Re: [PATCH ghak124 v2] audit: log nftables configuration change events
Hi Richard,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on pcmoore-audit/next]
[also build test ERROR on next-20200529]
[cannot apply to nf/master nf-next/master linus/master linux/master v5.7-rc7]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system. BTW, we also suggest to use '--base' option to specify the
base tree in git format-patch, please see https://stackoverflow.com/a/37406982]
url:
https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-log-nftables-configuration-change-events/20200531-043244
base: https://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit.git next
config: sparc-allyesconfig (attached as .config)
compiler: sparc64-linux-gcc (GCC) 9.3.0
reproduce (this is a W=1 build):
wget
https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O
~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-9.3.0 make.cross
ARCH=sparc
If you fix the issue, kindly add following tag as appropriate
Reported-by: kbuild test robot
All errors (new ones prefixed by >>, old ones prefixed by <<):
In file included from arch/sparc/kernel/ptrace_64.c:25:
>> include/linux/audit.h:126:40: error: 'audit_nftcfgs' defined but not used
>> [-Werror=unused-const-variable=]
126 | static const struct audit_nftcfgop_tab audit_nftcfgs[] = {
|^
cc1: all warnings being treated as errors
vim +/audit_nftcfgs +126 include/linux/audit.h
125
> 126 static const struct audit_nftcfgop_tab audit_nftcfgs[] = {
127 { NFT_MSG_NEWTABLE, AUDIT_NFT_OP_TABLE_REGISTER
},
128 { NFT_MSG_GETTABLE, AUDIT_NFT_OP_INVALID
},
129 { NFT_MSG_DELTABLE, AUDIT_NFT_OP_TABLE_UNREGISTER
},
130 { NFT_MSG_NEWCHAIN, AUDIT_NFT_OP_CHAIN_REGISTER
},
131 { NFT_MSG_GETCHAIN, AUDIT_NFT_OP_INVALID
},
132 { NFT_MSG_DELCHAIN, AUDIT_NFT_OP_CHAIN_UNREGISTER
},
133 { NFT_MSG_NEWRULE, AUDIT_NFT_OP_RULE_REGISTER
},
134 { NFT_MSG_GETRULE, AUDIT_NFT_OP_INVALID
},
135 { NFT_MSG_DELRULE, AUDIT_NFT_OP_RULE_UNREGISTER
},
136 { NFT_MSG_NEWSET, AUDIT_NFT_OP_SET_REGISTER
},
137 { NFT_MSG_GETSET, AUDIT_NFT_OP_INVALID
},
138 { NFT_MSG_DELSET, AUDIT_NFT_OP_SET_UNREGISTER
},
139 { NFT_MSG_NEWSETELEM, AUDIT_NFT_OP_SETELEM_REGISTER
},
140 { NFT_MSG_GETSETELEM, AUDIT_NFT_OP_INVALID
},
141 { NFT_MSG_DELSETELEM, AUDIT_NFT_OP_SETELEM_UNREGISTER
},
142 { NFT_MSG_NEWGEN, AUDIT_NFT_OP_GEN_REGISTER
},
143 { NFT_MSG_GETGEN, AUDIT_NFT_OP_INVALID
},
144 { NFT_MSG_TRACE,AUDIT_NFT_OP_INVALID
},
145 { NFT_MSG_NEWOBJ, AUDIT_NFT_OP_OBJ_REGISTER
},
146 { NFT_MSG_GETOBJ, AUDIT_NFT_OP_INVALID
},
147 { NFT_MSG_DELOBJ, AUDIT_NFT_OP_OBJ_UNREGISTER
},
148 { NFT_MSG_GETOBJ_RESET, AUDIT_NFT_OP_OBJ_RESET
},
149 { NFT_MSG_NEWFLOWTABLE, AUDIT_NFT_OP_FLOWTABLE_REGISTER
},
150 { NFT_MSG_GETFLOWTABLE, AUDIT_NFT_OP_INVALID
},
151 { NFT_MSG_DELFLOWTABLE, AUDIT_NFT_OP_FLOWTABLE_UNREGISTER
},
152 { NFT_MSG_MAX, AUDIT_NFT_OP_INVALID
},
153 };
154
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-...@lists.01.org
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH] audit: Report suspicious O_CREAT usage
Hi Kees,
I love your patch! Perhaps something to improve:
[auto build test WARNING on linus/master]
[cannot apply to v5.3 next-20190924]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system. BTW, we also suggest to use '--base' option to specify the
base tree in git format-patch, please see https://stackoverflow.com/a/37406982]
url:
https://github.com/0day-ci/linux/commits/Kees-Cook/audit-Report-suspicious-O_CREAT-usage/20190926-050423
config: i386-tinyconfig (attached as .config)
compiler: gcc-7 (Debian 7.4.0-13) 7.4.0
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
If you fix the issue, kindly add following tag
Reported-by: kbuild test robot
All warnings (new ones prefixed by >>):
In file included from include/linux/fsnotify.h:16:0,
from fs/namei.c:25:
include/linux/audit.h:222:1: error: expected identifier or '(' before '{'
token
{ }
^
In file included from include/linux/fsnotify.h:16:0,
from fs/namei.c:25:
>> include/linux/audit.h:221:20: warning: 'audit_log_path_denied' used but
>> never defined
static inline void audit_log_path_denied(int type, const char *string);
^
vim +/audit_log_path_denied +221 include/linux/audit.h
187
188 #else /* CONFIG_AUDIT */
189 static inline __printf(4, 5)
190 void audit_log(struct audit_context *ctx, gfp_t gfp_mask, int type,
191 const char *fmt, ...)
192 { }
193 static inline struct audit_buffer *audit_log_start(struct audit_context
*ctx,
194 gfp_t gfp_mask, int
type)
195 {
196 return NULL;
197 }
198 static inline __printf(2, 3)
199 void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
200 { }
201 static inline void audit_log_end(struct audit_buffer *ab)
202 { }
203 static inline void audit_log_n_hex(struct audit_buffer *ab,
204 const unsigned char *buf, size_t len)
205 { }
206 static inline void audit_log_n_string(struct audit_buffer *ab,
207const char *buf, size_t n)
208 { }
209 static inline void audit_log_n_untrustedstring(struct audit_buffer *ab,
210 const char *string,
size_t n)
211 { }
212 static inline void audit_log_untrustedstring(struct audit_buffer *ab,
213 const char *string)
214 { }
215 static inline void audit_log_d_path(struct audit_buffer *ab,
216 const char *prefix,
217 const struct path *path)
218 { }
219 static inline void audit_log_key(struct audit_buffer *ab, char *key)
220 { }
> 221 static inline void audit_log_path_denied(int type, const char *string);
> 222 { }
223 static inline int audit_log_task_context(struct audit_buffer *ab)
224 {
225 return 0;
226 }
227 static inline void audit_log_task_info(struct audit_buffer *ab)
228 { }
229
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
Re: [PATCH] audit: Report suspicious O_CREAT usage
Hi Kees,
I love your patch! Yet something to improve:
[auto build test ERROR on linus/master]
[cannot apply to v5.3 next-20190924]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system. BTW, we also suggest to use '--base' option to specify the
base tree in git format-patch, please see https://stackoverflow.com/a/37406982]
url:
https://github.com/0day-ci/linux/commits/Kees-Cook/audit-Report-suspicious-O_CREAT-usage/20190926-050423
config: i386-tinyconfig (attached as .config)
compiler: gcc-7 (Debian 7.4.0-13) 7.4.0
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
If you fix the issue, kindly add following tag
Reported-by: kbuild test robot
All errors (new ones prefixed by >>):
In file included from include/linux/fsnotify.h:16:0,
from fs///attr.c:15:
>> include/linux/audit.h:222:1: error: expected identifier or '(' before '{'
>> token
{ }
^
include/linux/audit.h:221:20: warning: 'audit_log_path_denied' declared
'static' but never defined [-Wunused-function]
static inline void audit_log_path_denied(int type, const char *string);
^
vim +222 include/linux/audit.h
b48345aafb2038 Richard Guy Briggs 2019-05-10 187
96368701e1c890 Paul Moore 2016-01-13 188 #else /* CONFIG_AUDIT */
96368701e1c890 Paul Moore 2016-01-13 189 static inline __printf(4, 5)
96368701e1c890 Paul Moore 2016-01-13 190 void audit_log(struct
audit_context *ctx, gfp_t gfp_mask, int type,
96368701e1c890 Paul Moore 2016-01-13 191 const char *fmt,
...)
96368701e1c890 Paul Moore 2016-01-13 192 { }
96368701e1c890 Paul Moore 2016-01-13 193 static inline struct
audit_buffer *audit_log_start(struct audit_context *ctx,
96368701e1c890 Paul Moore 2016-01-13 194
gfp_t gfp_mask, int type)
96368701e1c890 Paul Moore 2016-01-13 195 {
96368701e1c890 Paul Moore 2016-01-13 196 return NULL;
96368701e1c890 Paul Moore 2016-01-13 197 }
96368701e1c890 Paul Moore 2016-01-13 198 static inline __printf(2, 3)
96368701e1c890 Paul Moore 2016-01-13 199 void audit_log_format(struct
audit_buffer *ab, const char *fmt, ...)
96368701e1c890 Paul Moore 2016-01-13 200 { }
96368701e1c890 Paul Moore 2016-01-13 201 static inline void
audit_log_end(struct audit_buffer *ab)
96368701e1c890 Paul Moore 2016-01-13 202 { }
96368701e1c890 Paul Moore 2016-01-13 203 static inline void
audit_log_n_hex(struct audit_buffer *ab,
96368701e1c890 Paul Moore 2016-01-13 204
const unsigned char *buf, size_t len)
96368701e1c890 Paul Moore 2016-01-13 205 { }
96368701e1c890 Paul Moore 2016-01-13 206 static inline void
audit_log_n_string(struct audit_buffer *ab,
96368701e1c890 Paul Moore 2016-01-13 207
const char *buf, size_t n)
96368701e1c890 Paul Moore 2016-01-13 208 { }
96368701e1c890 Paul Moore 2016-01-13 209 static inline void
audit_log_n_untrustedstring(struct audit_buffer *ab,
96368701e1c890 Paul Moore 2016-01-13 210
const char *string, size_t n)
96368701e1c890 Paul Moore 2016-01-13 211 { }
96368701e1c890 Paul Moore 2016-01-13 212 static inline void
audit_log_untrustedstring(struct audit_buffer *ab,
96368701e1c890 Paul Moore 2016-01-13 213
const char *string)
96368701e1c890 Paul Moore 2016-01-13 214 { }
96368701e1c890 Paul Moore 2016-01-13 215 static inline void
audit_log_d_path(struct audit_buffer *ab,
96368701e1c890 Paul Moore 2016-01-13 216
const char *prefix,
96368701e1c890 Paul Moore 2016-01-13 217
const struct path *path)
96368701e1c890 Paul Moore 2016-01-13 218 { }
96368701e1c890 Paul Moore 2016-01-13 219 static inline void
audit_log_key(struct audit_buffer *ab, char *key)
96368701e1c890 Paul Moore 2016-01-13 220 { }
21e61058cf0f22 Kees Cook 2019-09-25 221 static inline void
audit_log_path_denied(int type, const char *string);
96368701e1c890 Paul Moore 2016-01-13 @222 { }
96368701e1c890 Paul Moore 2016-01-13 223 static inline int
audit_log_task_context(struct audit_buffer *ab)
96368701e1c890 Paul Moore 2016-01-13 224 {
96368701e1c890 Paul Moore 2016-01-13 225 return 0;
96368701e1c890 Paul Moore 2016-01-13 226 }
2a1fe215e7300c Paul Moore 2018-11-26 227 static inline void
audit_log_task_info(struct audit_buffer *ab)
96368701e1c890 Paul Moore 20
Re: [PATCH v5 19/25] xtensa: define syscall_get_* functions
Hi Dmitry, Thank you for the patch! Yet something to improve: [auto build test ERROR on linus/master] [also build test ERROR on v4.20-rc7] [cannot apply to next-20181218] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Dmitry-V-Levin/ptrace-add-PTRACE_GET_SYSCALL_INFO-request/20181210-174745 config: xtensa-iss_defconfig (attached as .config) compiler: xtensa-linux-gcc (GCC) 8.1.0 reproduce: wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # save the attached .config to linux build tree GCC_VERSION=8.1.0 make.cross ARCH=xtensa All errors (new ones prefixed by >>): ^~ include/linux/signal.h:122:20: note: in definition of macro '_SIG_SET_BINOP' static inline void name(sigset_t *r, const sigset_t *a, const sigset_t *b) \ ^~~~ include/linux/signal.h:153:16: error: invalid storage class for function 'sigandnsets' _SIG_SET_BINOP(sigandnsets, _sig_andn) ^~~ include/linux/signal.h:122:20: note: in definition of macro '_SIG_SET_BINOP' static inline void name(sigset_t *r, const sigset_t *a, const sigset_t *b) \ ^~~~ include/linux/signal.h:177:13: error: invalid storage class for function 'signotset' _SIG_SET_OP(signotset, _sig_not) ^ include/linux/signal.h:161:20: note: in definition of macro '_SIG_SET_OP' static inline void name(sigset_t *set) \ ^~~~ include/linux/signal.h:182:20: error: invalid storage class for function 'sigemptyset' static inline void sigemptyset(sigset_t *set) ^~~ include/linux/signal.h:195:20: error: invalid storage class for function 'sigfillset' static inline void sigfillset(sigset_t *set) ^~ include/linux/signal.h:210:20: error: invalid storage class for function 'sigaddsetmask' static inline void sigaddsetmask(sigset_t *set, unsigned long mask) ^ include/linux/signal.h:215:20: error: invalid storage class for function 'sigdelsetmask' static inline void sigdelsetmask(sigset_t *set, unsigned long mask) ^ include/linux/signal.h:220:19: error: invalid storage class for function 'sigtestsetmask' static inline int sigtestsetmask(sigset_t *set, unsigned long mask) ^~ include/linux/signal.h:225:20: error: invalid storage class for function 'siginitset' static inline void siginitset(sigset_t *set, unsigned long mask) ^~ include/linux/signal.h:237:20: error: invalid storage class for function 'siginitsetinv' static inline void siginitsetinv(sigset_t *set, unsigned long mask) ^ include/linux/signal.h:251:20: error: invalid storage class for function 'init_sigpending' static inline void init_sigpending(struct sigpending *sig) ^~~ include/linux/signal.h:260:19: error: invalid storage class for function 'valid_signal' static inline int valid_signal(unsigned long sig) ^~~~ include/linux/signal.h:285:20: error: invalid storage class for function 'allow_signal' static inline void allow_signal(int sig) ^~~~ include/linux/signal.h:295:20: error: invalid storage class for function 'disallow_signal' static inline void disallow_signal(int sig) ^~~ In file included from include/linux/key.h:22, from include/linux/syscalls.h:83, from arch/xtensa/kernel/syscall.c:24: include/linux/sysctl.h:100:21: error: invalid storage class for function 'proc_sys_poll_event' static inline void *proc_sys_poll_event(struct ctl_table_poll *poll) ^~~ In file included from include/linux/static_key.h:1, from include/linux/tracepoint-defs.h:12, from include/linux/tracepoint.h:23, from include/trace/syscall.h:5, from include/linux/syscalls.h:85, from arch/xtensa/kernel/syscall.c:24: include/linux/jump_label.h:253:19: error: invalid storage class for function 'static_key_count' static inline int static_key_count(struct static_key *key) ^~~~ include/linux/jump_label.h:258:29: error: invalid storage class for function 'jump_label_init' static __always_inline void jump_label_init(void) ^~~ include/linux/jump_label.h:263:29: error: invalid storage class for function 'static_key_false' static __always_inline bool s
Re: [PATCH v5 19/25] xtensa: define syscall_get_* functions
Hi Dmitry, Thank you for the patch! Yet something to improve: [auto build test ERROR on linus/master] [also build test ERROR on v4.20-rc6] [cannot apply to next-20181211] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Dmitry-V-Levin/ptrace-add-PTRACE_GET_SYSCALL_INFO-request/20181210-174745 config: xtensa-allmodconfig (attached as .config) compiler: xtensa-linux-gcc (GCC) 8.1.0 reproduce: wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # save the attached .config to linux build tree GCC_VERSION=8.1.0 make.cross ARCH=xtensa All error/warnings (new ones prefixed by >>): In file included from arch/xtensa/kernel/syscall.c:19: arch/xtensa/include/asm/syscall.h: In function 'syscall_get_error': arch/xtensa/include/asm/syscall.h:66:9: error: implicit declaration of function 'IS_ERR_VALUE'; did you mean 'USER_PS_VALUE'? [-Werror=implicit-function-declaration] return IS_ERR_VALUE(regs->areg[2]) ? regs->areg[2] : 0; ^~~~ USER_PS_VALUE >> arch/xtensa/include/asm/syscall.h:69:1: error: invalid storage class for >> function 'syscall_get_return_value' syscall_get_return_value(struct task_struct *task, struct pt_regs *regs) ^~~~ >> arch/xtensa/include/asm/syscall.h:68:1: warning: ISO C90 forbids mixed >> declarations and code [-Wdeclaration-after-statement] static inline long ^~ >> arch/xtensa/include/asm/syscall.h:75:1: error: invalid storage class for >> function 'syscall_get_arch' syscall_get_arch(void) ^~~~ In file included from include/linux/wait_bit.h:8, from include/linux/fs.h:6, from include/uapi/linux/aio_abi.h:31, from include/linux/syscalls.h:74, from arch/xtensa/kernel/syscall.c:24: include/linux/wait.h:31:19: error: field 'entry' has incomplete type struct list_head entry; ^ include/linux/wait.h:36:19: error: field 'head' has incomplete type struct list_head head; ^~~~ include/linux/wait.h:79:20: error: invalid storage class for function 'init_waitqueue_entry' static inline void init_waitqueue_entry(struct wait_queue_entry *wq_entry, struct task_struct *p) ^~~~ include/linux/wait.h:87:1: error: invalid storage class for function 'init_waitqueue_func_entry' init_waitqueue_func_entry(struct wait_queue_entry *wq_entry, wait_queue_func_t func) ^ include/linux/wait.h:124:19: error: invalid storage class for function 'waitqueue_active' static inline int waitqueue_active(struct wait_queue_head *wq_head) ^~~~ include/linux/wait.h:137:20: error: invalid storage class for function 'wq_has_sleeper' static inline bool wq_has_sleeper(struct wait_queue_head *wq_head) ^~ include/linux/wait.h:154:20: error: invalid storage class for function '__add_wait_queue' static inline void __add_wait_queue(struct wait_queue_head *wq_head, struct wait_queue_entry *wq_entry) ^~~~ include/linux/wait.h:163:1: error: invalid storage class for function '__add_wait_queue_exclusive' __add_wait_queue_exclusive(struct wait_queue_head *wq_head, struct wait_queue_entry *wq_entry) ^~ include/linux/wait.h:169:20: error: invalid storage class for function '__add_wait_queue_entry_tail' static inline void __add_wait_queue_entry_tail(struct wait_queue_head *wq_head, struct wait_queue_entry *wq_entry) ^~~ include/linux/wait.h:175:1: error: invalid storage class for function '__add_wait_queue_entry_tail_exclusive' __add_wait_queue_entry_tail_exclusive(struct wait_queue_head *wq_head, struct wait_queue_entry *wq_entry) ^ include/linux/wait.h:182:1: error: invalid storage class for function '__remove_wait_queue' __remove_wait_queue(struct wait_queue_head *wq_head, struct wait_queue_entry *wq_entry) ^~~ In file included from include/linux/fs.h:6, from include/uapi/linux/aio_abi.h:31, from include/linux/syscalls.h:74, from arch/xtensa/kernel/syscall.c:24: include/linux/wait_bit.h:71:1: error: invalid storage class for function 'wait_on_bit' wait_on_bit(unsigned long *word, int bit, unsigned mode) ^~~ include/linux/wait_bit.h:96:1: error: invalid storage class for function 'wait_on_bit_io' wait_on_bit_io(unsigned long *word, int bit, unsigned mode) ^~ include/linux/wait_bit.h:122:1: error: invalid storage
Re: [PATCH ghak81 V3 3/3] audit: collect audit task parameters
Hi Richard,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on next-20180516]
[cannot apply to linus/master tip/sched/core v4.17-rc5 v4.17-rc4 v4.17-rc3
v4.17-rc5]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-group-task-params/20180517-090703
config: i386-tinyconfig (attached as .config)
compiler: gcc-7 (Debian 7.3.0-16) 7.3.0
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All errors (new ones prefixed by >>):
kernel/fork.c: In function 'copy_process':
>> kernel/fork.c:1739:3: error: 'struct task_struct' has no member named 'audit'
p->audit = NULL;
^~
vim +1739 kernel/fork.c
1728
1729 p->default_timer_slack_ns = current->timer_slack_ns;
1730
1731 task_io_accounting_init(&p->ioac);
1732 acct_clear_integrals(p);
1733
1734 posix_cpu_timers_init(p);
1735
1736 p->start_time = ktime_get_ns();
1737 p->real_start_time = ktime_get_boot_ns();
1738 p->io_context = NULL;
> 1739 p->audit = NULL;
1740 cgroup_fork(p);
1741 #ifdef CONFIG_NUMA
1742 p->mempolicy = mpol_dup(p->mempolicy);
1743 if (IS_ERR(p->mempolicy)) {
1744 retval = PTR_ERR(p->mempolicy);
1745 p->mempolicy = NULL;
1746 goto bad_fork_cleanup_threadgroup_lock;
1747 }
1748 #endif
1749 #ifdef CONFIG_CPUSETS
1750 p->cpuset_mem_spread_rotor = NUMA_NO_NODE;
1751 p->cpuset_slab_spread_rotor = NUMA_NO_NODE;
1752 seqcount_init(&p->mems_allowed_seq);
1753 #endif
1754 #ifdef CONFIG_TRACE_IRQFLAGS
1755 p->irq_events = 0;
1756 p->hardirqs_enabled = 0;
1757 p->hardirq_enable_ip = 0;
1758 p->hardirq_enable_event = 0;
1759 p->hardirq_disable_ip = _THIS_IP_;
1760 p->hardirq_disable_event = 0;
1761 p->softirqs_enabled = 1;
1762 p->softirq_enable_ip = _THIS_IP_;
1763 p->softirq_enable_event = 0;
1764 p->softirq_disable_ip = 0;
1765 p->softirq_disable_event = 0;
1766 p->hardirq_context = 0;
1767 p->softirq_context = 0;
1768 #endif
1769
1770 p->pagefault_disabled = 0;
1771
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH ghak21 V2 2/4] audit: link denied should not directly generate PATH record
Hi Richard,
Thank you for the patch! Yet something to improve:
[auto build test ERROR on linus/master]
[also build test ERROR on v4.16-rc5 next-20180309]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-address-ANOM_LINK-excess-records/20180313-015527
config: i386-tinyconfig (attached as .config)
compiler: gcc-7 (Debian 7.3.0-1) 7.3.0
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
Note: the
linux-review/Richard-Guy-Briggs/audit-address-ANOM_LINK-excess-records/20180313-015527
HEAD 12e8c56bcd359f7d20d4ae011674d37bc832bc4c builds fine.
It only hurts bisectibility.
All errors (new ones prefixed by >>):
fs/namei.c: In function 'may_follow_link':
>> fs/namei.c:929:2: error: too many arguments to function
>> 'audit_log_link_denied'
audit_log_link_denied("follow_link", &nd->stack[0].link);
^
In file included from include/linux/fsnotify.h:16:0,
from fs/namei.c:25:
include/linux/audit.h:196:20: note: declared here
static inline void audit_log_link_denied(const char *string)
^
vim +/audit_log_link_denied +929 fs/namei.c
800179c9b Kees Cook 2012-07-25 886
800179c9b Kees Cook 2012-07-25 887 /**
800179c9b Kees Cook 2012-07-25 888 * may_follow_link - Check symlink
following for unsafe situations
55852635a Randy Dunlap 2012-08-18 889 * @nd: nameidata pathwalk data
800179c9b Kees Cook 2012-07-25 890 *
800179c9b Kees Cook 2012-07-25 891 * In the case of the
sysctl_protected_symlinks sysctl being enabled,
800179c9b Kees Cook 2012-07-25 892 * CAP_DAC_OVERRIDE needs to be
specifically ignored if the symlink is
800179c9b Kees Cook 2012-07-25 893 * in a sticky world-writable
directory. This is to protect privileged
800179c9b Kees Cook 2012-07-25 894 * processes from failing races
against path names that may change out
800179c9b Kees Cook 2012-07-25 895 * from under them by way of other
users creating malicious symlinks.
800179c9b Kees Cook 2012-07-25 896 * It will permit symlinks to be
followed only when outside a sticky
800179c9b Kees Cook 2012-07-25 897 * world-writable directory, or
when the uid of the symlink and follower
800179c9b Kees Cook 2012-07-25 898 * match, or when the directory
owner matches the symlink's owner.
800179c9b Kees Cook 2012-07-25 899 *
800179c9b Kees Cook 2012-07-25 900 * Returns 0 if following the
symlink is allowed, -ve on error.
800179c9b Kees Cook 2012-07-25 901 */
fec2fa24e Al Viro 2015-05-06 902 static inline int
may_follow_link(struct nameidata *nd)
800179c9b Kees Cook 2012-07-25 903 {
800179c9b Kees Cook 2012-07-25 904 const struct inode *inode;
800179c9b Kees Cook 2012-07-25 905 const struct inode *parent;
2d7f9e2ad Seth Forshee 2016-04-26 906 kuid_t puid;
800179c9b Kees Cook 2012-07-25 907
800179c9b Kees Cook 2012-07-25 908 if (!sysctl_protected_symlinks)
800179c9b Kees Cook 2012-07-25 909 return 0;
800179c9b Kees Cook 2012-07-25 910
800179c9b Kees Cook 2012-07-25 911 /* Allowed if owner and
follower match. */
fceef393a Al Viro 2015-12-29 912 inode = nd->link_inode;
81abe27b1 Eric W. Biederman 2012-08-03 913 if
(uid_eq(current_cred()->fsuid, inode->i_uid))
800179c9b Kees Cook 2012-07-25 914 return 0;
800179c9b Kees Cook 2012-07-25 915
800179c9b Kees Cook 2012-07-25 916 /* Allowed if parent directory
not sticky and world-writable. */
aa65fa35b Al Viro 2015-08-04 917 parent = nd->inode;
800179c9b Kees Cook 2012-07-25 918 if ((parent->i_mode &
(S_ISVTX|S_IWOTH)) != (S_ISVTX|S_IWOTH))
800179c9b Kees Cook 2012-07-25 919 return 0;
800179c9b Kees Cook 2012-07-25 920
800179c9b Kees Cook 2012-07-25 921 /* Allowed if parent directory
and link owner match. */
2d7f9e2ad Seth Forshee 2016-04-26 922 puid = parent->i_uid;
2d7f9e2ad Seth Forshee 2016-04-26 923 if (uid_valid(puid) &&
uid_eq(puid, inode->i_uid))
800179c9b Kees Cook 2012-07-25 924 return 0;
800179c9b Kees Cook 2012-07-25 925
31956502d Al Viro 2015-05-07 926 if (nd->flags & LOOKUP_RCU)
31956502d Al Viro 2015-05-07 927 return -ECHILD;
31956502d Al Viro 2015-05-07 928
1cf2665b5 Al Viro 2015-05-06 @929
audit_log_link_denied("follow_link", &nd->stack[0].link);
800179c9b Kees Cook 2012-07-25 930 return -EACCES;
800179c9b Kees Cook 2012-07-25 931 }
800179c9b Kees Cook 2012
Re: [PATCH v6 1/1] audit: Record fanotify access control decisions
Hi Steve,
[auto build test ERROR on linus/master]
[also build test ERROR on v4.14-rc2 next-20170929]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Steve-Grubb/audit-Record-fanotify-access-control-decisions/20170930-005627
config: x86_64-randconfig-b0-09300453 (attached as .config)
compiler: gcc-4.4 (Debian 4.4.7-8) 4.4.7
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All errors (new ones prefixed by >>):
In file included from include/linux/fsnotify.h:14,
from fs/exec.c:59:
>> include/linux/fsnotify_backend.h:193: error: expected identifier or '('
>> before numeric constant
include/linux/fsnotify_backend.h:194: warning: no semicolon at end of struct
or union
vim +193 include/linux/fsnotify_backend.h
122
123 /*
124 * A group is a "thing" that wants to receive notification about
filesystem
125 * events. The mask holds the subset of event types this group cares
about.
126 * refcnt on a group is up to the implementor and at any moment if it
goes 0
127 * everything will be cleaned up.
128 */
129 struct fsnotify_group {
130 /*
131 * How the refcnt is used is up to each group. When the refcnt
hits 0
132 * fsnotify will clean up all of the resources associated with
this group.
133 * As an example, the dnotify group will always have a refcnt=1
and that
134 * will never change. Inotify, on the other hand, has a group
per
135 * inotify_init() and the refcnt will hit 0 only when that fd
has been
136 * closed.
137 */
138 atomic_t refcnt;/* things with interest in this
group */
139
140 const struct fsnotify_ops *ops; /* how this group handles
things */
141
142 /* needed to send notification to userspace */
143 spinlock_t notification_lock; /* protect the
notification_list */
144 struct list_head notification_list; /* list of event_holder
this group needs to send to userspace */
145 wait_queue_head_t notification_waitq; /* read() on the
notification file blocks on this waitq */
146 unsigned int q_len; /* events on the queue
*/
147 unsigned int max_events;/* maximum events
allowed on the list */
148 /*
149 * Valid fsnotify group priorities. Events are send in order
from highest
150 * priority to lowest priority. We default to the lowest
priority.
151 */
152 #define FS_PRIO_0 0 /* normal notifiers, no permissions */
153 #define FS_PRIO_1 1 /* fanotify content based access
control */
154 #define FS_PRIO_2 2 /* fanotify pre-content access */
155 unsigned int priority;
156 bool shutdown; /* group is being shut down, don't
queue more events */
157
158 /* stores all fastpath marks assoc with this group so they can
be cleaned on unregister */
159 struct mutex mark_mutex;/* protect marks_list */
160 atomic_t num_marks; /* 1 for each mark and 1 for
not being
161 * past the point of no return
when freeing
162 * a group */
163 struct list_head marks_list;/* all inode marks for this
group */
164
165 struct fasync_struct *fsn_fa;/* async notification */
166
167 struct fsnotify_event *overflow_event; /* Event we queue when
the
168 * notification list is
too
169 * full */
170 atomic_t user_waits;/* Number of tasks waiting for
user
171 * response */
172
173 /* groups can define private fields here or use the void
*private */
174 union {
175 void *private;
176 #ifdef CONFIG_INOTIFY_USER
177 struct inotify_group_private_data {
178 spinlock_t idr_lock;
179 struct idr idr;
180 struct ucounts *ucounts;
181 } inotify_data;
182 #endif
183 #ifdef CONFIG_FANOTIFY
184 struct fanotify_group_private_data {
185 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
186 /* allows a group to block waiting for a
userspace response */
187 struct list_head access_list;
188 wait_queue_head_t access_waitq;
189 #endif /* CONFIG_FANOTIFY_ACC
Re: [PATCH v6 1/1] audit: Record fanotify access control decisions
Hi Steve,
[auto build test ERROR on linus/master]
[also build test ERROR on v4.14-rc2 next-20170929]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Steve-Grubb/audit-Record-fanotify-access-control-decisions/20170930-005627
config: i386-randconfig-x0-09300058 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All error/warnings (new ones prefixed by >>):
In file included from fs/exec.c:56:0:
>> include/linux/audit.h:215:23: error: expected identifier or '(' before
>> numeric constant
#define audit_enabled 0
^
>> include/linux/fsnotify_backend.h:193:9: note: in expansion of macro
>> 'audit_enabled'
bool audit_enabled;
^
In file included from include/linux/fsnotify.h:14:0,
from fs/exec.c:59:
>> include/linux/fsnotify_backend.h:194:3: warning: no semicolon at end of
>> struct or union
} fanotify_data;
^
vim +215 include/linux/audit.h
96368701 Paul Moore 2016-01-13 168
96368701 Paul Moore 2016-01-13 169 extern u32 audit_enabled;
96368701 Paul Moore 2016-01-13 170 #else /* CONFIG_AUDIT */
96368701 Paul Moore 2016-01-13 171 static inline __printf(4, 5)
96368701 Paul Moore 2016-01-13 172 void audit_log(struct audit_context *ctx,
gfp_t gfp_mask, int type,
96368701 Paul Moore 2016-01-13 173const char *fmt, ...)
96368701 Paul Moore 2016-01-13 174 { }
96368701 Paul Moore 2016-01-13 175 static inline struct audit_buffer
*audit_log_start(struct audit_context *ctx,
96368701 Paul Moore 2016-01-13 176
gfp_t gfp_mask, int type)
96368701 Paul Moore 2016-01-13 177 {
96368701 Paul Moore 2016-01-13 178 return NULL;
96368701 Paul Moore 2016-01-13 179 }
96368701 Paul Moore 2016-01-13 180 static inline __printf(2, 3)
96368701 Paul Moore 2016-01-13 181 void audit_log_format(struct audit_buffer
*ab, const char *fmt, ...)
96368701 Paul Moore 2016-01-13 182 { }
96368701 Paul Moore 2016-01-13 183 static inline void audit_log_end(struct
audit_buffer *ab)
96368701 Paul Moore 2016-01-13 184 { }
96368701 Paul Moore 2016-01-13 185 static inline void audit_log_n_hex(struct
audit_buffer *ab,
96368701 Paul Moore 2016-01-13 186const
unsigned char *buf, size_t len)
96368701 Paul Moore 2016-01-13 187 { }
96368701 Paul Moore 2016-01-13 188 static inline void
audit_log_n_string(struct audit_buffer *ab,
96368701 Paul Moore 2016-01-13 189 const
char *buf, size_t n)
96368701 Paul Moore 2016-01-13 190 { }
96368701 Paul Moore 2016-01-13 191 static inline void
audit_log_n_untrustedstring(struct audit_buffer *ab,
96368701 Paul Moore 2016-01-13 192
const char *string, size_t n)
96368701 Paul Moore 2016-01-13 193 { }
96368701 Paul Moore 2016-01-13 194 static inline void
audit_log_untrustedstring(struct audit_buffer *ab,
96368701 Paul Moore 2016-01-13 195
const char *string)
96368701 Paul Moore 2016-01-13 196 { }
96368701 Paul Moore 2016-01-13 197 static inline void audit_log_d_path(struct
audit_buffer *ab,
96368701 Paul Moore 2016-01-13 198 const char
*prefix,
96368701 Paul Moore 2016-01-13 199 const
struct path *path)
96368701 Paul Moore 2016-01-13 200 { }
96368701 Paul Moore 2016-01-13 201 static inline void audit_log_key(struct
audit_buffer *ab, char *key)
96368701 Paul Moore 2016-01-13 202 { }
96368701 Paul Moore 2016-01-13 203 static inline void
audit_log_link_denied(const char *string,
96368701 Paul Moore 2016-01-13 204 const
struct path *link)
96368701 Paul Moore 2016-01-13 205 { }
96368701 Paul Moore 2016-01-13 206 static inline void audit_log_secctx(struct
audit_buffer *ab, u32 secid)
96368701 Paul Moore 2016-01-13 207 { }
96368701 Paul Moore 2016-01-13 208 static inline int
audit_log_task_context(struct audit_buffer *ab)
96368701 Paul Moore 2016-01-13 209 {
96368701 Paul Moore 2016-01-13 210 return 0;
96368701 Paul Moore 2016-01-13 211 }
96368701 Paul Moore 2016-01-13 212 static inline void
audit_log_task_info(struct audit_buffer *ab,
96368701 Paul Moore 2016-01-13 213struct
task_struct *tsk)
96368701 Paul Moore 2016-01-13 214 { }
96368701 Paul Moore 2016-01-13 @215 #define audit_enabled 0
96368701 Paul Moore 2016-01-13 216 #endif /* CONFIG_AUDIT */
96368701 Paul Moore 2016-01-13 217
:: The code at line 215 was first introduced by commit
:: 96368701e1c89057bbf39222e965161c68a85b4b audit: force seccomp event
logging to honor the audit_enabled flag
:: TO: Paul
Re: [PATCH V2 1/1] audit: Record fanotify access control decisions
Hi Steve,
[auto build test ERROR on linus/master]
[also build test ERROR on v4.14-rc2 next-20170926]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Steve-Grubb/audit-Record-fanotify-access-control-decisions/20170927-023432
config: x86_64-randconfig-x013-201739 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=x86_64
All errors (new ones prefixed by >>):
fs/notify//fanotify/fanotify.c: In function 'fanotify_get_response':
>> fs/notify//fanotify/fanotify.c:93:3: error: implicit declaration of function
>> 'audit_fanotify' [-Werror=implicit-function-declaration]
audit_fanotify(event->response & ~FAN_AUDIT);
^~
cc1: some warnings being treated as errors
vim +/audit_fanotify +93 fs/notify//fanotify/fanotify.c
58
59 #ifdef CONFIG_FANOTIFY_ACCESS_PERMISSIONS
60 static int fanotify_get_response(struct fsnotify_group *group,
61 struct fanotify_perm_event_info *event,
62 struct fsnotify_iter_info *iter_info)
63 {
64 int ret;
65
66 pr_debug("%s: group=%p event=%p\n", __func__, group, event);
67
68 /*
69 * fsnotify_prepare_user_wait() fails if we race with mark
deletion.
70 * Just let the operation pass in that case.
71 */
72 if (!fsnotify_prepare_user_wait(iter_info)) {
73 event->response = FAN_ALLOW;
74 goto out;
75 }
76
77 wait_event(group->fanotify_data.access_waitq, event->response);
78
79 fsnotify_finish_user_wait(iter_info);
80 out:
81 /* userspace responded, convert to something usable */
82 switch (event->response & ~FAN_AUDIT) {
83 case FAN_ALLOW:
84 ret = 0;
85 break;
86 case FAN_DENY:
87 default:
88 ret = -EPERM;
89 }
90
91 /* Check if the response should be audited */
92 if (event->response & FAN_AUDIT)
> 93 audit_fanotify(event->response & ~FAN_AUDIT);
94
95 event->response = 0;
96
97 pr_debug("%s: group=%p event=%p about to return ret=%d\n",
__func__,
98 group, event, ret);
99
100 return ret;
101 }
102 #endif
103
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH ALT4] audit: show fstype:pathname for entries with anonymous parents
Hi Richard,
[auto build test WARNING on pcmoore-audit/next]
[also build test WARNING on v4.10 next-20170302]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-show-fstype-pathname-for-entries-with-anonymous-parents/20170302-200143
base: git://git.infradead.org/users/pcmoore/audit next
config: i386-defconfig (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
All warnings (new ones prefixed by >>):
kernel/auditsc.c: In function '__audit_inode_child':
>> kernel/auditsc.c:1920:27: warning: passing argument 1 of 'dget_parent'
>> discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
n->dentry = dget_parent(dentry);
^~
In file included from include/linux/fs.h:7:0,
from kernel/auditsc.c:50:
include/linux/dcache.h:322:23: note: expected 'struct dentry *' but argument
is of type 'const struct dentry *'
extern struct dentry *dget_parent(struct dentry *dentry);
^~~
>> kernel/auditsc.c:1943:30: warning: passing argument 1 of 'dget' discards
>> 'const' qualifier from pointer target type [-Wdiscarded-qualifiers]
found_child->dentry = dget(dentry);
^~
In file included from include/linux/fs.h:7:0,
from kernel/auditsc.c:50:
include/linux/dcache.h:315:30: note: expected 'struct dentry *' but argument
is of type 'const struct dentry *'
static inline struct dentry *dget(struct dentry *dentry)
^~~~
vim +1920 kernel/auditsc.c
1914 if (!found_parent) {
1915 /* create a new, "anonymous" parent record */
1916 n = audit_alloc_name(context, AUDIT_TYPE_PARENT);
1917 if (!n)
1918 return;
1919 audit_copy_inode(n, NULL, parent);
> 1920 n->dentry = dget_parent(dentry);
1921 }
1922
1923 if (!found_child) {
1924 found_child = audit_alloc_name(context, type);
1925 if (!found_child)
1926 return;
1927
1928 /* Re-use the name belonging to the slot for a matching
parent
1929 * directory. All names for this context are
relinquished in
1930 * audit_free_names() */
1931 if (found_parent) {
1932 found_child->name = found_parent->name;
1933 found_child->name_len = AUDIT_NAME_FULL;
1934 found_child->name->refcnt++;
1935 }
1936 }
1937
1938 if (inode)
1939 audit_copy_inode(found_child, dentry, inode);
1940 else
1941 found_child->ino = AUDIT_INO_UNSET;
1942 if (!found_parent)
> 1943 found_child->dentry = dget(dentry);
1944 }
1945 EXPORT_SYMBOL_GPL(__audit_inode_child);
1946
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH 01/19] kernel: convert sighand_struct.count from atomic_t to refcount_t
Hi Elena,
[auto build test WARNING on next-20170220]
[cannot apply to linus/master linux/master tip/perf/core v4.9-rc8 v4.9-rc7
v4.9-rc6]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Elena-Reshetova/kernel-convert-sighand_struct-count-from-atomic_t-to-refcount_t/20170220-183434
config: blackfin-TCM-BF537_defconfig (attached as .config)
compiler: bfin-uclinux-gcc (GCC) 6.2.0
reproduce:
wget
https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
-O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=blackfin
All warnings (new ones prefixed by >>):
In file included from include/asm-generic/bug.h:4:0,
from arch/blackfin/include/asm/bug.h:71,
from include/linux/bug.h:4,
from include/linux/mmdebug.h:4,
from include/linux/mm.h:8,
from fs/proc/task_nommu.c:2:
fs/proc/task_nommu.c: In function 'task_mem':
include/asm-generic/atomic.h:177:37: error: 'refcount_t {aka struct
refcount_struct}' has no member named 'counter'
#define atomic_read(v) READ_ONCE((v)->counter)
^
include/linux/compiler.h:316:17: note: in definition of macro '__READ_ONCE'
union { typeof(x) __val; char __c[1]; } __u; \
^
include/asm-generic/atomic.h:177:24: note: in expansion of macro 'READ_ONCE'
#define atomic_read(v) READ_ONCE((v)->counter)
^
>> fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
include/asm-generic/atomic.h:177:37: error: 'refcount_t {aka struct
refcount_struct}' has no member named 'counter'
#define atomic_read(v) READ_ONCE((v)->counter)
^
include/linux/compiler.h:318:22: note: in definition of macro '__READ_ONCE'
__read_once_size(&(x), __u.__c, sizeof(x)); \
^
include/asm-generic/atomic.h:177:24: note: in expansion of macro 'READ_ONCE'
#define atomic_read(v) READ_ONCE((v)->counter)
^
>> fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
include/asm-generic/atomic.h:177:37: error: 'refcount_t {aka struct
refcount_struct}' has no member named 'counter'
#define atomic_read(v) READ_ONCE((v)->counter)
^
include/linux/compiler.h:318:42: note: in definition of macro '__READ_ONCE'
__read_once_size(&(x), __u.__c, sizeof(x)); \
^
include/asm-generic/atomic.h:177:24: note: in expansion of macro 'READ_ONCE'
#define atomic_read(v) READ_ONCE((v)->counter)
^
>> fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
include/asm-generic/atomic.h:177:37: error: 'refcount_t {aka struct
refcount_struct}' has no member named 'counter'
#define atomic_read(v) READ_ONCE((v)->counter)
^
include/linux/compiler.h:320:30: note: in definition of macro '__READ_ONCE'
__read_once_size_nocheck(&(x), __u.__c, sizeof(x)); \
^
include/asm-generic/atomic.h:177:24: note: in expansion of macro 'READ_ONCE'
#define atomic_read(v) READ_ONCE((v)->counter)
^
>> fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
include/asm-generic/atomic.h:177:37: error: 'refcount_t {aka struct
refcount_struct}' has no member named 'counter'
#define atomic_read(v) READ_ONCE((v)->counter)
^
include/linux/compiler.h:320:50: note: in definition of macro '__READ_ONCE'
__read_once_size_nocheck(&(x), __u.__c, sizeof(x)); \
^
include/asm-generic/atomic.h:177:24: note: in expansion of macro 'READ_ONCE'
#define atomic_read(v) READ_ONCE((v)->counter)
^
>> fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
vim +/atomic_read +64 fs/proc/task_nommu.c
^1da177e Linus Torvalds2005-04-16 48
^1da177e Linus Torvalds2005-04-16 49 if (atomic_read(&mm->mm_count)
> 1)
^1da177e Linus
Re: [PATCH 01/19] kernel: convert sighand_struct.count from atomic_t to refcount_t
Hi Elena,
[auto build test ERROR on next-20170220]
[cannot apply to linus/master linux/master tip/perf/core v4.9-rc8 v4.9-rc7
v4.9-rc6]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
url:
https://github.com/0day-ci/linux/commits/Elena-Reshetova/kernel-convert-sighand_struct-count-from-atomic_t-to-refcount_t/20170220-183434
config: blackfin-BF561-EZKIT-SMP_defconfig (attached as .config)
compiler: bfin-uclinux-gcc (GCC) 6.2.0
reproduce:
wget
https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
-O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=blackfin
All errors (new ones prefixed by >>):
In file included from include/linux/atomic.h:4:0,
from arch/blackfin/include/asm/spinlock.h:14,
from include/linux/spinlock.h:87,
from include/linux/mmzone.h:7,
from include/linux/gfp.h:5,
from include/linux/mm.h:9,
from fs/proc/task_nommu.c:2:
fs/proc/task_nommu.c: In function 'task_mem':
>> arch/blackfin/include/asm/atomic.h:27:53: error: 'refcount_t {aka struct
>> refcount_struct}' has no member named 'counter'
#define atomic_read(v) __raw_uncached_fetch_asm(&(v)->counter)
^
fs/proc/task_nommu.c:64:26: note: in expansion of macro 'atomic_read'
if (current->sighand && atomic_read(¤t->sighand->count) > 1)
^~~
vim +27 arch/blackfin/include/asm/atomic.h
d835b6c4 arch/blackfin/include/asm/atomic.h Peter Zijlstra 2015-04-23 21
d835b6c4 arch/blackfin/include/asm/atomic.h Peter Zijlstra 2015-04-23 22
asmlinkage int __raw_atomic_and_asm(volatile int *ptr, int value);
d835b6c4 arch/blackfin/include/asm/atomic.h Peter Zijlstra 2015-04-23 23
asmlinkage int __raw_atomic_or_asm(volatile int *ptr, int value);
6b3087c6 arch/blackfin/include/asm/atomic.h Graf Yang 2009-01-07 24
asmlinkage int __raw_atomic_xor_asm(volatile int *ptr, int value);
6b3087c6 arch/blackfin/include/asm/atomic.h Graf Yang 2009-01-07 25
asmlinkage int __raw_atomic_test_asm(const volatile int *ptr, int value);
6b3087c6 arch/blackfin/include/asm/atomic.h Graf Yang 2009-01-07 26
ae41f32e arch/blackfin/include/asm/atomic.h Mike Frysinger 2011-06-17 @27
#define atomic_read(v) __raw_uncached_fetch_asm(&(v)->counter)
1394f032 include/asm-blackfin/atomic.h Bryan Wu 2007-05-06 28
d835b6c4 arch/blackfin/include/asm/atomic.h Peter Zijlstra 2015-04-23 29
#define atomic_add_return(i, v) __raw_atomic_add_asm(&(v)->counter, i)
d835b6c4 arch/blackfin/include/asm/atomic.h Peter Zijlstra 2015-04-23 30
#define atomic_sub_return(i, v) __raw_atomic_add_asm(&(v)->counter, -(i))
:: The code at line 27 was first introduced by commit
:: ae41f32e16d8e87c84cb910a6a6aefb50318894d Blackfin: SMP: convert to
common asm-generic/atomic.h
:: TO: Mike Frysinger
:: CC: Mike Frysinger
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH 1/2] seccomp: Create an action to audit before allowing
Hi Tyler, [auto build test ERROR on linus/master] [also build test ERROR on v4.10-rc2 next-20161224] [if your patch is applied to the wrong git tree, please drop us a note to help improve the system] url: https://github.com/0day-ci/linux/commits/Tyler-Hicks/seccomp-Create-an-action-to-audit-before-allowing/20170103-041342 config: i386-randconfig-x003-201701 (attached as .config) compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901 reproduce: # save the attached .config to linux build tree make ARCH=i386 All errors (new ones prefixed by >>): kernel/seccomp.c: In function '__seccomp_filter': >> kernel/seccomp.c:634:3: error: implicit declaration of function >> 'audit_seccomp_common' [-Werror=implicit-function-declaration] audit_seccomp_common(this_syscall, action); ^~~~ cc1: some warnings being treated as errors vim +/audit_seccomp_common +634 kernel/seccomp.c 628 if (__seccomp_filter(this_syscall, NULL, true)) 629 return -1; 630 631 return 0; 632 633 case SECCOMP_RET_AUDIT: > 634 audit_seccomp_common(this_syscall, action); 635 return 0; 636 637 case SECCOMP_RET_ALLOW: --- 0-DAY kernel test infrastructureOpen Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation .config.gz Description: application/gzip -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
[pcmoore-audit:working-testing 5/6] kernel/audit.c:1456:2: note: in expansion of macro 'if'
tree: git://git.infradead.org/users/pcmoore/audit working-testing
head: a49c8e50dda0d0232dfbed567608724c9666b6ab
commit: 20fb66989030c8f631d687ddaca75b9f7f2ee589 [5/6] Work in progress, no
commit description yet.
config: x86_64-randconfig-s2-11120755 (attached as .config)
compiler: gcc-6 (Debian 6.2.0-3) 6.2.0 20160901
reproduce:
git checkout 20fb66989030c8f631d687ddaca75b9f7f2ee589
# save the attached .config to linux build tree
make ARCH=x86_64
All warnings (new ones prefixed by >>):
In file included from include/linux/file.h:8:0,
from kernel/audit.c:46:
kernel/audit.c: In function 'audit_log_start':
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/audit.c:1456:2: note: in expansion of macro 'if'
if ((!audit_pid && audit_pid != current->tgid) &&
^~
include/linux/compiler.h:520:26: note: in expansion of macro '__ACCESS_ONCE'
#define ACCESS_ONCE(x) (*__ACCESS_ONCE(x))
^
kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/audit.c:1456:2: note: in expansion of macro 'if'
if ((!audit_pid && audit_pid != current->tgid) &&
^~
include/linux/compiler.h:520:26: note: in expansion of macro '__ACCESS_ONCE'
#define ACCESS_ONCE(x) (*__ACCESS_ONCE(x))
^
kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/audit.c:1456:2: note: in expansion of macro 'if'
if ((!audit_pid && audit_pid != current->tgid) &&
^~
include/linux/compiler.h:520:26: note: in expansion of macro '__ACCESS_ONCE'
#define ACCESS_ONCE(x) (*__ACCESS_ONCE(x))
^
kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:30: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/audit.c:1456:2: note: in expansion of macro 'if'
if ((!audit_pid && audit_pid != current->tgid) &&
^~
include/linux/compiler.h:520:26: note: in expansion of macro '__ACCESS_ONCE'
#define ACCESS_ONCE(x) (*__ACCESS_ONCE(x))
^
kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:42: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>> kernel/audit.c:1456:2: note: in expansion of macro 'if'
if ((!audit_pid && audit_pid != current->tgid) &&
^~
include/linux/compiler.h:520:26: note: in expansion of macro '__ACCESS_ONCE'
#define ACCESS_ONCE(x) (*__ACCESS_ONCE(x))
^
kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:149:42: note: in definition of macro '__trace_if'
if (__builtin_constant_p(!!(cond)) ? !!(cond) : \
^~~~
>>
[pcmoore-audit:working-testing 5/6] kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
tree: git://git.infradead.org/users/pcmoore/audit working-testing
head: a49c8e50dda0d0232dfbed567608724c9666b6ab
commit: 20fb66989030c8f631d687ddaca75b9f7f2ee589 [5/6] Work in progress, no
commit description yet.
config: mips-mtx1_defconfig (attached as .config)
compiler: mipsel-linux-gnu-gcc (Debian 6.1.1-9) 6.1.1 20160705
reproduce:
wget
https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
-O ~/bin/make.cross
chmod +x ~/bin/make.cross
git checkout 20fb66989030c8f631d687ddaca75b9f7f2ee589
# save the attached .config to linux build tree
make.cross ARCH=mips
All error/warnings (new ones prefixed by >>):
In file included from include/linux/file.h:8:0,
from kernel/audit.c:46:
kernel/audit.c: In function 'audit_log_start':
>> kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:518:25: note: in definition of macro '__ACCESS_ONCE'
__maybe_unused typeof(x) __var = (__force typeof(x)) 0; \
^
>> kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
>> kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:518:52: note: in definition of macro '__ACCESS_ONCE'
__maybe_unused typeof(x) __var = (__force typeof(x)) 0; \
^
>> kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
>> kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:519:19: note: in definition of macro '__ACCESS_ONCE'
(volatile typeof(x) *)&(x); })
^
>> kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
>> kernel/audit.c:1457:34: error: 'struct mutex' has no member named 'owner'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^
include/linux/compiler.h:519:26: note: in definition of macro '__ACCESS_ONCE'
(volatile typeof(x) *)&(x); })
^
>> kernel/audit.c:1457:7: note: in expansion of macro 'ACCESS_ONCE'
(ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
^~~
vim +1457 kernel/audit.c
1451 * 2. current != auditd
1452 * 3. ACCESS_ONCE(audit_cmd_mutex.owner) != current
1453 * 4. ???
1454 */
1455
1456 if ((!audit_pid && audit_pid != current->tgid) &&
> 1457 (ACCESS_ONCE(audit_cmd_mutex.owner) != current)) {
1458 long sleep_time = audit_backlog_wait_time;
1459
1460 while (audit_backlog_limit &&
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: application/gzip
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH 1/2] mm: introduce get_task_exe_file
Hi Mateusz,
[auto build test WARNING on linus/master]
[also build test WARNING on v4.8-rc3 next-20160822]
[if your patch is applied to the wrong git tree, please drop us a note to help
improve the system]
[Suggest to use git(>=2.9.0) format-patch --base= (or --base=auto for
convenience) to record what (public, well-known) commit your patch series was
built on]
[Check https://git-scm.com/docs/git-format-patch for more information]
url:
https://github.com/0day-ci/linux/commits/Mateusz-Guzik/mm-introduce-get_task_exe_file/20160823-045421
config: sparc64-allyesconfig (attached as .config)
compiler: sparc64-linux-gnu-gcc (Debian 5.4.0-6) 5.4.0 20160609
reproduce:
wget
https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross
-O ~/bin/make.cross
chmod +x ~/bin/make.cross
# save the attached .config to linux build tree
make.cross ARCH=sparc64
All warnings (new ones prefixed by >>):
kernel/fork.c: In function 'get_task_exe_file':
>> kernel/fork.c:820:1: warning: label 'out' defined but not used
>> [-Wunused-label]
out:
^
vim +/out +820 kernel/fork.c
804 * Returns %NULL if task's mm (if any) has no associated executable
file or
805 * this is a kernel thread with borrowed mm (see the comment above
get_task_mm).
806 * User must release file via fput().
807 */
808 struct file *get_task_exe_file(struct task_struct *task)
809 {
810 struct file *exe_file = NULL;
811 struct mm_struct *mm;
812
813 task_lock(task);
814 mm = task->mm;
815 if (mm) {
816 if (!(task->flags & PF_KTHREAD))
817 exe_file = get_mm_exe_file(mm);
818 }
819 task_unlock(task);
> 820 out:
821 return exe_file;
822 }
823 EXPORT_SYMBOL(get_task_exe_file);
824
825 /**
826 * get_task_mm - acquire a reference to the task's mm
827 *
828 * Returns %NULL if the task has no mm. Checks PF_KTHREAD (meaning
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: Binary data
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
Re: [PATCH V3] audit: add tty field to LOGIN event
Hi, [auto build test ERROR on v4.6-rc4] [also build test ERROR on next-20160421] [if your patch is applied to the wrong git tree, please drop us a note to help improving the system] url: https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-add-tty-field-to-LOGIN-event/20160421-233218 config: mips-allyesconfig (attached as .config) reproduce: wget https://git.kernel.org/cgit/linux/kernel/git/wfg/lkp-tests.git/plain/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # save the attached .config to linux build tree make.cross ARCH=mips All errors (new ones prefixed by >>): kernel/audit.c: In function 'audit_log_task_info': >> kernel/audit.c:1917:2: error: implicit declaration of function >> 'audit_put_tty' [-Werror=implicit-function-declaration] audit_put_tty(tty); ^ cc1: some warnings being treated as errors vim +/audit_put_tty +1917 kernel/audit.c 1911 from_kuid(&init_user_ns, cred->fsuid), 1912 from_kgid(&init_user_ns, cred->egid), 1913 from_kgid(&init_user_ns, cred->sgid), 1914 from_kgid(&init_user_ns, cred->fsgid), 1915 tty ? tty_name(tty) : "(none)", 1916 audit_get_sessionid(tsk)); > 1917 audit_put_tty(tty); 1918 audit_log_format(ab, " comm="); 1919 audit_log_untrustedstring(ab, get_task_comm(comm, tsk)); 1920 audit_log_d_path_exe(ab, tsk->mm); --- 0-DAY kernel test infrastructureOpen Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation .config.gz Description: Binary data -- Linux-audit mailing list Linux-audit@redhat.com https://www.redhat.com/mailman/listinfo/linux-audit
Re: [RESEND][PATCH 06/15] tty: audit: Ignore current association for audit push
Hi Peter,
[auto build test ERROR on tty/tty-testing]
[also build test ERROR on next-20160108]
[cannot apply to v4.4-rc8]
[if your patch is applied to the wrong git tree, please drop us a note to help
improving the system]
url:
https://github.com/0day-ci/linux/commits/Peter-Hurley/Rework-tty-audit/20160110-130735
base: https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git
tty-testing
config: i386-randconfig-s0-201602 (attached as .config)
reproduce:
# save the attached .config to linux build tree
make ARCH=i386
Note: the linux-review/Peter-Hurley/Rework-tty-audit/20160110-130735 HEAD
3fdd6ed9cf68e96432c554fac7a14ef60e77efc3 builds fine.
It only hurts bisectibility.
All errors (new ones prefixed by >>):
drivers/tty/n_tty.c: In function 'canon_copy_from_read_buf':
>> drivers/tty/n_tty.c:2106:3: error: too few arguments to function
>> 'tty_audit_push'
tty_audit_push();
^
In file included from drivers/tty/n_tty.c:40:0:
include/linux/tty.h:626:20: note: declared here
static inline void tty_audit_push(struct tty_struct *tty)
^
vim +/tty_audit_push +2106 drivers/tty/n_tty.c
2100
2101 if (found) {
2102 if (!ldata->push)
2103 ldata->line_start = ldata->read_tail;
2104 else
2105 ldata->push = 0;
> 2106 tty_audit_push();
2107 }
2108 return 0;
2109 }
---
0-DAY kernel test infrastructureOpen Source Technology Center
https://lists.01.org/pipermail/kbuild-all Intel Corporation
.config.gz
Description: Binary data
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
