Bug 201242 - init only tries to load policy.n and policy.(n-1) before giving up
Summary: init only tries to load policy.n and policy.(n-1) before giving up
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: SysVinit   
(Show other bugs)
Version: fc4
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2006-08-03 19:05 UTC by Stephen Smalley
Modified: 2007-04-18 17:46 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-10-12 17:39:47 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
patch to sysvinit to continue searching for older policy versions (1.05 KB, patch)
2006-08-03 19:05 UTC, Stephen Smalley
no flags Details | Diff
kernel patch to make /selinux/policyvers configurable (2.27 KB, patch)
2006-08-09 19:33 UTC, Stephen Smalley
no flags Details | Diff

Description Stephen Smalley 2006-08-03 19:05:21 UTC
Description of problem:
The FC4 init only tries to load policy.n and policy.(n-1) before giving up, so
it will halt the system at boot (if enforcing) when updating to a kernel that
supports a policy version that is 2 or more beyond the one that shipped in the
distro release.  There is a kernel patch pending that will cause users to hit
that condition if/when they update to a kernel including that patch (likely 2.6.19).

Version-Release number of selected component (if applicable):

How reproducible:
Every time

Steps to Reproduce:
1. Create a system that only has policy.N
2. Boot a kernel that reports (N+2) via /selinux/policyvers
Actual results:
init exits and the kernel panics

Expected results:
init keeps searching until it finds policy.N and loads it
(kernel provides full backward compatibility with all older versions back to
Linux 2.6.0)

Additional info:

Comment 1 Stephen Smalley 2006-08-03 19:05:21 UTC
Created attachment 133579 [details]
patch to sysvinit to continue searching for older policy versions

Comment 2 Bill Nottingham 2006-08-03 19:16:05 UTC
Dave, are we going to get a kernel like this anytime soon?

Note that FC4 is going to legacy RSN and won't get kernel updates.

Comment 3 Stephen Smalley 2006-08-03 20:15:56 UTC
Possibly it won't get kernel updates from RH, but users may still build newer
kernels.  The recent udev discussion -
- suggests that we can't just argue that it is a legacy distro and not supported.
If we can get an update to init pushed well in advance of when 2.6.19 comes out,
then most users will likely have already updated to it by then, or at least it
will be available to them.
The kernel itself is providing all the necessary compatibility support here; it
is just init that is not trying hard enough.

The same issue arose for FC3 with 2.6.14, and it also was just handled as a
(soon to legacy, not supported) issue IIRC, which did break some FC3 users who
were building their own kernel.org kernels.


Comment 4 Bill Nottingham 2006-08-04 00:38:21 UTC
Actually, that thread is about the kernel breaking userspace... taken at that
level, the kernel change shouldn't break the policy loading. Of course, in this
case the userspace is pretty dumb.

1) Can you compile the kernel to say 'support only policy version X'?
2) I'm assuming the libselinux policy loader in current distributions has this

Comment 5 Stephen Smalley 2006-08-04 12:03:11 UTC
1) Not presently w/o patching the definition of POLICYDB_VERSION_MAX.  I suppose
we could make that value configurable via kernel config option.
2) Yes, it is fixed in FC5 and going forward via the libselinux policy loader,
which further takes advantage of newer libsepol interfaces (whereas the trivial
patch for SysVinit that I attached to this bug doesn't rely on the newer
libselinux or libsepol support).

Comment 6 Bill Nottingham 2006-08-09 17:52:02 UTC
Moving to legacy, I didn't get this ready in time - apologies.

Comment 7 Stephen Smalley 2006-08-09 19:33:07 UTC
Created attachment 133877 [details]
kernel patch to make /selinux/policyvers configurable

This is a kernel patch that I plan to upstream before the actual version change
to make the version reported by /selinux/policyvers optionally configurable, so
that it can be adjusted downward for legacy userland.  Then one can build a
kernel that reports 19 and keeps /sbin/init working for FC4.
Might not be a bad idea to apply the sysvinit patch anyway just to make it more
resilient, but up to whoever maintains it for legacy.

Comment 8 Eric Paris 2006-08-22 18:41:38 UTC
The kernel change in question was pushed into -mm and should go into 2.6.19   It
still would be smart to make init a bit more intelligent, there will be a
reasonable workaround from the kernel side of things to support this situation
before it becomes a problem.

Comment 9 Eric Paris 2006-10-12 17:39:47 UTC
I'm going to close this as won't fix.  People building their own kernels should
be able to read the kconfig messages on how to avoid this issue.

Note You need to log in before you can comment on or make changes to this bug.