From: kernel test robot <lkp@intel.com>
To: Roberto Sassu <roberto.sassu@huawei.com>,
zohar@linux.ibm.com, mjg59@google.com
Cc: kbuild-all@lists.01.org, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
silviu.vlasceanu@huawei.com,
Roberto Sassu <roberto.sassu@huawei.com>
Subject: Re: [PATCH v3 08/11] evm: Allow setxattr() and setattr() for unmodified metadata
Date: Thu, 19 Nov 2020 01:58:11 +0800 [thread overview]
Message-ID: <202011190106.jg00Kykt-lkp@intel.com> (raw)
In-Reply-To: <20201111092302.1589-9-roberto.sassu@huawei.com>
[-- Attachment #1: Type: text/plain, Size: 3395 bytes --]
Hi Roberto,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on integrity/next-integrity]
[also build test ERROR on linus/master v5.10-rc4 next-20201118]
[cannot apply to security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]
url: https://github.com/0day-ci/linux/commits/Roberto-Sassu/evm-Improve-usability-of-portable-signatures/20201111-172839
base: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity
config: h8300-randconfig-r023-20201118 (attached as .config)
compiler: h8300-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/980f241069945bb56197027fd204689af8ec07e5
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Roberto-Sassu/evm-Improve-usability-of-portable-signatures/20201111-172839
git checkout 980f241069945bb56197027fd204689af8ec07e5
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=h8300
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All errors (new ones prefixed by >>):
security/integrity/evm/evm_main.c: In function 'evm_xattr_acl_change':
>> security/integrity/evm/evm_main.c:339:7: error: implicit declaration of function 'posix_acl_update_mode'; did you mean 'posix_acl_equiv_mode'? [-Werror=implicit-function-declaration]
339 | rc = posix_acl_update_mode(inode, &mode, &acl_res);
| ^~~~~~~~~~~~~~~~~~~~~
| posix_acl_equiv_mode
cc1: some warnings being treated as errors
vim +339 security/integrity/evm/evm_main.c
313
314 /*
315 * evm_xattr_acl_change - check if passed ACL changes the inode mode
316 * @dentry: pointer to the affected dentry
317 * @xattr_name: requested xattr
318 * @xattr_value: requested xattr value
319 * @xattr_value_len: requested xattr value length
320 *
321 * Check if passed ACL changes the inode mode, which is protected by EVM.
322 *
323 * Returns 1 if passed ACL causes inode mode change, 0 otherwise.
324 */
325 static int evm_xattr_acl_change(struct dentry *dentry, const char *xattr_name,
326 const void *xattr_value, size_t xattr_value_len)
327 {
328 umode_t mode;
329 struct posix_acl *acl = NULL, *acl_res;
330 struct inode *inode = d_backing_inode(dentry);
331 int rc;
332
333 /* UID/GID in ACL have been already converted from user to init ns */
334 acl = posix_acl_from_xattr(&init_user_ns, xattr_value, xattr_value_len);
335 if (!acl)
336 return 1;
337
338 acl_res = acl;
> 339 rc = posix_acl_update_mode(inode, &mode, &acl_res);
340
341 posix_acl_release(acl);
342
343 if (rc)
344 return 1;
345
346 if (acl_res && inode->i_mode != mode)
347 return 1;
348
349 return 0;
350 }
351
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org
[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 29165 bytes --]
next prev parent reply other threads:[~2020-11-18 17:59 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-11 9:22 [PATCH v3 00/11] evm: Improve usability of portable signatures Roberto Sassu
2020-11-11 9:22 ` [PATCH v3 01/11] evm: Execute evm_inode_init_security() only when an HMAC key is loaded Roberto Sassu
2020-12-02 17:03 ` Mimi Zohar
2020-11-11 9:22 ` [PATCH v3 02/11] evm: Load EVM key in ima_load_x509() to avoid appraisal Roberto Sassu
2020-12-02 17:27 ` Mimi Zohar
2021-03-01 18:06 ` Mimi Zohar
2020-11-11 9:22 ` [PATCH v3 03/11] evm: Refuse EVM_ALLOW_METADATA_WRITES only if an HMAC key is loaded Roberto Sassu
2020-12-02 21:07 ` Mimi Zohar
2020-11-11 9:22 ` [PATCH v3 04/11] ima: Move ima_reset_appraise_flags() call to post hooks Roberto Sassu
2020-12-02 11:56 ` Roberto Sassu
2020-12-03 20:43 ` Mimi Zohar
2020-11-11 9:22 ` [PATCH v3 05/11] evm: Introduce evm_status_revalidate() Roberto Sassu
2020-11-11 9:22 ` [PATCH v3 06/11] evm: Ignore INTEGRITY_NOLABEL if no HMAC key is loaded Roberto Sassu
2020-12-03 20:42 ` Mimi Zohar
2020-12-04 8:05 ` Roberto Sassu
2020-12-04 13:04 ` Mimi Zohar
2020-12-04 14:59 ` Roberto Sassu
2020-11-11 9:22 ` [PATCH v3 07/11] evm: Allow xattr/attr operations for portable signatures Roberto Sassu
2020-11-11 9:22 ` [PATCH v3 08/11] evm: Allow setxattr() and setattr() for unmodified metadata Roberto Sassu
2020-11-18 17:58 ` kernel test robot [this message]
2020-11-11 9:23 ` [PATCH v3 09/11] ima: Allow imasig requirement to be satisfied by EVM portable signatures Roberto Sassu
2020-11-11 9:23 ` [PATCH v3 10/11] ima: Introduce template field evmsig and write to field sig as fallback Roberto Sassu
2020-11-11 9:23 ` [PATCH v3 11/11] ima: Don't remove security.ima if file must not be appraised Roberto Sassu
2020-12-01 20:52 ` [PATCH v3 00/11] evm: Improve usability of portable signatures Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202011190106.jg00Kykt-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mjg59@google.com \
--cc=roberto.sassu@huawei.com \
--cc=silviu.vlasceanu@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).