Bug 1266646 - /bin/su throws error msg 'mmap: Invalid parameter'
/bin/su throws error msg 'mmap: Invalid parameter'
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
24
x86_64 Linux
unspecified Severity medium
: ---
: ---
Assigned To: Lukas Vrabec
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-25 22:07 EDT by Valdis Kletnieks
Modified: 2016-11-01 13:45 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-11-01 13:45:19 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Valdis Kletnieks 2015-09-25 22:07:50 EDT
Description of problem:
Installation of selinux-policy-mls-3.13.1-148.fc24.noarch seems to have exposed a bug in libselinux, which results in an error message from /bin/su

The problem seems to be that -148 adds a file_contexts.local.bin, which seems to be giving libselinux indigestion.

strace of the problematic area:

open("/etc/selinux/mls/contexts/files/file_contexts.local", O_RDONLY) = 4
fstat(4, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
open("/etc/selinux/mls/contexts/files/file_contexts.local.bin", O_RDONLY|O_CLOEXEC) = 6
fstat(6, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
mmap(NULL, 0, PROT_READ, MAP_PRIVATE, 6, 0) = -1 EINVAL (Invalid argument)

gdb traceback:

Breakpoint 1, mmap64 () at ../sysdeps/unix/syscall-template.S:84
84      T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS)
(gdb) where
#0  mmap64 () at ../sysdeps/unix/syscall-template.S:84
#1  0x00007feeef6c4fef in load_mmap (rec=0x557ca26ef810, sb=0x7ffc075846e0, sb=0x7ffc075846e0, 
    path=0x7ffc07584800 "/etc/selinux/mls/contexts/files/file_contexts.local") at label_file.c:292
#2  process_file (path=0x7ffc07584800 "/etc/selinux/mls/contexts/files/file_contexts.local", 
    path@entry=0x557ca26ef8f0 "/etc/selinux/mls/contexts/files/file_contexts", suffix=suffix@entry=0x7feeef6cc6e2 "local", 
    rec=rec@entry=0x557ca26ef810, prefix=prefix@entry=0x0) at label_file.c:468
#3  0x00007feeef6c5d69 in init (rec=0x557ca26ef810, opts=<optimized out>, n=<optimized out>) at label_file.c:543
#4  0x00007feeef6c781f in selabel_open (backend=0, opts=0x0, nopts=0) at label.c:182
#5  0x00007feeeabb6b86 in pam_sm_open_session () from /usr/lib64/security/pam_xauth.so
#6  0x00007feef71ac33a in _pam_dispatch () from /lib64/libpam.so.0
#7  0x0000557ca1f3d5e2 in su_main ()
#8  0x00007feef6bfa600 in __libc_start_main (main=0x557ca1f3c8d0 <main>, argc=1, argv=0x7ffc075c8068, init=<optimized out>, fini=<optimized out>, 
    rtld_fini=<optimized out>, stack_end=0x7ffc075c8058) at ../csu/libc-start.c:289
#9  0x0000557ca1f3c909 in _start ()
(gdb) c
Continuing.
mmap: Invalid argument

Looks like the problem is in src/label_file.c, function load_map(), near here:

        rc = fstat(mmapfd, &mmap_stat);
        if (rc < 0) {
                close(mmapfd);
                return -1;
        }       

Probably needs this:

        if (!mmap_stat.st_size) {
                close(mmapfd);
                return -1;
        }



Version-Release number of selected component (if applicable):
libselinux-2.4-3.fc24.x86_64

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Jan Kurik 2016-02-24 10:36:42 EST
This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle.
Changing version to '24'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora24#Rawhide_Rebase
Comment 3 Petr Lautrbach 2016-10-04 10:22:20 EDT
selinux-policy ships an empty /etc/selinux/mls/contexts/files/file_contexts.local.bin file. libselinux tries to mmap it and fails. This bug should be harmless, it's just an error on strderr.
Comment 4 Valdis Kletnieks 2016-10-05 16:24:29 EDT
Error also happens on dracut, and presumably on any other software that tries to label a file context.

Harmless or not, unexpected error messages are something you *don't* want to see on security-relevant commands like su and dracut..
Comment 5 Lukas Vrabec 2016-10-06 07:11:33 EDT
Valdis, 
This should be fixed in the latest selinux-policy rpm package. Could you re-test it? 

Thanks.
Comment 6 Valdis Kletnieks 2016-10-20 12:04:10 EDT
Sorry for the delay, missed the notification that commetn 5 was there.

Yes, as of current rawhide, su and dracut are working as expected...
Comment 7 Lukas Vrabec 2016-11-01 13:45:33 EDT
Thanks!

Note You need to log in before you can comment on or make changes to this bug.