Ubuntu
linux package

Bug #1883962
Comment #3

Comment 3 for bug 1883962

Revision history for this message

Mauricio Faria de Oliveira (mfo) wrote on 2020-06-18:

Monitoring the label reference count with the kprobes module:

- original kernel: the counter keeps increasing on every pair of accept()/release() syscalls.
- modified kernel: the counter keeps stable.

Focal:
-----

original)

$ uname -rv
5.4.0-38-generic #42-Ubuntu SMP Mon Jun 8 14:14:24 UTC 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[ 4739.811403] accept() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e0
[ 4739.813677] release() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e2
[ 4739.815994] accept() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e1
[ 4739.818274] release() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e3
[ 4739.820555] accept() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e2
[ 4739.822833] release() :: comm = aa-refcnt-af_al, pid = 1023, sk->sk_security->label->count = 0x40b395e4
...
$ sudo rmmod kmod

modified)

$ uname -rv
5.4.0-38-generic #42+test20200617b1 SMP Wed Jun 17 16:31:24 -03 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[ 185.657133] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x649
[ 185.660720] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x64a
[ 185.664321] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x649
[ 185.668981] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x64a
[ 185.672648] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x629
[ 185.676299] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x62a
...
$ sudo rmmod kmod

Bionic:
------

original)

$ uname -rv
4.15.0-107-generic #108-Ubuntu SMP Mon Jun 8 17:51:33 UTC 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[ 4333.136581] accept() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e85
[ 4333.139131] release() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e87
[ 4333.141650] accept() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e86
[ 4333.144142] release() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e88
[ 4333.146675] accept() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e87
[ 4333.149199] release() :: comm = aa-refcnt-af_al, pid = 1243, sk->sk_security->label->count = 0x449b9e89
...
$ sudo rmmod kmod

modified)

$ uname -rv
4.15.0-107-generic #108+test20200617b1 SMP Wed Jun 17 16:33:16 -03 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[ 245.921217] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[ 245.923456] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
[ 245.925718] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[ 245.927954] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
[ 245.930221] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[ 245.932469] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
...
$ sudo rmmod kmod

Monitoring the label reference count with the kprobes module:

- original kernel: the counter keeps increasing on every pair of accept()/release() syscalls.
- modified kernel: the counter keeps stable.

Focal:
-----

original)

$ uname -rv
5.4.0-38-generic #42-Ubuntu SMP Mon Jun 8 14:14:24 UTC 2020

modified)

$ uname -rv
5.4.0-38-generic #42+test20200617b1 SMP Wed Jun 17 16:31:24 -03 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[  185.657133] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x649
[  185.660720] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x64a
[  185.664321] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x649
[  185.668981] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x64a
[  185.672648] accept() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x629
[  185.676299] release() :: comm = aa-refcnt-af_al, pid = 1098, sk->sk_security->label->count = 0x62a
...
$ sudo rmmod kmod

Bionic:
------

original)

$ uname -rv
4.15.0-107-generic #108-Ubuntu SMP Mon Jun 8 17:51:33 UTC 2020

modified)

$ uname -rv
4.15.0-107-generic #108+test20200617b1 SMP Wed Jun 17 16:33:16 -03 2020

$ ./aa-refcnt-af_alg &
$ sudo insmod kmod.ko
...
[  245.921217] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[  245.923456] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
[  245.925718] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[  245.927954] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
[  245.930221] accept() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x608
[  245.932469] release() :: comm = aa-refcnt-af_al, pid = 1165, sk->sk_security->label->count = 0x609
...
$ sudo rmmod kmod

Ubuntulinux package

Comment 3 for bug 1883962

Ubuntu
linux package