AppArmor spams kernel log with assert when auditing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Mantic |
Fix Committed
|
Undecided
|
John Johansen |
Bug Description
A reply to a prompt request that denies all permissions requested will throw the following warning, because the auditing code does not expect the request field to be empty when generating the audit message.
Sep 27 22:48:14 ubuntu-mantic snapd[596]: listener.go:189: Sending access response back to kernel: {MsgNotificatio
Sep 27 22:48:14 ubuntu-mantic kernel: ------------[ cut here ]------------
Sep 27 22:48:14 ubuntu-mantic kernel: AppArmor WARN aa_audit_file: ((!ad.request)):
Sep 27 22:48:14 ubuntu-mantic kernel: WARNING: CPU: 3 PID: 2082 at security/
Sep 27 22:48:14 ubuntu-mantic kernel: Modules linked in: snd_seq_dummy snd_hrtimer snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device snd_timer snd soundcore binfmt_misc nls_iso8859_1 kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic ghash_clmulni_intel sha512_ssse3 aesni_intel virtio_gpu crypto_simd cryptd virtio_dma_buf drm_shmem_helper 9pnet_virtio drm_kms_helper 9pnet vmw_vsock_
Sep 27 22:48:14 ubuntu-mantic kernel: CPU: 3 PID: 2082 Comm: bash Not tainted 6.5.0-5-generic #5+aa4.
Sep 27 22:48:14 ubuntu-mantic kernel: Hardware name: QEMU Standard PC (Q35 + ICH9, 2009)/LXD, BIOS unknown 2/2/2022
Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0010:aa_
Sep 27 22:48:14 ubuntu-mantic kernel: Code: 3c ff ff ff e8 80 6f a8 ff 44 8b 95 3c ff ff ff 5a 59 e9 e3 fe ff ff 48 c7 c6 98 5c 08 84 48 c7 c7 90 1a 60 84 e8 9f da 9d ff <0f> 0b 8b 85 78 ff ff ff e9 05 ff ff ff 48 89 de 4c 89 f7 e8 b7 f5
Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 0018:ffffb66a82
Sep 27 22:48:14 ubuntu-mantic kernel: RAX: 0000000000000000 RBX: ffffb66a82b57b24 RCX: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: RBP: ffffb66a82b57a30 R08: 0000000000000000 R09: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: R13: ffff8b160239d800 R14: ffffb66a82b57970 R15: 0000000000000001
Sep 27 22:48:14 ubuntu-mantic kernel: FS: 00007f1f7d3b338
Sep 27 22:48:14 ubuntu-mantic kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Sep 27 22:48:14 ubuntu-mantic kernel: CR2: 000055d4482063f0 CR3: 0000000137e64000 CR4: 0000000000750ee0
Sep 27 22:48:14 ubuntu-mantic kernel: PKRU: 55555554
Sep 27 22:48:14 ubuntu-mantic kernel: Call Trace:
Sep 27 22:48:14 ubuntu-mantic kernel: <TASK>
Sep 27 22:48:14 ubuntu-mantic kernel: ? show_regs+0x6d/0x80
Sep 27 22:48:14 ubuntu-mantic kernel: ? __warn+0x89/0x160
Sep 27 22:48:14 ubuntu-mantic kernel: ? aa_audit_
Sep 27 22:48:14 ubuntu-mantic kernel: ? report_
Sep 27 22:48:14 ubuntu-mantic kernel: ? handle_
Sep 27 22:48:14 ubuntu-mantic kernel: ? exc_invalid_
Sep 27 22:48:14 ubuntu-mantic kernel: ? asm_exc_
Sep 27 22:48:14 ubuntu-mantic kernel: ? aa_audit_
Sep 27 22:48:14 ubuntu-mantic kernel: ? aa_audit_
Sep 27 22:48:14 ubuntu-mantic kernel: __aa_path_
Sep 27 22:48:14 ubuntu-mantic kernel: aa_path_
Sep 27 22:48:14 ubuntu-mantic kernel: apparmor_
Sep 27 22:48:14 ubuntu-mantic kernel: security_
Sep 27 22:48:14 ubuntu-mantic kernel: do_dentry_
Sep 27 22:48:14 ubuntu-mantic kernel: vfs_open+0x33/0x50
Sep 27 22:48:14 ubuntu-mantic kernel: do_open+0x2ed/0x470
Sep 27 22:48:14 ubuntu-mantic kernel: ? path_init+
Sep 27 22:48:14 ubuntu-mantic kernel: path_openat+
Sep 27 22:48:14 ubuntu-mantic kernel: ? _raw_spin_
Sep 27 22:48:14 ubuntu-mantic kernel: do_filp_
Sep 27 22:48:14 ubuntu-mantic kernel: do_sys_
Sep 27 22:48:14 ubuntu-mantic kernel: __x64_sys_
Sep 27 22:48:14 ubuntu-mantic kernel: do_syscall_
Sep 27 22:48:14 ubuntu-mantic kernel: ? handle_
Sep 27 22:48:14 ubuntu-mantic kernel: ? do_user_
Sep 27 22:48:14 ubuntu-mantic kernel: ? exit_to_
Sep 27 22:48:14 ubuntu-mantic kernel: ? irqentry_
Sep 27 22:48:14 ubuntu-mantic kernel: ? irqentry_
Sep 27 22:48:14 ubuntu-mantic kernel: ? exc_page_
Sep 27 22:48:14 ubuntu-mantic kernel: entry_SYSCALL_
Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0033:0x7f1f7d4cdbcc
Sep 27 22:48:14 ubuntu-mantic kernel: Code: 24 18 31 c0 41 83 e2 40 75 44 89 f0 25 00 00 41 00 3d 00 00 41 00 74 36 44 89 c2 4c 89 ce bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 48 8b 54 24 18 64 48 2b 14 25 28 00 00 00
Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 002b:00007fff2a
Sep 27 22:48:14 ubuntu-mantic kernel: RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f1f7d4cdbcc
Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000090800 RSI: 000055b5d4043c40 RDI: 00000000ffffff9c
Sep 27 22:48:14 ubuntu-mantic kernel: RBP: 000055b5d4043c40 R08: 0000000000090800 R09: 000055b5d4043c40
Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 0000000000000287 R12: 000055b5d4043c20
Sep 27 22:48:14 ubuntu-mantic kernel: R13: 000055b5d34637f8 R14: 000055b5d4043c00 R15: 000055b5d40436a0
Sep 27 22:48:14 ubuntu-mantic kernel: </TASK>
Sep 27 22:48:14 ubuntu-mantic kernel: ---[ end trace 0000000000000000 ]---
Changed in linux (Ubuntu): | |
status: | Incomplete → Invalid |
Changed in linux (Ubuntu Mantic): | |
status: | Incomplete → Fix Committed |
assignee: | nobody → John Johansen (jjohansen) |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 2040192
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.