linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* Re: [selinuxproject-selinux:stable-5.15 1/1] include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type
       [not found] ` <CAFqZXNuv-d4WFvaVVa1WqzkrP6Wepu6QEKcUH=VejnP2OZz66A@mail.gmail.com>
@ 2021-09-16 14:07   ` Paul Moore
  0 siblings, 0 replies; only message in thread
From: Paul Moore @ 2021-09-16 14:07 UTC (permalink / raw)
  To: Ondrej Mosnacek
  Cc: kernel test robot, kbuild-all, Linux kernel mailing list,
	linux-security-module, selinux

On Thu, Sep 16, 2021 at 8:22 AM Ondrej Mosnacek <omosnace@redhat.com> wrote:
> On Thu, Sep 16, 2021 at 2:08 PM kernel test robot <lkp@intel.com> wrote:
> > tree:   https://github.com/SELinuxProject/selinux-kernel stable-5.15
> > head:   c491f0a471580712a4254adece400c3ebb3d8e44
> > commit: c491f0a471580712a4254adece400c3ebb3d8e44 [1/1] lockdown,selinux: fix wrong subject in some SELinux lockdown checks
> > config: um-x86_64_defconfig (attached as .config)
> > compiler: gcc-9 (Debian 9.3.0-22) 9.3.0
> > reproduce (this is a W=1 build):
> >         # https://github.com/SELinuxProject/selinux-kernel/commit/c491f0a471580712a4254adece400c3ebb3d8e44
> >         git remote add selinuxproject-selinux https://github.com/SELinuxProject/selinux-kernel
> >         git fetch --no-tags selinuxproject-selinux stable-5.15
> >         git checkout c491f0a471580712a4254adece400c3ebb3d8e44
> >         # save the attached .config to linux build tree
> >         make W=1 ARCH=um SUBARCH=x86_64
> >
> > If you fix the issue, kindly add following tag as appropriate
> > Reported-by: kernel test robot <lkp@intel.com>
> >
> > All warnings (new ones prefixed by >>):
> >
> >    In file included from include/linux/rbtree.h:24,
> >                     from include/linux/mm_types.h:10,
> >                     from include/linux/mmzone.h:21,
> >                     from include/linux/gfp.h:6,
> >                     from include/linux/mm.h:10,
> >                     from drivers/char/mem.c:12:
> >    drivers/char/mem.c: In function 'open_port':
> > >> include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
> >      395 | ({ \
> >          | ~^~~
> >      396 |  RCU_LOCKDEP_WARN(!(c), "suspicious rcu_dereference_protected() usage"); \
> >          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >      397 |  rcu_check_sparse(p, space); \
> >          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >      398 |  ((typeof(*p) __force __kernel *)(p)); \
> >          |  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> >      399 | })
> >          | ~~
> >    include/linux/rcupdate.h:587:2: note: in expansion of macro '__rcu_dereference_protected'
> >      587 |  __rcu_dereference_protected((p), (c), __rcu)
> >          |  ^~~~~~~~~~~~~~~~~~~~~~~~~~~
> >    include/linux/cred.h:299:2: note: in expansion of macro 'rcu_dereference_protected'
> >      299 |  rcu_dereference_protected(current->cred, 1)
> >          |  ^~~~~~~~~~~~~~~~~~~~~~~~~
> >    drivers/char/mem.c:620:28: note: in expansion of macro 'current_cred'
> >      620 |  rc = security_locked_down(current_cred(), LOCKDOWN_DEV_MEM);
> >          |                            ^~~~~~~~~~~~
> >    In file included from include/linux/fs_context.h:14,
> >                     from include/linux/fs_parser.h:11,
> >                     from include/linux/shmem_fs.h:11,
> >                     from drivers/char/mem.c:25:
> >    include/linux/security.h:1347:53: note: expected 'struct cred *' but argument is of type 'const struct cred *'
> >     1347 | static inline int security_locked_down(struct cred *cred, enum lockdown_reason what)
> >          |                                        ~~~~~~~~~~~~~^~~~
>
> Ah, I forgot to add the const qualifier to the function definition in
> the CONFIG_SECURITY=n branch... Paul, will you amend the commit or
> should I send an updated patch?

This patch is cursed.  I had to hack up a fixup patch to test this in
my Rawhide test automation last night too; evidently Rawhide carries
an out-of-tree lockdown patch which results in some merge rejects.

Sigh.

Yes, the quickest path is for me to just fix up the dummy function and
do a force-push (grrrrrr) back on top of selinux/stable-5.15.

-- 
paul moore
www.paul-moore.com

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2021-09-16 14:07 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <202109162036.zghQuRrY-lkp@intel.com>
     [not found] ` <CAFqZXNuv-d4WFvaVVa1WqzkrP6Wepu6QEKcUH=VejnP2OZz66A@mail.gmail.com>
2021-09-16 14:07   ` [selinuxproject-selinux:stable-5.15 1/1] include/linux/rcupdate.h:395:2: warning: passing argument 1 of 'security_locked_down' discards 'const' qualifier from pointer target type Paul Moore

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).