Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 158377 - Execute"$setenforce 0", kernel oops
Summary: Execute"$setenforce 0", kernel oops
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: David Woodhouse
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-05-21 05:39 UTC by sangu
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version: 2.6.11-1.1336_FC4
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-21 16:02:45 UTC


Attachments (Terms of Use)
kernel-2.6.11-1.1331 dmesg (deleted)
2005-05-21 05:39 UTC, sangu
no flags Details
dmesg without nvidia kernel module (deleted)
2005-05-21 06:52 UTC, sangu
no flags Details

Description sangu 2005-05-21 05:39:39 UTC
Description of problem:
in dmesg
[...]
Unable to handle kernel NULL pointer dereference at virtual address 00000004
 printing eip:
c01f31df
*pde = 00000000
Oops: 0000 [#1]
Modules linked in: vfat fat md5 ipv6 parport_pc lp parport ipt_REJECT ipt_state
iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack ip_tables dm_mod video
button battery ac ohci_hcd ehci_hcd nvidia(U) i2c_nforce2 i2c_core shpchp
emu10k1_gp gameport snd_emu10k1_synth snd_emux_synth snd_seq_virmidi
snd_seq_midi_emul snd_emu10k1 snd_rawmidi snd_ac97_codec snd_seq_dummy
snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss
snd_pcm snd_timer snd_page_alloc snd_util_mem snd_hwdep snd soundcore 8139too
mii forcedeth floppy sata_nv libata scsi_mod ext3 jbd
CPU:    0
EIP:    0060:[<c01f31df>]    Tainted: P      VLI
EFLAGS: 00210246   (2.6.11-1.1331_FC4)
EIP is at avc_audit+0x2e9/0xbee
eax: f5bc97e7   ebx: 00000000   ecx: c0390431   edx: 00000000
esi: f11ccf30   edi: 00000080   ebp: ea4a6550   esp: f11cce90
ds: 007b   es: 007b   ss: 0068
Process setenforce (pid: 3267, threadinfo=f11cc000 task=ea4a6550)
Stack: badc0ded c19c4f10 c039042c c039041a f11ccef4 c0201dfb f11ccf3c f11ccef4
       f72af678 00011e8c 00000002 f6626858 00010292 00000002 00000206 00000001
       00000080 c19c4f10 f11ccee8 f11ccef4 00000002 00000206 00000001 00000000
Call Trace:
 [<c0201dfb>] context_struct_compute_av+0xeb/0x191
 [<c01f4154>] avc_has_perm+0x4e/0x5a
 [<c01faebf>] task_has_security+0x2f/0x33
 [<c01fafaa>] sel_write_enforce+0x9d/0xc5
 [<c01faf0d>] sel_write_enforce+0x0/0xc5
 [<c017c764>] vfs_write+0x9e/0x110
 [<c017c881>] sys_write+0x41/0x6a
 [<c0103a51>] syscall_call+0x7/0xb
Code: 3f fe ff ff 8b 94 24 9c 00 00 00 8b 42 08 89 44 24 08 c7 44 24 04 48 04 39
c0 8b 4c 24 40 89 0c 24 e8 85 a5 f5 ff e9 18 fe ff ff <a1> 04 00 00 00 85 c0 0f
84 ef fd ff ff 8b 80 98 00 00 00 85 c0


Version-Release number of selected component (if applicable):
kernel-2.6.11-1.1331_FC4

How reproducible:
always

Steps to Reproduce:
1.$setenforce 0
2.
3.
  
Actual results:


Expected results:


Additional info:
libselinux-1.23.10-3
selinux-policy-targeted-1.23.16-5

policy is targeted.

$ sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 19
Policy from config file:        targeted

Policy booleans:
NetworkManager_disable_trans    inactive
allow_execmem                   active
allow_execmod                   active
allow_execstack                 active
allow_kerberos                  active
allow_write_xshm                inactive
allow_ypbind                    active
apmd_disable_trans              inactive
arpwatch_disable_trans          inactive
auditd_disable_trans            inactive
bluetooth_disable_trans         inactive
canna_disable_trans             inactive
cardmgr_disable_trans           inactive
comsat_disable_trans            inactive
cupsd_config_disable_trans      inactive
cupsd_disable_trans             inactive
cvs_disable_trans               inactive
cyrus_disable_trans             inactive
dbskkd_disable_trans            inactive
dhcpc_disable_trans             inactive
dhcpd_disable_trans             inactive
dovecot_disable_trans           inactive
fingerd_disable_trans           inactive
ftp_home_dir                    active
ftpd_disable_trans              inactive
ftpd_is_daemon                  active
hald_disable_trans              inactive
hotplug_disable_trans           inactive
howl_disable_trans              inactive
httpd_builtin_scripting         active
httpd_can_network_connect       inactive
httpd_disable_trans             inactive
httpd_enable_cgi                active
httpd_enable_homedirs           active
httpd_ssi_exec                  active
httpd_suexec_disable_trans      inactive
httpd_tty_comm                  inactive
httpd_unified                   active
i18n_input_disable_trans        inactive
inetd_child_disable_trans       inactive
inetd_disable_trans             inactive
innd_disable_trans              inactive
kadmind_disable_trans           inactive
klogd_disable_trans             inactive
krb5kdc_disable_trans           inactive
ktalkd_disable_trans            inactive
lpd_disable_trans               inactive
mysqld_disable_trans            inactive
named_disable_trans             inactive
named_write_master_zones        inactive
nfs_export_all_ro               active
nfs_export_all_rw               active
nmbd_disable_trans              inactive
nscd_disable_trans              inactive
ntpd_disable_trans              inactive
portmap_disable_trans           inactive
postgresql_disable_trans        inactive
pppd_disable_trans              inactive
pppd_for_user                   inactive
privoxy_disable_trans           inactive
ptal_disable_trans              inactive
radiusd_disable_trans           inactive
radvd_disable_trans             inactive
read_default_t                  active
rlogind_disable_trans           inactive
rsync_disable_trans             inactive
samba_enable_home_dirs          inactive
saslauthd_disable_trans         inactive
slapd_disable_trans             inactive
smbd_disable_trans              inactive
snmpd_disable_trans             inactive
squid_connect_any               inactive
squid_disable_trans             inactive
stunnel_disable_trans           inactive
stunnel_is_daemon               inactive
syslogd_disable_trans           inactive
system_dbusd_disable_trans      inactive
telnetd_disable_trans           inactive
tftpd_disable_trans             inactive
udev_disable_trans              inactive
use_nfs_home_dirs               inactive
use_samba_home_dirs             inactive
uucpd_disable_trans             inactive
winbind_disable_trans           inactive
ypbind_disable_trans            inactive
ypserv_disable_trans            inactive
zebra_disable_trans             inactive

Comment 1 sangu 2005-05-21 05:39:40 UTC
Created attachment 114660 [details]
kernel-2.6.11-1.1331 dmesg

Comment 2 Dave Jones 2005-05-21 05:50:12 UTC
repeatable without the nvidia module loaded ?


Comment 3 sangu 2005-05-21 06:52:21 UTC
Created attachment 114661 [details]
dmesg without nvidia kernel module

This problem still happens without nvidia kernel module.
in dmesg
[...]
Unable to handle kernel NULL pointer dereference at virtual address 00000004
 printing eip:
c01f31df
*pde = 3de22067
Oops: 0000 [#1]
Modules linked in: md5 ipv6 parport_pc lp parport ipt_REJECT ipt_state
iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack ip_tables dm_mod video
button battery ac ohci_hcd ehci_hcd i2c_nforce2 i2c_core shpchp emu10k1_gp
gameport snd_emu10k1_synth snd_emux_synth snd_seq_virmidi snd_seq_midi_emul
snd_emu10k1 snd_rawmidi snd_ac97_codec snd_seq_dummy snd_seq_oss
snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm
snd_timer snd_page_alloc snd_util_mem snd_hwdep snd soundcore 8139too mii
forcedeth floppy sata_nv libata scsi_mod ext3 jbd
CPU:	0
EIP:	0060:[<c01f31df>]    Not tainted VLI
EFLAGS: 00010246   (2.6.11-1.1331_FC4)
EIP is at avc_audit+0x2e9/0xbee
eax: f6498b3b	ebx: 00000000	ecx: c0390431	edx: 00000000
esi: c1ab1f30	edi: 00000080	ebp: c1b57550	esp: c1ab1e90
ds: 007b   es: 007b   ss: 0068
Process setenforce (pid: 2671, threadinfo=c1ab1000 task=c1b57550)
Stack: f7c04360 c039042c c039041a c1ab1ef4 c0201dfb c1ab1f3c c1ab1ef4 c196b678
       00016990 00000002 f6acae58 00010292 00000002 000001f4 00000001 00000080
       f7c04360 c1ab1ee8 c1ab1ef4 00000002 000001f4 00000001 00000000 f7dc2cc8
Call Trace:
 [<c0201dfb>] context_struct_compute_av+0xeb/0x191
 [<c01f4154>] avc_has_perm+0x4e/0x5a
 [<c01faebf>] task_has_security+0x2f/0x33
 [<c01fafaa>] sel_write_enforce+0x9d/0xc5
 [<c01faf0d>] sel_write_enforce+0x0/0xc5
 [<c017c764>] vfs_write+0x9e/0x110
 [<c017c881>] sys_write+0x41/0x6a
 [<c0103a51>] syscall_call+0x7/0xb
Code: 3f fe ff ff 8b 94 24 9c 00 00 00 8b 42 08 89 44 24 08 c7 44 24 04 48 04
39 c0 8b 4c 24 40 89 0c 24 e8 85 a5 f5 ff e9 18 fe ff ff <a1> 04 00 00 00 85 c0
0f 84 ef fd ff ff 8b 80 98 00 00 00 85 c0

Comment 4 David Woodhouse 2005-05-21 16:02:45 UTC
Mea Culpa. Fix building in rawhide now...


Note You need to log in before you can comment on or make changes to this bug.