[apparmor] crash in security_bprm_set_creds

Casey Schaufler casey at schaufler-ca.com
Mon Jul 22 14:56:31 UTC 2013 

On 7/22/2013 7:43 AM, Alex Lyakas wrote:
> Greetings all,

Adding AppArmor people to the list.

> we had a kernel crash, and looking at stacks there are two
> security_bprm_set_creds() calls failing:
>
> [118937.245466] udevd           D 0000000000000000     0 20811  20670
> 0x00000000
> [118937.245468]  ffff88009cff76a8 0000000000000086 ffff88009cff7728
> ffffffff811352ff
> [118937.245469]  ffff88009cff7fd8 ffff88009cff7fd8 ffff88009cff7fd8
> 0000000000013f40
> [118937.245471]  ffff880119ad2e80 ffff880115429740 0000000000000000
> ffff880118209a48
> [118937.245471] Call Trace:
> ...
> [118937.245506]  [<ffffffff81059a39>] oops_exit+0x29/0x30
> [118937.245508]  [<ffffffff816ee8b3>] oops_end+0x83/0xf0
> [118937.245512]  [<ffffffff816d49f4>] no_context+0x1ab/0x1ba
> [118937.245514]  [<ffffffff816d4bd6>] __bad_area_nosemaphore+0x1d3/0x1f2
> [118937.245517]  [<ffffffff8113d5e5>] ? prep_new_page+0x145/0x1e0
> [118937.245519]  [<ffffffff816d4c4f>] bad_area+0x45/0x4d
> [118937.245521]  [<ffffffff816f1938>] __do_page_fault+0x558/0x560
> [118937.245524]  [<ffffffff8127cfd0>] ? ext4_xattr_get+0x60/0xa0
> [118937.245527]  [<ffffffff812821fa>] ? ext4_xattr_security_get+0x2a/0x30
> [118937.245529]  [<ffffffff811be813>] ? generic_getxattr+0x53/0x80
> [118937.245531]  [<ffffffff816f194e>] do_page_fault+0xe/0x10
> [118937.245532]  [<ffffffff816f1025>] do_async_page_fault+0x35/0x90
> [118937.245534]  [<ffffffff816edd48>] async_page_fault+0x28/0x30
> [118937.245537]  [<ffffffff8130e013>] ?
> apparmor_bprm_set_creds+0xb3/0x780
> [118937.245539]  [<ffffffff8130dfd7>] ?
> apparmor_bprm_set_creds+0x77/0x780
> [118937.245541]  [<ffffffff8116452f>] ? vma_link+0xcf/0xe0
> [118937.245545]  [<ffffffff812d8b73>] security_bprm_set_creds+0x13/0x20
> [118937.245547]  [<ffffffff811a0c78>] prepare_binprm+0xb8/0x1e0
> [118937.245549]  [<ffffffff811a2992>]
> do_execve_common.isra.22+0x232/0x330
> [118937.245551]  [<ffffffff811a2aa8>] do_execve+0x18/0x20
> [118937.245553]  [<ffffffff811a2d4d>] sys_execve+0x3d/0x60
> [118937.245555]  [<ffffffff816f6809>] stub_execve+0x69/0xc0
>
> [118937.245558] IPaddr2         D 0000000000000000     0 20818  20813
> 0x00000000
> [118937.245559]  ffff8800b4121768 0000000000000086 ffff8800b41217e8
> ffffffff811352ff
> [118937.245561]  ffff8800b4121fd8 ffff8800b4121fd8 ffff8800b4121fd8
> 0000000000013f40
> [118937.245562]  ffff880115429740 ffff880079c20000 0000000000000000
> ffff880118209a48
> [118937.245563] Call Trace:
> ...
> [118937.245596]  [<ffffffff81059a39>] oops_exit+0x29/0x30
> [118937.245598]  [<ffffffff816ee8b3>] oops_end+0x83/0xf0
> [118937.245600]  [<ffffffff81017d28>] die+0x58/0x90
> [118937.245602]  [<ffffffff816ee1db>] do_trap+0xcb/0x170
> [118937.245604]  [<ffffffff810153e5>] do_invalid_op+0x95/0xb0
> [118937.245606]  [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
> [118937.245608]  [<ffffffff8105a8bc>] ? console_trylock+0x1c/0x70
> [118937.245611]  [<ffffffff8105a9ae>] ?
> console_trylock_for_printk+0x9e/0xb0
> [118937.245613]  [<ffffffff816f751e>] invalid_op+0x1e/0x30
> [118937.245615]  [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
> [118937.245616]  [<ffffffff8130f481>] ? free_profile+0x1d1/0x1e0
> [118937.245618]  [<ffffffff8130f4a2>] aa_free_profile_kref+0x12/0x20
> [118937.245620]  [<ffffffff8130e203>] apparmor_bprm_set_creds+0x2a3/0x780
> [118937.245622]  [<ffffffff8116452f>] ? vma_link+0xcf/0xe0
> [118937.245624]  [<ffffffff812d8b73>] security_bprm_set_creds+0x13/0x20
> [118937.245625]  [<ffffffff811a0c78>] prepare_binprm+0xb8/0x1e0
> [118937.245627]  [<ffffffff811a2992>]
> do_execve_common.isra.22+0x232/0x330
> [118937.245629]  [<ffffffff811a2aa8>] do_execve+0x18/0x20
> [118937.245631]  [<ffffffff811a2d4d>] sys_execve+0x3d/0x60
> [118937.245633]  [<ffffffff816f6809>] stub_execve+0x69/0xc0
>
> Kernel is 3.8.13.
> Can anybody advise whether this is some known issue, or how to debug
> it further?
>
> Thanks,
> Alex.
>
>
>
> -- 
> To unsubscribe from this list: send the line "unsubscribe
> linux-security-module" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

More information about the AppArmor mailing list