Bug 459798 - F9 + MLS + NFS = kernel oops
F9 + MLS + NFS = kernel oops
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
powerpc Linux
medium Severity medium
: ---
: ---
Assigned To: Steve Dickson
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-08-22 09:43 EDT by Robert Story
Modified: 2009-07-14 10:40 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-07-14 10:40:53 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
console/syslog msgs (4.15 KB, text/plain)
2008-08-22 09:43 EDT, Robert Story
no flags Details
rpc/nfs avcs and audit2allow tes (948 bytes, application/octet-stream)
2008-09-05 16:26 EDT, Robert Story
no flags Details

  None (edit)
Description Robert Story 2008-08-22 09:43:39 EDT
Created attachment 314805 [details]
console/syslog msgs

Description of problem:
Starting NFS on an up-to-date F9 system with MLS policy in enforcing mode causes kernel oops (and hangs the console/ssh terminal window). NFS was previously working for targeted/enforcing.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. set up nfs system w/targeted policy
2. switch to MLS/permissive, relabel, reboot to enforcing
3. newrole -r sysadm_r; run_init service nfs start
Actual results:
oops in nfsd4_list_rec_dir

Expected results:
no oops

Additional info:
Comment 1 Chuck Ebbert 2008-08-23 00:30:21 EDT
We need to see the entire oops report; a one-line summary doesn't provide any useful information.
Comment 2 Robert Story 2008-08-23 17:47:30 EDT
Did you thing about maybe, I don't know, checking the attachment? ;-)
Comment 3 Robert Story 2008-09-05 16:26:13 EDT
Created attachment 315932 [details]
rpc/nfs avcs and audit2allow tes

no oops and nfs mounts work after autid2allow and inserting generated modules.
Comment 4 Robert Story 2008-10-16 13:49:56 EDT
Issue remains with / selinux-policy-3.3.1-95.fc9.noarch. Here's another oops/call trace, this time on x86

IP: [<c04fe3e4>] list_del+0x4/0x53
*pde = 0e5e3067 *pte = 00000000
Oops: 0000 [#1] SMP
Modules linked in: nfsd exportfs nfs lockd nfs_acl rpcsec_gss_krb5 auth_rpcgss des_generic sunrpc ipt_REJECT ipt_LOG nf_conntrack_ipv4 iptable_filter ip_tables ip6t_REJECT xt_tcpudp nf_conntrack_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables x_tables ipv6 loop dm_multipath ppdev sr_mod cdrom snd_ens1371 gameport snd_rawmidi snd_ac97_codec ac97_bus snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device parport_pc snd_pcm_oss parport snd_mixer_oss floppy snd_pcm pcspkr snd_timer snd soundcore snd_page_alloc pcnet32 mii sg pata_acpi ata_generic ac i2c_piix4 ata_piix i2c_core libata dm_snapshot dm_zero dm_mirror dm_log dm_mod BusLogic sd_mod scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd [last unloaded: microcode]

Pid: 1986, comm: nfsd4 Tainted: G        W ( #1)
EIP: 0060:[<c04fe3e4>] EFLAGS: 00010217 CPU: 0
EIP is at list_del+0x4/0x53
EAX: 00000000 EBX: ce71c180 ECX: cf306a18 EDX: cea4c580
ESI: cc4aef48 EDI: 00000000 EBP: cc4aef2c ESP: cc4aef28
 DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
Process nfsd4 (pid: 1986, ti=cc4ae000 task=cc497080 task.ti=cc4ae000)
Stack: ce71c180 cc4aef60 d0bad079 cc4aefa8 d0bad243 fffffff3 00000000 00000000
       00000000 00000000 cf306a18 ce71c180 d0bb9198 0000005a cc4aef6c d0bad1d4
       ce71c180 cc4aef90 d0ba92ed c07a2a80 48f77592 cc4972dc cc497080 ce71c180
Call Trace:
 [<d0bad079>] ? nfsd4_list_rec_dir+0xf3/0x13a [nfsd]
 [<d0bad243>] ? purge_old+0x0/0x3a [nfsd]
 [<d0bad1d4>] ? nfsd4_recdir_purge_old+0x2a/0x5c [nfsd]
 [<d0ba92ed>] ? laundromat_main+0x59/0x1d0 [nfsd]
 [<d0ba9294>] ? laundromat_main+0x0/0x1d0 [nfsd]
 [<c0436785>] ? run_workqueue+0x7c/0xfb
 [<c04368ba>] ? worker_thread+0xb6/0xc2
 [<c0439513>] ? autoremove_wake_function+0x0/0x33
 [<c0436804>] ? worker_thread+0x0/0xc2
 [<c04392a6>] ? kthread+0x3b/0x61
 [<c043926b>] ? kthread+0x0/0x61
 [<c0405837>] ? kernel_thread_helper+0x7/0x10
Code: 39 c7 75 e1 8b 53 08 8d 4b 04 8d 46 04 e8 68 00 00 00 8b 53 10 8d 4b 0c 8d 46 0c e8 5a 00 00 00 5b 5e 5f 5d c3 90 90 55 89 e5 53 <8b> 58 04 8b 0b 39 c1 74 13 51 50 68 b8 59 6e c0 e8 a2 08 13 00
EIP: [<c04fe3e4>] list_del+0x4/0x53 SS:ESP 0068:cc4aef28
---[ end trace 4eaa2a86a8e2da22 ]---
Comment 5 Bug Zapper 2009-06-09 22:31:59 EDT
This message is a reminder that Fedora 9 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 9.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '9'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 9's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 9 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
Comment 6 Bug Zapper 2009-07-14 10:40:53 EDT
Fedora 9 changed to end-of-life (EOL) status on 2009-07-10. Fedora 9 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.