Re: [selinux] 66f8e2f03c: RIP:sidtab_hash_stats

From: Paul Moore
Date: Mon Dec 23 2019 - 16:37:57 EST


On Mon, Dec 23, 2019 at 9:37 AM Paul Moore <paul@xxxxxxxxxxxxxx> wrote:
>
> On Mon, Dec 23, 2019 at 4:15 AM kernel test robot <lkp@xxxxxxxxx> wrote:
> > FYI, we noticed the following commit (built with gcc-7):
> >
> > commit: 66f8e2f03c02e812002f8e9e465681cc62edda5b ("selinux: sidtab reverse lookup hash table")
> > https://git.kernel.org/cgit/linux/kernel/git/pcmoore/selinux.git next
> >
> > ...
>
> Jeff, please look into this. I suspect we may need to check
> state->initialized in security_sidtab_hash_stats(...) (or similar).

I realized that Jeff may very well be on a holiday so I took a closer
look and this does appear to be the/a problem. If you try to "cat
/sys/fs/selinux/ss/sidtab_hash_stats" on a system where the policy
hasn't been loaded it blows up in a bad way. I'll write up a fix
right now and post it as soon as I've verified it fixes the problem.

--
paul moore
www.paul-moore.com