Re: 4.13 ib_mthca NULL pointer dereference with OpenSM

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Oct 31, 2017 at 1:22 PM, Daniel Jurgens <danielj@xxxxxxxxxxxx> wrote:
> On 10/31/2017 12:49 PM, Chris Blake wrote:
>> Hello All,
>>
>> I have installed the kernel with the mentioned patch, as well as
>> CONFIG_SECURITY_INFINIBAND enabled. Sadly I am back to the issue where
>> my compute node is reporting:
>>
>> kernel: infiniband mthca0: ib_post_send_mad error
>>
>> As soon as I roll back to a kernel with CONFIG_SECURITY_INFINIBAND
>> disabled, the issue goes away and things work as expected.
>>
>> Regards,
>> Chris Blake
>
> Sounds like the crash is resolved and now you're getting a denial from a security module.  I looked in the code, it looks like AppArmor doesn't register any callbacks for the ib_* security hooks, and if no hook is registered it should return 0.  Can you tell me more about your setup so I can create a reproducer? What OS are you using? Can you double check that SELinux isn't enabled (see output of sestatus).
>

Hello,

I am not using SELinux on my system. I do have apparmor, but it is
only configured for lxc.

# apparmor_status
apparmor module is loaded.
5 profiles are loaded.
5 profiles are in enforce mode.
   /usr/bin/lxc-start
   lxc-container-default
   lxc-container-default-cgns
   lxc-container-default-with-mounting
   lxc-container-default-with-nesting
0 profiles are in complain mode.
0 processes have profiles defined.
0 processes are in enforce mode.
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

# sestatus
SELinux status:                 disabled

As for the crash issue I was seeing for #2, so far I have not been
able to replicate it with the patch. :)

Regarding my OS, my "NAS" box is running Debian 9.2 with it's default
distro kernel (currently 4.9.51-1), and my "Compute" nodes are on
Proxmox, which is based on Debian 9.1 and it's kernel is based on
ubuntu-artful and is version 4.13.4. Source is at
https://git.proxmox.com/?p=pve-kernel.git;a=summary. This is the
kernel I have tested the patch on, and have been running with
CONFIG_SECURITY_INFINIBAND disabled to resolve the issue.

Regards,
Chris Blake
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Photo]     [Yosemite News]     [Yosemite Photos]     [Linux Kernel]     [Linux SCSI]     [XFree86]
  Powered by Linux