977437 – general protection fault + SELinux AVCs when I plug in iPhone 4S

Bug 977437 - general protection fault + SELinux AVCs when I plug in iPhone 4S

Summary: general protection fault + SELinux AVCs when I plug in iPhone 4S

Keywords:
Status:	CLOSED DUPLICATE of bug 951167
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	libgpod
Sub Component:
Version:	20
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Bastien Nocera
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-06-24 14:31 UTC by Tom London
Modified:	2013-11-05 13:53 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2013-11-05 13:53:30 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Tom London 2013-06-24 14:31:57 UTC

Description of problem:
Here is what I see when I plug in an iPhone 4S:


Jun 18 07:06:43 tlondon kernel: [ 3654.946228] traps: iphone-set-info[20912] general protection ip:356c40bea6 sp:7fff3a87e450 error:0 in libimobiledevice.so.4.0.1[356c400000+1a000]

and /tmp/root/.config/libimobiledevice/libimobiledevicerc seems not a very secure filename/place to be using: perhaps someplace in /run?

Here are the AVCs:

SELinux is preventing /usr/lib/udev/iphone-set-info from write access on the directory /tmp/.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that iphone-set-info should be allowed write access on the  directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep iphone-set-info /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:udev_t:s0-s0:c0.c1023
Target Context                system_u:object_r:tmp_t:s0
Target Objects                /tmp/ [ dir ]
Source                        iphone-set-info
Source Path                   /usr/lib/udev/iphone-set-info
Port                          <Unknown>
Host                          tlondon.localhost.org
Source RPM Packages           libgpod-0.8.2-9.fc20.x86_64
Target RPM Packages           filesystem-3.2-13.fc20.x86_64
Policy RPM                    selinux-policy-3.12.1-52.fc20.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     tlondon.localhost.org
Platform                      Linux tlondon.localhost.org
                              3.10.0-0.rc5.git0.2.fc20.x86_64 #1 SMP Tue Jun 11
                              14:24:36 UTC 2013 x86_64 x86_64
Alert Count                   13
First Seen                    2013-06-18 06:58:31 PDT
Last Seen                     2013-06-18 06:58:31 PDT
Local ID                      7538bd17-79f3-4947-8ca6-8cecb7a96b0e

Raw Audit Messages
type=AVC msg=audit(1371563911.306:174): avc:  denied  { write } for  pid=20155 comm="iphone-set-info" name="/" dev="tmpfs" ino=10501 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=dir


type=SYSCALL msg=audit(1371563911.306:174): arch=x86_64 syscall=mkdir success=no exit=EACCES a0=1fa0530 a1=1ed a2=36f81c2788 a3=7fffc6025210 items=1 ppid=1 pid=20155 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=iphone-set-info exe=/usr/lib/udev/iphone-set-info subj=system_u:system_r:udev_t:s0-s0:c0.c1023 key=(null)

type=CWD msg=audit(1371563911.306:174): cwd=/

type=PATH msg=audit(1371563911.306:174): item=0 name=/tmp/ inode=10501 dev=00:21 mode=041777 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t:s0

Hash: iphone-set-info,udev_t,tmp_t,dir,write



Doing the "permissive" thing, I see this too:

SELinux is preventing /usr/lib/udev/iphone-set-info from create access on the file /tmp/root/.config/libimobiledevice/.

*****  Plugin catchall (100. confidence) suggests  ***************************

If you believe that iphone-set-info should be allowed create access on the  file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep iphone-set-info /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:udev_t:s0-s0:c0.c1023
Target Context                system_u:object_r:tmp_t:s0
Target Objects                /tmp/root/.config/libimobiledevice/ [ file ]
Source                        iphone-set-info
Source Path                   /usr/lib/udev/iphone-set-info
Port                          <Unknown>
Host                          tlondon.localhost.org
Source RPM Packages           libgpod-0.8.2-9.fc20.x86_64
Target RPM Packages          
Policy RPM                    selinux-policy-3.12.1-52.fc20.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     tlondon.localhost.org
Platform                      Linux tlondon.localhost.org
                              3.10.0-0.rc5.git0.2.fc20.x86_64 #1 SMP Tue Jun 11
                              14:24:36 UTC 2013 x86_64 x86_64
Alert Count                   1
First Seen                    2013-06-18 07:06:41 PDT
Last Seen                     2013-06-18 07:06:41 PDT
Local ID                      0bbde6d3-2695-45a4-9909-11f176483f65

Raw Audit Messages
type=AVC msg=audit(1371564401.477:313): avc:  denied  { create } for  pid=20912 comm="iphone-set-info" name="libimobiledevicerc" scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=file


type=AVC msg=audit(1371564401.477:313): avc:  denied  { write open } for  pid=20912 comm="iphone-set-info" path="/tmp/root/.config/libimobiledevice/libimobiledevicerc" dev="tmpfs" ino=77144 scontext=system_u:system_r:udev_t:s0-s0:c0.c1023 tcontext=system_u:object_r:tmp_t:s0 tclass=file


type=SYSCALL msg=audit(1371564401.477:313): arch=x86_64 syscall=open success=yes exit=EINTR a0=19e23a0 a1=241 a2=1b6 a3=4444313430304333 items=2 ppid=1 pid=20912 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm=iphone-set-info exe=/usr/lib/udev/iphone-set-info subj=system_u:system_r:udev_t:s0-s0:c0.c1023 key=(null)

type=CWD msg=audit(1371564401.477:313): cwd=/

type=PATH msg=audit(1371564401.477:313): item=0 name=/tmp/root/.config/libimobiledevice/ inode=77143 dev=00:21 mode=040755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t:s0

type=PATH msg=audit(1371564401.477:313): item=1 name=/tmp/root/.config/libimobiledevice/libimobiledevicerc inode=77144 dev=00:21 mode=0100644 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:tmp_t:s0

Hash: iphone-set-info,udev_t,tmp_t,file,create

Version-Release number of selected component (if applicable):
libimobiledevice-1.1.5-1.fc20.x86_64

How reproducible:
every time....

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Bastien Nocera 2013-06-26 10:40:58 UTC

$ rpm -qf /usr/lib/udev/iphone-set-info
libgpod-0.8.2-9.fc19.x86_64

It probably needs updating for the changed API in the unstable releases of libimobiledevice.

Comment 2 Tom London 2013-06-26 13:13:05 UTC

[tbl@tlondon ~]$ rpm -qf /usr/lib/udev/iphone-set-info
libgpod-0.8.2-9.fc20.x86_64
[tbl@tlondon ~]$

Comment 3 Fedora End Of Life 2013-09-16 14:15:05 UTC

This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20

Comment 4 Peter Robinson 2013-11-05 13:53:30 UTC


*** This bug has been marked as a duplicate of bug 951167 ***

Note You need to log in before you can comment on or make changes to this bug.