[prev in list] [next in list] [prev in thread] [next in thread]
List: selinux
Subject: Re: core dump
From: Stephen Smalley <sds () tycho ! nsa ! gov>
Date: 2007-02-06 12:40:38
Message-ID: 1170765638.12293.362.camel () moss-spartans ! epoch ! ncsc ! mil
[Download RAW message or body]
On Tue, 2007-02-06 at 04:12 +0200, Stefanos Harhalakis wrote:
> I had this issue today:
>
> # semodule -i logging.pp
> Segmentation fault (core dumped)
>
> I traced this a bit and it seems that this is because of libsepol.
> The core dump is the result of lines 602:603 of link.c:
>
> (gdb) bt
> #0 0xb7f732fd in sens_copy_callback (key=0x848c2a0 "s15", datum=0x848c290, \
> data=0xbfde3854) at link.c:602 #1 0xb7f6f8a1 in hashtab_map (h=0x846cbf0, \
> apply=0xb7f731d1 <sens_copy_callback>, args=0xbfde3854) at hashtab.c:214 #2 \
> 0xb7f75528 in copy_identifiers (state=0xbfde3854, src_symtab=0x843cc74, \
> dest_decl=0x0) at link.c:1323 #3 0xb7f77c72 in link_modules (handle=0x804c710, \
> b=0x80525b8, mods=0x863ce18, len=19, verbose=0) at link.c:2178 #4 0xb7f7a2c9 in \
> sepol_link_packages (handle=0x804c710, base=0x8053060, modules=0x80543c8, \
> num_modules=19, verbose=0) at module.c:302
> Where:
>
> (gdb) l
> 597 state->cur_mod_name);
> 598 return -SEPOL_LINK_NOTSUP;
> 599 }
> 600 }
> 601
> 602 state->cur->map[SYM_LEVELS][level->level->sens - 1] =
> 603 base_level->level->sens;
> 604
> 605 return 0;
> 606 }
>
> Because of:
>
> (gdb) p base_level
> $1 = (level_datum_t *) 0x0
>
> The last 'if' checks for !base_level, but inside the 'if' block, only
> !scope and scope->scope==SCOPE_DECL are checked.
>
> This core dump is caused by:
>
> (gdb) p scope->scope
> $2 = 1
>
> Which is noted as:
>
> /* Required for this decl */
> #define SCOPE_REQ 1
>
> in libsepol/include/sepol/policydb/policydb.h
>
> Hope this helps...
Looks like your logging.pp policy module has a requires on sensitivity
s15 but your base module doesn't declare it. Naturally, that should
show up as an unfulfilled requirement rather than a seg fault.
--
Stephen Smalley
National Security Agency
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic