Re: [PATCH 0/5] LSM hook updates

From: serue@private
Date: Thu Aug 25 2005 - 03:18:06 PDT


Did you ever check this with selinux?  I'm assuming that the problem is
that selinux does things like:
	rc = secondary_ops->task_create();
when secondary_ops->task_create can now be null...

(Will whip up the obvious patch asap - later this morning)

-serge

Quoting serue@private (serue@private):
> Hmm, haven't yet figured out why, but something in this patchset
> doesn't work for power5.  Oops attached, as well as the assembly
> for selinux_task_create (which I'm weeding through right now).
> 
> thanks,
> -serge
> 
> Oops output from console:
> 
> Security Framework v1.0.0 initialized
> SELinux:  Initializing.
> SELinux:  Starting in permissive mode
> selinux_register_security:  Registering secondary module capability
> Capability LSM initialized as secondary
> Mount-cache hash table entries: 256
> Oops: Kernel access of bad area, sig: 11 [#1]
> SMP NR_CPUS=128 NUMA PSERIES LPAR
> Modules linked in:
> NIP: C00000000016BCCC XER: 20000005 LR: C00000000004FA38 CTR: C00000000016BCA8
> REGS: c000000000403590 TRAP: 0300   Not tainted  (2.6.13-rc7-git1)
> MSR: 8000000000009032 EE: 1 PR: 0 FP: 0 ME: 1 IR/DR: 11 CR: 42000028
> DAR: 0000000000000000 DSISR: 0000000040000000
> TASK: c000000000468ea0[0] 'swapper' THREAD: c000000000400000 CPU: 0
> GPR00: C00000000004FA38 C000000000403810 C00000000054BA70 0000000000800B00
> GPR04: C000000000403DE0 C000000000403B60 0000000000000000 0000000000000000
> GPR08: 0000000000000000 C00000000049C450 0000000000000000 C0000000005F3298
> GPR12: 0000000042000022 C000000000423C00 0000000000000000 0000000000000000
> GPR16: 0000000000000000 0000000000000000 0000000000000000 C000000000403B60
> GPR20: C000000000403DE0 0000000000000000 0000000000000001 0000000000000000
> GPR24: 0000000000000000 0000000000800B00 C000000000403DE0 0000000000000000
> GPR28: 0000000000000001 0000000000000001 C0000000004A4AC8 0000000000800B00
> NIP [c00000000016bccc] .selinux_task_create+0x24/0x84
> LR [c00000000004fa38] .copy_process+0xc28/0x163c
> Call Trace:
> [c000000000403810] [00000000000000d0] 0xd0 (unreliable)
> [c000000000403890] [c00000000004fa38] .copy_process+0xc28/0x163c
> [c0000000004039a0] [c00000000005059c] .do_fork+0x94/0x240
> [c000000000403a80] [c000000000011c80] .sys_clone+0x60/0x78
> [c000000000403af0] [c00000000000d814] .ppc_clone+0x8/0xc
> --- Exception: c00 at .kernel_thread+0x28/0x68
>     LR = .rest_init+0x24/0x5c
> [c000000000403de0] [0000000001ff1b88] 0x1ff1b88 (unreliable)
> [c000000000403e50] [c0000000003e3004] .proc_root_init+0x164/0x184
> [c000000000403ed0] [c0000000003c98a0] .start_kernel+0x2ac/0x328
> [c000000000403f90] [c00000000000bfb4] .__setup_cpu_power3+0x0/0x4
> Instruction dump:
> 4e800020 63ff0004 4bffff44 7c0802a6 fbc1fff0 ebc2c9d0 fbe1fff8 f8010010
> f821ff81 e97e8100 e92b0000 e9490258 <e80a0000> f8410028 e96a0010 e84a0008
>  <0>Kernel panic - not syncing: Attempted to kill the idle task!
> 
> Taken from hooks.S:
> 
> 0000000000005494 <.selinux_task_create>:
>     5494:       7c 08 02 a6     mflr    r0
>     5498:       fb c1 ff f0     std     r30,-16(r1)
>     549c:       eb c2 00 00     ld      r30,0(r2)
>     54a0:       fb e1 ff f8     std     r31,-8(r1)
>     54a4:       f8 01 00 10     std     r0,16(r1)
>     54a8:       f8 21 ff 81     stdu    r1,-128(r1)
>     54ac:       e9 7e 81 00     ld      r11,-32512(r30)
>     54b0:       e9 2b 00 00     ld      r9,0(r11)
>     54b4:       e9 49 02 58     ld      r10,600(r9)
>     54b8:       e8 0a 00 00     ld      r0,0(r10)
>     54bc:       f8 41 00 28     std     r2,40(r1)
>     54c0:       e9 6a 00 10     ld      r11,16(r10)
>     54c4:       e8 4a 00 08     ld      r2,8(r10)
>     54c8:       7c 09 03 a6     mtctr   r0
>     54cc:       4e 80 04 21     bctrl   
>     54d0:       e8 41 00 28     ld      r2,40(r1)
>     54d4:       38 a0 00 01     li      r5,1
>     54d8:       2f a3 00 00     cmpdi   cr7,r3,0
>     54dc:       41 9e 00 1c     beq-    cr7,54f8 <.selinux_task_create+0x64>
>     54e0:       38 21 00 80     addi    r1,r1,128
>     54e4:       e8 01 00 10     ld      r0,16(r1)
>     54e8:       eb c1 ff f0     ld      r30,-16(r1)
>     54ec:       eb e1 ff f8     ld      r31,-8(r1)
>     54f0:       7c 08 03 a6     mtlr    r0
>     54f4:       4e 80 00 20     blr     
>     54f8:       38 21 00 80     addi    r1,r1,128
>     54fc:       e8 6d 01 70     ld      r3,368(r13)
>     5500:       e8 01 00 10     ld      r0,16(r1)
>     5504:       eb c1 ff f0     ld      r30,-16(r1)
>     5508:       eb e1 ff f8     ld      r31,-8(r1)
>     550c:       7c 64 1b 78     mr      r4,r3
>     5510:       7c 08 03 a6     mtlr    r0
>     5514:       4b ff ba 68     b       f7c <.task_has_perm>
> 
> 



This archive was generated by hypermail 2.1.3 : Thu Aug 25 2005 - 07:14:44 PDT