← Back to team overview

kernel-packages team mailing list archive

  1. kernel-packages team
  2. Mailing list archive
  3. Message #55394

[Bug 1308761] [NEW] apparmor spams log with warning message

  Thread PreviousDate PreviousThread Next 
Public bug reported:

The apparmor kernel module will spam the dmesg log with a stack trace
and warning when the label on a unix socket does not match the label on
the task sending the message.

This happens when a socket is delegated to another task

Example Message in the log
Apr  5 05:16:45 cormac kernel: [66784.479777] ------------[ cut here ]------------
Apr  5 05:16:45 cormac kernel: [66784.479791] WARNING: CPU: 0 PID: 21866 at /build/buildd/linux-3.13.0/security/apparmor/lsm.c:839 apparmor_unix_may_send+0x16c/0x180()
Apr  5 05:16:45 cormac kernel: [66784.479793] AppArmor WARN apparmor_unix_may_send: ((!aa_label_is_subset(cxt->label, label))):
Apr  5 05:16:45 cormac kernel: [66784.479794] Modules linked in: xt_hl ipt_REJECT xt_comment xt_limit xt_tcpudp xt_addrtype ppdev nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack_netbios_ns nf_conntrack_broadcast nf_nat_ftp nf_nat nf_conntrack_ftp iptable_filter ip_tables kvm_intel kvm cirrus psmouse serio_raw ip6t_REJECT xt_LOG ttm ip6t_rt nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack parport_pc ip6table_filter ip6_tables x_tables drm_kms_helper drm lp parport mac_hid syscopyarea sysfillrect sysimgblt i2c_piix4 floppy
Apr  5 05:16:45 cormac kernel: [66784.479828] CPU: 0 PID: 21866 Comm: sshd Tainted: G        W    3.13.0-22-generic #44-Ubuntu
Apr  5 05:16:45 cormac kernel: [66784.479829] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
Apr  5 05:16:45 cormac kernel: [66784.479832]  0000000000000009 ffff8800d5d25bd0 ffffffff81714914 ffff8800d5d25c18
Apr  5 05:16:45 cormac kernel: [66784.479834]  ffff8800d5d25c08 ffffffff810676bd ffff8800d67a3c30 ffff880138147b80
Apr  5 05:16:45 cormac kernel: [66784.479836]  ffff88003681cb40 ffff880138147680 ffff8801384217f0 ffff8800d5d25c68
Apr  5 05:16:45 cormac kernel: [66784.479839] Call Trace:
Apr  5 05:16:45 cormac kernel: [66784.479846]  [<ffffffff81714914>] dump_stack+0x45/0x56
Apr  5 05:16:45 cormac kernel: [66784.479851]  [<ffffffff810676bd>] warn_slowpath_common+0x7d/0xa0
Apr  5 05:16:45 cormac kernel: [66784.479853]  [<ffffffff8106772c>] warn_slowpath_fmt+0x4c/0x50
Apr  5 05:16:45 cormac kernel: [66784.479855]  [<ffffffff8130e92c>] apparmor_unix_may_send+0x16c/0x180
Apr  5 05:16:45 cormac kernel: [66784.479859]  [<ffffffff812cf446>] security_unix_may_send+0x16/0x20
Apr  5 05:16:45 cormac kernel: [66784.479863]  [<ffffffff816b1435>] unix_dgram_sendmsg+0x2a5/0x620
Apr  5 05:16:45 cormac kernel: [66784.479868]  [<ffffffff81601f3b>] sock_sendmsg+0x8b/0xc0
Apr  5 05:16:45 cormac kernel: [66784.479872]  [<ffffffff8104f28f>] ? kvm_clock_read+0x1f/0x30
Apr  5 05:16:45 cormac kernel: [66784.479875]  [<ffffffff816020e1>] SYSC_sendto+0x121/0x1c0
Apr  5 05:16:45 cormac kernel: [66784.479901]  [<ffffffff8109dd74>] ? vtime_account_user+0x54/0x60
Apr  5 05:16:45 cormac kernel: [66784.479907]  [<ffffffff81020d35>] ? syscall_trace_enter+0x145/0x250
Apr  5 05:16:45 cormac kernel: [66784.479909]  [<ffffffff81602bee>] SyS_sendto+0xe/0x10
Apr  5 05:16:45 cormac kernel: [66784.479913]  [<ffffffff817254ff>] tracesys+0xe1/0xe6
Apr  5 05:16:45 cormac kernel: [66784.479915] ---[ end trace c4dfb167bafcc341 ]---

** Affects: linux (Ubuntu)
     Importance: Undecided
     Assignee: John Johansen (jjohansen)
         Status: Confirmed

** Affects: linux (Ubuntu Trusty)
     Importance: Undecided
     Assignee: John Johansen (jjohansen)
         Status: Confirmed

** Changed in: linux (Ubuntu)
       Status: New => Confirmed

** Changed in: linux (Ubuntu)
     Assignee: (unassigned) => John Johansen (jjohansen)

** Also affects: linux (Ubuntu Trusty)
   Importance: Undecided
     Assignee: John Johansen (jjohansen)
       Status: Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1308761

Title:
  apparmor spams log with warning message

Status in “linux” package in Ubuntu:
  Confirmed
Status in “linux” source package in Trusty:
  Confirmed

Bug description:
  The apparmor kernel module will spam the dmesg log with a stack trace
  and warning when the label on a unix socket does not match the label
  on the task sending the message.

  This happens when a socket is delegated to another task

  Example Message in the log
  Apr  5 05:16:45 cormac kernel: [66784.479777] ------------[ cut here ]------------
  Apr  5 05:16:45 cormac kernel: [66784.479791] WARNING: CPU: 0 PID: 21866 at /build/buildd/linux-3.13.0/security/apparmor/lsm.c:839 apparmor_unix_may_send+0x16c/0x180()
  Apr  5 05:16:45 cormac kernel: [66784.479793] AppArmor WARN apparmor_unix_may_send: ((!aa_label_is_subset(cxt->label, label))):
  Apr  5 05:16:45 cormac kernel: [66784.479794] Modules linked in: xt_hl ipt_REJECT xt_comment xt_limit xt_tcpudp xt_addrtype ppdev nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack_netbios_ns nf_conntrack_broadcast nf_nat_ftp nf_nat nf_conntrack_ftp iptable_filter ip_tables kvm_intel kvm cirrus psmouse serio_raw ip6t_REJECT xt_LOG ttm ip6t_rt nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack parport_pc ip6table_filter ip6_tables x_tables drm_kms_helper drm lp parport mac_hid syscopyarea sysfillrect sysimgblt i2c_piix4 floppy
  Apr  5 05:16:45 cormac kernel: [66784.479828] CPU: 0 PID: 21866 Comm: sshd Tainted: G        W    3.13.0-22-generic #44-Ubuntu
  Apr  5 05:16:45 cormac kernel: [66784.479829] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
  Apr  5 05:16:45 cormac kernel: [66784.479832]  0000000000000009 ffff8800d5d25bd0 ffffffff81714914 ffff8800d5d25c18
  Apr  5 05:16:45 cormac kernel: [66784.479834]  ffff8800d5d25c08 ffffffff810676bd ffff8800d67a3c30 ffff880138147b80
  Apr  5 05:16:45 cormac kernel: [66784.479836]  ffff88003681cb40 ffff880138147680 ffff8801384217f0 ffff8800d5d25c68
  Apr  5 05:16:45 cormac kernel: [66784.479839] Call Trace:
  Apr  5 05:16:45 cormac kernel: [66784.479846]  [<ffffffff81714914>] dump_stack+0x45/0x56
  Apr  5 05:16:45 cormac kernel: [66784.479851]  [<ffffffff810676bd>] warn_slowpath_common+0x7d/0xa0
  Apr  5 05:16:45 cormac kernel: [66784.479853]  [<ffffffff8106772c>] warn_slowpath_fmt+0x4c/0x50
  Apr  5 05:16:45 cormac kernel: [66784.479855]  [<ffffffff8130e92c>] apparmor_unix_may_send+0x16c/0x180
  Apr  5 05:16:45 cormac kernel: [66784.479859]  [<ffffffff812cf446>] security_unix_may_send+0x16/0x20
  Apr  5 05:16:45 cormac kernel: [66784.479863]  [<ffffffff816b1435>] unix_dgram_sendmsg+0x2a5/0x620
  Apr  5 05:16:45 cormac kernel: [66784.479868]  [<ffffffff81601f3b>] sock_sendmsg+0x8b/0xc0
  Apr  5 05:16:45 cormac kernel: [66784.479872]  [<ffffffff8104f28f>] ? kvm_clock_read+0x1f/0x30
  Apr  5 05:16:45 cormac kernel: [66784.479875]  [<ffffffff816020e1>] SYSC_sendto+0x121/0x1c0
  Apr  5 05:16:45 cormac kernel: [66784.479901]  [<ffffffff8109dd74>] ? vtime_account_user+0x54/0x60
  Apr  5 05:16:45 cormac kernel: [66784.479907]  [<ffffffff81020d35>] ? syscall_trace_enter+0x145/0x250
  Apr  5 05:16:45 cormac kernel: [66784.479909]  [<ffffffff81602bee>] SyS_sendto+0xe/0x10
  Apr  5 05:16:45 cormac kernel: [66784.479913]  [<ffffffff817254ff>] tracesys+0xe1/0xe6
  Apr  5 05:16:45 cormac kernel: [66784.479915] ---[ end trace c4dfb167bafcc341 ]---

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1308761/+subscriptions

Follow ups

References

  Thread PreviousDate PreviousThread Next