Bug 438150 - Multipathd Segfaults on load when SELinux is enabled
Summary: Multipathd Segfaults on load when SELinux is enabled
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: device-mapper-multipath
Version: 5.1
Hardware: x86_64
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Ben Marzinski
QA Contact: Corey Marthaler
URL:
Whiteboard:
Depends On: 355961 428338 431947
Blocks: 442440
TreeView+ depends on / blocked
 
Reported: 2008-03-19 13:17 UTC by Mark-Jan de Jong
Modified: 2010-01-12 02:41 UTC (History)
25 users (show)

Fixed In Version: RHBA-2008-0219
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2008-05-16 10:37:12 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2008:0219 0 normal SHIPPED_LIVE device-mapper-multipath bug fix update 2008-05-16 10:37:09 UTC

Description Mark-Jan de Jong 2008-03-19 13:17:56 UTC 
Description of problem:

Multipathd Segfaults when SELinux is enabled in both permissive and enforcing
modes. The problem does not occur when SELinux is disabled.

Multipathing is enabled for two iSCSI LUNS to an EMC-Celerra disk array. During
the initial boot of the system with SELinux enabled, multipathd segfaults during
what I believe is when /sbin/multipath is called. I do not have a trace to
support this but all signs point to this.

In SELinux permissive mode, when /sbin/multipath is run prior to multipathd,
multipathd starts up just fine. After flushing the device maps and restarting
multipathd, it will segfault again.

In SELinux enforcing mode, I have created policies all the way up to the
segfault. The first one below, is the last policy created before the segfault
occurs. Unfortunately, the multipath map is not created since multipathd doesn't
have the proper rights.

module myMultipathd 1.6;

require {
        type tmp_t;
        type sbin_t;
        type bin_t;
        type lvm_metadata_t;
        type lvm_t;
        type ramfs_t;
        class file create;
        class dir { write search add_name mounton };
        class filesystem { mount unmount };
}

#============= lvm_t ==============
allow lvm_t bin_t:dir mounton;
allow lvm_t lvm_metadata_t:dir mounton;
allow lvm_t ramfs_t:dir { write search add_name };
allow lvm_t ramfs_t:file create;
allow lvm_t ramfs_t:filesystem { mount unmount };
allow lvm_t sbin_t:dir mounton;
allow lvm_t tmp_t:dir mounton;

The following policy allows multipathd to create the multipath maps but then
segfaults right after.

module myMultipathd 1.7;

require {
        type tmp_t;
        type sbin_t;
        type bin_t;
        type lvm_metadata_t;
        type lvm_t;
        type ramfs_t;
        class file { write create execute };
        class dir { write search add_name mounton };
        class filesystem { mount unmount };
}

#============= lvm_t ==============
allow lvm_t bin_t:dir mounton;
allow lvm_t lvm_metadata_t:dir mounton;
allow lvm_t ramfs_t:dir { write search add_name };
allow lvm_t ramfs_t:file { write create execute };
allow lvm_t ramfs_t:filesystem { mount unmount };
allow lvm_t sbin_t:dir mounton;
allow lvm_t tmp_t:dir mounton;

The following is a diff between the two:

[root@xen01 multipathd]# diff myMultipathd.te.6 myMultipathd.te.7
2c2
< module myMultipathd 1.6;
---
> module myMultipathd 1.7;
11c11
<       class file create;
---
>       class file { write create execute };
20c20
< allow lvm_t ramfs_t:file create;
---
> allow lvm_t ramfs_t:file { write create execute };


Version-Release number of selected component (if applicable):

Linux xen01.teoco.corp 2.6.18-53.1.14.el5xen #1 SMP Wed Mar 5 12:08:17 EST 2008
x86_64 x86_64 x86_64 GNU/Linux

device-mapper-multipath-0.4.7-12.el5_1.2


How reproducible:

Always.

Steps to Reproduce:
1. Setup iSCSI devices
2. service multipathd start
  
Actual results:

The error reported in dmesg:

SELinux: initialized (dev ramfs, type ramfs), uses genfs_contexts
multipathd[18583]: segfault at 000000001b393ff8 rip 000000313746bab0 rsp
000000001b394018 error 6

Expected results:


Additional info:

/etc/multipath.conf:

blacklist {
        devnode "*"
}
blacklist_exceptions {
        devnode "sd[c-z]$"
}
defaults {
        user_friendly_names yes
}
multipaths {
        multipath {
                wwid 36006048c5902486960827f1ce78636e2
                alias                   emc_celerra01
                path_grouping_policy    multibus
                failback                immediate
        }
}
Comment 1 Kiyoshi Ueda 2008-04-01 20:45:46 UTC 
I'm hitting the same problem, and I'd like to raise the severity
of this bug to "high" from "low".
If it's uncomfortable, please let me know.
Comment 4 RHEL Program Management 2008-04-02 10:00:12 UTC 
This bugzilla has Keywords: Regression.  

Since no regressions are allowed between releases, 
it is also being marked as a blocker for this release.  

Please resolve ASAP.
Comment 8 Kiyoshi Ueda 2008-04-02 16:04:54 UTC 
Confirmed this bug is fixed in device-mapper-multipath-0.4.7-17.el5.
Comment 9 Ben Marzinski 2008-04-02 20:13:56 UTC 
I fixed this bug the same way as 355961, by using fork() and
unshare(CLONE_NEWNS) instead of clone()
Comment 12 Andrius Benokraitis 2008-04-07 15:01:19 UTC 
NetApp: The planned release for this is 2008-04-22.
Comment 13 Andrius Benokraitis 2008-04-21 13:24:08 UTC 
I believe this has been pushed to 29-Apr-08 due to scheduling.
Comment 16 Andrius Benokraitis 2008-05-05 13:25:03 UTC 
I believe this should be released on May-6.
Comment 18 errata-xmlrpc 2008-05-16 10:37:12 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0219.html
Note You need to log in before you can comment on or make changes to this bug.