Re: [PATCH v3 08/11] evm: Allow setxattr() and setattr() for unmodified metadata

[kernel test robot <lkp@intel.com>]

[-- Attachment #1: Type: text/plain, Size: 3395 bytes --]

Hi Roberto,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on integrity/next-integrity]
[also build test ERROR on linus/master v5.10-rc4 next-20201118]
[cannot apply to security/next-testing]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch]

url:    https://github.com/0day-ci/linux/commits/Roberto-Sassu/evm-Improve-usability-of-portable-signatures/20201111-172839
base:   https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity
config: h8300-randconfig-r023-20201118 (attached as .config)
compiler: h8300-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/0day-ci/linux/commit/980f241069945bb56197027fd204689af8ec07e5
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Roberto-Sassu/evm-Improve-usability-of-portable-signatures/20201111-172839
        git checkout 980f241069945bb56197027fd204689af8ec07e5
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=h8300 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>

All errors (new ones prefixed by >>):

   security/integrity/evm/evm_main.c: In function 'evm_xattr_acl_change':
>> security/integrity/evm/evm_main.c:339:7: error: implicit declaration of function 'posix_acl_update_mode'; did you mean 'posix_acl_equiv_mode'? [-Werror=implicit-function-declaration]
     339 |  rc = posix_acl_update_mode(inode, &mode, &acl_res);
         |       ^~~~~~~~~~~~~~~~~~~~~
         |       posix_acl_equiv_mode
   cc1: some warnings being treated as errors

vim +339 security/integrity/evm/evm_main.c

   313	
   314	/*
   315	 * evm_xattr_acl_change - check if passed ACL changes the inode mode
   316	 * @dentry: pointer to the affected dentry
   317	 * @xattr_name: requested xattr
   318	 * @xattr_value: requested xattr value
   319	 * @xattr_value_len: requested xattr value length
   320	 *
   321	 * Check if passed ACL changes the inode mode, which is protected by EVM.
   322	 *
   323	 * Returns 1 if passed ACL causes inode mode change, 0 otherwise.
   324	 */
   325	static int evm_xattr_acl_change(struct dentry *dentry, const char *xattr_name,
   326					const void *xattr_value, size_t xattr_value_len)
   327	{
   328		umode_t mode;
   329		struct posix_acl *acl = NULL, *acl_res;
   330		struct inode *inode = d_backing_inode(dentry);
   331		int rc;
   332	
   333		/* UID/GID in ACL have been already converted from user to init ns */
   334		acl = posix_acl_from_xattr(&init_user_ns, xattr_value, xattr_value_len);
   335		if (!acl)
   336			return 1;
   337	
   338		acl_res = acl;
 > 339		rc = posix_acl_update_mode(inode, &mode, &acl_res);
   340	
   341		posix_acl_release(acl);
   342	
   343		if (rc)
   344			return 1;
   345	
   346		if (acl_res && inode->i_mode != mode)
   347			return 1;
   348	
   349		return 0;
   350	}
   351	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org

[-- Attachment #2: .config.gz --]
[-- Type: application/gzip, Size: 29165 bytes --]