Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-59776

fapolicyd deadlocks the system because it got a fatal SIGBUS signal

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Critical Critical
    • None
    • rhel-9.4
    • fapolicyd
    • None
    • None
    • Critical
    • rhel-sst-security-special-projects
    • ssg_security
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • Hide
      • fapolicyd service stops running only on the signals dedicated to it, e.g. SIGTERM, SIGKILL, SIGSTOP
      • fapolicyd service keeps running on other signals reception
      • fapolicyd does not block the execution after reception of the "allowed" signals
      Show
      fapolicyd service stops running only on the signals dedicated to it, e.g. SIGTERM, SIGKILL, SIGSTOP fapolicyd service keeps running on other signals reception fapolicyd does not block the execution after reception of the "allowed" signals
    • None
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      Because of some RPMDB issue, a SIGBUS was raised, causing fapolicyd to deadlock the system:

      fapolicyd dying made the kernel spawn the systemd-coredump executable to collect the coredump. Executing the program leads to querying fapolicyd to allow the execution, which cannot happen since fapolicyd is dying.

      See PR https://github.com/linux-application-whitelisting/fapolicyd/pull/273 for fix proposal.

      Please provide the package NVR for which bug is seen:

      fapolicyd-1.3.2-100

      How reproducible:

      Always

      Steps to reproduce

      1. Install 2 RPMs one after the other "rapidly" 
         # rpm -i ./tcsh-6.22.03-6.el9.x86_64.rpm ; rpm -i ./zsh-5.8-9.el9.x86_64.rpm
warning: ./tcsh-6.22.03-6.el9.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
warning: ./zsh-5.8-9.el9.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID fd431d51: NOKEY
--> HANG

      Note: this doesn't occur anymore with latest rpm-4.16.1.3-29.el9.x86_64 but reproduces with downgrading to rpm-4.16.1.3-27.el9_3.x86_64

      Expected results

      System hangs (i.e. no way to do anything, current processes hanging, no way to log in, etc.)

      Actual results

      System still functional

              rsroka@redhat.com Radovan Sroka
              rhn-support-rmetrich Renaud Métrich
              Radovan Sroka Radovan Sroka
              SSG Security QE SSG Security QE
              Votes:
              4 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated: