[apparmor] crash in security_bprm_set_creds
John Johansen
john.johansen at canonical.com
Mon Jul 22 16:42:13 UTC 2013
On 07/22/2013 07:56 AM, Casey Schaufler wrote:
> On 7/22/2013 7:43 AM, Alex Lyakas wrote:
>> Greetings all,
>
> Adding AppArmor people to the list.
>
>> we had a kernel crash, and looking at stacks there are two
>> security_bprm_set_creds() calls failing:
>>
>> [118937.245466] udevd D 0000000000000000 0 20811 20670
>> 0x00000000
>> [118937.245468] ffff88009cff76a8 0000000000000086 ffff88009cff7728
>> ffffffff811352ff
>> [118937.245469] ffff88009cff7fd8 ffff88009cff7fd8 ffff88009cff7fd8
>> 0000000000013f40
>> [118937.245471] ffff880119ad2e80 ffff880115429740 0000000000000000
>> ffff880118209a48
>> [118937.245471] Call Trace:
>> ...
>> [118937.245506] [<ffffffff81059a39>] oops_exit+0x29/0x30
>> [118937.245508] [<ffffffff816ee8b3>] oops_end+0x83/0xf0
>> [118937.245512] [<ffffffff816d49f4>] no_context+0x1ab/0x1ba
>> [118937.245514] [<ffffffff816d4bd6>] __bad_area_nosemaphore+0x1d3/0x1f2
>> [118937.245517] [<ffffffff8113d5e5>] ? prep_new_page+0x145/0x1e0
>> [118937.245519] [<ffffffff816d4c4f>] bad_area+0x45/0x4d
>> [118937.245521] [<ffffffff816f1938>] __do_page_fault+0x558/0x560
>> [118937.245524] [<ffffffff8127cfd0>] ? ext4_xattr_get+0x60/0xa0
>> [118937.245527] [<ffffffff812821fa>] ? ext4_xattr_security_get+0x2a/0x30
>> [118937.245529] [<ffffffff811be813>] ? generic_getxattr+0x53/0x80
>> [118937.245531] [<ffffffff816f194e>] do_page_fault+0xe/0x10
>> [118937.245532] [<ffffffff816f1025>] do_async_page_fault+0x35/0x90
>> [118937.245534] [<ffffffff816edd48>] async_page_fault+0x28/0x30
>> [118937.245537] [<ffffffff8130e013>] ?
>> apparmor_bprm_set_creds+0xb3/0x780
>> [118937.245539] [<ffffffff8130dfd7>] ?
>> apparmor_bprm_set_creds+0x77/0x780
>> [118937.245541] [<ffffffff8116452f>] ? vma_link+0xcf/0xe0
>> [118937.245545] [<ffffffff812d8b73>] security_bprm_set_creds+0x13/0x20
>> [118937.245547] [<ffffffff811a0c78>] prepare_binprm+0xb8/0x1e0
>> [118937.245549] [<ffffffff811a2992>]
>> do_execve_common.isra.22+0x232/0x330
>> [118937.245551] [<ffffffff811a2aa8>] do_execve+0x18/0x20
>> [118937.245553] [<ffffffff811a2d4d>] sys_execve+0x3d/0x60
>> [118937.245555] [<ffffffff816f6809>] stub_execve+0x69/0xc0
>>
>> [118937.245558] IPaddr2 D 0000000000000000 0 20818 20813
>> 0x00000000
>> [118937.245559] ffff8800b4121768 0000000000000086 ffff8800b41217e8
>> ffffffff811352ff
>> [118937.245561] ffff8800b4121fd8 ffff8800b4121fd8 ffff8800b4121fd8
>> 0000000000013f40
>> [118937.245562] ffff880115429740 ffff880079c20000 0000000000000000
>> ffff880118209a48
>> [118937.245563] Call Trace:
>> ...
>> [118937.245596] [<ffffffff81059a39>] oops_exit+0x29/0x30
>> [118937.245598] [<ffffffff816ee8b3>] oops_end+0x83/0xf0
>> [118937.245600] [<ffffffff81017d28>] die+0x58/0x90
>> [118937.245602] [<ffffffff816ee1db>] do_trap+0xcb/0x170
>> [118937.245604] [<ffffffff810153e5>] do_invalid_op+0x95/0xb0
>> [118937.245606] [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
>> [118937.245608] [<ffffffff8105a8bc>] ? console_trylock+0x1c/0x70
>> [118937.245611] [<ffffffff8105a9ae>] ?
>> console_trylock_for_printk+0x9e/0xb0
>> [118937.245613] [<ffffffff816f751e>] invalid_op+0x1e/0x30
>> [118937.245615] [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
>> [118937.245616] [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
>> [118937.245618] [<ffffffff8130f4a2>] aa_free_profile_kref+0x12/0x20
>> [118937.245620] [<ffffffff8130e203>] apparmor_bprm_set_creds+0x2a3/0x780
>> [118937.245622] [<ffffffff8116452f>] ? vma_link+0xcf/0xe0
>> [118937.245624] [<ffffffff812d8b73>] security_bprm_set_creds+0x13/0x20
>> [118937.245625] [<ffffffff811a0c78>] prepare_binprm+0xb8/0x1e0
>> [118937.245627] [<ffffffff811a2992>]
>> do_execve_common.isra.22+0x232/0x330
>> [118937.245629] [<ffffffff811a2aa8>] do_execve+0x18/0x20
>> [118937.245631] [<ffffffff811a2d4d>] sys_execve+0x3d/0x60
>> [118937.245633] [<ffffffff816f6809>] stub_execve+0x69/0xc0
>>
>> Kernel is 3.8.13.
>> Can anybody advise whether this is some known issue, or how to debug
>> it further?
>>
This isn't a known issue. Do we have some more context to try tracking this
down?
>> Thanks,
>> Alex.
>>
>>
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe
>> linux-security-module" in
>> the body of a message to majordomo at vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
More information about the AppArmor
mailing list