From: Stephen Smalley <sds@tycho.nsa.gov>
To: Tim_lee@htc.com, selinux@tycho.nsa.gov,
seandroid-list@tycho.nsa.gov, ivy_lu@htc.com, jon_tsai@htc.com
Cc: nnk@google.com
Subject: Re: [SELinux] We found that there was bug on at /kernel/security/selinux/avc.c:158!
Date: Fri, 28 Mar 2014 09:13:49 -0400 [thread overview]
Message-ID: <5335758D.6020900@tycho.nsa.gov> (raw)
In-Reply-To: <5ADE3345D51E1E4A932ADBBE125E7CDB0B390A15@TPE-MBX01.HTC.COM.TW>
On 03/28/2014 05:27 AM, Tim_lee@htc.com wrote:
> Hello guys,
>
>
>
> I’m Tim Lee from HTC who have mailed to you guys before about SELinux
> problem.
>
> Now, we found that there was bug on at /kernel/security/selinux/avc.c:158!
>
> Could you please help us to check why SELinux will got this kind of
> error then trigger bug on? Thanks.
Note the "SELinux: Invalid class 119" message just prior to the BUG.
The BUG is when there is an out-of-range class value passed to the AVC.
Given the call chain, this suggests you have an inode whose i_security
pointer is referencing memory containing garbage values.
Previously for a different issue, I suggested that you apply this patch:
https://android-review.googlesource.com/#/c/79591/
I don't see that in the kernel to which you linked. Have you applied it?
I also note that you have out-of-tree modules and proprietary modules
listed in your kernel log, so there is certainly potential for memory
corruption or lack of proper initialization/handling of
inode->i_security there.
You don't need to post to both lists; just pick the most relevant one.
next prev parent reply other threads:[~2014-03-28 13:13 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-28 9:27 [SELinux] We found that there was bug on at /kernel/security/selinux/avc.c:158! Tim_lee
2014-03-28 13:13 ` Stephen Smalley [this message]
2014-04-01 8:43 ` Tim_lee
2014-04-01 13:01 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5335758D.6020900@tycho.nsa.gov \
--to=sds@tycho.nsa.gov \
--cc=Tim_lee@htc.com \
--cc=ivy_lu@htc.com \
--cc=jon_tsai@htc.com \
--cc=nnk@google.com \
--cc=seandroid-list@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.