>Number: 183817
>Category: kern
>Synopsis: [patch] [mac] [panic] kernel compiled with options INVARIANTS
>and MAC_PORTACL panices if loader loads mac_portacl.ko too
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Nov 09 18:20:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator: Eugene Grosbein
>Release: FreeBSD 9.2-STABLE amd64
>Organization:
RDTC JSC
>Environment:
System: FreeBSD grosbein.net 9.2-STABLE FreeBSD 9.2-STABLE #5 r256953M: Sun Nov
10 00:52:12 NOVT 2013 [email protected]:/usr/obj/usr/local/src/sys/DADV amd64
>Description:
If the kernel is compiled with options INVARIANTS and options
MAC_PORTACL
and /boot/loader.conf has "mac_portacl_load=YES" then kernel panices
as soon as /etc/rc.d/initrandom script runs "sysctl -a" at boot time:
http://www.grosbein.net/files/portacl.jpg
>How-To-Repeat:
Build custom kernel with options INVARIANTS and options MAC_PORTACL,
have "mac_portacl_load=YES" in /boot/loader.conf and try to boot.
>Fix:
--- sys/security/mac/mac_policy.h.orig 2013-10-21 21:11:02.000000000 +0700
+++ sys/security/mac/mac_policy.h 2013-11-10 00:49:50.000000000 +0700
@@ -1021,6 +1021,7 @@
}; \
MODULE_DEPEND(mpname, kernel_mac_support, MAC_VERSION, \
MAC_VERSION, MAC_VERSION); \
+ MODULE_VERSION(mpname, 1); \
DECLARE_MODULE(mpname, mpname##_mod, SI_SUB_MAC_POLICY, \
SI_ORDER_MIDDLE)
>Release-Note:
>Audit-Trail:
>Unformatted:
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
