123854 – SELinux register_security failed

Bug 123854 - SELinux register_security failed

Summary: SELinux register_security failed

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kernel
Sub Component:
Version:	2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Dave Jones
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2004-05-20 23:15 UTC by Adam Bowns
Modified:	2015-01-04 22:06 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2004-11-23 23:41:04 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Adam Bowns 2004-05-20 23:15:05 UTC

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040510

Description of problem:
When looking through my kernel startup log I noticed the following lines.

SELinux:  Initializing.
SELinux:  Starting in permissive mode
There is already a security framework initialized, register_security
failed.
Failure registering capabilities with the kernel
selinux_register_security:  Registering secondary module capability
Capability LSM initialized

As far as I can tell this isn't causing me any problems, but whatever
it is I'm sure its not supposed to fail (as far as i know anyway).

I am not running SELinux on my system (I just did a default install
and never passed the selinux boot option)

Version-Release number of selected component (if applicable):
kernel-2.6.5-1.358

How reproducible:
Always

Steps to Reproduce:
1. Boot system
2. View kernel startup log
    

Actual Results:  SELinux:  Initializing.
SELinux:  Starting in permissive mode
There is already a security framework initialized, register_security
failed.
Failure registering capabilities with the kernel
selinux_register_security:  Registering secondary module capability
Capability LSM initialized

Expected Results:  Don't know what the expected behavior should be,
all I know is it shouldn't fail.

Additional info:

Comment 1 Serge Hallyn 2004-05-31 21:38:56 UTC

This is a result of unfortunate error logging:  The failure is that
of the capability module to register itself as a primary LSM.  It
next succeeds in being loaded as a secondary.

SO there appears to be no problem loading selinux on your machine.

Comment 2 Mitchell Keith Bloch 2004-06-04 23:38:38 UTC

(I use ext2 for /boot and xfs for /)
I get the same error message as Adam at the top of dmesg, but lower
down get the following:

RAMDISK: Compressed image found at block 0
VFS: Mounted root (ext2 filesystem).
SGI XFS with ACLs, security attributes, large block numbers, no debug
enabled
kmem_cache_create: duplicate cache linvfs_icache
------------[ cut here ]------------
kernel BUG at mm/slab.c:1383!
invalid operand: 0000 [#1]
SMP
CPU:    0
EIP:    0060:[<021384b0>]    Not tainted
EFLAGS: 00010202   (2.6.5-1.358custom)
EIP is at kmem_cache_create+0x4c8/0x546
eax: 42926061   ebx: 41e30d70   ecx: 0245cf90   edx: 0000326d
esi: 0231cfec   edi: 02315701   ebp: 39e01c80   esp: 41ce7f3c
ds: 007b   es: 007b   ss: 0068
Process insmod (pid: 166, threadinfo=41ce7000 task=39ee87d0)
Stack: ff000000 42926061 00000080 42938180 42934600 02351e34 41ce7000
429202bb
       00022000 4292028f 00000000 429380df 0000000d 00000000 00000012
00000000
       0003f28c 0003e1ab 00000000 000007d0 0000001a 428a9ed0 428a36be
00000000
Call Trace:
 [<429202bb>] init_inodecache+0x1d/0x37 [xfs]
 [<4292028f>] init_once+0x0/0xf [xfs]
 [<429380df>] init_xfs_fs+0x26/0x6e [xfs]
 [<0212e3a2>] sys_init_module+0x100/0x20e
                                                                     
          
Code: 0f 0b 67 05 7e 56 31 02 8b 1b 8b 03 0f 18 00 90 81 fb 7c cf
 <5>XFS mounting filesystem hda8
Ending clean XFS mount for filesystem: hda8
Freeing unused kernel memory: 184k freed
SELinux:  Disabled at runtime.
SELinux:  Unregistering netfilter hooks
NET: Registered protocol family 10
Disabled Privacy Extensions on device 023687e0(lo)

Comment 3 Mitchell Keith Bloch 2004-06-13 05:09:03 UTC

This appears to have been fixed (for me) by upgrading to the newly
released kernel, 2.6.6-427smp.  Thanks ;)

Comment 4 Adam Bowns 2004-06-13 10:24:46 UTC

I have seen an improvement with the new 2.6.6-1.427 kernel, but it
hasn't gone away completely. But as I say, its not causing any
problems for me, so I'm happy to pass this bug off as unfortunate
error logging, like Serge said.

If anyone is interested, the error message I get with 2.6.6-1.427 is:

SELinux:  Initializing.
SELinux:  Starting in permissive mode
There is already a security framework initialized, register_security
failed.
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary

Comment 5 Adam Bowns 2004-11-23 23:41:04 UTC

I am still getting this showing up in my logs in FC3 using
kernel-2.6.9-1.681_FC3. The full message is as follows: -

Security Scaffold v1.0.0 initialized
SELinux:  Initializing.
SELinux:  Starting in permissive mode
There is already a security framework initialized, register_security
failed.
selinux_register_security:  Registering secondary module capability
Capability LSM initialized as secondary

But as far as i can tell SELinux is working fine on my machine, so
Serge's explanation of unfortunate logging is good enough for me. If
anyone wants this bug re-opened feel free to do so, but as far as I am
concerned, its not a bug.

Note You need to log in before you can comment on or make changes to this bug.