[redhat-lspp] lspp 18 kernel released
Serge E. Hallyn
serue at us.ibm.com
Fri Apr 21 02:38:27 UTC 2006
Quoting George C. Wilson (ltcgcw at us.ibm.com):
> On Thu, Apr 20, 2006 at 01:46:40PM -0400, Daniel J Walsh wrote:
> > Steve Grubb wrote:
> > >Hi,
> > >
> > >The lspp.18 kernel has been published to the lspp yum repo at:
> > >http://people.redhat.com/sgrubb/files/lspp
> > >
> > >The changes are:
> > >
> > >- kernel is 2.6.17-rc2
> > >- added execve patch to gather all arguments to execve syscalls.
> > >
> > >Please let me know if there are any problems with this kernel.
> > >
> > >-Steve
> > >
> > >--
> > >redhat-lspp mailing list
> > >redhat-lspp at redhat.com
> > >https://www.redhat.com/mailman/listinfo/redhat-lspp
> > >
> > Crashes on boot.
> >
> > Dan
> >
>
> It seems to be working OK on ppc64. I think I'm hitting the netlink problem,
> though. I added never rules for each syscall (no watches), did auditctl -l
> (which worked), and auditctl -D. auditctl -D hangs. The kernel still seems
> to be alive--I can Ctrl-o (like Alt-SysRq) u and b to remount r/o and reboot.
> But auditctl -l hangs, as do trusted programs, such as login. So I can't log
> back in if I log out of all existing sessions.
>
> Al had asked me to try -mm. Same thing seems to be happening on 2.6.17-rc1-mm3.
Well I doubt you ran out of memory so quickly, but the first problem I
see is that while audit_krule_to_data can return -ENOMEM,
audit_list and audit_list_rules only check for a NULL return.
Another problem is
security/selinux/ss/services.c:security_sid_to_context doing strcpy into
a kmalloc'd buffer without checking kmalloc return value. GFP_MALLOC no
less.
Don't see any obvious deadlocks yet, though much more to check. And
hopefully a postmortem on your victim will be informative.
(I'm looking between viro-audit.b7 and 2.6.17-rc1-mm3. Hope those are
the right sources!)
-serge
More information about the redhat-lspp
mailing list