Hi Lakshmi, Thank you for the patch! Yet something to improve:
[auto build test ERROR on integrity/next-integrity] [cannot apply to pcmoore-selinux/next security/next-testing linus/master v5.8-rc5 next-20200717] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch] url: https://github.com/0day-ci/linux/commits/Lakshmi-Ramasubramanian/LSM-Measure-security-module-state/20200718-063111 base: https://git.kernel.org/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-integrity config: parisc-allyesconfig (attached as .config) compiler: hppa-linux-gcc (GCC) 9.3.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # save the attached .config to linux build tree COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross ARCH=parisc If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <l...@intel.com> All errors (new ones prefixed by >>): security/selinux/measure.c: In function 'selinux_measure_state': security/selinux/measure.c:132:11: warning: comparison of unsigned expression >= 0 is always true [-Wtype-limits] 132 | if (curr >= 0 && curr < selinux_state_string_len) | ^~ >> security/selinux/measure.c:148:2: error: implicit declaration of function >> 'vfree'; did you mean 'kvfree'? [-Werror=implicit-function-declaration] 148 | vfree(policy); | ^~~~~ | kvfree cc1: some warnings being treated as errors vim +148 security/selinux/measure.c 94 95 void selinux_measure_state(struct selinux_state *selinux_state) 96 { 97 void *policy = NULL; 98 void *policy_hash = NULL; 99 size_t curr, buflen; 100 int i, policy_hash_len, rc = 0; 101 102 if (!selinux_initialized(selinux_state)) { 103 pr_warn("%s: SELinux not yet initialized.\n", __func__); 104 return; 105 } 106 107 if (!selinux_state_string) { 108 pr_warn("%s: Buffer for state not allocated.\n", __func__); 109 return; 110 } 111 112 curr = snprintf(selinux_state_string, selinux_state_string_len, 113 str_format, "enabled", 114 !selinux_disabled(selinux_state)); 115 curr += snprintf((selinux_state_string + curr), 116 (selinux_state_string_len - curr), 117 str_format, "enforcing", 118 enforcing_enabled(selinux_state)); 119 curr += snprintf((selinux_state_string + curr), 120 (selinux_state_string_len - curr), 121 str_format, "checkreqprot", 122 selinux_checkreqprot(selinux_state)); 123 124 for (i = 3; i < selinux_state_count; i++) { 125 curr += snprintf((selinux_state_string + curr), 126 (selinux_state_string_len - curr), 127 str_format, 128 selinux_policycap_names[i - 3], 129 selinux_state->policycap[i - 3]); 130 } 131 > 132 if (curr >= 0 && curr < selinux_state_string_len) 133 ima_lsm_state("selinux-state", selinux_state_string, curr); 134 else { 135 rc = -EINVAL; 136 goto out; 137 } 138 139 rc = security_read_policy_kernel(selinux_state, &policy, &buflen); 140 if (!rc) 141 rc = selinux_hash_policy("sha256", policy, buflen, 142 &policy_hash, &policy_hash_len); 143 if (!rc) 144 ima_lsm_state("selinux-policy-hash", policy_hash, 145 policy_hash_len); 146 147 out: > 148 vfree(policy); 149 kfree(policy_hash); 150 } 151 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/kbuild-...@lists.01.org
.config.gz
Description: application/gzip
