[PATCH v4 00/23] LSM: Module stacking for AppArmor
James Morris
jmorris at namei.org
Thu Jun 27 02:46:01 UTC 2019
On Thu, 27 Jun 2019, James Morris wrote:
> On Wed, 26 Jun 2019, Casey Schaufler wrote:
>
> > This patchset provides the changes required for
> > the AppArmor security module to stack safely with any other.
>
> I get a kernel oops with this patchset when running the SELinux testsuite
> (binder test) with:
>
> $ cat /sys/kernel/security/lsm
> capability,yama,loadpin,safesetid,selinux,tomoyo
>
>
> [ 485.357377] binder: 4224 RLIMIT_NICE not set
> [ 485.360727] binder: 4224 RLIMIT_NICE not set
> [ 485.361480] binder: 4224 RLIMIT_NICE not set
> [ 485.362164] BUG: unable to handle kernel paging request at 0000000000001080
> [ 485.362927] #PF error: [normal kernel read fault]
> [ 485.363143] ------------[ cut here ]------------
> [ 485.363581] PGD 800000044e17b067 P4D 800000044e17b067 PUD 44b796067 PMD 0
> [ 485.364226] kernel BUG at drivers/android/binder_alloc.c:1139!
It's this BUG_ON:
static void binder_alloc_do_buffer_copy(struct binder_alloc *alloc,
bool to_buffer,
struct binder_buffer *buffer,
binder_size_t buffer_offset,
void *ptr,
size_t bytes)
{
/* All copies must be 32-bit aligned and 32-bit size */
BUG_ON(!check_buffer(alloc, buffer, buffer_offset, bytes));
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list