[Kernel-packages] [Bug 2123815] Re: Ubuntu 24.04.2: error in audit_log_object_context keep printing in the kernel and console

Mon, 15 Sep 2025 16:05:35 -0700 

** Tags added: kernel-daily-bug

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2123815

Title:
  Ubuntu 24.04.2: error in audit_log_object_context keep printing in the
  kernel and console

Status in linux package in Ubuntu:
  New

Bug description:
  The log `error in audit_log_object_context` is keep printing in the
  kernel log and console when the system startup.

  [   13.504243] audit_panic: 282 callbacks suppressed
  [   13.504248] audit: error in audit_log_object_context
  [   19.988510] audit: error in audit_log_object_context
  [   20.104622] audit: error in audit_log_object_context
  [   20.114842] audit: error in audit_log_object_context
  [   20.468369] audit: error in audit_log_object_context
  [   20.505565] audit: error in audit_log_object_context
  [   20.629690] audit: error in audit_log_object_context
  [   21.233722] audit: error in audit_log_object_context
  [   21.280265] audit: error in audit_log_object_context
  [   80.081721] audit: error in audit_log_object_context
  [   88.384101] audit: error in audit_log_object_context
  [   88.445175] audit: error in audit_log_object_context
  [   88.460142] audit: error in audit_log_object_context
  [   88.715815] audit: error in audit_log_object_context
  [   88.732466] audit: error in audit_log_object_context
  [   88.851304]

  Reproduce the issue:

  1. Install auditd, enable AppArmor or SELinux.
  2. Add audit rules like:
     auditctl -a always,exit -S execve -k all_execs

  Suggested patch:
  diff --git a/kernel/audit.c b/kernel/audit.c
  index 3dd2e9930550f..b1764ae17ad76 100644
  --- a/kernel/audit.c
  +++ b/kernel/audit.c
  @@ -2315,7 +2315,7 @@ void audit_log_object_context(struct audit_buffer *ab, 
struct lsmblob *blob)
          if (lsm_blob_cnt < 2) {
                  error = security_lsmblob_to_secctx(blob, &context,
                                                     LSM_ID_UNDEF);
  -               if (error) {
  +               if (error < 0) {
                          if (error != -EINVAL)
                                  goto error_path;
                          return;
  @@ -2334,7 +2334,7 @@ void audit_log_object_context(struct audit_buffer *ab, 
struct lsmblob *blob)
                          continue;
                  error = security_lsmblob_to_secctx(blob, &context,
                                                     lsm_idlist[i]->id);
  -               if (error) {
  +               if (error < 0) {
                          audit_log_format(ab, "%sobj_%s=?",
                                           space ? " " : "", 
lsm_idlist[i]->name);
                          if (error != -EINVAL)

  Similar fix already in 6.14.x-HWE kernel, please help to add it to
  6.8.0. thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2123815/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to