tomoyo-init (tomoyo-tools) results in kernel panic on kernel 2.6.35-git2/3
in [Kernel]
|
Prev: arch/mips/kernel: Adjust confusing if indentation
Next: [PATCH] AFS: Fix the module init error handling
From: Karsten Mehrhoff on 6 Aug 2010 12:30 Hi, i just compiled the 2.6.35-git3 kernel on my computer using debian 64 bit as i did with all other kernels before. Booting the git2/3 kernel results in a kernel panic because of /sbin/tomoyo-init. No problem with the 2.6.35 kernel. I've to remane /sbin/tomoyo-init to boot the kernel. Now i purged tomoyo-tools version 2.2.0-20100225 (aptitude purge tomoyo-tool) and everything works ok. Sorry, i forgot to backup the tomoyo-init script. $ uname -a Linux xxxxxx 2.6.35-git3 #4 SMP Fri Aug 6 15:22:08 CEST 2010 x86_64 GNU/Linux Karsten -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Jiri Kosina on 10 Aug 2010 08:50 On Sat, 7 Aug 2010, Tetsuo Handa wrote: > > Hi, i just compiled the 2.6.35-git3 kernel on my computer using debian 64 bit > > as i did with all other kernels before. > > Booting the git2/3 kernel results in a kernel panic because of > > /sbin/tomoyo-init. > > > > No problem with the 2.6.35 kernel. > > > > I've to remane /sbin/tomoyo-init to boot the kernel. > > Now i purged tomoyo-tools version 2.2.0-20100225 (aptitude purge tomoyo-tool) and everything works ok. > > Sorry, i forgot to backup the tomoyo-init script. > > > > $ uname -a > > Linux xxxxxx 2.6.35-git3 #4 SMP Fri Aug 6 15:22:08 CEST 2010 x86_64 GNU/Linux > > Thank you for using TOMOYO. TOMOYO has changed a lot in 2.6.36. Therefore, > you need to upgrade tomoyo-tools package. I'm testing it now. > You can upgrade it by doing > > # wget -O tomoyo-tools.tar.gz 'http://sourceforge.jp/projects/tomoyo/svn/view/trunk/2.3.x/tomoyo-tools.tar.gz?root=tomoyo&view=tar' > # tar -zxf tomoyo-tools.tar.gz > # make -C tomoyo-tools/ install > > Then, please delete (or rename) /etc/tomoyo/ directory and run > /usr/lib/tomoyo/init_policy . > > Please see http://tomoyo.sourceforge.jp/2.3/ for more information. Still, if a legacy userspace application is able to cause kernel panic, that sounds like something we'd rather fix immediately. -- Jiri Kosina SUSE Labs, Novell Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Karsten Mehrhoff on 10 Aug 2010 16:40 [Am 10.08.2010, 22:14 Uhr, schrieb Tetsuo Handa <penguin-kernel(a)i-love.sakura.ne.jp>] > Jiri Kosina wrote: >> Still, if a legacy userspace application is able to cause kernel panic, >> that sounds like something we'd rather fix immediately. > > I assume the panic message which Karsten encountered is either > > Profile version %u is not supported. > > or > > Profile %u (used by '%s') not defined. > > which happens only if access control rules (a.k.a. policy) was not > loaded when /sbin/init starts. > > If what Karsten encountered is not the cases above, > I agree that we need to fix immediately. > > Regards. The panic message was: > Profile %u (used by '%s') not defined. Profile 0 (used by '0') not defined. Regards Karsten -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Jiri Kosina on 11 Aug 2010 05:20
On Tue, 10 Aug 2010, Karsten Mehrhoff wrote: > > > Still, if a legacy userspace application is able to cause kernel panic, > > > that sounds like something we'd rather fix immediately. > > > > I assume the panic message which Karsten encountered is either > > > > Profile version %u is not supported. > > > > or > > > > Profile %u (used by '%s') not defined. > > > > which happens only if access control rules (a.k.a. policy) was not > > loaded when /sbin/init starts. > > > > If what Karsten encountered is not the cases above, > > I agree that we need to fix immediately. > > > > Regards. > > The panic message was: > > Profile %u (used by '%s') not defined. > > Profile 0 (used by '0') not defined. Looking at the code ... void tomoyo_check_profile(void) { struct tomoyo_domain_info *domain; const int idx = tomoyo_read_lock(); tomoyo_policy_loaded = true; /* Check all profiles currently assigned to domains are defined. */ list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) { const u8 profile = domain->profile; if (tomoyo_profile_ptr[profile]) continue; panic("Profile %u (used by '%s') not defined.\n", profile, domain->domainname->name); } tomoyo_read_unlock(idx); if (tomoyo_profile_version != 20090903) panic("Profile version %u is not supported.\n", tomoyo_profile_version); printk(KERN_INFO "TOMOYO: 2.3.0\n"); printk(KERN_INFO "Mandatory Access Control activated.\n"); } makes one wonder whether not having up-to-date userspace really does qualify for unconditional kernel panic. -- Jiri Kosina SUSE Labs, Novell Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |