[redhat-lspp] Lock validator issue with the lspp.52 kernel

Paul Moore paul.moore at hp.com
Wed Oct 18 18:36:20 UTC 2006


I'm running into a lock validator issue with the lspp.52 kernel which I seem to
be able to reproduce at will.  The issue is a recursive lock ?problem? involving
socket locking in tcp_v6_rcv() and sk_clone().  In order to reproduce it I need
to do the following:

 * kernel = lspp.52
 * policy = mls-2.3.19-2

 1. Boot into enforcing mode
 2. Configure NetLabel as follows:
    # netlabelctl -p cipsov4 add pass doi:1 tags:1
    # netlabelctl -p map del default
    # netlabelctl -p map add default protocol:cipsov4,1
 3. Restart sshd
    # run_init /etc/init.d/sshd restart
 4. Connect into sshd via localhost
    # ssh localhost

I'm not an expert on the IPv6 stack but after looking at the code quickly it
looks reasonable.  Some googling turns up this posting which seems to lend some
credibility that this isn't a "bug":

 * http://lkml.org/lkml/2006/7/31/85

However, I can't seem to find out if this was ever fixed.  Has anyone else seen
this problem?

-- 
paul moore
linux security @ hp




More information about the redhat-lspp mailing list