kern/183817: [patch] [mac] [panic] kernel compiled with options INVARIANTS and MAC_PORTACL panices if loader loads mac_portacl.ko too
Eugene Grosbein
eugen at grosbein.net
Sat Nov 9 18:20:04 UTC 2013
>Number: 183817
>Category: kern
>Synopsis: [patch] [mac] [panic] kernel compiled with options INVARIANTS and MAC_PORTACL panices if loader loads mac_portacl.ko too
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Nov 09 18:20:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Eugene Grosbein
>Release: FreeBSD 9.2-STABLE amd64
>Organization:
RDTC JSC
>Environment:
System: FreeBSD grosbein.net 9.2-STABLE FreeBSD 9.2-STABLE #5 r256953M: Sun Nov 10 00:52:12 NOVT 2013 root at grosbein.net:/usr/obj/usr/local/src/sys/DADV amd64
>Description:
If the kernel is compiled with options INVARIANTS and options MAC_PORTACL
and /boot/loader.conf has "mac_portacl_load=YES" then kernel panices
as soon as /etc/rc.d/initrandom script runs "sysctl -a" at boot time:
http://www.grosbein.net/files/portacl.jpg
>How-To-Repeat:
Build custom kernel with options INVARIANTS and options MAC_PORTACL,
have "mac_portacl_load=YES" in /boot/loader.conf and try to boot.
>Fix:
--- sys/security/mac/mac_policy.h.orig 2013-10-21 21:11:02.000000000 +0700
+++ sys/security/mac/mac_policy.h 2013-11-10 00:49:50.000000000 +0700
@@ -1021,6 +1021,7 @@
}; \
MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
MAC_VERSION, MAC_VERSION); \
+ MODULE_VERSION(mpname, 1); \
DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
SI_ORDER_MIDDLE)
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list