Server panics with NULL pointer dereference during boot in selinux_task_to_inode
Issue
- Kernel panics with "unable to handle kernel NULL pointer dereference" during booting when SELinux disabled with below logs.
[ 26.654494] SELinux: Disabled at runtime.
[ 26.654507] BUG: unable to handle kernel NULL pointer dereference
at 0000000000000020
[ 26.654508] PGD 0 P4D 0
[ 26.654510] Oops: 0002 [#1] SMP NOPTI
[ 26.654512] CPU: 53 PID: 2614 Comm: systemd-cgroups Tainted: G
OE --------- - - 4.18.0-80.el8.x86_64 #1
[ 26.654519] RIP: 0010:selinux_socket_post_create+0x80/0x390
[ 26.654520] Code: e9 95 6a 89 00 bd 16 00 00 00 c7 44 24 04 01
00 00 00 45 85 c0 0f 85 f6 00 00 00 8b 56 14 85 d2 0f 84 26 01 00
00 89 54 24 04 <66> 41 89 6c 24 20 31 c0 41 89 54 24 1c 41 c6 44
24 22 01 49 8b 4d
[ 26.654521] RSP: 0018:ffffbf515cc63e48 EFLAGS: 00010246
[ 26.654522] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000000019
[ 26.654522] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffffffffab46f680
[ 26.654523] RBP: 0000000000000019 R08: 0000000000000000 R09: ffffbf515cc63e4c
[ 26.654523] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
[ 26.654524] R13: ffff97d7bb6cbc80 R14: 0000000000000001 R15: ffff97d7bb6cbc80
[ 26.654525] FS: 00007f5c608ea380(0000) GS:ffff97d7bf140000(0000) knlGS:0000000000000000
[ 26.654525] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 26.654526] CR2: 0000000000000020 CR3: 0000011ebc934004 CR4: 00000000007606e0
[ 26.654527] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 26.654528] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 26.654528] PKRU: 55555554
[ 26.654528] Call Trace:
[ 26.654535] security_socket_post_create+0x42/0x60
[ 26.654537] SELinux: Unregistering netfilter hooks
[ 26.654542] __sock_create+0x106/0x1a0
[ 26.654545] __sys_socket+0x57/0xe0
[ 26.654547] __x64_sys_socket+0x16/0x20
[ 26.654551] do_syscall_64+0x5b/0x1b0
[ 26.654554] entry_SYSCALL_64_after_hwframe+0x65/0xca
or
SELinux: Disabled at runtime.
BUG: unable to handle kernel NULL pointer dereference at 0000000000000024
PGD 0 P4D 0
Oops: 0002 [#1] SMP PTI
CPU: 7 PID: 676 Comm: systemd-coredum Not tainted 4.18.0-151.el8.x86_64 #1
RIP: 0010:_raw_spin_lock+0xc/0x20
Code: 01 00 00 75 05 48 89 d8 5b c3 e8 9f ab 88 ff eb f4 0f 1f 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 31 c0 ba 01 00 00 00 <f0> 0f b1 17 85 c0 75 01 c3 89 c6 e8 54 9a 88 ff 66 90 c3 90 0f 1f
RSP: 0018:ffffb13481fd3c30 EFLAGS: 00010246
RAX: 0000000000000000 RBX: 0000000000000024 RCX: 0000000000000001
RDX: 0000000000000001 RSI: ffff913cb6f3c5f8 RDI: 0000000000000024
RBP: 0000000000000000 R08: ffff913cb6f3c168 R09: 0000000000000001
R10: ffff913cb6d9ea80 R11: 0000000000000000 R12: ffff913cb6f3c5f8
R13: 0000000000000001 R14: 0000000000000000 R15: ffffb13481fd3de0
FS: 00007f51a93f62c0(0000) GS:ffff913cbfdc0000(0000) knlGS:0000000000000000
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000024 CR3: 00000004739f6003 CR4: 00000000003606e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
Call Trace:
selinux_task_to_inode+0x2d/0xb0
security_task_to_inode+0x2a/0x40
proc_pid_make_inode+0x8b/0xb0
proc_fdinfo_instantiate+0x22/0x80
? proc_fd_instantiate+0x90/0x90
proc_lookupfd_common+0x7b/0xc0
path_openat+0x852/0x14d0
? __x64_sys_copy_file_range+0xc0/0x200
? prepend_path.isra.5+0xf2/0x2e0
do_filp_open+0x93/0x100
? __check_object_size+0xa8/0x16b
do_sys_open+0x184/0x220
do_syscall_64+0x5b/0x1a0
entry_SYSCALL_64_after_hwframe+0x65/0xca
Environment
- Red Hat Enterprise Linux 8.0
- Red Hat Enterprise Linux 8.1
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.