Red Hat Bugzilla – Bug 443481
kernel BUG at security/selinux/hooks.c:761 during NFS install
Last modified: 2008-04-24 21:35:49 EDT
Using today's rawhide (20080421, kernel-2.6.25-1.fc9.i586) I get a kernel BUG
when the system attempts to mount its nfs install source.
Running... /bin/mount -n -t nfs -o nolock [nfs target] /mnt/isodir
And then we get:
kernel BUG at security/selinux/hooks.c:761!
EIP is at selinux_sb_clone_mnt_opts+0x21/0xd9
Call Trace: [I'm trimming it to just function names]
This causes loader to SEGV and the install dies.
Well, I guess if the installer just isn't loading policy or disabling selinux
then we could hit this BUG_ON(!ss_initialized)
sds, what do you think, if !ss_initialized we know the parent sb couldn't have
had selinux mount options so there is no reason we can't just throw this sb on
the superblock_security_head list and deal with it later...
will send such a patch to selinux list in just a moment if I don't hear anything
Created attachment 303195 [details]
change BUG_ON to safe handling if (!ss_initialized)
Looks sane, although I'm curious as to why we haven't loaded a policy before we
hit the clone.
policy is part of the second stage, and isn't loaded until after it's mounted.
I'm going to push the patch in comment #2 to F-9 kernel as soon as CVS opens back up
Patch went in kernel 2.6.25-4. Can someone confirm this is fixed?
I can't easily confirm this until a fixed kernel lands in rawhide - it needs to
be running during the install.
I'll see if it's possible to build custom boot images using the koji repos..
Well, I built custom boot images with the new kernel and attempted an NFS
install. It didn't oops on NFS mount, and it seemed to mount stage2.img OK as well.
Unfortunately the tree is out-of-date so the install can't proceed past there.
But I think that confirms that the BUG is gone.