Re: kernel panic: MAC Initialization failed. (3)
From: Tetsuo Handa
Date: Mon Mar 11 2019 - 09:46:36 EST
F.Y.I. Nothing is wrong with that commit. That commit merely allows enabling TOMOYO and
one of SELinux/Smack/AppArmor at the same time for syzbot's kernel command line options.
This problem will be handled by a patch at
https://lore.kernel.org/linux-security-module/1551362770-8655-1-git-send-email-penguin-kernel@xxxxxxxxxxxxxxxxxxx/
and then updating syzbot to build kernels with this option enabled.
Well, it is wonderful that syzbot started bisecting. ;-)
On 2019/03/11 22:26, syzbot wrote:
> syzbot has bisected this bug to:
>
> commit 89a9684ea158dd7eef1728be9f0aed9a7d41cf19
> Author: Kees Cook <keescook@xxxxxxxxxxxx>
> Date:ÂÂ Tue Feb 12 18:23:18 2019 +0000
>
> ÂÂÂ LSM: Ignore "security=" when "lsm=" is specified
>
> bisection log:Â https://syzkaller.appspot.com/x/bisect.txt?x=11572723200000
> start commit:ÂÂ 89a9684e LSM: Ignore "security=" when "lsm=" is specified
> git tree:ÂÂÂÂÂÂ linux-next
> final crash:ÂÂÂ https://syzkaller.appspot.com/x/report.txt?x=13572723200000
> console output: https://syzkaller.appspot.com/x/log.txt?x=15572723200000
> kernel config:Â https://syzkaller.appspot.com/x/.config?x=c0f38652d28b522f
> dashboard link: https://syzkaller.appspot.com/bug?extid=2ee3f8974c2e7dc69feb
> userspace arch: amd64
> syz repro:ÂÂÂÂÂ https://syzkaller.appspot.com/x/repro.syz?x=14c68242c00000
> C reproducer:ÂÂ https://syzkaller.appspot.com/x/repro.c?x=17190c8ac00000
>
> Reported-by: syzbot+2ee3f8974c2e7dc69feb@xxxxxxxxxxxxxxxxxxxxxxxxx
> Fixes: 89a9684e ("LSM: Ignore "security=" when "lsm=" is specified")
>