On 4/22/2019 6:13 AM, Tetsuo Handa wrote:
On 2019/04/19 9:45, Casey Schaufler wrote:+ hlist_for_each_entry(hp, &security_hook_heads.inode_setsecctx, list) { + if (strncmp(ctx, hp->lsm, strlen(hp->lsm))) { + WARN_ONCE(1, "security_inode_setsecctx form1 error\n"); + rc = -EINVAL; + break; + }Will you avoid using WARN*() ? Since syzbot tests using panic_on_warn == 1, this WARN_ONCE() will act as panic().
If syzbot hits any of the WARN_ONCE()s in security_inode_setsecctx() I want it to panic and generate a report. A badly formatted inode secctx would indicate that kernfs isn't getting the string from security_inode_getsecctx() or that it is getting corrupted somehow. In either case, it would be a bug that needs fixing. I used WARN instead of BUG for the kernfs people, who might break something by accident. If there's a strong objection to WARN_ONCE() in general, I can pull it.
