Re: [2.6.20.17 review 00/58] 2.6.20.17 -stable review

[Stephen Smalley]

On Wed, 2007-08-22 at 19:50 +0200, Michal Piotrowski wrote:
> On 22/08/07, Michal Piotrowski <michal.k.k.piotrowski@xxxxxxxxx> wrote:
> > On 22/08/07, James Morris <jmorris@xxxxxxxxx> wrote:
> [snip]
> > > The previous problem is theoretically unrelated.  It arose via a separate
> > > mechanism which can't be used at the same as the one you're seeing now in
> > > the logs.
> > >
> > > So this either looks like a problem which has gone unnoticed and was
> > > inadvertently fixed at some point, or is unique to the 2.6.20 stable
> > > series.
> >
> > Yup, it is very interesting why no one noticed it. Binary search in progress:
> > good - 2.6.20.4
> > bad - 2.6.20.8
> 
> Ok, I narrowed the problem to 2.6.20.7. There are a few net changes
> http://eu.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.20.7
> any suggestions?
> 
> I also have seen this avc on 2.6.20.6 during reboot
> 
> [ 2333.905944] audit(1187803699.273:271): avc:  denied  { send } for
> saddr=192.168.1.70 src=48591 daddr=72.14.217.189 dest=80 netif=eth0
> scontext=user_u:system_r:unconfined_t:s0
> tcontext=system_u:system_r:kernel_t:s0 tclass=packet
> [ 2334.420598] audit(1187803699.789:272): avc:  denied  { send } for
> saddr=192.168.1.70 src=47248 daddr=66.249.91.18 dest=80 netif=eth0
> scontext=user_u:system_r:unconfined_t:s0
> tcontext=system_u:system_r:kernel_t:s0 tclass=packet
> 
> so the roots of the problem may lie between 2.6.20.4 and 2.6.20.6
> 
> http://www.stardust.webpages.pl/files/tbf/bitis-gabonica/2.6.20.17-rc1/console2.log

Might be related to this:
http://marc.info/?l=git-commits-head&m=118271540932264&w=2

-- 
Stephen Smalley
National Security Agency

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/