[Apparmor-dev] Re: AppArmor Kernel Module Bug

Bob Ziuchkovski rziuchko at uccs.edu
Tue Oct 23 02:03:39 MDT 2007 

My apologies.  I accidentally omitted part of the syslog output.  Here is the 
entire thing:

Oct 23 01:35:28 clarity xl2tpd[7759]: This binary does not support kernel 
L2TP.
Oct 23 01:35:28 clarity xl2tpd[7760]: xl2tpd version xl2tpd-1.1.11 started on 
clarity PID:7760
Oct 23 01:35:28 clarity xl2tpd[7760]: Written by Mark Spencer, Copyright (C) 
1998, Adtran, Inc.
Oct 23 01:35:28 clarity xl2tpd[7760]: Forked by Scott Balmos and David Stipp, 
(C) 2001
Oct 23 01:35:28 clarity xl2tpd[7760]: Inherited by Jeff McAdams, (C) 2002
Oct 23 01:35:28 clarity xl2tpd[7760]: Forked again by Xelerance 
(www.xelerance.com) (C) 2006
Oct 23 01:35:28 clarity xl2tpd[7760]: Listening on IP address 0.0.0.0, port 
1701
Oct 23 01:35:30 clarity xl2tpd[7760]: Connecting to host 10.12.63.1, port 1701
Oct 23 01:35:32 clarity kernel: [  411.468000] BUG: unable to handle kernel 
NULL pointer dereference at virtual address 00000014
Oct 23 01:35:32 clarity kernel: [  411.468000]  printing eip:
Oct 23 01:35:32 clarity kernel: [  411.468000] f8833940
Oct 23 01:35:32 clarity kernel: [  411.468000] *pde = 00000000
Oct 23 01:35:32 clarity kernel: [  411.468000] Oops: 0000 [#1]
Oct 23 01:35:32 clarity kernel: [  411.468000] SMP
Oct 23 01:35:32 clarity kernel: [  411.468000] Modules linked in: 
xfrm4_mode_transport esp4 michael_mic arc4 ieee80211_crypt_tkip vmnet(P) 
vmblock(P) vmmon(P) binfmt_misc xt_multiport xt_tcpudp ipt_LOG xt_limit 
ipt_MASQUERADE xt_state ip6table_filter ip6_tables af_packet iptable_filter 
iptable_nat ip_tables nf_nat_amanda nf_nat_h323 nf_nat_snmp_basic nf_nat_pptp 
nf_nat_proto_gre nf_nat_tftp rfcomm l2cap bluetooth nf_nat_irc nf_nat_ftp 
nf_nat_sip ebt_dnat ebtable_nat ebt_snat ebtables nf_conntrack_sip 
nf_conntrack_pptp nf_conntrack_proto_gre nf_conntrack_tftp nf_conntrack_ftp 
nf_conntrack_netbios_ns nf_conntrack_netlink nf_nat nf_conntrack_h323 ts_kmp 
nf_conntrack_amanda nf_conntrack_proto_sctp nf_conntrack_irc xt_conntrack 
x_tables vboxdrv nf_conntrack_ipv4 nf_conntrack_ipv6 nf_conntrack nfnetlink 
ppdev acpi_cpufreq cpufreq_userspace cpufreq_conservative cpufreq_powersave 
cpufreq_ondemand cpufreq_stats freq_table container battery video sbs button 
dock ac bridge ipv6 tun deflate zlib_deflate twofish twofish_comm
Oct 23 01:35:32 clarity kernel: n camellia serpent blowfish des cbc ecb 
blkcipher aes xcbc sha256 sha1 crypto_null af_key ext2 sbp2 parport_pc lp 
parport joydev snd_hda_intel snd_hwdep snd_pcm_oss snd_pcm snd_page_alloc 
snd_mixer_oss snd_seq_dummy snd_seq_oss nvidia(P) snd_seq_midi bcm43xx 
snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device i2c_core 
ieee80211softmac ieee80211 ieee80211_crypt snd serio_raw psmouse pcspkr sdhci 
mmc_core shpchp pci_hotplug soundcore intel_agp agpgart evdev ext3 jbd 
mbcache sg sr_mod cdrom sd_mod ata_generic ata_piix ohci1394 ieee1394 b44 mii 
libata scsi_mod ehci_hcd uhci_hcd usbcore thermal processor fan fuse apparmor 
commoncap
Oct 23 01:35:32 clarity kernel: [  411.468000] CPU:    0
Oct 23 01:35:32 clarity kernel: [  411.468000] EIP:    0060:[<f8833940>]    
Tainted: P       VLI
Oct 23 01:35:32 clarity kernel: [  411.468000] EFLAGS: 00210246   
(2.6.22-14-generic #1)
Oct 23 01:35:32 clarity kernel: [  411.468000] EIP is at 
apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor]
Oct 23 01:35:32 clarity kernel: [  411.468000] eax: 00000000   ebx: f883a380   
ecx: f21a5d18   edx: f472b180
Oct 23 01:35:32 clarity kernel: [  411.468000] esi: f472b180   edi: f21a5f48   
ebp: f5c60000   esp: f21a5cd8
Oct 23 01:35:32 clarity kernel: [  411.468000] ds: 007b   es: 007b   fs: 00d8  
gs: 0033  ss: 0068
Oct 23 01:35:32 clarity kernel: [  411.468000] Process xl2tpd (pid: 7760, 
ti=f21a4000 task=f40c8530 task.ti=f21a4000)
Oct 23 01:35:32 clarity kernel: [  411.468000] Stack: c02ab006 00000079 
00000079 c02808f7 00000081 00000079 f21a5d50 00000008
Oct 23 01:35:32 clarity kernel: [  411.468000]        c0280f41 f21a5d50 
c02813a6 f5c6006c 00000000 f21a5f08 f472b180 00000000
Oct 23 01:35:32 clarity kernel: [  411.468000]        00000000 00000000 
00000000 f472b180 00000079 f21a5e98 f5c60000 c02c852e
Oct 23 01:35:32 clarity kernel: [  411.468000] Call Trace:
Oct 23 01:35:32 clarity kernel: [  411.468000]  [ip_cmsg_recv+198/576] 
ip_cmsg_recv+0xc6/0x240
Oct 23 01:35:32 clarity kernel: [  411.468000]  [memcpy_toiovec+55/96] 
memcpy_toiovec+0x37/0x60
Oct 23 01:35:32 clarity kernel: [  411.468000]  
[skb_copy_datagram_iovec+337/528] skb_copy_datagram_iovec+0x151/0x210
Oct 23 01:35:32 clarity kernel: [  411.468000]  [skb_recv_datagram+326/544] 
skb_recv_datagram+0x146/0x22
Oct 23 01:35:32 clarity kernel: [  411.468000]  [udp_recvmsg+558/592] 
udp_recvmsg+0x22e/0x250
Oct 23 01:35:32 clarity kernel: [  411.468000]  [sock_common_recvmsg+71/112] 
sock_common_recvmsg+0x47/0x70
Oct 23 01:35:32 clarity kernel: [  411.468000]  [sock_recvmsg+302/336] 
sock_recvmsg+0x12e/0x150
Oct 23 01:35:32 clarity kernel: [  411.468000]  
[autoremove_wake_function+0/80] autoremove_wake_function+0x0/0x50
Oct 23 01:35:32 clarity kernel: [  411.468000]  [mntput_no_expire+36/160] 
mntput_no_expire+0x24/0xa0
Oct 23 01:35:32 clarity kernel: [  411.468000]  [core_sys_sel
Oct 23 01:35:32 clarity kernel: [  411.468000]  [copy_from_use
Oct 23 01:35:32 clarity kernel: [  411.468000]  [sys_recvmsg+3
Oct 23 01:35:32 clarity kernel: [  411.468000]  [r
Oct 23 01:35:32 clarity kernel: [  411.468000]  [do_notify_resume+1072/1824] 
do_notify_resume+0x430/0x720
Oct 23 01:35:32 clarity kernel: [  411.468000]  [getnstimeofday+54/208] 
getnstimeofday+0x36/0xd0
Oct 23 01:35:32 clarity kernel: [  411.468000]  [enqueue_hrtimer+107/272] 
enqueue_hrtimer+0x6b/0x110
Oct 23 01:35:32 clarity kernel: [  411.468000]  [hrtimer_start+201/304] 
hrtimer_start+0xc9/0x130
Oct 23 01:35:32 clarity kernel: [  411.468000]  [sys_socketcall+618/640] 
sys_socketcall+0x26a/0x280
Oct 23 01:35:32 clarity kernel: [  411.468000]  [sysenter_past_esp+107/169] 
sysenter_past_esp+0x6b/0xa9
Oct 23 01:35:32 clarity kernel: [  411.468000]  =======================
Oct 23 01:35:32 clarity kernel: [  411.468000] Code: 27 96 94 c7 85 c0 74 d3 
8b 0c 24 89 c2 89 de 89 d7 8b 01 89 c1 c1 e9 02 f3 a5 89 c1 83 e1 03 74 02 f3 
a4 eb 8b 90 90 90 90 90 90 <8b> 40 14 ba e9 66 83 f8 e9 a3 ed ff ff 8d 76 00 
8b 40 14 ba 01
Oct 23 01:35:32 clarity kernel: [  411.468000] EIP: [<f8833940>] 
apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor] SS:ESP 0068:f21a5cd8
xl2tpd

On Tuesday 23 October 2007 2:00:50 am you wrote:
> Hello.  I am not subscribed to this mailing list, so if you need additional
> information please reply to my e-mail address (rziuchko .A. uccs.edu).
>
> I've found that apparmor (version 2.1+993-0ubuntu3 on ubuntu gutsy) causes
> problems with xl2tpd.  Every time I try to connect to a l2tpd server,
> xl2tpd crashes with a kernel dump showing the EIP is at an apparmor
> function:
>
> "EIP is at apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor]".
>
> It seems to be a problem with the apparmor kernel module in general, as I
> do not have any profiles defined for xl2tpd and all works fine when I
> modprobe -r apparmor.  I've pasted the full output from my syslog
> pertaining to the apparmor-induced xl2tpd crashes below.
>
> Bob Z.
>
> syslog output:
>
> Oct 23 01:35:32 clarity kernel: [  411.468000] CPU:    0
> Oct 23 01:35:32 clarity kernel: [  411.468000] EIP:    0060:[<f8833940>]
> Tainted: P       VLI
> Oct 23 01:35:32 clarity kernel: [  411.468000] EFLAGS: 00210246
> (2.6.22-14-generic #1)
> Oct 23 01:35:32 clarity kernel: [  411.468000] EIP is at
> apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor]
> Oct 23 01:35:32 clarity kernel: [  411.468000] eax: 00000000   ebx:
> f883a380 ecx: f21a5d18   edx: f472b180
> Oct 23 01:35:32 clarity kernel: [  411.468000] esi: f472b180   edi:
> f21a5f48 ebp: f5c60000   esp: f21a5cd8
> Oct 23 01:35:32 clarity kernel: [  411.468000] ds: 007b   es: 007b   fs:
> 00d8 gs: 0033  ss: 0068
> Oct 23 01:35:32 clarity kernel: [  411.468000] Process xl2tpd (pid: 7760,
> ti=f21a4000 task=f40c8530 task.ti=f21a4000)
> Oct 23 01:35:32 clarity kernel: [  411.468000] Stack: c02ab006 00000079
> 00000079 c02808f7 00000081 00000079 f21a5d50 00000008
> Oct 23 01:35:32 clarity kernel: [  411.468000]        c0280f41 f21a5d50
> c02813a6 f5c6006c 00000000 f21a5f08 f472b180 00000000
> Oct 23 01:35:32 clarity kernel: [  411.468000]        00000000 00000000
> 00000000 f472b180 00000079 f21a5e98 f5c60000 c02c852e
> Oct 23 01:35:32 clarity kernel: [  411.468000] Call Trace:
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [ip_cmsg_recv+198/576]
> ip_cmsg_recv+0xc6/0x240
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [memcpy_toiovec+55/96]
> memcpy_toiovec+0x37/0x60
> Oct 23 01:35:32 clarity kernel: [  411.468000]
> [skb_copy_datagram_iovec+337/528] skb_copy_datagram_iovec+0x151/0x210
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [skb_recv_datagram+326/544]
> skb_recv_datagram+0x146/0x22
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [udp_recvmsg+558/592]
> udp_recvmsg+0x22e/0x250
> Oct 23 01:35:32 clarity kernel: [  411.468000] 
> [sock_common_recvmsg+71/112] sock_common_recvmsg+0x47/0x70
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [sock_recvmsg+302/336]
> sock_recvmsg+0x12e/0x150
> Oct 23 01:35:32 clarity kernel: [  411.468000]
> [autoremove_wake_function+0/80] autoremove_wake_function+0x0/0x50
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [mntput_no_expire+36/160]
> mntput_no_expire+0x24/0xa0
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [core_sys_sel
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [copy_from_use
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [sys_recvmsg+3
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [r
> Oct 23 01:35:32 clarity kernel: [  411.468000] 
> [do_notify_resume+1072/1824] do_notify_resume+0x430/0x720
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [getnstimeofday+54/208]
> getnstimeofday+0x36/0xd0
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [enqueue_hrtimer+107/272]
> enqueue_hrtimer+0x6b/0x110
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [hrtimer_start+201/304]
> hrtimer_start+0xc9/0x130
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [sys_socketcall+618/640]
> sys_socketcall+0x26a/0x280
> Oct 23 01:35:32 clarity kernel: [  411.468000]  [sysenter_past_esp+107/169]
> sysenter_past_esp+0x6b/0xa9
> Oct 23 01:35:32 clarity kernel: [  411.468000]  =======================
> Oct 23 01:35:32 clarity kernel: [  411.468000] Code: 27 96 94 c7 85 c0 74
> d3 8b 0c 24 89 c2 89 de 89 d7 8b 01 89 c1 c1 e9 02 f3 a5 89 c1 83 e1 03 74
> 02 f3 a4 eb 8b 90 90 90 90 90 90 <8b> 40 14 ba e9 66 83 f8 e9 a3 ed ff ff
> 8d 76 00 8b 40 14 ba 01
> Oct 23 01:35:32 clarity kernel: [  411.468000] EIP: [<f8833940>]
> apparmor_socket_getpeersec_dgram+0x0/0x10 [apparmor] SS:ESP 0068:f21a5cd8
> xl2tpd

More information about the Apparmor-dev mailing list