On Thu, Jan 27, 2022 at 4:57 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
> In the process of removing an explicit type cast to preserve a cred
> const qualifier in cred_init_security() we ran into a problem where
> the task_struct::real_cred field is defined with the "__rcu"
> attribute but the selinux_cred() function parameter is not, leading
> to a sparse warning:
>
> security/selinux/hooks.c:216:36: sparse: sparse:
> incorrect type in argument 1 (different address spaces)
> @@ expected struct cred const *cred
> @@ got struct cred const [noderef] __rcu *real_cred
>
> As we don't want to add the "__rcu" attribute to the selinux_cred()
> parameter, we're going to add an explicit cast back to
> cred_init_security().
>
> Fixes: b084e189b01a ("selinux: simplify cred_init_security")
> Reported-by: kernel test robot <lkp@xxxxxxxxx>
> Signed-off-by: Paul Moore <paul@xxxxxxxxxxxxxx>
> ---
> security/selinux/hooks.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
> index eae7dbd62df1..c057896e7dcd 100644
> --- a/security/selinux/hooks.c
> +++ b/security/selinux/hooks.c
> @@ -213,7 +213,7 @@ static void cred_init_security(void)
> {
> struct task_security_struct *tsec;
>
> - tsec = selinux_cred(current->real_cred);
> + tsec = selinux_cred((__force const struct cred *)current->real_cred);
> tsec->osid = tsec->sid = SECINITSID_KERNEL;
> }
How about using unrcu_pointer() instead of the cast? It seems to do
effectively the same while looking less ugly :)
--
Ondrej Mosnacek
Software Engineer, Linux Security - SELinux kernel
Red Hat, Inc.
