Re: [Fwd: [Fedora8] SElinux bug]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2008-06-12 at 11:03 -0400, max wrote:
> Found on fedora list.
> 
> -------- Original Message --------
> Subject: [Fedora8] SElinux bug
> Date: Thu, 12 Jun 2008 15:58:58 +0100
> From: hicham <hichamlinux@xxxxxxxxx>
> Reply-To: For users of Fedora <fedora-list@xxxxxxxxxx>
> To: For users of Fedora <fedora-list@xxxxxxxxxx>
> 
> Hello
> I had this morning a "freeze", where I could not shutdown X server or
> the laptop properly, looking at /var/log/messages:
> I found what I suspect a selinux bug :
> 
> Jun 12 12:19:00 laptop kernel: SELinux:  out of range capability -555425744

That's not a bug in SELinux, but rather in the caller - passing an
illegal value to capable().

> Jun 12 12:19:00 laptop kernel: ------------[ cut here ]------------
> Jun 12 12:19:00 laptop kernel: kernel BUG at security/selinux/hooks.c:1332!
> Jun 12 12:19:00 laptop kernel: invalid opcode: 0000 [#1] SMP
> Jun 12 12:19:00 laptop kernel: Modules linked in: iptable_nat xt_limit
> xt_tcpudp iptable_mangle ipt_LOG ipt_MASQUERADE nf_nat xt_DSCP
> ipt_REJE
> CT nf_conntrack_irc nf_conntrack_ftp nf_conntrack_ipv4 xt_state
> nf_conntrack iptable_filter ip_tables x_tables pppoatm pppoe pppox
> ppp_synctty
>   ppp_async ppp_generic slhc appletalk ipx p8023 ipv6 cpufreq_ondemand
> acpi_cpufreq vfat fat dm_mirror dm_multipath dm_mod parport_pc
> smsc_ircc
> 2 parport irda crc_ccitt pcspkr floppy serio_raw snd_intel8x0
> snd_seq_dummy snd_seq_oss video snd_seq_midi_event snd_seq output
> snd_seq_device
>   snd_intel8x0m fglrx(P)(U) snd_ac97_codec snd_pcm_oss ac97_bus tg3

fglrx being the guilty culprit.

> snd_mixer_oss snd_pcm wmi snd_timer battery snd ac soundcore
> snd_page_alloc
>   button iTCO_wdt i2c_i801 i2c_core iTCO_vendor_support joydev speedtch
> usbatm sr_mod cdrom atm sg pata_acpi ata_generic ata_piix libata
> sd_mod
>   scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd [last unloaded: 
> microcode]
> Jun 12 12:19:00 laptop kernel:
> Jun 12 12:19:00 laptop kernel: Pid: 2036, comm: X Tainted: P
> (2.6.25.4-10.fc8 #1)
> Jun 12 12:19:00 laptop kernel: EIP: 0060:[<c04cd270>] EFLAGS: 00213246 
> CPU: 0
> Jun 12 12:19:00 laptop kernel: EIP is at task_has_capability+0x46/0x79
> Jun 12 12:19:00 laptop kernel: EAX: 00000030 EBX: dee4e030 ECX:
> c07195e4 EDX: 00000000
> Jun 12 12:19:00 laptop kernel: ESI: df191740 EDI: df18deb0 EBP:
> df18debc ESP: df18de6c
> Jun 12 12:19:00 laptop kernel:  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
> Jun 12 12:19:00 laptop kernel: Process X (pid: 2036, ti=df18d000
> task=df160000 task.ti=df18d000)
> Jun 12 12:19:00 laptop kernel: Stack: c06d7792 dee4e030 df160000
> 00000003 df160000 dee4e030 00000000 00000000
> Jun 12 12:19:00 laptop kernel:        00000000 00000000 00000000
> 00000000 00000000 00000000 00000000 00000000
> Jun 12 12:19:00 laptop kernel:        00000000 dee4e030 df160000
> df148000 df18decc c04cd2c2 df160000 e0d000c0
> Jun 12 12:19:00 laptop kernel: Call Trace:
> Jun 12 12:19:00 laptop kernel:  [<c04cd2c2>] ? selinux_capable+0x1f/0x23
> Jun 12 12:19:00 laptop kernel:  [<c04c9685>] ? security_capable+0xc/0xe
> Jun 12 12:19:00 laptop kernel:  [<c042c9ff>] ? __capable+0xb/0x1f
> Jun 12 12:19:00 laptop kernel:  [<e0bf5050>] ?
> firegl_cmmqs_CWDDE32+0x0/0x110 [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c042ca23>] ? capable+0x10/0x12
> Jun 12 12:19:00 laptop kernel:  [<e0bda477>] ? firegl_ioctl+0xe7/0x220 
> [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c0439d7f>] ? ktime_get_ts+0x45/0x49
> Jun 12 12:19:00 laptop kernel:  [<c0439d96>] ? ktime_get+0x13/0x2f
> Jun 12 12:19:00 laptop kernel:  [<e0bcfc66>] ? ip_firegl_ioctl+0xe/0x10 
> [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c048acfa>] ? vfs_ioctl+0x4e/0x67
> Jun 12 12:19:00 laptop kernel:  [<c048af75>] ? do_vfs_ioctl+0x262/0x279
> Jun 12 12:19:00 laptop kernel:  [<c04d016e>] ? selinux_file_ioctl+0xa8/0xab
> Jun 12 12:19:00 laptop kernel:  [<c048afcc>] ? sys_ioctl+0x40/0x5c
> Jun 12 12:19:00 laptop kernel:  [<c0405b7a>] ? syscall_call+0x7/0xb
> Jun 12 12:19:00 laptop kernel:  =======================
> Jun 12 12:19:00 laptop kernel: Code: 05 00 00 89 d0 f3 ab 8b 4d b8 89
> d8 b2 04 c1 f8 05 c6 45 bc 03 89 5d c4 89 4d c0 74 19 48 74 11 53 68
> 92 77 6d c0 e8 fd 9e f5 ff <0f> 0b 58 5a eb fe ba 45 00 00 00 8b 46 08
> 83 e3 1f 0f b7 f2 8d
> Jun 12 12:19:00 laptop kernel: EIP: [<c04cd270>]
> task_has_capability+0x46/0x79 SS:ESP 0068:df18de6c
> Jun 12 12:19:00 laptop kernel: ---[ end trace fd35f97fc34637fa ]---
> Jun 12 12:19:00 laptop kernel: [fglrx:firegl_release] *ERROR* device 
> busy: 1 0
> Jun 12 12:19:00 laptop kernel: [fglrx] release failed with code -EBUSY
> 
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> 
-- 
Stephen Smalley
National Security Agency

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux