tree:
https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master
head: 471e638c4c5df4c0035a76a561ada4d28228e5fd
commit: 02e316b088df08dcd88439961f888145df68dcf5 [13681/14117] LSM: SafeSetID: Add GID
security policy handling
config: i386-randconfig-s002-20200808 (attached as .config)
compiler: gcc-9 (Debian 9.3.0-15) 9.3.0
reproduce:
# apt-get install sparse
# sparse version: v0.6.2-118-ge1578773-dirty
git checkout 02e316b088df08dcd88439961f888145df68dcf5
# save the attached .config to linux build tree
make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' ARCH=i386
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp(a)intel.com>
sparse warnings: (new ones prefixed by >>)
> security/safesetid/lsm.c:119:42: sparse: sparse: cast to
non-scalar
> security/safesetid/lsm.c:119:42: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:134:42: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:134:42: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:177:34: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:177:34: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:205:34: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:205:34: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:208:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:208:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:209:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:209:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:210:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:210:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:211:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:211:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:229:34: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:229:34: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:232:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:232:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:233:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:233:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:234:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:234:41: sparse: sparse: cast from non-scalar
security/safesetid/lsm.c:235:41: sparse: sparse: cast to non-scalar
security/safesetid/lsm.c:235:41: sparse: sparse: cast from non-scalar
--
> security/safesetid/securityfs.c:271:15: sparse: sparse:
incompatible types in comparison expression (different address spaces):
> security/safesetid/securityfs.c:271:15: sparse: struct setid_ruleset [noderef]
__rcu *
> security/safesetid/securityfs.c:271:15: sparse: struct setid_ruleset *
> security/safesetid/securityfs.c:286:61: sparse: sparse: incorrect type in argument 6
(different address spaces) @@ expected struct setid_ruleset *ruleset @@ got struct
setid_ruleset [noderef] __rcu *extern [addressable] [assigned] [toplevel]
safesetid_setuid_rules @@
> security/safesetid/securityfs.c:286:61: sparse: expected struct setid_ruleset
*ruleset
> security/safesetid/securityfs.c:286:61: sparse: got struct setid_ruleset
[noderef] __rcu *extern [addressable] [assigned] [toplevel] safesetid_setuid_rules
security/safesetid/securityfs.c:293:61: sparse: sparse: incorrect type in argument 6
(different address spaces) @@ expected struct setid_ruleset *ruleset @@ got struct
setid_ruleset [noderef] __rcu *extern [addressable] [assigned] [toplevel]
safesetid_setgid_rules @@
security/safesetid/securityfs.c:293:61: sparse: expected struct setid_ruleset
*ruleset
> security/safesetid/securityfs.c:293:61: sparse: got struct
setid_ruleset [noderef] __rcu *extern [addressable] [assigned] [toplevel]
safesetid_setgid_rules
vim +119 security/safesetid/lsm.c
89
90 static int safesetid_security_capable(const struct cred *cred,
91 struct user_namespace *ns,
92 int cap,
93 unsigned int opts)
94 {
95 /* We're only interested in CAP_SETUID and CAP_SETGID. */
96 if (cap != CAP_SETUID && cap != CAP_SETGID)
97 return 0;
98
99 /*
100 * If CAP_SET{U/G}ID is currently used for a setid() syscall, we want to
101 * let it go through here; the real security check happens later, in the
102 * task_fix_set{u/g}id hook.
103 *
104 * NOTE:
105 * Until we add support for restricting setgroups() calls, GID security
106 * policies offer no meaningful security since we always return 0 here
107 * when called from within the setgroups() syscall and there is no
108 * additional hook later on to enforce security policies for setgroups().
109 */
110 if ((opts & CAP_OPT_INSETID) != 0)
111 return 0;
112
113 switch (cap) {
114 case CAP_SETUID:
115 /*
116 * If no policy applies to this task, allow the use of CAP_SETUID for
117 * other purposes.
118 */
119 if (setid_policy_lookup((kid_t)cred->uid, INVALID_ID, UID)
== SIDPOL_DEFAULT)
120 return 0;
121 /*
122 * Reject use of CAP_SETUID for functionality other than calling
123 * set*uid() (e.g. setting up userns uid mappings).
124 */
125 pr_warn("Operation requires CAP_SETUID, which is not available to UID %u for
operations besides approved set*uid transitions\n",
126 __kuid_val(cred->uid));
127 return -EPERM;
128 break;
129 case CAP_SETGID:
130 /*
131 * If no policy applies to this task, allow the use of CAP_SETGID for
132 * other purposes.
133 */
134 if (setid_policy_lookup((kid_t)cred->gid, INVALID_ID, GID) == SIDPOL_DEFAULT)
135 return 0;
136 /*
137 * Reject use of CAP_SETUID for functionality other than calling
138 * set*gid() (e.g. setting up userns gid mappings).
139 */
140 pr_warn("Operation requires CAP_SETGID, which is not available to GID %u for
operations besides approved set*gid transitions\n",
141 __kuid_val(cred->uid));
142 return -EPERM;
143 break;
144 default:
145 /* Error, the only capabilities were checking for is CAP_SETUID/GID */
146 return 0;
147 break;
148 }
149 return 0;
150 }
151
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org