* secilc: any idea why this commit causes secilc to segfault?
@ 2015-09-09 9:38 Dominick Grift
2015-09-09 18:56 ` James Carter
0 siblings, 1 reply; 3+ messages in thread
From: Dominick Grift @ 2015-09-09 9:38 UTC (permalink / raw)
To: selinux
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
disclaimer: although i have thoroughly tested this commit for typo's, i
cannot completely rule out that this seqfault is caused by a typo.
The commit that causes secilc to segfault:
https://github.com/DefenSec/dssp/commit/98b8a7950fed0a8e5eea74da42ab2b407dd47ec0
secilc core:
http://filebin.ca/2F2XLRSvBEGH/core.secilc.1000.1ae5ed764f334f32bebe30bffa3b414b.20553.1441789693000000.xz
coredumpctl -1 info output:
PID: 20553 (secilc)
UID: 1000 (kcinimod)
GID: 1000 (kcinimod)
Signal: 11 (SEGV)
Timestamp: Wed 2015-09-09
11:08:13 CEST (13min ago)
Command Line: /home/kcinimod/bin/secilc
--policyvers=29 -v
/run/user/1000/dssp/sources/support/misc_patterns.cil
/run/user/1000/dssp/sources/support/ipc_patterns.cil
/run/user/1000/dssp/sources/support/file_patterns.cil
/run/user/1000/dssp/sources/support/class_permissionsets.cil
/run/user/1000/dssp/sources/standard/policy.cil
/run/user/1000/dssp/sources/standard/macros.cil
/run/user/1000/dssp/sources/standard/constraints.cil
/run/user/1000/dssp/sources/rbacsep/policy.cil
/run/user/1000/dssp/sources/rbacsep/macros.cil
/run/user/1000/dssp/sources/rbacsep/constraints.cil
/run/user/1000/dssp/sources/policy_capabilities.cil
/run/user/1000/dssp/sources/modules/contrib/system/wodim/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/wodim/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/wodim/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/usersubj/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/usersubj/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/usersubj/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/unconfinedsubj/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/unconfinedsubj/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/udev/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/udev/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/udev/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/seutil/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/seutil/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/seutil/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/sctl/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/sctl/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/sctl/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/rpm/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/rpm/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/rpm/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/qemu/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/qemu/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/qemu/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/plymouth/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/plymouth/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/plymouth/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/pam/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/pam/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/pam/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/nss/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/nss/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/nss/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/mount/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/mount/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/mount/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/miscfile/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/miscfile/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/miscfile/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/md/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/md/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/md/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/lvm/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/lvm/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/lvm/contexts.cil
/run/user/1000/dssp/sources/modules/contrib/system/login/policy.cil
/run/user/1000/dssp/sources/modules/contrib/system/login/macros.cil
/run/user/1000/dssp/sources/modules/contrib/system/login/contexts.cil
/run/user
Executable: /home/kcinimod/.local/bin/secilc
Control Group:
/user.slice/user-1000.slice/session-1.scope
Unit: session-1.scope
Slice: user-1000.slice
Session: 1
Owner UID: 1000
(kcinimod)
Boot ID: 1ae5ed764f334f32bebe30bffa3b414b
Machine ID:
92c3ab10c0694da9b9c96a851603c2a5
Hostname: x250
Coredump:
/var/lib/systemd/coredump/core.secilc.1000.1ae5ed764f334f32bebe30bffa3b414b.20553.1441789693000000.xz
Message: Process 20553 (secilc) of user
1000 dumped core.
Stack trace of thread 20553:
#0 0x000000000041aaa3 n/a (/home/kcinimod/.local/bin/secilc)
- --
02DFF788
4D30 903A 1CF3 B756 FB48 1514 3148 83A2 02DF F788
https://sks-keyservers.net/pks/lookup?op=get&search=0x314883A202DFF788
Dominick Grift
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQGcBAEBCgAGBQJV7/31AAoJENAR6kfG5xmcpO4MAIpRAg7o7Nh1kU+mts626OWt
XjvTAYr9E5kSYazHdtbCyE8a2DgXu9Pdczb6REgJXmNwamoMpD3C5bx9X4WJSnxr
AsMGdHGCnsjtD5dCi2ClaCHKugHIoORJLZLI8otZlXLSUSNSruSjIn3JuKKT/mpc
myL5CkzgvVN6rsVgpijfAazc2cp/GQvES3nPjGSwpNtBdrl8zCaI5EUjFjnx36QZ
8zGrcyxye2U90s8/gBR+j3hFcTBOAf9BycCJa9GVixkArzgt4AHM0Fr/sRkLPrHN
TKRiPlcBEtVxms3PhMhaOB2L2sy3BLYlrsC3LlEGXM5y4FqAKaGS95UTPb/KIoR0
p+dXGGPqd5cdYJfsD25jRRjTfmH7Fi/ZM9cy5/5nwJpEBXvXCVH7UAinJCPfvpzJ
khgN9ZowdIJS7X9GAsz6F3jWr945uPEpr+lT3Vy1MZsOI+IVn/cnUP85Pdd+DQf6
I0IHycAbPN3LA2uJxsL/cODxQmTlmmUODi4PjoEUxQ==
=iCdD
-----END PGP SIGNATURE-----
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: secilc: any idea why this commit causes secilc to segfault?
2015-09-09 9:38 secilc: any idea why this commit causes secilc to segfault? Dominick Grift
@ 2015-09-09 18:56 ` James Carter
2015-09-09 19:06 ` Steve Lawrence
0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2015-09-09 18:56 UTC (permalink / raw)
To: selinux
On 09/09/2015 05:38 AM, Dominick Grift wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> disclaimer: although i have thoroughly tested this commit for typo's, i
> cannot completely rule out that this seqfault is caused by a typo.
>
Not a typo, it is a bug in secilc. Secilc doesn't seem to like having a
classpermissionset statement in a tunableif block.
Jim
> The commit that causes secilc to segfault:
>
> https://github.com/DefenSec/dssp/commit/98b8a7950fed0a8e5eea74da42ab2b407dd47ec0
>
> secilc core:
>
> http://filebin.ca/2F2XLRSvBEGH/core.secilc.1000.1ae5ed764f334f32bebe30bffa3b414b.20553.1441789693000000.xz
>
> coredumpctl -1 info output:
>
> PID: 20553 (secilc)
> UID: 1000 (kcinimod)
> GID: 1000 (kcinimod)
> Signal: 11 (SEGV)
> Timestamp: Wed 2015-09-09
> 11:08:13 CEST (13min ago)
> Command Line: /home/kcinimod/bin/secilc
> --policyvers=29 -v
> /run/user/1000/dssp/sources/support/misc_patterns.cil
> /run/user/1000/dssp/sources/support/ipc_patterns.cil
> /run/user/1000/dssp/sources/support/file_patterns.cil
> /run/user/1000/dssp/sources/support/class_permissionsets.cil
> /run/user/1000/dssp/sources/standard/policy.cil
> /run/user/1000/dssp/sources/standard/macros.cil
> /run/user/1000/dssp/sources/standard/constraints.cil
> /run/user/1000/dssp/sources/rbacsep/policy.cil
> /run/user/1000/dssp/sources/rbacsep/macros.cil
> /run/user/1000/dssp/sources/rbacsep/constraints.cil
> /run/user/1000/dssp/sources/policy_capabilities.cil
> /run/user/1000/dssp/sources/modules/contrib/system/wodim/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/wodim/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/wodim/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/usersubj/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/usersubj/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/usersubj/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/unconfinedsubj/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/unconfinedsubj/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/udev/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/udev/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/udev/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/seutil/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/seutil/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/seutil/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/sctl/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/sctl/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/sctl/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/rpm/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/rpm/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/rpm/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/qemu/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/qemu/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/qemu/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/plymouth/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/plymouth/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/plymouth/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/pam/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/pam/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/pam/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/nss/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/nss/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/nss/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/netlabelctl/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/mount/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/mount/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/mount/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/miscfile/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/miscfile/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/miscfile/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/md/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/md/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/md/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/lvm/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/lvm/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/lvm/contexts.cil
> /run/user/1000/dssp/sources/modules/contrib/system/login/policy.cil
> /run/user/1000/dssp/sources/modules/contrib/system/login/macros.cil
> /run/user/1000/dssp/sources/modules/contrib/system/login/contexts.cil
> /run/user
> Executable: /home/kcinimod/.local/bin/secilc
> Control Group:
> /user.slice/user-1000.slice/session-1.scope
> Unit: session-1.scope
> Slice: user-1000.slice
> Session: 1
> Owner UID: 1000
> (kcinimod)
> Boot ID: 1ae5ed764f334f32bebe30bffa3b414b
> Machine ID:
> 92c3ab10c0694da9b9c96a851603c2a5
> Hostname: x250
> Coredump:
> /var/lib/systemd/coredump/core.secilc.1000.1ae5ed764f334f32bebe30bffa3b414b.20553.1441789693000000.xz
> Message: Process 20553 (secilc) of user
> 1000 dumped core.
>
> Stack trace of thread 20553:
> #0 0x000000000041aaa3 n/a (/home/kcinimod/.local/bin/secilc)
>
> - --
> 02DFF788
> 4D30 903A 1CF3 B756 FB48 1514 3148 83A2 02DF F788
> https://sks-keyservers.net/pks/lookup?op=get&search=0x314883A202DFF788
> Dominick Grift
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
>
> iQGcBAEBCgAGBQJV7/31AAoJENAR6kfG5xmcpO4MAIpRAg7o7Nh1kU+mts626OWt
> XjvTAYr9E5kSYazHdtbCyE8a2DgXu9Pdczb6REgJXmNwamoMpD3C5bx9X4WJSnxr
> AsMGdHGCnsjtD5dCi2ClaCHKugHIoORJLZLI8otZlXLSUSNSruSjIn3JuKKT/mpc
> myL5CkzgvVN6rsVgpijfAazc2cp/GQvES3nPjGSwpNtBdrl8zCaI5EUjFjnx36QZ
> 8zGrcyxye2U90s8/gBR+j3hFcTBOAf9BycCJa9GVixkArzgt4AHM0Fr/sRkLPrHN
> TKRiPlcBEtVxms3PhMhaOB2L2sy3BLYlrsC3LlEGXM5y4FqAKaGS95UTPb/KIoR0
> p+dXGGPqd5cdYJfsD25jRRjTfmH7Fi/ZM9cy5/5nwJpEBXvXCVH7UAinJCPfvpzJ
> khgN9ZowdIJS7X9GAsz6F3jWr945uPEpr+lT3Vy1MZsOI+IVn/cnUP85Pdd+DQf6
> I0IHycAbPN3LA2uJxsL/cODxQmTlmmUODi4PjoEUxQ==
> =iCdD
> -----END PGP SIGNATURE-----
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
>
--
James Carter <jwcart2@tycho.nsa.gov>
National Security Agency
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: secilc: any idea why this commit causes secilc to segfault?
2015-09-09 18:56 ` James Carter
@ 2015-09-09 19:06 ` Steve Lawrence
0 siblings, 0 replies; 3+ messages in thread
From: Steve Lawrence @ 2015-09-09 19:06 UTC (permalink / raw)
To: James Carter, selinux
On 09/09/2015 02:56 PM, James Carter wrote:
> On 09/09/2015 05:38 AM, Dominick Grift wrote:
> disclaimer: although i have thoroughly tested this commit for typo's, i
> cannot completely rule out that this seqfault is caused by a typo.
>
>
>> Not a typo, it is a bug in secilc. Secilc doesn't seem to like having a
>> classpermissionset statement in a tunableif block.
>
Looks like we just aren't initializing things properly in cil_copy.c.
Patch coming shortly.
- Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2015-09-09 19:06 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-09 9:38 secilc: any idea why this commit causes secilc to segfault? Dominick Grift
2015-09-09 18:56 ` James Carter
2015-09-09 19:06 ` Steve Lawrence
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.