Re: linux-next: Tree for July 17: early crash on x86-64

Re: linux-next: Tree for July 17: early crash on x86-64

[Rafael J. Wysocki]

On Thursday, 17 of July 2008, Stephen Rothwell wrote:
> Hi all,
> 
> Changes since next-20080716:
> 
> Temporarily dropped tree: ttydev (it gets too many patch failures).
> 
> Changed trees: the security-testing tree was moved later in the merge in
> anticipation of majo merge problems that have been delayed.
> 	The vfs tree changed branch names.
> 
> Most of the differences were conflicts moving from tree to tree as some
> of the trees are now merged into Linus' tree.  Most have been inflicted
> on the driver-core and usb trees.  I have not notified these separately.
> 
> Because of the moving of conflicts around it is difficult to tell when
> they are going away (though I assume some are).
> 
> The driver-core tree gained two build fixes from the scsi tree (since
> that went into Linus' tree).
> 
> The usb tree gained a conflict from the firmware tree (ditto).
> 
> The x86 tree gained an expected conflict against the stackprotector and a
> build failure that required a revert of a commit.
> 
> The pci tree needed another build fix patch.
> 
> The ide tree had more conflicts with its parts that have been merged into
> Linus' tree.
> 
> The acpi had various merge problems - maybe because I am pulling a
> different tree than what was merged into Linus' tree.
> 
> The galak tree gained a conflict against the net tree.
> 
> The ubifs tree also had merge problems because a different version was
> sent to Linus.
> 
> I have also applied the following patches for known problems:
> 
> 	sparc64: sysdev API change fallout
> 
> This tree fails to build for ARCH=sparc (i.e. 32bit) with a 64bit gcc
> v3.4.5 - it tries to use the 64bit header files.  This may be an artifact
> of one of my merge fixups, but I don't actually think so.

This one crashes all of my x86-64 test boxes early during boot.

The Linus' tree is not affected.

Failing configs:
http://www.sisk.pl/kernel/debug/next/20080717/HPC_nx6325-config
http://www.sisk.pl/kernel/debug/next/20080717/M3A32-MVP-config

It's not very likely that I'll be able to bisect this issue before OLS, so most
probably I won't be testing linux-next in the next several days.

Thanks,
Rafael

Re: linux-next: Tree for July 17: early crash on x86-64

[Alexander Beregalov]

2008/7/18 Rafael J. Wysocki <rjw@sisk.pl>:
> This one crashes all of my x86-64 test boxes early during boot.
The same problem with next-20080718.
Unfortunatelly I do not have serial console on that host.

Re: linux-next: Tree for July 17: early crash on x86-64

[Al Viro]

On Fri, Jul 18, 2008 at 05:52:23PM +0400, Alexander Beregalov wrote:
> 2008/7/18 Rafael J. Wysocki <rjw@sisk.pl>:
> > This one crashes all of my x86-64 test boxes early during boot.
> The same problem with next-20080718.
> Unfortunatelly I do not have serial console on that host.

vfs-next/net-next conflict; apply the patch below on top of the merge.

diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index b91a5de..2240a9e 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -44,13 +44,6 @@ static struct ctl_table_root net_sysctl_root = {
 	.lookup = net_ctl_header_lookup,
 };
 
-static LIST_HEAD(net_sysctl_ro_tables);
-static struct list_head *net_ctl_ro_header_lookup(struct ctl_table_root *root,
-		struct nsproxy *namespaces)
-{
-	return &net_sysctl_ro_tables;
-}
-
 static int net_ctl_ro_header_perms(struct ctl_table_root *root,
 		struct nsproxy *namespaces, struct ctl_table *table)
 {
@@ -61,7 +54,6 @@ static int net_ctl_ro_header_perms(struct ctl_table_root *root,
 }
 
 static struct ctl_table_root net_sysctl_ro_root = {
-	.lookup = net_ctl_ro_header_lookup,
 	.permissions = net_ctl_ro_header_perms,
 };
 
@@ -89,6 +81,7 @@ static __init int sysctl_init(void)
 	if (ret)
 		goto out;
 	register_sysctl_root(&net_sysctl_root);
+	setup_sysctl_set(&net_sysctl_ro_root.default_set, NULL, NULL);
 	register_sysctl_root(&net_sysctl_ro_root);
 out:
 	return ret;

Re: linux-next: Tree for July 17: early crash on x86-64

[Rafael J. Wysocki]

On Saturday, 19 of July 2008, Al Viro wrote:
> On Fri, Jul 18, 2008 at 05:52:23PM +0400, Alexander Beregalov wrote:
> > 2008/7/18 Rafael J. Wysocki <rjw-KKrjLPT3xs0@public.gmane.org>:
> > > This one crashes all of my x86-64 test boxes early during boot.
> > The same problem with next-20080718.
> > Unfortunatelly I do not have serial console on that host.
> 
> vfs-next/net-next conflict; apply the patch below on top of the merge.

That helped, thanks.

But next it ran into the BUG_ON() in line 883 of security/selinux/avc.c .
Disabling selinux made the kernel boot, finally.


> diff --git a/net/sysctl_net.c b/net/sysctl_net.c
> index b91a5de..2240a9e 100644
> --- a/net/sysctl_net.c
> +++ b/net/sysctl_net.c
> @@ -44,13 +44,6 @@ static struct ctl_table_root net_sysctl_root = {
>  	.lookup = net_ctl_header_lookup,
>  };
>  
> -static LIST_HEAD(net_sysctl_ro_tables);
> -static struct list_head *net_ctl_ro_header_lookup(struct ctl_table_root *root,
> -		struct nsproxy *namespaces)
> -{
> -	return &net_sysctl_ro_tables;
> -}
> -
>  static int net_ctl_ro_header_perms(struct ctl_table_root *root,
>  		struct nsproxy *namespaces, struct ctl_table *table)
>  {
> @@ -61,7 +54,6 @@ static int net_ctl_ro_header_perms(struct ctl_table_root *root,
>  }
>  
>  static struct ctl_table_root net_sysctl_ro_root = {
> -	.lookup = net_ctl_ro_header_lookup,
>  	.permissions = net_ctl_ro_header_perms,
>  };
>  
> @@ -89,6 +81,7 @@ static __init int sysctl_init(void)
>  	if (ret)
>  		goto out;
>  	register_sysctl_root(&net_sysctl_root);
> +	setup_sysctl_set(&net_sysctl_ro_root.default_set, NULL, NULL);
>  	register_sysctl_root(&net_sysctl_ro_root);
>  out:
>  	return ret;
> 
> 

Re: linux-next: Tree for July 17: early crash on x86-64

[James Morris]

On Sat, 19 Jul 2008, Rafael J. Wysocki wrote:

> > vfs-next/net-next conflict; apply the patch below on top of the merge.
> 
> That helped, thanks.
> 
> But next it ran into the BUG_ON() in line 883 of security/selinux/avc.c .
> Disabling selinux made the kernel boot, finally.

Ugh, that's not supposed to happen.  Where was this in the boot?  Do you 
have a console log?


- James
-- 
James Morris
<jmorris@namei.org>

BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree for July 17: early crash on x86-64)

[Thomas Meyer]

Am Sonntag, den 20.07.2008, 05:54 +1000 schrieb James Morris:
> On Sat, 19 Jul 2008, Rafael J. Wysocki wrote:
> 
> > > vfs-next/net-next conflict; apply the patch below on top of the
> merge.
> > 
> > That helped, thanks.
> > 
> > But next it ran into the BUG_ON() in line 883 of
> security/selinux/avc.c .
> > Disabling selinux made the kernel boot, finally.
> 
> Ugh, that's not supposed to happen.  Where was this in the boot?  Do
> you 
> have a console log?
> 

[    3.845808] ------------[ cut here ]------------
[    3.845858] kernel BUG at security/selinux/avc.c:883!
[    3.845910] invalid opcode: 0000 [#1] SMP 
[    3.846004] last sysfs file: 
[    3.846004] Modules linked in:
[    3.846004] 
[    3.846004] Pid: 1, comm: swapper Not tainted (2.6.26-next-20080718 #17)
[    3.846004] EIP: 0060:[<c04d31cb>] EFLAGS: 00010246 CPU: 0
[    3.846066] EIP is at avc_has_perm_noaudit+0x19/0x359
[    3.846116] EAX: 00000001 EBX: 00000006 ECX: 00000006 EDX: 00000003
[    3.846168] ESI: f7803280 EDI: f781ee28 EBP: f781ee0c ESP: f781edb8
[    3.846220]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[    3.846272] Process swapper (pid: 1, ti=f781e000 task=f7830000 task.ti=f781e000)
[    3.846324] Stack: f781ee0c 0006ee18 00000003 00000001 f781edd4 00100000 f7803280 00000001 
[    3.846608]        00000000 f7410f68 f7410f78 f7825000 f781ee10 c0491bcb f781ee64 f7402088 
[    3.846892]        00000004 019ff37b 00000006 f7803280 f781ee28 f781ee48 c04d3e38 00000000 
[    3.847181] Call Trace:
[    3.847280]  [<c0491bcb>] ? __d_lookup+0x9e/0xda
[    3.847379]  [<c04d3e38>] ? avc_has_perm+0x22/0x43
[    3.847476]  [<c0492269>] ? dput+0x34/0xf7
[    3.847574]  [<c04d52d8>] ? inode_has_perm+0x5b/0x65
[    3.847673]  [<c04d5694>] ? selinux_inode_permission+0xff/0x108
[    3.847771]  [<c04d10ca>] ? security_inode_permission+0x1e/0x20
[    3.847870]  [<c04885f4>] ? permission+0xc9/0xdd
[    3.847968]  [<c048862a>] ? vfs_permission+0x10/0x12
[    3.848070]  [<c0481552>] ? sys_faccessat+0xb7/0x149
[    3.848172]  [<c04bd680>] ? sysfs_create_file+0x20/0x22
[    3.848270]  [<c043445b>] ? flush_cpu_workqueue+0x2a/0x66
[    3.848368]  [<c078ae5b>] ? pci_mmcfg_insert_resources+0xc1/0xe8
[    3.848467]  [<c04815f4>] ? sys_access+0x10/0x12
[    3.848565]  [<c0767421>] ? kernel_init+0x22b/0x24f
[    3.848664]  [<c078d4d9>] ? tcp_congestion_default+0x0/0xf
[    3.848763]  [<c0423a0d>] ? schedule_tail+0x1a/0x49
[    3.848861]  [<c04037f2>] ? ret_from_fork+0x6/0x1c
[    3.848959]  [<c07671f6>] ? kernel_init+0x0/0x24f
[    3.849063]  [<c07671f6>] ? kernel_init+0x0/0x24f
[    3.849161]  [<c04044ef>] ? kernel_thread_helper+0x7/0x10
[    3.849260]  =======================
[    3.849310] Code: c0 b8 e8 6c 7a c0 03 04 95 40 ee 75 c0 ff 40 14 c9 c3 55 89 e5 57 56 53 83 ec 48 83 7d 08 00 89 45 b8 89 55 b4 66 89 4d b2 75 04 <0f> 0b eb fe 64 8b 15 04 50 7a c0 b8 e8 6c 7a c0 0f b7 4d b2 03 
[    3.850916] EIP: [<c04d31cb>] avc_has_perm_noaudit+0x19/0x359 SS:ESP 0068:f781edb8
[    3.851057] ---[ end trace 357a5e75e9b6bc6a ]---
[    3.851106] Kernel panic - not syncing: Attempted to kill init!
[    3.851159] Pid: 1, comm: swapper Tainted: G      D   2.6.26-next-20080718 #17
[    3.851237]  [<c063b0bd>] ? printk+0xf/0x12
[    3.851336]  [<c063b007>] panic+0x39/0xe0
[    3.851410]  [<c0429588>] do_exit+0x5b/0x6d1
[    3.851486]  [<c040436c>] ? apic_timer_interrupt+0x28/0x30
[    3.851585]  [<c063b0bd>] ? printk+0xf/0x12
[    3.851682]  [<c042688d>] ? oops_exit+0x23/0x28
[    3.851786]  [<c0404c1d>] die+0x12b/0x133
[    3.851859]  [<c063dad2>] do_trap+0x8a/0xa3
[    3.851934]  [<c0404fc5>] ? do_invalid_op+0x0/0x76
[    3.852039]  [<c0405031>] do_invalid_op+0x6c/0x76
[    3.852114]  [<c04d31cb>] ? avc_has_perm_noaudit+0x19/0x359
[    3.852212]  [<c0439c2c>] ? hrtimer_start+0x126/0x140
[    3.852312]  [<c063d41a>] error_code+0x72/0x78
[    3.852387]  [<c04d31cb>] ? avc_has_perm_noaudit+0x19/0x359
[    3.852486]  [<c0491bcb>] ? __d_lookup+0x9e/0xda
[    3.852584]  [<c04d3e38>] avc_has_perm+0x22/0x43
[    3.852659]  [<c0492269>] ? dput+0x34/0xf7
[    3.852757]  [<c04d52d8>] inode_has_perm+0x5b/0x65
[    3.852836]  [<c04d5694>] selinux_inode_permission+0xff/0x108
[    3.852912]  [<c04d10ca>] security_inode_permission+0x1e/0x20
[    3.852989]  [<c04885f4>] permission+0xc9/0xdd
[    3.853070]  [<c048862a>] vfs_permission+0x10/0x12
[    3.853149]  [<c0481552>] sys_faccessat+0xb7/0x149
[    3.853227]  [<c04bd680>] ? sysfs_create_file+0x20/0x22
[    3.853328]  [<c043445b>] ? flush_cpu_workqueue+0x2a/0x66
[    3.853431]  [<c078ae5b>] ? pci_mmcfg_insert_resources+0xc1/0xe8
[    3.853532]  [<c04815f4>] sys_access+0x10/0x12
[    3.853609]  [<c0767421>] kernel_init+0x22b/0x24f
[    3.853688]  [<c078d4d9>] ? tcp_congestion_default+0x0/0xf
[    3.853797]  [<c0423a0d>] ? schedule_tail+0x1a/0x49
[    3.853896]  [<c04037f2>] ? ret_from_fork+0x6/0x1c
[    3.853996]  [<c07671f6>] ? kernel_init+0x0/0x24f
[    3.854099]  [<c07671f6>] ? kernel_init+0x0/0x24f
[    3.854198]  [<c04044ef>] kernel_thread_helper+0x7/0x10
[    3.854276]  =======================

Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree for July 17: early crash on x86-64)

[Al Viro]

On Sun, Jul 20, 2008 at 11:42:53AM +0200, Thomas Meyer wrote:
> Am Sonntag, den 20.07.2008, 05:54 +1000 schrieb James Morris:
> > On Sat, 19 Jul 2008, Rafael J. Wysocki wrote:
> > 
> > > > vfs-next/net-next conflict; apply the patch below on top of the
> > merge.
> > > 
> > > That helped, thanks.
> > > 
> > > But next it ran into the BUG_ON() in line 883 of
> > security/selinux/avc.c .
> > > Disabling selinux made the kernel boot, finally.
> > 
> > Ugh, that's not supposed to happen.  Where was this in the boot?  Do
> > you 
> > have a console log?

Argh...  Fallout from ->permission() patch series.  I've folded that into
rebase (along with Randy's compile fixes and missing bit in capability.c
in ->inode_permission() patch; AFAICS takes care of all mismerges as well).
In the meanwhile, see the patch below on top of next-20080718:

diff --git a/fs/namei.c b/fs/namei.c
index a15c155..c0a64e2 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -286,7 +286,8 @@ int permission(struct inode *inode, int mask, struct nameidata *nd)
 	if (retval)
 		return retval;
 
-	return security_inode_permission(inode, mask);
+	return security_inode_permission(inode,
+					mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
 }
 
 /**

Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree for July 17: early crash on x86-64)

[Stephen Smalley]

On Sun, 2008-07-20 at 13:15 +0100, Al Viro wrote:
> On Sun, Jul 20, 2008 at 11:42:53AM +0200, Thomas Meyer wrote:
> > Am Sonntag, den 20.07.2008, 05:54 +1000 schrieb James Morris:
> > > On Sat, 19 Jul 2008, Rafael J. Wysocki wrote:
> > > 
> > > > > vfs-next/net-next conflict; apply the patch below on top of the
> > > merge.
> > > > 
> > > > That helped, thanks.
> > > > 
> > > > But next it ran into the BUG_ON() in line 883 of
> > > security/selinux/avc.c .
> > > > Disabling selinux made the kernel boot, finally.
> > > 
> > > Ugh, that's not supposed to happen.  Where was this in the boot?  Do
> > > you 
> > > have a console log?
> 
> Argh...  Fallout from ->permission() patch series.  I've folded that into
> rebase (along with Randy's compile fixes and missing bit in capability.c
> in ->inode_permission() patch; AFAICS takes care of all mismerges as well).
> In the meanwhile, see the patch below on top of next-20080718:
> 
> diff --git a/fs/namei.c b/fs/namei.c
> index a15c155..c0a64e2 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -286,7 +286,8 @@ int permission(struct inode *inode, int mask, struct nameidata *nd)
>  	if (retval)
>  		return retval;
>  
> -	return security_inode_permission(inode, mask);
> +	return security_inode_permission(inode,
> +					mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
>  }
>  
>  /**

SELinux needs MAY_APPEND to be passed down to the security hook.
Otherwise, we get permission denials when only append permission is
granted by policy even if the opening process specified O_APPEND.
Shows up as a regression in the ltp selinux testsuite, fixed by
this patch.

Signed-off-by:  Stephen Smalley <sds@tycho.nsa.gov>

---

 fs/namei.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index a7b0a0b..b91e973 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -274,7 +274,7 @@ int inode_permission(struct inode *inode, int mask)
 		return retval;
 
 	return security_inode_permission(inode,
-			mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
+			mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
 }
 
 /**


-- 
Stephen Smalley
National Security Agency

Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree for July 17: early crash on x86-64)

[James Morris]

On Mon, 28 Jul 2008, Stephen Smalley wrote:

> SELinux needs MAY_APPEND to be passed down to the security hook.
> Otherwise, we get permission denials when only append permission is
> granted by policy even if the opening process specified O_APPEND.
> Shows up as a regression in the ltp selinux testsuite, fixed by
> this patch.
> 
> Signed-off-by:  Stephen Smalley <sds-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>

Applied to  
git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#hotfixes


Al, holler if you want to push this through your tree.


---

 fs/namei.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/namei.c b/fs/namei.c
index a7b0a0b..b91e973 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -274,7 +274,7 @@ int inode_permission(struct inode *inode, int mask)
                return retval;
 
        return security_inode_permission(inode,
-                       mask & (MAY_READ|MAY_WRITE|MAY_EXEC));
+                       mask & (MAY_READ|MAY_WRITE|MAY_EXEC|MAY_APPEND));
 }
 
 /**



- James
-- 
James Morris
<jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>

Re: BUG at security/selinux/avc.c:883 (was: Re: linux-next: Tree for July 17: early crash on x86-64)

[Al Viro]

On Tue, Jul 29, 2008 at 07:38:17AM +1000, James Morris wrote:
> On Mon, 28 Jul 2008, Stephen Smalley wrote:
> 
> > SELinux needs MAY_APPEND to be passed down to the security hook.
> > Otherwise, we get permission denials when only append permission is
> > granted by policy even if the opening process specified O_APPEND.
> > Shows up as a regression in the ltp selinux testsuite, fixed by
> > this patch.
> > 
> > Signed-off-by:  Stephen Smalley <sds-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>
> 
> Applied to  
> git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6#hotfixes
> 
> 
> Al, holler if you want to push this through your tree.

Applied, will push along with other patches tonight...