Re: [PATCH ghak21 V2 2/4] audit: link denied should not directly generate PATH record

[kbuild test robot]

Hi Richard,

Thank you for the patch! Yet something to improve:

[auto build test ERROR on linus/master]
[also build test ERROR on v4.16-rc5 next-20180309]
[if your patch is applied to the wrong git tree, please drop us a note to help 
improve the system]

url:    
https://github.com/0day-ci/linux/commits/Richard-Guy-Briggs/audit-address-ANOM_LINK-excess-records/20180313-015527
config: i386-tinyconfig (attached as .config)
compiler: gcc-7 (Debian 7.3.0-1) 7.3.0
reproduce:
        # save the attached .config to linux build tree
        make ARCH=i386 

Note: the 
linux-review/Richard-Guy-Briggs/audit-address-ANOM_LINK-excess-records/20180313-015527
 HEAD 12e8c56bcd359f7d20d4ae011674d37bc832bc4c builds fine.
      It only hurts bisectibility.

All errors (new ones prefixed by >>):

   fs/namei.c: In function 'may_follow_link':
>> fs/namei.c:929:2: error: too many arguments to function 
>> 'audit_log_link_denied'
     audit_log_link_denied("follow_link", &nd->stack[0].link);
     ^~~~~~~~~~~~~~~~~~~~~
   In file included from include/linux/fsnotify.h:16:0,
                    from fs/namei.c:25:
   include/linux/audit.h:196:20: note: declared here
    static inline void audit_log_link_denied(const char *string)
                       ^~~~~~~~~~~~~~~~~~~~~

vim +/audit_log_link_denied +929 fs/namei.c

800179c9b Kees Cook         2012-07-25  886  
800179c9b Kees Cook         2012-07-25  887  /**
800179c9b Kees Cook         2012-07-25  888   * may_follow_link - Check symlink 
following for unsafe situations
55852635a Randy Dunlap      2012-08-18  889   * @nd: nameidata pathwalk data
800179c9b Kees Cook         2012-07-25  890   *
800179c9b Kees Cook         2012-07-25  891   * In the case of the 
sysctl_protected_symlinks sysctl being enabled,
800179c9b Kees Cook         2012-07-25  892   * CAP_DAC_OVERRIDE needs to be 
specifically ignored if the symlink is
800179c9b Kees Cook         2012-07-25  893   * in a sticky world-writable 
directory. This is to protect privileged
800179c9b Kees Cook         2012-07-25  894   * processes from failing races 
against path names that may change out
800179c9b Kees Cook         2012-07-25  895   * from under them by way of other 
users creating malicious symlinks.
800179c9b Kees Cook         2012-07-25  896   * It will permit symlinks to be 
followed only when outside a sticky
800179c9b Kees Cook         2012-07-25  897   * world-writable directory, or 
when the uid of the symlink and follower
800179c9b Kees Cook         2012-07-25  898   * match, or when the directory 
owner matches the symlink's owner.
800179c9b Kees Cook         2012-07-25  899   *
800179c9b Kees Cook         2012-07-25  900   * Returns 0 if following the 
symlink is allowed, -ve on error.
800179c9b Kees Cook         2012-07-25  901   */
fec2fa24e Al Viro           2015-05-06  902  static inline int 
may_follow_link(struct nameidata *nd)
800179c9b Kees Cook         2012-07-25  903  {
800179c9b Kees Cook         2012-07-25  904     const struct inode *inode;
800179c9b Kees Cook         2012-07-25  905     const struct inode *parent;
2d7f9e2ad Seth Forshee      2016-04-26  906     kuid_t puid;
800179c9b Kees Cook         2012-07-25  907  
800179c9b Kees Cook         2012-07-25  908     if (!sysctl_protected_symlinks)
800179c9b Kees Cook         2012-07-25  909             return 0;
800179c9b Kees Cook         2012-07-25  910  
800179c9b Kees Cook         2012-07-25  911     /* Allowed if owner and 
follower match. */
fceef393a Al Viro           2015-12-29  912     inode = nd->link_inode;
81abe27b1 Eric W. Biederman 2012-08-03  913     if 
(uid_eq(current_cred()->fsuid, inode->i_uid))
800179c9b Kees Cook         2012-07-25  914             return 0;
800179c9b Kees Cook         2012-07-25  915  
800179c9b Kees Cook         2012-07-25  916     /* Allowed if parent directory 
not sticky and world-writable. */
aa65fa35b Al Viro           2015-08-04  917     parent = nd->inode;
800179c9b Kees Cook         2012-07-25  918     if ((parent->i_mode & 
(S_ISVTX|S_IWOTH)) != (S_ISVTX|S_IWOTH))
800179c9b Kees Cook         2012-07-25  919             return 0;
800179c9b Kees Cook         2012-07-25  920  
800179c9b Kees Cook         2012-07-25  921     /* Allowed if parent directory 
and link owner match. */
2d7f9e2ad Seth Forshee      2016-04-26  922     puid = parent->i_uid;
2d7f9e2ad Seth Forshee      2016-04-26  923     if (uid_valid(puid) && 
uid_eq(puid, inode->i_uid))
800179c9b Kees Cook         2012-07-25  924             return 0;
800179c9b Kees Cook         2012-07-25  925  
31956502d Al Viro           2015-05-07  926     if (nd->flags & LOOKUP_RCU)
31956502d Al Viro           2015-05-07  927             return -ECHILD;
31956502d Al Viro           2015-05-07  928  
1cf2665b5 Al Viro           2015-05-06 @929     
audit_log_link_denied("follow_link", &nd->stack[0].link);
800179c9b Kees Cook         2012-07-25  930     return -EACCES;
800179c9b Kees Cook         2012-07-25  931  }
800179c9b Kees Cook         2012-07-25  932  

:::::: The code at line 929 was first introduced by commit
:::::: 1cf2665b5bdfc63185fb4a416bff54b14ad30c79 namei: kill nd->link

:::::: TO: Al Viro <v...@zeniv.linux.org.uk>
:::::: CC: Al Viro <v...@zeniv.linux.org.uk>

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/kbuild-all                   Intel Corporation

.config.gz
Description: application/gzip