Bug 590363 - Failed to load policy
Summary: Failed to load policy
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 13
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Eric Paris
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2010-05-09 06:10 UTC by James Antill
Modified: 2010-05-19 19:17 UTC (History)
8 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2010-05-10 16:57:55 UTC
Type: ---

Attachments (Terms of Use)

Description James Antill 2010-05-09 06:10:24 UTC
Description of problem:
 yum history info says:

Packages Altered:
    Updated      selinux-policy-3.7.19-6.fc13.noarch
    Update                      3.7.19-10.fc13.noarch
    Updated      selinux-policy-targeted-3.7.19-6.fc13.noarch
    Update                               3.7.19-10.fc13.noarch
Scriptlet output:
   1 SELinux:  Could not load policy file /etc/selinux/targeted/policy/policy.24:  Invalid argument
   2 /sbin/load_policy:  Can't load policy:  Invalid argument
   3 libsemanage.semanage_reload_policy: load_policy returned error code 2.
   4 semodule:  Failed!

Comment 1 Carl G. 2010-05-09 20:06:42 UTC
setenforce 0
rm -rf /etc/selinux/targeted
yum reinstall selinux-policy-targeted


Fedora Bugzappers volunteer triage team

Comment 2 Daniel Walsh 2010-05-10 15:17:12 UTC
James, I believe this is a kernel issue.  Can you try again.

Comment 3 Eric Paris 2010-05-10 15:29:55 UTC
James, do you see any kernel error messages around this time?  Typically about being unable to allocate memory....

Comment 4 James Antill 2010-05-10 15:40:02 UTC
Eric, those would be in dmesg, yeh?

Yeh, in dmesg I see:

load_policy: page allocation failure. order:4, mode:0xc0d0
Pid: 2156, comm: load_policy Not tainted #1
Call Trace:
 [<ffffffff810e26f3>] __alloc_pages_nodemask+0x627/0x6a8
 [<ffffffff8110a6c6>] alloc_pages_current+0x95/0x9e
 [<ffffffff810e1559>] __get_free_pages+0x18/0x55
 [<ffffffff8111396a>] __kmalloc+0x47/0x193
 [<ffffffff811f9a83>] ? avtab_insertf+0x0/0x114
 [<ffffffff811f9f92>] avtab_alloc+0x59/0x9e
 [<ffffffff81201206>] cond_read_list+0x52/0x263
 [<ffffffff811fa0eb>] ? avtab_read+0x94/0xed
 [<ffffffff811f8f01>] ? hashtab_insert+0x66/0x10e
 [<ffffffff811fc23c>] policydb_read+0x4ed/0x1331
 [<ffffffff812008ec>] security_load_policy+0x122/0x3fd
 [<ffffffff810dbe20>] ? unlock_page+0x30/0x35
 [<ffffffff810f64f5>] ? __do_fault+0x3d9/0x40f
 [<ffffffff8107fb3c>] ? print_lock_contention_bug+0x1b/0xe0
 [<ffffffff8122e4d4>] ? __up_read+0x1a/0x8c
 [<ffffffff8107e1f9>] ? trace_hardirqs_on+0xd/0xf
 [<ffffffff8122e53d>] ? __up_read+0x83/0x8c
 [<ffffffff81070b16>] ? up_read+0x2b/0x2f
 [<ffffffff8147a0c9>] ? trace_hardirqs_on_thunk+0x3a/0x3f
 [<ffffffff8147afd0>] ? restore_args+0x0/0x30
 [<ffffffff8123194d>] ? copy_user_generic_string+0x2d/0x40
 [<ffffffff811f591c>] sel_write_load+0xae/0x62c
 [<ffffffff811f1a5b>] ? selinux_file_permission+0x5c/0xb2
 [<ffffffff811e7be1>] ? security_file_permission+0x16/0x18
 [<ffffffff81120199>] vfs_write+0xae/0x10b
 [<ffffffff811202b6>] sys_write+0x4a/0x6e
 [<ffffffff81009c72>] system_call_fastpath+0x16/0x1b
Node 0 DMA per-cpu:
CPU    0: hi:    0, btch:   1 usd:   0
CPU    1: hi:    0, btch:   1 usd:   0
Node 0 DMA32 per-cpu:
CPU    0: hi:  186, btch:  31 usd:   0
CPU    1: hi:  186, btch:  31 usd:   0
Node 0 Normal per-cpu:
CPU    0: hi:  186, btch:  31 usd:   0
CPU    1: hi:  186, btch:  31 usd:   0
active_anon:490404 inactive_anon:85750 isolated_anon:0
 active_file:377504 inactive_file:360254 isolated_file:29
 unevictable:8 dirty:839 writeback:0 unstable:0
 free:106235 slab_reclaimable:411658 slab_unreclaimable:117687
 mapped:46182 shmem:11987 pagetables:17673 bounce:0
Node 0 DMA free:15744kB min:20kB low:24kB high:28kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:15260kB mlocked:0kB dirty:0kB writeback:0kB mapped:0kB shmem:0kB slab_reclaimable:0kB slab_unreclaimable:16kB kernel_stack:0kB pagetables:0kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no
lowmem_reserve[]: 0 3254 7988 7988
Node 0 DMA32 free:398864kB min:4652kB low:5812kB high:6976kB active_anon:621584k
B inactive_anon:117528kB active_file:439696kB inactive_file:387672kB unevictable:0kB isolated(anon):0kB isolated(file):0kB present:3332536kB mlocked:0kB dirty:1580kB writeback:0kB mapped:40140kB shmem:12196kB slab_reclaimable:1100292kB slab_unreclaimable:85980kB kernel_stack:416kB pagetables:9684kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no
lowmem_reserve[]: 0 0 4734 4734
Node 0 Normal free:10332kB min:6768kB low:8460kB high:10152kB active_anon:1340032kB inactive_anon:225472kB active_file:1070320kB inactive_file:1053344kB unevictable:32kB isolated(anon):0kB isolated(file):116kB present:4848000kB mlocked:32kB dirty:1776kB writeback:0kB mapped:144588kB shmem:35752kB slab_reclaimable:546340kB slab_unreclaimable:384752kB kernel_stack:2952kB pagetables:61008kB unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:0 all_unreclaimable? no
lowmem_reserve[]: 0 0 0 0
Node 0 DMA: 2*4kB 3*8kB 4*16kB 3*32kB 3*64kB 2*128kB 1*256kB 1*512kB 2*1024kB 2*2048kB 2*4096kB = 15744kB
Node 0 DMA32: 99126*4kB 119*8kB 10*16kB 19*32kB 4*64kB 1*128kB 1*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 398864kB
Node 0 Normal: 2149*4kB 32*8kB 10*16kB 12*32kB 5*64kB 1*128kB 0*256kB 1*512kB 0*1024kB 0*2048kB 0*4096kB = 10356kB
753344 total pagecache pages
3546 pages in swap cache
Swap cache stats: add 19891, delete 16345, find 1193933/1194602
Free swap  = 5985884kB
Total swap = 6012920kB
2080768 pages RAM
53519 pages reserved
829406 pages shared
1353408 pages non-shared
load_policy used greatest stack depth: 2968 bytes left
SELinux: 8192 avtab hash slots, 194683 rules.
SELinux: 8192 avtab hash slots, 194683 rules.
SELinux:  9 users, 13 roles, 3203 types, 156 bools, 1 sens, 1024 cats
SELinux:  77 classes, 194683 rules

...which I assume is from when I did the update :)

Comment 5 Eric Paris 2010-05-10 15:45:59 UTC
That's the one.  Best bet it to reboot and do the update immediately after a reboot.  I'll try to backport the fix to F13.  I wonder if we should have sent it to stable....

Comment 6 Daniel Walsh 2010-05-10 16:36:46 UTC
Yes I think that would be a good idea.  (Backport to f13)

Comment 7 Eric Paris 2010-05-10 16:57:55 UTC
Patch pushed to F-13.  Should be in next build.

Comment 8 Fedora Update System 2010-05-17 05:39:28 UTC
kernel- has been submitted as an update for Fedora 13.

Comment 9 Fedora Update System 2010-05-19 19:17:43 UTC
kernel- has been pushed to the Fedora 13 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.