Bug 158377 - Execute"$setenforce 0", kernel oops
Execute"$setenforce 0", kernel oops
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: David Woodhouse
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-05-21 01:39 EDT by sangu
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version: 2.6.11-1.1336_FC4
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-05-21 12:02:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
kernel-2.6.11-1.1331 dmesg (18.85 KB, text/plain)
2005-05-21 01:39 EDT, sangu
no flags Details
dmesg without nvidia kernel module (17.32 KB, text/plain)
2005-05-21 02:52 EDT, sangu
no flags Details

  None (edit)
Description sangu 2005-05-21 01:39:39 EDT
Description of problem:
in dmesg
[...]
Unable to handle kernel NULL pointer dereference at virtual address 00000004
 printing eip:
c01f31df
*pde = 00000000
Oops: 0000 [#1]
Modules linked in: vfat fat md5 ipv6 parport_pc lp parport ipt_REJECT ipt_state
iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack ip_tables dm_mod video
button battery ac ohci_hcd ehci_hcd nvidia(U) i2c_nforce2 i2c_core shpchp
emu10k1_gp gameport snd_emu10k1_synth snd_emux_synth snd_seq_virmidi
snd_seq_midi_emul snd_emu10k1 snd_rawmidi snd_ac97_codec snd_seq_dummy
snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss
snd_pcm snd_timer snd_page_alloc snd_util_mem snd_hwdep snd soundcore 8139too
mii forcedeth floppy sata_nv libata scsi_mod ext3 jbd
CPU:    0
EIP:    0060:[<c01f31df>]    Tainted: P      VLI
EFLAGS: 00210246   (2.6.11-1.1331_FC4)
EIP is at avc_audit+0x2e9/0xbee
eax: f5bc97e7   ebx: 00000000   ecx: c0390431   edx: 00000000
esi: f11ccf30   edi: 00000080   ebp: ea4a6550   esp: f11cce90
ds: 007b   es: 007b   ss: 0068
Process setenforce (pid: 3267, threadinfo=f11cc000 task=ea4a6550)
Stack: badc0ded c19c4f10 c039042c c039041a f11ccef4 c0201dfb f11ccf3c f11ccef4
       f72af678 00011e8c 00000002 f6626858 00010292 00000002 00000206 00000001
       00000080 c19c4f10 f11ccee8 f11ccef4 00000002 00000206 00000001 00000000
Call Trace:
 [<c0201dfb>] context_struct_compute_av+0xeb/0x191
 [<c01f4154>] avc_has_perm+0x4e/0x5a
 [<c01faebf>] task_has_security+0x2f/0x33
 [<c01fafaa>] sel_write_enforce+0x9d/0xc5
 [<c01faf0d>] sel_write_enforce+0x0/0xc5
 [<c017c764>] vfs_write+0x9e/0x110
 [<c017c881>] sys_write+0x41/0x6a
 [<c0103a51>] syscall_call+0x7/0xb
Code: 3f fe ff ff 8b 94 24 9c 00 00 00 8b 42 08 89 44 24 08 c7 44 24 04 48 04 39
c0 8b 4c 24 40 89 0c 24 e8 85 a5 f5 ff e9 18 fe ff ff <a1> 04 00 00 00 85 c0 0f
84 ef fd ff ff 8b 80 98 00 00 00 85 c0


Version-Release number of selected component (if applicable):
kernel-2.6.11-1.1331_FC4

How reproducible:
always

Steps to Reproduce:
1.$setenforce 0
2.
3.
  
Actual results:


Expected results:


Additional info:
libselinux-1.23.10-3
selinux-policy-targeted-1.23.16-5

policy is targeted.

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 19
Policy from config file:        targeted

Policy booleans:
NetworkManager_disable_trans    inactive
allow_execmem                   active
allow_execmod                   active
allow_execstack                 active
allow_kerberos                  active
allow_write_xshm                inactive
allow_ypbind                    active
apmd_disable_trans              inactive
arpwatch_disable_trans          inactive
auditd_disable_trans            inactive
bluetooth_disable_trans         inactive
canna_disable_trans             inactive
cardmgr_disable_trans           inactive
comsat_disable_trans            inactive
cupsd_config_disable_trans      inactive
cupsd_disable_trans             inactive
cvs_disable_trans               inactive
cyrus_disable_trans             inactive
dbskkd_disable_trans            inactive
dhcpc_disable_trans             inactive
dhcpd_disable_trans             inactive
dovecot_disable_trans           inactive
fingerd_disable_trans           inactive
ftp_home_dir                    active
ftpd_disable_trans              inactive
ftpd_is_daemon                  active
hald_disable_trans              inactive
hotplug_disable_trans           inactive
howl_disable_trans              inactive
httpd_builtin_scripting         active
httpd_can_network_connect       inactive
httpd_disable_trans             inactive
httpd_enable_cgi                active
httpd_enable_homedirs           active
httpd_ssi_exec                  active
httpd_suexec_disable_trans      inactive
httpd_tty_comm                  inactive
httpd_unified                   active
i18n_input_disable_trans        inactive
inetd_child_disable_trans       inactive
inetd_disable_trans             inactive
innd_disable_trans              inactive
kadmind_disable_trans           inactive
klogd_disable_trans             inactive
krb5kdc_disable_trans           inactive
ktalkd_disable_trans            inactive
lpd_disable_trans               inactive
mysqld_disable_trans            inactive
named_disable_trans             inactive
named_write_master_zones        inactive
nfs_export_all_ro               active
nfs_export_all_rw               active
nmbd_disable_trans              inactive
nscd_disable_trans              inactive
ntpd_disable_trans              inactive
portmap_disable_trans           inactive
postgresql_disable_trans        inactive
pppd_disable_trans              inactive
pppd_for_user                   inactive
privoxy_disable_trans           inactive
ptal_disable_trans              inactive
radiusd_disable_trans           inactive
radvd_disable_trans             inactive
read_default_t                  active
rlogind_disable_trans           inactive
rsync_disable_trans             inactive
samba_enable_home_dirs          inactive
saslauthd_disable_trans         inactive
slapd_disable_trans             inactive
smbd_disable_trans              inactive
snmpd_disable_trans             inactive
squid_connect_any               inactive
squid_disable_trans             inactive
stunnel_disable_trans           inactive
stunnel_is_daemon               inactive
syslogd_disable_trans           inactive
system_dbusd_disable_trans      inactive
telnetd_disable_trans           inactive
tftpd_disable_trans             inactive
udev_disable_trans              inactive
use_nfs_home_dirs               inactive
use_samba_home_dirs             inactive
uucpd_disable_trans             inactive
winbind_disable_trans           inactive
ypbind_disable_trans            inactive
ypserv_disable_trans            inactive
zebra_disable_trans             inactive
Comment 1 sangu 2005-05-21 01:39:40 EDT
Created attachment 114660 [details]
kernel-2.6.11-1.1331 dmesg
Comment 2 Dave Jones 2005-05-21 01:50:12 EDT
repeatable without the nvidia module loaded ?
Comment 3 sangu 2005-05-21 02:52:21 EDT
Created attachment 114661 [details]
dmesg without nvidia kernel module

This problem still happens without nvidia kernel module.
in dmesg
[...]
Unable to handle kernel NULL pointer dereference at virtual address 00000004
 printing eip:
c01f31df
*pde = 3de22067
Oops: 0000 [#1]
Modules linked in: md5 ipv6 parport_pc lp parport ipt_REJECT ipt_state
iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack ip_tables dm_mod video
button battery ac ohci_hcd ehci_hcd i2c_nforce2 i2c_core shpchp emu10k1_gp
gameport snd_emu10k1_synth snd_emux_synth snd_seq_virmidi snd_seq_midi_emul
snd_emu10k1 snd_rawmidi snd_ac97_codec snd_seq_dummy snd_seq_oss
snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm
snd_timer snd_page_alloc snd_util_mem snd_hwdep snd soundcore 8139too mii
forcedeth floppy sata_nv libata scsi_mod ext3 jbd
CPU:	0
EIP:	0060:[<c01f31df>]    Not tainted VLI
EFLAGS: 00010246   (2.6.11-1.1331_FC4)
EIP is at avc_audit+0x2e9/0xbee
eax: f6498b3b	ebx: 00000000	ecx: c0390431	edx: 00000000
esi: c1ab1f30	edi: 00000080	ebp: c1b57550	esp: c1ab1e90
ds: 007b   es: 007b   ss: 0068
Process setenforce (pid: 2671, threadinfo=c1ab1000 task=c1b57550)
Stack: f7c04360 c039042c c039041a c1ab1ef4 c0201dfb c1ab1f3c c1ab1ef4 c196b678
       00016990 00000002 f6acae58 00010292 00000002 000001f4 00000001 00000080
       f7c04360 c1ab1ee8 c1ab1ef4 00000002 000001f4 00000001 00000000 f7dc2cc8
Call Trace:
 [<c0201dfb>] context_struct_compute_av+0xeb/0x191
 [<c01f4154>] avc_has_perm+0x4e/0x5a
 [<c01faebf>] task_has_security+0x2f/0x33
 [<c01fafaa>] sel_write_enforce+0x9d/0xc5
 [<c01faf0d>] sel_write_enforce+0x0/0xc5
 [<c017c764>] vfs_write+0x9e/0x110
 [<c017c881>] sys_write+0x41/0x6a
 [<c0103a51>] syscall_call+0x7/0xb
Code: 3f fe ff ff 8b 94 24 9c 00 00 00 8b 42 08 89 44 24 08 c7 44 24 04 48 04
39 c0 8b 4c 24 40 89 0c 24 e8 85 a5 f5 ff e9 18 fe ff ff <a1> 04 00 00 00 85 c0
0f 84 ef fd ff ff 8b 80 98 00 00 00 85 c0
Comment 4 David Woodhouse 2005-05-21 12:02:45 EDT
Mea Culpa. Fix building in rawhide now...

Note You need to log in before you can comment on or make changes to this bug.