Received: by 10.223.164.202 with SMTP id h10csp3963903wrb; Mon, 20 Nov 2017 07:48:08 -0800 (PST) X-Google-Smtp-Source: AGs4zMYXyjeemGF/zml6IoT3m92adGzRAB9+qpzqqubqiWv5gqBOmlORUIgnJTBhbKOl4o7cNnTh X-Received: by 10.99.64.135 with SMTP id n129mr4518242pga.264.1511192888637; Mon, 20 Nov 2017 07:48:08 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511192888; cv=none; d=google.com; s=arc-20160816; b=pVG68Mh01GyRKC4iK2KL+hEb9a9j27rWmCvnczWEH2m7iEQguKQl5zknYWddeqHbEQ LqQlvvklkmOD3QiT+NH7z+/SKpBdUlu8OB7u9TWKKqHn08tv3nU5pLAWJ0PtGW6c07PR r5bAfMD+jtoXcNWfAtvi8xLO8PShq+4I71J/74el6b40u5GFaziCiKkYb42FeATesGrP k3uZZAviMa0csBjmin35gq8lZ6EqUX8QJrSMLYqaS4LD/NWcPF8PcJFaiQiWC6jBUdmz Sl08IeTutodrfv8K4z78M3iMgoO+SDCeFGTA4CJFx0o/wLC63nPSyJG2OeX34Mnt0kVz RKSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:organization:from:references:cc:to:subject :arc-authentication-results; bh=NcaI7UAsfA6S0OBmuWqnRQi5peWoUeh3E+eQs/yvJZ4=; b=vEfsyZQS+Gp8NjS5nn80ysdQaYoBwM27anyIPcGGxCxZ53PrLx1siDV3eXMY+wH2sg UhWIl+JGqfx4+WD0esdBS3fNS13mvxUTTHO4/j3C5oNHO4CBLiTwT2R/eb5awPn6wXi7 MvQZ+nx3FePkPgJTOiI/q7Vju9Zr8nVCnFE5k4ZL+yxM+7qfFNRHM43qOHOxpuuE/e8K qBcG3kZU776gh4MZVWZEyRCEsVLLWFzlmB4xMurnQQKXw9GV5wt+eLUOBnA/Z7fHk9Xu z5oCX234ZzGHoTWzqsMmFQSf9adTNQ8qRz15uRtqfs8oP7fM+NlN13mJRGgwgRJNqryv qVqw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 68si8691812pla.682.2017.11.20.07.47.58; Mon, 20 Nov 2017 07:48:08 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751519AbdKTPrJ (ORCPT + 66 others); Mon, 20 Nov 2017 10:47:09 -0500 Received: from youngberry.canonical.com ([91.189.89.112]:39776 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751359AbdKTPrG (ORCPT ); Mon, 20 Nov 2017 10:47:06 -0500 Received: from static-50-53-35-55.bvtn.or.frontiernet.net ([50.53.35.55] helo=[192.168.192.153]) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1eGoHo-00083R-51; Mon, 20 Nov 2017 15:47:04 +0000 Subject: Re: [PATCH] apparmor: initialized returned struct aa_perms To: Arnd Bergmann Cc: James Morris , "Serge E. Hallyn" , Kees Cook , Stephen Rothwell , Seth Arnold , Michal Hocko , Vlastimil Babka , LSM List , Linux Kernel Mailing List References: <20170915195620.1561044-1-arnd@arndb.de> From: John Johansen Organization: Canonical Message-ID: <4759b591-6603-7424-1758-fd0d23e6efed@canonical.com> Date: Mon, 20 Nov 2017 07:47:00 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 11/20/2017 06:00 AM, Arnd Bergmann wrote: > On Mon, Sep 25, 2017 at 4:29 PM, John Johansen > wrote: >> On 09/15/2017 03:55 PM, Arnd Bergmann wrote: >>> gcc-4.4 points out suspicious code in compute_mnt_perms, where >>> the aa_perms structure is only partially initialized before getting >>> returned: >>> >>> security/apparmor/mount.c: In function 'compute_mnt_perms': >>> security/apparmor/mount.c:227: error: 'perms.prompt' is used uninitialized in this function >>> security/apparmor/mount.c:227: error: 'perms.hide' is used uninitialized in this function >>> security/apparmor/mount.c:227: error: 'perms.cond' is used uninitialized in this function >>> security/apparmor/mount.c:227: error: 'perms.complain' is used uninitialized in this function >>> security/apparmor/mount.c:227: error: 'perms.stop' is used uninitialized in this function >>> security/apparmor/mount.c:227: error: 'perms.deny' is used uninitialized in this function >>> >>> Returning or assigning partially initialized structures is a bit tricky, >>> in particular it is explicitly allowed in c99 to assign a partially >>> intialized structure to another, as long as only members are read that >>> have been initialized earlier. Looking at what various compilers do here, >>> the version that produced the warning copied unintialized stack data, >>> while newer versions (and also clang) either set the other members to >>> zero or don't update the parts of the return buffer that are not modified >>> in the temporary structure, but they never warn about this. >>> >>> In case of apparmor, it seems better to be a little safer and always >>> initialize the aa_perms structure. Most users already do that, this >>> changes the remaining ones, including the one instance that I got the >>> warning for. >>> >>> Fixes: fa488437d0f9 ("apparmor: add mount mediation") >>> Signed-off-by: Arnd Bergmann >> >> I've pulled this into apparmor-next > > It apparently never made it into mainline. What happened? > > Arnd > Its in apparmor-next and is going with today's pull request From 1584593884432026052@xxx Mon Nov 20 14:01:29 +0000 2017 X-GM-THRID: 1578636895757947351 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread