kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #20244
[Bug 1235977] Re: apparmor bad lock balance during policy introspection
** Also affects: linux-goldfish (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-goldfish (Ubuntu Saucy)
Importance: Undecided => High
** Changed in: linux-goldfish (Ubuntu Saucy)
Status: New => Fix Committed
** Changed in: linux-goldfish (Ubuntu Saucy)
Assignee: (unassigned) => John Johansen (jjohansen)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-maguro in Ubuntu.
https://bugs.launchpad.net/bugs/1235977
Title:
apparmor bad lock balance during policy introspection
Status in “linux” package in Ubuntu:
Fix Committed
Status in “linux-goldfish” package in Ubuntu:
Fix Committed
Status in “linux-grouper” package in Ubuntu:
Fix Committed
Status in “linux-maguro” package in Ubuntu:
Fix Committed
Status in “linux-mako” package in Ubuntu:
Fix Committed
Status in “linux-manta” package in Ubuntu:
Fix Committed
Status in “linux” source package in Saucy:
Fix Committed
Status in “linux-goldfish” source package in Saucy:
Fix Committed
Status in “linux-grouper” source package in Saucy:
Fix Committed
Status in “linux-maguro” source package in Saucy:
Fix Committed
Status in “linux-mako” source package in Saucy:
Fix Committed
Status in “linux-manta” source package in Saucy:
Fix Committed
Bug description:
There is a bug in the profile introspection file that results in a
virtual root ns lock being released twice. Introspection from the root
policy namespace is handled correctly it is only when introspection is
done from a task in a sub policy namespace that becomes its virtual ns
root.
This results in the following lockdep trace
[ 78.479744] [ BUG: bad unlock balance detected! ]
[ 78.479792] 3.11.0-11-generic #17 Not tainted
[ 78.479838] -------------------------------------
[ 78.479885] grep/2223 is trying to release lock (&ns->lock) at:
[ 78.479952] [<ffffffff817bf3be>] mutex_unlock+0xe/0x10
[ 78.480002] but there are no more locks to release!
[ 78.480037]
[ 78.480037] other info that might help us debug this:
[ 78.480037] 1 lock held by grep/2223:
[ 78.480037] #0: (&p->lock){+.+.+.}, at: [<ffffffff812111bd>] seq_read+0x3d/0x3d0
[ 78.480037]
[ 78.480037] stack backtrace:
[ 78.480037] CPU: 0 PID: 2223 Comm: grep Not tainted 3.11.0-11-generic #17
[ 78.480037] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[ 78.480037] ffffffff817bf3be ffff880007763d60 ffffffff817b97ef ffff8800189d2190
[ 78.480037] ffff880007763d88 ffffffff810e1c6e ffff88001f044730 ffff8800189d2190
[ 78.480037] ffffffff817bf3be ffff880007763e00 ffffffff810e5bd6 0000000724fe56b7
[ 78.480037] Call Trace:
[ 78.480037] [<ffffffff817bf3be>] ? mutex_unlock+0xe/0x10
[ 78.480037] [<ffffffff817b97ef>] dump_stack+0x54/0x74
[ 78.480037] [<ffffffff810e1c6e>] print_unlock_imbalance_bug+0xee/0x100
[ 78.480037] [<ffffffff817bf3be>] ? mutex_unlock+0xe/0x10
[ 78.480037] [<ffffffff810e5bd6>] lock_release_non_nested+0x226/0x300
[ 78.480037] [<ffffffff817bf2fe>] ? __mutex_unlock_slowpath+0xce/0x180
[ 78.480037] [<ffffffff817bf3be>] ? mutex_unlock+0xe/0x10
[ 78.480037] [<ffffffff810e5d5c>] lock_release+0xac/0x310
[ 78.480037] [<ffffffff817bf2b3>] __mutex_unlock_slowpath+0x83/0x180
[ 78.480037] [<ffffffff817bf3be>] mutex_unlock+0xe/0x10
[ 78.480037] [<ffffffff81376c91>] p_stop+0x51/0x90
[ 78.480037] [<ffffffff81211408>] seq_read+0x288/0x3d0
[ 78.480037] [<ffffffff811e9d9e>] vfs_read+0x9e/0x170
[ 78.480037] [<ffffffff811ea8cc>] SyS_read+0x4c/0xa0
[ 78.480037] [<ffffffff817ccc9d>] system_call_fastpath+0x1a/0x1f
Requires:
user of policy namespaces
root process with in alternate policy namespace reading the /sys/kernel/security/apparmor/profiles file
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1235977/+subscriptions
References
