From: Stephen Smalley <sds@tycho.nsa.gov>
To: Tim_lee@htc.com, selinux@tycho.nsa.gov,
seandroid-list@tycho.nsa.gov, ivy_lu@htc.com, jon_tsai@htc.com
Subject: Re: [SELinux] We found that there was bug on at /kernel/security/selinux/avc.c:158!
Date: Tue, 01 Apr 2014 09:01:00 -0400 [thread overview]
Message-ID: <533AB88C.3000900@tycho.nsa.gov> (raw)
In-Reply-To: <5ADE3345D51E1E4A932ADBBE125E7CDB0B394F01@TPE-MBX01.HTC.COM.TW>
On 04/01/2014 04:43 AM, Tim_lee@htc.com wrote:
> Hi Stephen,
> Thanks your great support to reply our questions. Check my reply as below:
>
> Previously for a different issue, I suggested that you apply this patch:
> https://android-review.googlesource.com/#/c/79591/
>
> I don't see that in the kernel to which you linked. Have you applied it?
> Tim: We have applied this patch, but the issue device's ROM didn't include this patch.
>
> Now, we have requested new release ROM with this patch then try to repo this issue symptom.
> And from your reply
>
> "I also note that you have out-of-tree modules and proprietary modules listed in your kernel log, so there is certainly potential for memory corruption or lack of proper initialization/handling of
> inode->i_security there."
>
> You mentioned that there is certainly potential for memory corruption or lack of proper initialization/handling of
> inode->i_security there. Did you have any clues from the log to find out the root cause? Thanks your help.
This is just speculation, but you have two out-of-tree filesystem
modules listed in your "Modules linked in:" message in the kernel log:
ecryptfs (O) and texfat(PO). Wondering if those were built with
CONFIG_SECURITY enabled (so that their kernel data structures, e.g.
struct inode, properly include the security field) and if they do
anything that might lead to an inode with an uninitialized or corrupted
security pointer.
prev parent reply other threads:[~2014-04-01 13:01 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-28 9:27 [SELinux] We found that there was bug on at /kernel/security/selinux/avc.c:158! Tim_lee
2014-03-28 13:13 ` Stephen Smalley
2014-04-01 8:43 ` Tim_lee
2014-04-01 13:01 ` Stephen Smalley [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=533AB88C.3000900@tycho.nsa.gov \
--to=sds@tycho.nsa.gov \
--cc=Tim_lee@htc.com \
--cc=ivy_lu@htc.com \
--cc=jon_tsai@htc.com \
--cc=seandroid-list@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.