Bug#445849: linux-2.6: NULL pointer exception after mounting a filesystem with a SELinux context option.
Package: linux-2.6
Severity: normal
When a filesystem is mounted with the option
fscontext=<selinux security context>
and there is a mistake in the security context,
the kernel issues a NULL pointer exception.
After this the machine is still usable, but the command sync
hangs (though the machine is not hang).
This is serious because the scripts that shutdown vserver
virtual machines run sync, and thus hang. Note that this
is part of the normal shutdown process. Thus, if the machine is
remotly managed, as is the current case, one has to contact
the personal of the hosting provider and ask them to reset by
hand. And it is quite unfriendly having to logout and login
again every time one runs sync.
Futhermore, this mount option that may look rare is essential for mounting
the /tmp directory a vserver virtual machine that uses Apache. If SELinux is enabled,
the web server cannot access the /tmp directory unless it has the appropiate
security label.
Reproducing this problem is simple:
mkdir foo
mount -t tmpfs -o fscontext=system_u:object_r:tmp_t none ./foo
dmesg | tail
(the correct fscontext option is fscontext=system_u:object_r:tmp_t:s0).
Please fix this problem in the next kernel upgrade.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-vserver-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Reply to: