg2c2F2k-lkp@intel.com \
--to=lkp@intel.com \
--cc=clang-built-linux@googlegroups.com \
--cc=kbuild-all@lists.01.org \
--cc=linux-integrity@vger.kernel.org \
--cc=nramas@linux.microsoft.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).