[Kernel-packages] [Bug 2040192] [NEW] AppArmor spams kernel log with assert when auditing

Mon, 23 Oct 2023 16:55:55 -0700 

Public bug reported:

A reply to a prompt request that denies all permissions requested will throw 
the following warning, because the auditing code does not expect the request 
field to be empty when generating the audit message.                           
 

Sep 27 22:48:14 ubuntu-mantic snapd[596]: listener.go:189: Sending access 
response back to kernel: {MsgNotification:{MsgHeader:{Length:0 Version:0} 
NotificationType:APPARMOR_NOTIF_RESP Signalled:0 NoCache:1 ID:2 Error:0} 
Error:-13 Allow:0 Deny:4}
Sep 27 22:48:14 ubuntu-mantic kernel: ------------[ cut here ]------------
Sep 27 22:48:14 ubuntu-mantic kernel: AppArmor WARN aa_audit_file: 
((!ad.request)): 
Sep 27 22:48:14 ubuntu-mantic kernel: WARNING: CPU: 3 PID: 2082 at 
security/apparmor/file.c:268 aa_audit_file+0x2b1/0x310
Sep 27 22:48:14 ubuntu-mantic kernel: Modules linked in: snd_seq_dummy 
snd_hrtimer snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device 
snd_timer snd soundcore binfmt_misc nls_iso8859_1 kvm_intel kvm irqbypass 
crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic 
ghash_clmulni_intel sha512_ssse3 aesni_intel virtio_gpu crypto_simd cryptd 
virtio_dma_buf drm_shmem_helper 9pnet_virtio drm_kms_helper 9pnet 
vmw_vsock_virtio_transport virtio_input vmw_vsock_virtio_transport_common 
input_leds joydev serio_raw vsock msr parport_pc ppdev lp parport drm virtiofs 
efi_pstore ip_tables x_tables autofs4 virtio_net xhci_pci ahci psmouse 
net_failover libahci xhci_pci_renesas failover virtio_rng
Sep 27 22:48:14 ubuntu-mantic kernel: CPU: 3 PID: 2082 Comm: bash Not tainted 
6.5.0-5-generic #5+aa4.0.0+debug5-Ubuntu
Sep 27 22:48:14 ubuntu-mantic kernel: Hardware name: QEMU Standard PC (Q35 + 
ICH9, 2009)/LXD, BIOS unknown 2/2/2022
Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0010:aa_audit_file+0x2b1/0x310
Sep 27 22:48:14 ubuntu-mantic kernel: Code: 3c ff ff ff e8 80 6f a8 ff 44 8b 95 
3c ff ff ff 5a 59 e9 e3 fe ff ff 48 c7 c6 98 5c 08 84 48 c7 c7 90 1a 60 84 e8 
9f da 9d ff <0f> 0b 8b 85 78 ff ff ff e9 05 ff ff ff 48 89 de 4c 89 f7 e8 b7 f5
Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 0018:ffffb66a82b57968 EFLAGS: 
00010246
Sep 27 22:48:14 ubuntu-mantic kernel: RAX: 0000000000000000 RBX: 
ffffb66a82b57b24 RCX: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000000000 RSI: 
0000000000000000 RDI: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: RBP: ffffb66a82b57a30 R08: 
0000000000000000 R09: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 
0000000000000000 R12: 0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: R13: ffff8b160239d800 R14: 
ffffb66a82b57970 R15: 0000000000000001
Sep 27 22:48:14 ubuntu-mantic kernel: FS:  00007f1f7d3b3380(0000) 
GS:ffff8b17778c0000(0000) knlGS:0000000000000000
Sep 27 22:48:14 ubuntu-mantic kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 
0000000080050033
Sep 27 22:48:14 ubuntu-mantic kernel: CR2: 000055d4482063f0 CR3: 
0000000137e64000 CR4: 0000000000750ee0
Sep 27 22:48:14 ubuntu-mantic kernel: PKRU: 55555554
Sep 27 22:48:14 ubuntu-mantic kernel: Call Trace:
Sep 27 22:48:14 ubuntu-mantic kernel:  <TASK>
Sep 27 22:48:14 ubuntu-mantic kernel:  ? show_regs+0x6d/0x80
Sep 27 22:48:14 ubuntu-mantic kernel:  ? __warn+0x89/0x160
Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
Sep 27 22:48:14 ubuntu-mantic kernel:  ? report_bug+0x17e/0x1b0
Sep 27 22:48:14 ubuntu-mantic kernel:  ? handle_bug+0x51/0xa0
Sep 27 22:48:14 ubuntu-mantic kernel:  ? exc_invalid_op+0x18/0x80
Sep 27 22:48:14 ubuntu-mantic kernel:  ? asm_exc_invalid_op+0x1b/0x20
Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
Sep 27 22:48:14 ubuntu-mantic kernel:  __aa_path_perm+0xaf/0x130
Sep 27 22:48:14 ubuntu-mantic kernel:  aa_path_perm+0xf1/0x1c0
Sep 27 22:48:14 ubuntu-mantic kernel:  apparmor_file_open+0x1bb/0x2e0
Sep 27 22:48:14 ubuntu-mantic kernel:  security_file_open+0x2e/0x60
Sep 27 22:48:14 ubuntu-mantic kernel:  do_dentry_open+0x10d/0x530
Sep 27 22:48:14 ubuntu-mantic kernel:  vfs_open+0x33/0x50
Sep 27 22:48:14 ubuntu-mantic kernel:  do_open+0x2ed/0x470
Sep 27 22:48:14 ubuntu-mantic kernel:  ? path_init+0x59/0x3d0
Sep 27 22:48:14 ubuntu-mantic kernel:  path_openat+0x135/0x2d0
Sep 27 22:48:14 ubuntu-mantic kernel:  ? _raw_spin_unlock+0xe/0x40
Sep 27 22:48:14 ubuntu-mantic kernel:  do_filp_open+0xaf/0x170
Sep 27 22:48:14 ubuntu-mantic kernel:  do_sys_openat2+0xb3/0xe0
Sep 27 22:48:14 ubuntu-mantic kernel:  __x64_sys_openat+0x55/0xa0
Sep 27 22:48:14 ubuntu-mantic kernel:  do_syscall_64+0x59/0x90
Sep 27 22:48:14 ubuntu-mantic kernel:  ? handle_mm_fault+0xad/0x360
Sep 27 22:48:14 ubuntu-mantic kernel:  ? do_user_addr_fault+0x238/0x6b0
Sep 27 22:48:14 ubuntu-mantic kernel:  ? exit_to_user_mode_prepare+0x30/0xb0
Sep 27 22:48:14 ubuntu-mantic kernel:  ? irqentry_exit_to_user_mode+0x17/0x20
Sep 27 22:48:14 ubuntu-mantic kernel:  ? irqentry_exit+0x43/0x50
Sep 27 22:48:14 ubuntu-mantic kernel:  ? exc_page_fault+0x94/0x1b0
Sep 27 22:48:14 ubuntu-mantic kernel:  entry_SYSCALL_64_after_hwframe+0x6e/0xd8
Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0033:0x7f1f7d4cdbcc
Sep 27 22:48:14 ubuntu-mantic kernel: Code: 24 18 31 c0 41 83 e2 40 75 44 89 f0 
25 00 00 41 00 3d 00 00 41 00 74 36 44 89 c2 4c 89 ce bf 9c ff ff ff b8 01 01 
00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 48 8b 54 24 18 64 48 2b 14 25 28 00 00 00
Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 002b:00007fff2a1d1280 EFLAGS: 
00000287 ORIG_RAX: 0000000000000101
Sep 27 22:48:14 ubuntu-mantic kernel: RAX: ffffffffffffffda RBX: 
0000000000000000 RCX: 00007f1f7d4cdbcc
Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000090800 RSI: 
000055b5d4043c40 RDI: 00000000ffffff9c
Sep 27 22:48:14 ubuntu-mantic kernel: RBP: 000055b5d4043c40 R08: 
0000000000090800 R09: 000055b5d4043c40
Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 
0000000000000287 R12: 000055b5d4043c20
Sep 27 22:48:14 ubuntu-mantic kernel: R13: 000055b5d34637f8 R14: 
000055b5d4043c00 R15: 000055b5d40436a0
Sep 27 22:48:14 ubuntu-mantic kernel:  </TASK>
Sep 27 22:48:14 ubuntu-mantic kernel: ---[ end trace 0000000000000000 ]---

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: linux (Ubuntu Mantic)
     Importance: Undecided
         Status: New

** Also affects: linux (Ubuntu Mantic)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2040192

Title:
  AppArmor spams kernel log with assert when auditing

Status in linux package in Ubuntu:
  New
Status in linux source package in Mantic:
  New

Bug description:
  A reply to a prompt request that denies all permissions requested will throw 
the following warning, because the auditing code does not expect the request 
field to be empty when generating the audit message.                           
   

  Sep 27 22:48:14 ubuntu-mantic snapd[596]: listener.go:189: Sending access 
response back to kernel: {MsgNotification:{MsgHeader:{Length:0 Version:0} 
NotificationType:APPARMOR_NOTIF_RESP Signalled:0 NoCache:1 ID:2 Error:0} 
Error:-13 Allow:0 Deny:4}
  Sep 27 22:48:14 ubuntu-mantic kernel: ------------[ cut here ]------------
  Sep 27 22:48:14 ubuntu-mantic kernel: AppArmor WARN aa_audit_file: 
((!ad.request)): 
  Sep 27 22:48:14 ubuntu-mantic kernel: WARNING: CPU: 3 PID: 2082 at 
security/apparmor/file.c:268 aa_audit_file+0x2b1/0x310
  Sep 27 22:48:14 ubuntu-mantic kernel: Modules linked in: snd_seq_dummy 
snd_hrtimer snd_seq_midi snd_seq_midi_event snd_rawmidi snd_seq snd_seq_device 
snd_timer snd soundcore binfmt_misc nls_iso8859_1 kvm_intel kvm irqbypass 
crct10dif_pclmul crc32_pclmul polyval_clmulni polyval_generic 
ghash_clmulni_intel sha512_ssse3 aesni_intel virtio_gpu crypto_simd cryptd 
virtio_dma_buf drm_shmem_helper 9pnet_virtio drm_kms_helper 9pnet 
vmw_vsock_virtio_transport virtio_input vmw_vsock_virtio_transport_common 
input_leds joydev serio_raw vsock msr parport_pc ppdev lp parport drm virtiofs 
efi_pstore ip_tables x_tables autofs4 virtio_net xhci_pci ahci psmouse 
net_failover libahci xhci_pci_renesas failover virtio_rng
  Sep 27 22:48:14 ubuntu-mantic kernel: CPU: 3 PID: 2082 Comm: bash Not tainted 
6.5.0-5-generic #5+aa4.0.0+debug5-Ubuntu
  Sep 27 22:48:14 ubuntu-mantic kernel: Hardware name: QEMU Standard PC (Q35 + 
ICH9, 2009)/LXD, BIOS unknown 2/2/2022
  Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0010:aa_audit_file+0x2b1/0x310
  Sep 27 22:48:14 ubuntu-mantic kernel: Code: 3c ff ff ff e8 80 6f a8 ff 44 8b 
95 3c ff ff ff 5a 59 e9 e3 fe ff ff 48 c7 c6 98 5c 08 84 48 c7 c7 90 1a 60 84 
e8 9f da 9d ff <0f> 0b 8b 85 78 ff ff ff e9 05 ff ff ff 48 89 de 4c 89 f7 e8 b7 
f5
  Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 0018:ffffb66a82b57968 EFLAGS: 
00010246
  Sep 27 22:48:14 ubuntu-mantic kernel: RAX: 0000000000000000 RBX: 
ffffb66a82b57b24 RCX: 0000000000000000
  Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000000000 RSI: 
0000000000000000 RDI: 0000000000000000
  Sep 27 22:48:14 ubuntu-mantic kernel: RBP: ffffb66a82b57a30 R08: 
0000000000000000 R09: 0000000000000000
  Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 
0000000000000000 R12: 0000000000000000
  Sep 27 22:48:14 ubuntu-mantic kernel: R13: ffff8b160239d800 R14: 
ffffb66a82b57970 R15: 0000000000000001
  Sep 27 22:48:14 ubuntu-mantic kernel: FS:  00007f1f7d3b3380(0000) 
GS:ffff8b17778c0000(0000) knlGS:0000000000000000
  Sep 27 22:48:14 ubuntu-mantic kernel: CS:  0010 DS: 0000 ES: 0000 CR0: 
0000000080050033
  Sep 27 22:48:14 ubuntu-mantic kernel: CR2: 000055d4482063f0 CR3: 
0000000137e64000 CR4: 0000000000750ee0
  Sep 27 22:48:14 ubuntu-mantic kernel: PKRU: 55555554
  Sep 27 22:48:14 ubuntu-mantic kernel: Call Trace:
  Sep 27 22:48:14 ubuntu-mantic kernel:  <TASK>
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? show_regs+0x6d/0x80
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? __warn+0x89/0x160
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? report_bug+0x17e/0x1b0
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? handle_bug+0x51/0xa0
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? exc_invalid_op+0x18/0x80
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? asm_exc_invalid_op+0x1b/0x20
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? aa_audit_file+0x2b1/0x310
  Sep 27 22:48:14 ubuntu-mantic kernel:  __aa_path_perm+0xaf/0x130
  Sep 27 22:48:14 ubuntu-mantic kernel:  aa_path_perm+0xf1/0x1c0
  Sep 27 22:48:14 ubuntu-mantic kernel:  apparmor_file_open+0x1bb/0x2e0
  Sep 27 22:48:14 ubuntu-mantic kernel:  security_file_open+0x2e/0x60
  Sep 27 22:48:14 ubuntu-mantic kernel:  do_dentry_open+0x10d/0x530
  Sep 27 22:48:14 ubuntu-mantic kernel:  vfs_open+0x33/0x50
  Sep 27 22:48:14 ubuntu-mantic kernel:  do_open+0x2ed/0x470
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? path_init+0x59/0x3d0
  Sep 27 22:48:14 ubuntu-mantic kernel:  path_openat+0x135/0x2d0
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? _raw_spin_unlock+0xe/0x40
  Sep 27 22:48:14 ubuntu-mantic kernel:  do_filp_open+0xaf/0x170
  Sep 27 22:48:14 ubuntu-mantic kernel:  do_sys_openat2+0xb3/0xe0
  Sep 27 22:48:14 ubuntu-mantic kernel:  __x64_sys_openat+0x55/0xa0
  Sep 27 22:48:14 ubuntu-mantic kernel:  do_syscall_64+0x59/0x90
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? handle_mm_fault+0xad/0x360
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? do_user_addr_fault+0x238/0x6b0
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? exit_to_user_mode_prepare+0x30/0xb0
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? irqentry_exit_to_user_mode+0x17/0x20
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? irqentry_exit+0x43/0x50
  Sep 27 22:48:14 ubuntu-mantic kernel:  ? exc_page_fault+0x94/0x1b0
  Sep 27 22:48:14 ubuntu-mantic kernel:  
entry_SYSCALL_64_after_hwframe+0x6e/0xd8
  Sep 27 22:48:14 ubuntu-mantic kernel: RIP: 0033:0x7f1f7d4cdbcc
  Sep 27 22:48:14 ubuntu-mantic kernel: Code: 24 18 31 c0 41 83 e2 40 75 44 89 
f0 25 00 00 41 00 3d 00 00 41 00 74 36 44 89 c2 4c 89 ce bf 9c ff ff ff b8 01 
01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 48 8b 54 24 18 64 48 2b 14 25 28 00 00 
00
  Sep 27 22:48:14 ubuntu-mantic kernel: RSP: 002b:00007fff2a1d1280 EFLAGS: 
00000287 ORIG_RAX: 0000000000000101
  Sep 27 22:48:14 ubuntu-mantic kernel: RAX: ffffffffffffffda RBX: 
0000000000000000 RCX: 00007f1f7d4cdbcc
  Sep 27 22:48:14 ubuntu-mantic kernel: RDX: 0000000000090800 RSI: 
000055b5d4043c40 RDI: 00000000ffffff9c
  Sep 27 22:48:14 ubuntu-mantic kernel: RBP: 000055b5d4043c40 R08: 
0000000000090800 R09: 000055b5d4043c40
  Sep 27 22:48:14 ubuntu-mantic kernel: R10: 0000000000000000 R11: 
0000000000000287 R12: 000055b5d4043c20
  Sep 27 22:48:14 ubuntu-mantic kernel: R13: 000055b5d34637f8 R14: 
000055b5d4043c00 R15: 000055b5d40436a0
  Sep 27 22:48:14 ubuntu-mantic kernel:  </TASK>
  Sep 27 22:48:14 ubuntu-mantic kernel: ---[ end trace 0000000000000000 ]---

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2040192/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to