________________________________________ From: [email protected] [[email protected]] on behalf of Margaret M Sanders [[email protected]] Sent: Monday, December 29, 2014 4:35 PM To: Paul Moore; Toralf Förster Cc: [email protected]; linux Kernel Subject: WASP for Linux 7?
Expertise: Is there a WASP for Linux 7? What is the accepted and accredited security scanning app for Linux 7--is it SECSCN? Thank you, MS SwRI ISSO/ATA -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Paul Moore Sent: Monday, December 29, 2014 1:42 PM To: Toralf Förster Cc: [email protected]; linux Kernel Subject: Re: v3.19-rc2: crashes during boot (syslog-ng, rpcbind ...) On Monday, December 29, 2014 05:24:38 PM Toralf Förster wrote: > On 12/29/2014 05:21 PM, Paul Moore wrote: > > On Mon, Dec 29, 2014 at 11:07 AM, Toralf Förster wrote: > >> A x86 KVM guest running at a 64 bit Gentoo hardened host system the > >> following crashes appeared reproducible (screen shots attached. > >> > >> If I removed syslog-ng from the runlevel default, then the crash > >> just appeared a little bit later at another subsystem> > > > > It looks like it doesn't like something in > > audit_compare_dname_path(); I'll take a look and see what I can > > find, there is a patch in -rc2 which touched some related code. > > > > I didn't see this problem in my earlier testing, can you share your > > .config? > > ofc - attached [NOTE: added linux-audit to the CC line, I should have done that earlier] I believe I can reproduce this now; I'm seeing slightly different panics, but it is "close enough" and based on some quality time with the code I believe they are both symptoms of the same root cause. To help verify that I'm heading down the right path, could you share your audit configuration as well? If that's not possible, can you at least confirm that you using a few audit directory watches? -- paul moore www.paul-moore.com Try Using OpenSCAP. I do not think that RHEL7 has been approved yet and I do not see the rules on NIPR or SIPR. ________________________________ This e-mail and any files transmitted with it may be proprietary and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of Exelis Inc. The recipient should check this e-mail and any attachments for the presence of viruses. Exelis Inc. accepts no liability for any damage caused by any virus transmitted by this e-mail. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
