AppArmor changehat regression in 3.13.0-2.17-generic
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
John Johansen | ||
Trusty |
Fix Released
|
High
|
John Johansen |
Bug Description
Running the changehat_misc.sh AppArmor regression test results in a kernel paging request bug.
$ apt-get source apparmor
$ cd apparmor-
$ make all
$ sudo VERBOSE=1 bash changehat_misc.sh
ok: NO CHANGEHAT (access parent file)
ok: NO CHANGEHAT (access sub file)
ok: CHANGEHAT (access parent file)
ok: CHANGEHAT (access sub file)
ok: FORK BETWEEN CHANGEHATS (access parent file)
ok: FORK BETWEEN CHANGEHATS (access sub file)
ok: CHANGEHAT (subprofile-
*** A 'Killed' message from bash is expected for the following test
/home/tyhicks/
ok: CHANGEHAT (subprofile-
ok: CHANGEHAT (bad subprofile)
*** A 'Killed' message from bash is expected for the following test
Error: changehat_fail failed. Test 'CHANGEHAT (bad token)' was expected to 'signal9'. Reason for failure 'FAIL: changehat sub failed - Permission denied'
ok: CHANGEHAT (noexit subprofile (token=0))
ok: CHANGEHAT (exit noexit subprofile (token=0))
ok: CHANGEHAT (subprofile/write to /proc/attr/current)
ok: CHANGEHAT (exit subprofile/write to /proc/attr/current)
ok: CHANGEHAT (noexit subprofile/write 0 to /proc/attr/current)
ok: CHANGEHAT (noexit subprofile/write 00000000 to /proc/attr/current)
ok: CHANGEHAT (noexit subprofile/write "" to /proc/attr/current)
ok: CHANGEHAT (exit of noexit subprofile/write 0 to /proc/attr/current)
ok: CHANGEHAT (exit of noexit subprofile/write 00000000 to /proc/attr/current)
ok: CHANGEHAT (exit of noexit subprofile/write "" to /proc/attr/current)
ok: CHANGEHAT PTHREAD (access parent file)
ok: CHANGEHAT PTHREAD (access sub file)
The "CHANGEHAT (bad token)" test is the sub-test that triggers the issue. In the output pasted above, the test fails. I've seen the test pass and I've also seen it make my testing VM unresponsive. In this instance, the following output was printed to kern.log:
BUG: unable to handle kernel paging request at 0000002fbead7d08
IP: [<ffffffff8170c
PGD 3abf3067 PUD 0
Oops: 0002 [#1] SMP
Modules linked in: parport_pc ppdev rfcomm bnep bluetooth kvm_intel kvm microcode vmwgfx psmouse serio_raw ttm i2c_piix4 pvpanic drm mac_hid lp parport floppy
CPU: 0 PID: 5394 Comm: changehat_twice Not tainted 3.13.0-2-generic #17-Ubuntu
Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
task: ffff880029693000 ti: ffff88002e2ae000 task.ti: ffff88002e2ae000
RIP: 0010:[<
RSP: 0018:ffff88002e
RAX: 0000000000020000 RBX: 0000002fbead7500 RCX: 0000000000000000
RDX: 0000000000000292 RSI: ffff88002e2afba8 RDI: 0000002fbead7d08
RBP: ffff88002e2afb68 R08: 0000000000000246 R09: ffffffff815f8f57
R10: ffffea0000b892c0 R11: ffff88002e2afa0e R12: ffffffff8130961f
R13: ffff88002e2afba8 R14: 0000002fbead7d08 R15: ffff880031672c30
FS: 00007f959607b74
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000002fbead7d08 CR3: 00000000305cd000 CR4: 00000000000006f0
Stack:
ffff88002e2afb98 ffffffff81075ee7 ffffffff8130961f 0000000000000009
0000000000000000 0000000000000000 ffff88002e2afbd0 ffffffff81075f4c
0000000000000292 ffff88002e2afc08 ffff880031672c00 0000000000000026
Call Trace:
[<ffffffff8107
[<ffffffff8130
[<ffffffff8107
[<ffffffff8107
[<ffffffff8130
[<ffffffff8130
[<ffffffff8130
[<ffffffff8130
[<ffffffff8130
[<ffffffff8130
[<ffffffff812c
[<ffffffff8121
[<ffffffff811b
[<ffffffff811b
[<ffffffff8171
Code: 66 83 07 02 f6 47 02 01 74 e5 0f 1f 00 e8 44 13 ff ff eb db 66 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 b8 00 00 02 00 <3e> 0f c1 07 89 c2 c1 ea 10 66 39 c2 75 02 5d c3 83 e2 fe 0f b7
RIP [<ffffffff8170c
RSP <ffff88002e2afb68>
CR2: 0000002fbead7d08
---[ end trace 1858591fdb0528f3 ]---
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-
ProcVersionSign
Uname: Linux 3.13.0-2-generic x86_64
ApportVersion: 2.13.1-0ubuntu1
Architecture: amd64
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Mon Jan 13 12:42:22 2014
HibernationDevice: RESUME=
InstallationDate: Installed on 2013-10-23 (82 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20131021.1)
IwConfig:
eth0 no wireless extensions.
lo no wireless extensions.
Lsusb: Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
MachineType: Bochs Bochs
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=
PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No PulseAudio daemon running, or not running as session daemon.
RelatedPackageV
linux-
linux-
linux-firmware 1.121
RfKill:
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 01/01/2011
dmi.bios.vendor: Bochs
dmi.bios.version: Bochs
dmi.chassis.type: 1
dmi.chassis.vendor: Bochs
dmi.modalias: dmi:bvnBochs:
dmi.product.name: Bochs
dmi.sys.vendor: Bochs
This bug was fixed in the package linux - 3.13.0-7.26
---------------
linux (3.13.0-7.26) trusty; urgency=low
[ John Johansen ]
* SAUCE: apparmor: fix uninitialized lsm_audit membe
- LP: #1268727
* Add config option to optionally enable new apparmor 3 semantics
[ Tim Gardner ]
* [Config] Add lowlatency to getabis SECURITY_ APPARMOR_ AA3_SEMANTICS= y
* [Config] CONFIG_
- LP: #1270215
* Release Tracking Bug
- LP: #1276810
[ Upstream Kernel Changes ]
* x86, x32: Correct invalid use of user timespec in the kernel
- LP: #1274349
- CVE-2014-0038
-- Tim Gardner <email address hidden> Wed, 05 Feb 2014 15:49:44 -0500