[Fedora8] SElinux bug

Daniel J Walsh dwalsh at redhat.com
Thu Jun 12 15:02:42 UTC 2008 

hicham wrote:
> Hello
> I had this morning a "freeze", where I could not shutdown X server or
> the laptop properly, looking at /var/log/messages:
> I found what I suspect a selinux bug :
> 
> Jun 12 12:19:00 laptop kernel: SELinux:  out of range capability -555425744
> Jun 12 12:19:00 laptop kernel: ------------[ cut here ]------------
> Jun 12 12:19:00 laptop kernel: kernel BUG at security/selinux/hooks.c:1332!
> Jun 12 12:19:00 laptop kernel: invalid opcode: 0000 [#1] SMP
> Jun 12 12:19:00 laptop kernel: Modules linked in: iptable_nat xt_limit
> xt_tcpudp iptable_mangle ipt_LOG ipt_MASQUERADE nf_nat xt_DSCP
> ipt_REJE
> CT nf_conntrack_irc nf_conntrack_ftp nf_conntrack_ipv4 xt_state
> nf_conntrack iptable_filter ip_tables x_tables pppoatm pppoe pppox
> ppp_synctty
>  ppp_async ppp_generic slhc appletalk ipx p8023 ipv6 cpufreq_ondemand
> acpi_cpufreq vfat fat dm_mirror dm_multipath dm_mod parport_pc
> smsc_ircc
> 2 parport irda crc_ccitt pcspkr floppy serio_raw snd_intel8x0
> snd_seq_dummy snd_seq_oss video snd_seq_midi_event snd_seq output
> snd_seq_device
>  snd_intel8x0m fglrx(P)(U) snd_ac97_codec snd_pcm_oss ac97_bus tg3
> snd_mixer_oss snd_pcm wmi snd_timer battery snd ac soundcore
> snd_page_alloc
>  button iTCO_wdt i2c_i801 i2c_core iTCO_vendor_support joydev speedtch
> usbatm sr_mod cdrom atm sg pata_acpi ata_generic ata_piix libata
> sd_mod
>  scsi_mod ext3 jbd mbcache uhci_hcd ohci_hcd ehci_hcd [last unloaded: microcode]
> Jun 12 12:19:00 laptop kernel:
> Jun 12 12:19:00 laptop kernel: Pid: 2036, comm: X Tainted: P
> (2.6.25.4-10.fc8 #1)
> Jun 12 12:19:00 laptop kernel: EIP: 0060:[<c04cd270>] EFLAGS: 00213246 CPU: 0
> Jun 12 12:19:00 laptop kernel: EIP is at task_has_capability+0x46/0x79
> Jun 12 12:19:00 laptop kernel: EAX: 00000030 EBX: dee4e030 ECX:
> c07195e4 EDX: 00000000
> Jun 12 12:19:00 laptop kernel: ESI: df191740 EDI: df18deb0 EBP:
> df18debc ESP: df18de6c
> Jun 12 12:19:00 laptop kernel:  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
> Jun 12 12:19:00 laptop kernel: Process X (pid: 2036, ti=df18d000
> task=df160000 task.ti=df18d000)
> Jun 12 12:19:00 laptop kernel: Stack: c06d7792 dee4e030 df160000
> 00000003 df160000 dee4e030 00000000 00000000
> Jun 12 12:19:00 laptop kernel:        00000000 00000000 00000000
> 00000000 00000000 00000000 00000000 00000000
> Jun 12 12:19:00 laptop kernel:        00000000 dee4e030 df160000
> df148000 df18decc c04cd2c2 df160000 e0d000c0
> Jun 12 12:19:00 laptop kernel: Call Trace:
> Jun 12 12:19:00 laptop kernel:  [<c04cd2c2>] ? selinux_capable+0x1f/0x23
> Jun 12 12:19:00 laptop kernel:  [<c04c9685>] ? security_capable+0xc/0xe
> Jun 12 12:19:00 laptop kernel:  [<c042c9ff>] ? __capable+0xb/0x1f
> Jun 12 12:19:00 laptop kernel:  [<e0bf5050>] ?
> firegl_cmmqs_CWDDE32+0x0/0x110 [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c042ca23>] ? capable+0x10/0x12
> Jun 12 12:19:00 laptop kernel:  [<e0bda477>] ? firegl_ioctl+0xe7/0x220 [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c0439d7f>] ? ktime_get_ts+0x45/0x49
> Jun 12 12:19:00 laptop kernel:  [<c0439d96>] ? ktime_get+0x13/0x2f
> Jun 12 12:19:00 laptop kernel:  [<e0bcfc66>] ? ip_firegl_ioctl+0xe/0x10 [fglrx]
> Jun 12 12:19:00 laptop kernel:  [<c048acfa>] ? vfs_ioctl+0x4e/0x67
> Jun 12 12:19:00 laptop kernel:  [<c048af75>] ? do_vfs_ioctl+0x262/0x279
> Jun 12 12:19:00 laptop kernel:  [<c04d016e>] ? selinux_file_ioctl+0xa8/0xab
> Jun 12 12:19:00 laptop kernel:  [<c048afcc>] ? sys_ioctl+0x40/0x5c
> Jun 12 12:19:00 laptop kernel:  [<c0405b7a>] ? syscall_call+0x7/0xb
> Jun 12 12:19:00 laptop kernel:  =======================
> Jun 12 12:19:00 laptop kernel: Code: 05 00 00 89 d0 f3 ab 8b 4d b8 89
> d8 b2 04 c1 f8 05 c6 45 bc 03 89 5d c4 89 4d c0 74 19 48 74 11 53 68
> 92 77 6d c0 e8 fd 9e f5 ff <0f> 0b 58 5a eb fe ba 45 00 00 00 8b 46 08
> 83 e3 1f 0f b7 f2 8d
> Jun 12 12:19:00 laptop kernel: EIP: [<c04cd270>]
> task_has_capability+0x46/0x79 SS:ESP 0068:df18de6c
> Jun 12 12:19:00 laptop kernel: ---[ end trace fd35f97fc34637fa ]---
> Jun 12 12:19:00 laptop kernel: [fglrx:firegl_release] *ERROR* device busy: 1 0
> Jun 12 12:19:00 laptop kernel: [fglrx] release failed with code -EBUSY
> 
Please open a bugzilla

More information about the fedora-list mailing list