security/apparmor/policy_unpack.c:1212 verify_profile() warn: can 'rules' even be NULL?
From: Dan Carpenter
Date: Tue May 02 2023 - 07:26:23 EST
tree: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git master
head: 173ea743bf7a9eef04460e03b00ba267cc52aee2
commit: 1ad22fcc4d0d2fb2e0f35aed555a86d016d5e590 apparmor: rework profile->rules to be a list
config: i386-randconfig-m021-20230424 (https://download.01.org/0day-ci/archive/20230425/202304252318.ote3mtCz-lkp@xxxxxxxxx/config)
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@xxxxxxxxx>
| Reported-by: Dan Carpenter <error27@xxxxxxxxx>
| Link: https://lore.kernel.org/r/202304252318.ote3mtCz-lkp@xxxxxxxxx/
New smatch warnings:
security/apparmor/policy_unpack.c:1212 verify_profile() warn: can 'rules' even be NULL?
Old smatch warnings:
security/apparmor/policy_unpack.c:175 aa_loaddata_kref() warn: can 'd' even be NULL?
security/apparmor/policy_unpack.c:488 unpack_trans_table() warn: impossible condition '(size > (1 << 24)) => (0-u16max > 16777216)'
security/apparmor/policy_unpack.c:544 unpack_trans_table() error: uninitialized symbol 'table'.
security/apparmor/policy_unpack.c:735 unpack_pdb() warn: unsigned 'policy->size' is never less than zero.
security/apparmor/policy_unpack.c:1081 unpack_profile() warn: passing zero to 'ERR_PTR'
vim +/rules +1212 security/apparmor/policy_unpack.c
736ec752d95e91 John Johansen 2010-07-29 1208 static int verify_profile(struct aa_profile *profile)
736ec752d95e91 John Johansen 2010-07-29 1209 {
1ad22fcc4d0d2f John Johansen 2022-09-05 1210 struct aa_ruleset *rules = list_first_entry(&profile->rules,
1ad22fcc4d0d2f John Johansen 2022-09-05 1211 typeof(*rules), list);
1ad22fcc4d0d2f John Johansen 2022-09-05 @1212 if (!rules)
It's so weird to see these old warnings show up suddenly... Anyway,
use list_first_entry_or_null if we expect that the list is empty.
Otherwise, Oops.
1ad22fcc4d0d2f John Johansen 2022-09-05 1213 return 0;
1ad22fcc4d0d2f John Johansen 2022-09-05 1214
1ad22fcc4d0d2f John Johansen 2022-09-05 1215 if ((rules->file.dfa && !verify_dfa_xindex(rules->file.dfa,
1ad22fcc4d0d2f John Johansen 2022-09-05 1216 rules->file.trans.size)) ||
1ad22fcc4d0d2f John Johansen 2022-09-05 1217 (rules->policy.dfa &&
1ad22fcc4d0d2f John Johansen 2022-09-05 1218 !verify_dfa_xindex(rules->policy.dfa, rules->policy.trans.size))) {
7572fea31e3e5c John Johansen 2020-11-13 1219 audit_iface(profile, NULL, NULL,
7572fea31e3e5c John Johansen 2020-11-13 1220 "Unpack: Invalid named transition", NULL, -EPROTO);
736ec752d95e91 John Johansen 2010-07-29 1221 return -EPROTO;
736ec752d95e91 John Johansen 2010-07-29 1222 }
736ec752d95e91 John Johansen 2010-07-29 1223
1ad22fcc4d0d2f John Johansen 2022-09-05 1224 if (!verify_perms(&rules->file)) {
670f31774ab6bf John Johansen 2022-08-26 1225 audit_iface(profile, NULL, NULL,
670f31774ab6bf John Johansen 2022-08-26 1226 "Unpack: Invalid perm index", NULL, -EPROTO);
670f31774ab6bf John Johansen 2022-08-26 1227 return -EPROTO;
670f31774ab6bf John Johansen 2022-08-26 1228 }
1ad22fcc4d0d2f John Johansen 2022-09-05 1229 if (!verify_perms(&rules->policy)) {
670f31774ab6bf John Johansen 2022-08-26 1230 audit_iface(profile, NULL, NULL,
670f31774ab6bf John Johansen 2022-08-26 1231 "Unpack: Invalid perm index", NULL, -EPROTO);
670f31774ab6bf John Johansen 2022-08-26 1232 return -EPROTO;
670f31774ab6bf John Johansen 2022-08-26 1233 }
217af7e2f4deb6 John Johansen 2022-07-29 1234 if (!verify_perms(&profile->attach.xmatch)) {
670f31774ab6bf John Johansen 2022-08-26 1235 audit_iface(profile, NULL, NULL,
670f31774ab6bf John Johansen 2022-08-26 1236 "Unpack: Invalid perm index", NULL, -EPROTO);
670f31774ab6bf John Johansen 2022-08-26 1237 return -EPROTO;
670f31774ab6bf John Johansen 2022-08-26 1238 }
670f31774ab6bf John Johansen 2022-08-26 1239
736ec752d95e91 John Johansen 2010-07-29 1240 return 0;
736ec752d95e91 John Johansen 2010-07-29 1241 }
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests