On Thu, 2008-06-12 at 11:03 -0400, max wrote: > Found on fedora list. > > -------- Original Message -------- > Subject: [Fedora8] SElinux bug > Date: Thu, 12 Jun 2008 15:58:58 +0100 > From: hicham <hichamlinux@xxxxxxxxx> > Reply-To: For users of Fedora <fedora-list@xxxxxxxxxx> > To: For users of Fedora <fedora-list@xxxxxxxxxx> > > Hello > I had this morning a "freeze", where I could not shutdown X server or > the laptop properly, looking at /var/log/messages: > I found what I suspect a selinux bug : > > Jun 12 12:19:00 laptop kernel: SELinux: out of range capability -555425744 That's not a bug in SELinux, but rather in the caller - passing an illegal value to capable(). > Jun 12 12:19:00 laptop kernel: ------------[ cut here ]------------ > Jun 12 12:19:00 laptop kernel: kernel BUG at security/selinux/hooks.c:1332! > Jun 12 12:19:00 laptop kernel: invalid opcode: 0000 [#1] SMP > Jun 12 12:19:00 laptop kernel: Modules linked in: iptable_nat xt_limit > xt_tcpudp iptable_mangle ipt_LOG ipt_MASQUERADE nf_nat xt_DSCP > ipt_REJE > CT nf_conntrack_irc nf_conntrack_ftp nf_conntrack_ipv4 xt_state > nf_conntrack iptable_filter ip_tables x_tables pppoatm pppoe pppox > ppp_synctty > ppp_async ppp_generic slhc appletalk ipx p8023 ipv6 cpufreq_ondemand > acpi_cpufreq vfat fat dm_mirror dm_multipath dm_mod parport_pc > smsc_ircc > 2 parport irda crc_ccitt pcspkr floppy serio_raw snd_intel8x0 > snd_seq_dummy snd_seq_oss video snd_seq_midi_event snd_seq output > snd_seq_device > snd_intel8x0m fglrx(P)(U) snd_ac97_codec snd_pcm_oss ac97_bus tg3 fglrx being the guilty culprit. > snd_mixer_oss snd_pcm wmi snd_timer battery snd ac soundcore > snd_page_alloc > button iTCO_wdt i2c_i801 i2c_core iTCO_vendor_support joydev speedtch > usbatm sr_mod cdrom atm sg pata_acpi ata_generic ata_piix libata > sd_mod > scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd [last unloaded: > microcode] > Jun 12 12:19:00 laptop kernel: > Jun 12 12:19:00 laptop kernel: Pid: 2036, comm: X Tainted: P > (2.6.25.4-10.fc8 #1) > Jun 12 12:19:00 laptop kernel: EIP: 0060:[<c04cd270>] EFLAGS: 00213246 > CPU: 0 > Jun 12 12:19:00 laptop kernel: EIP is at task_has_capability+0x46/0x79 > Jun 12 12:19:00 laptop kernel: EAX: 00000030 EBX: dee4e030 ECX: > c07195e4 EDX: 00000000 > Jun 12 12:19:00 laptop kernel: ESI: df191740 EDI: df18deb0 EBP: > df18debc ESP: df18de6c > Jun 12 12:19:00 laptop kernel: DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068 > Jun 12 12:19:00 laptop kernel: Process X (pid: 2036, ti=df18d000 > task=df160000 task.ti=df18d000) > Jun 12 12:19:00 laptop kernel: Stack: c06d7792 dee4e030 df160000 > 00000003 df160000 dee4e030 00000000 00000000 > Jun 12 12:19:00 laptop kernel: 00000000 00000000 00000000 > 00000000 00000000 00000000 00000000 00000000 > Jun 12 12:19:00 laptop kernel: 00000000 dee4e030 df160000 > df148000 df18decc c04cd2c2 df160000 e0d000c0 > Jun 12 12:19:00 laptop kernel: Call Trace: > Jun 12 12:19:00 laptop kernel: [<c04cd2c2>] ? selinux_capable+0x1f/0x23 > Jun 12 12:19:00 laptop kernel: [<c04c9685>] ? security_capable+0xc/0xe > Jun 12 12:19:00 laptop kernel: [<c042c9ff>] ? __capable+0xb/0x1f > Jun 12 12:19:00 laptop kernel: [<e0bf5050>] ? > firegl_cmmqs_CWDDE32+0x0/0x110 [fglrx] > Jun 12 12:19:00 laptop kernel: [<c042ca23>] ? capable+0x10/0x12 > Jun 12 12:19:00 laptop kernel: [<e0bda477>] ? firegl_ioctl+0xe7/0x220 > [fglrx] > Jun 12 12:19:00 laptop kernel: [<c0439d7f>] ? ktime_get_ts+0x45/0x49 > Jun 12 12:19:00 laptop kernel: [<c0439d96>] ? ktime_get+0x13/0x2f > Jun 12 12:19:00 laptop kernel: [<e0bcfc66>] ? ip_firegl_ioctl+0xe/0x10 > [fglrx] > Jun 12 12:19:00 laptop kernel: [<c048acfa>] ? vfs_ioctl+0x4e/0x67 > Jun 12 12:19:00 laptop kernel: [<c048af75>] ? do_vfs_ioctl+0x262/0x279 > Jun 12 12:19:00 laptop kernel: [<c04d016e>] ? selinux_file_ioctl+0xa8/0xab > Jun 12 12:19:00 laptop kernel: [<c048afcc>] ? sys_ioctl+0x40/0x5c > Jun 12 12:19:00 laptop kernel: [<c0405b7a>] ? syscall_call+0x7/0xb > Jun 12 12:19:00 laptop kernel: ======================= > Jun 12 12:19:00 laptop kernel: Code: 05 00 00 89 d0 f3 ab 8b 4d b8 89 > d8 b2 04 c1 f8 05 c6 45 bc 03 89 5d c4 89 4d c0 74 19 48 74 11 53 68 > 92 77 6d c0 e8 fd 9e f5 ff <0f> 0b 58 5a eb fe ba 45 00 00 00 8b 46 08 > 83 e3 1f 0f b7 f2 8d > Jun 12 12:19:00 laptop kernel: EIP: [<c04cd270>] > task_has_capability+0x46/0x79 SS:ESP 0068:df18de6c > Jun 12 12:19:00 laptop kernel: ---[ end trace fd35f97fc34637fa ]--- > Jun 12 12:19:00 laptop kernel: [fglrx:firegl_release] *ERROR* device > busy: 1 0 > Jun 12 12:19:00 laptop kernel: [fglrx] release failed with code -EBUSY > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list > -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list