Re: tomoyo-init (tomoyo-tools) results in kernel panic on kernel2.6.35-git2/3

From: Jiri Kosina
Date: Wed Aug 11 2010 - 05:18:33 EST


On Tue, 10 Aug 2010, Karsten Mehrhoff wrote:

> > > Still, if a legacy userspace application is able to cause kernel panic,
> > > that sounds like something we'd rather fix immediately.
> >
> > I assume the panic message which Karsten encountered is either
> >
> > Profile version %u is not supported.
> >
> > or
> >
> > Profile %u (used by '%s') not defined.
> >
> > which happens only if access control rules (a.k.a. policy) was not
> > loaded when /sbin/init starts.
> >
> > If what Karsten encountered is not the cases above,
> > I agree that we need to fix immediately.
> >
> > Regards.
>
> The panic message was:
> > Profile %u (used by '%s') not defined.
>
> Profile 0 (used by '0') not defined.

Looking at the code ...

void tomoyo_check_profile(void)
{
struct tomoyo_domain_info *domain;
const int idx = tomoyo_read_lock();
tomoyo_policy_loaded = true;
/* Check all profiles currently assigned to domains are defined. */
list_for_each_entry_rcu(domain, &tomoyo_domain_list, list) {
const u8 profile = domain->profile;
if (tomoyo_profile_ptr[profile])
continue;
panic("Profile %u (used by '%s') not defined.\n",
profile, domain->domainname->name);
}
tomoyo_read_unlock(idx);
if (tomoyo_profile_version != 20090903)
panic("Profile version %u is not supported.\n",
tomoyo_profile_version);
printk(KERN_INFO "TOMOYO: 2.3.0\n");
printk(KERN_INFO "Mandatory Access Control activated.\n");
}

makes one wonder whether not having up-to-date userspace really does
qualify for unconditional kernel panic.

--
Jiri Kosina
SUSE Labs, Novell Inc.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/