[ 15.624928] audit: type=1400 audit(1520344227.910:5): avc: denied { syslog } for pid=4012 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 syzkaller login: [ 18.997264] audit: type=1400 audit(1520344231.282:6): avc: denied { map } for pid=4159 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1 Warning: Permanently added '10.128.0.2' (ECDSA) to the list of known hosts. executing program [ 39.628560] audit: type=1400 audit(1520344251.914:7): avc: denied { map } for pid=4176 comm="syzkaller251034" path="/root/syzkaller251034479" dev="sda1" ino=16481 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 [ 39.630921] BUG: unable to handle kernel paging request at ffffc9003181552c [ 39.661536] IP: ebt_among_mt_check+0x137/0x390 [ 39.666090] PGD 1dad2f067 P4D 1dad2f067 PUD 1dad30067 PMD 0 [ 39.671868] Oops: 0000 [#1] SMP KASAN [ 39.675638] Dumping ftrace buffer: [ 39.679144] (ftrace buffer empty) [ 39.682829] Modules linked in: [ 39.686000] CPU: 1 PID: 4176 Comm: syzkaller251034 Not tainted 4.16.0-rc4+ #254 [ 39.693414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 39.702758] RIP: 0010:ebt_among_mt_check+0x137/0x390 [ 39.707838] RSP: 0018:ffff8801bc837210 EFLAGS: 00010246 [ 39.713178] RAX: 0000000000000007 RBX: ffffc90001815128 RCX: ffffffff851c0656 [ 39.720420] RDX: 0000000000000000 RSI: 0000000000000880 RDI: ffffc9003181552c [ 39.727660] RBP: ffff8801bc837248 R08: 0000000000000000 R09: 0000000000000000 [ 39.734901] R10: ffffffff88614380 R11: 0000000000000000 R12: ffffc90001815928 [ 39.742141] R13: ffffc90031815128 R14: 0000000000000880 R15: 0000000000000414 [ 39.749382] FS: 00000000012ca880(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 39.757579] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 39.763517] CR2: ffffc9003181552c CR3: 00000001b0311004 CR4: 00000000001606e0 [ 39.770761] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 39.778102] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 39.785354] Call Trace: [ 39.787919] ? print_irqtrace_events+0x270/0x270 [ 39.792648] ? ebt_mac_wormhash_check_integrity+0x1e0/0x1e0 [ 39.798334] xt_check_match+0x235/0x9c0 [ 39.802289] ? __lock_acquire+0x664/0x3e00 [ 39.806505] ? xt_check_target+0x990/0x990 [ 39.810721] ? mutex_unlock+0xd/0x10 [ 39.814405] ? xt_find_match+0x17b/0x1e0 [ 39.818440] ebt_check_entry+0xbc3/0x1e00 [ 39.822561] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 39.827726] ? ebt_standard_compat_to_user+0x180/0x180 [ 39.832976] ? __is_insn_slot_addr+0x1fc/0x330 [ 39.837616] ? print_irqtrace_events+0x270/0x270 [ 39.842347] ? trace_hardirqs_off+0x10/0x10 [ 39.846638] ? find_held_lock+0x35/0x1d0 [ 39.850679] ? __lock_acquire+0x664/0x3e00 [ 39.854893] translate_table+0xcf5/0x2290 [ 39.859029] ? ebt_do_table+0x1f40/0x1f40 [ 39.863153] ? check_same_owner+0x320/0x320 [ 39.867445] ? rcu_pm_notify+0xc0/0xc0 [ 39.871311] ? rcu_read_lock_sched_held+0x108/0x120 [ 39.876307] do_replace_finish+0x79a/0x2620 [ 39.880608] ? ebt_register_table+0xe60/0xe60 [ 39.885080] ? find_held_lock+0x35/0x1d0 [ 39.889120] ? __might_fault+0x110/0x1d0 [ 39.893156] ? lock_downgrade+0x980/0x980 [ 39.897287] ? lock_release+0xa40/0xa40 [ 39.901233] ? check_same_owner+0x320/0x320 [ 39.905530] ? __check_object_size+0x8b/0x530 [ 39.910011] ? __might_sleep+0x95/0x190 [ 39.914049] ? kasan_check_write+0x14/0x20 [ 39.918257] ? _copy_from_user+0x99/0x110 [ 39.922380] do_replace+0x333/0x4b0 [ 39.925996] ? compat_copy_everything_to_user+0x1470/0x1470 [ 39.931712] ? ns_capable_common+0xcf/0x160 [ 39.936031] do_ebt_set_ctl+0xd4/0x110 [ 39.939896] nf_setsockopt+0x67/0xc0 [ 39.943583] ip_setsockopt+0x97/0xa0 [ 39.947273] raw_setsockopt+0xb7/0xd0 [ 39.951050] sock_common_setsockopt+0x95/0xd0 [ 39.955606] SyS_setsockopt+0x189/0x360 [ 39.959556] ? SyS_recv+0x40/0x40 [ 39.963001] ? mm_fault_error+0x2c0/0x2c0 [ 39.967123] ? move_addr_to_kernel+0x60/0x60 [ 39.971504] ? do_syscall_64+0xb7/0x940 [ 39.975453] ? SyS_recv+0x40/0x40 [ 39.978889] do_syscall_64+0x281/0x940 [ 39.982753] ? __do_page_fault+0xc90/0xc90 [ 39.986965] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 39.991704] ? syscall_return_slowpath+0x550/0x550 [ 39.996607] ? syscall_return_slowpath+0x2ac/0x550 [ 40.001509] ? prepare_exit_to_usermode+0x350/0x350 [ 40.006499] ? retint_user+0x18/0x18 [ 40.010191] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 40.015011] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 40.020174] RIP: 0033:0x441ab9 [ 40.023336] RSP: 002b:00007fff33f8e998 EFLAGS: 00000213 ORIG_RAX: 0000000000000036 [ 40.031015] RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 0000000000441ab9 [ 40.038259] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000003 [ 40.045503] RBP: 00000000006cc018 R08: 0000000000000b40 R09: 00000000004002c8 [ 40.052746] R10: 0000000020000440 R11: 0000000000000213 R12: 00000000004033e0 [ 40.059989] R13: 0000000000403470 R14: 0000000000000000 R15: 0000000000000000 [ 40.067244] Code: 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 0f b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 20 02 00 00 <41> 8b 85 04 04 00 00 3d a9 aa aa 0a 77 53 89 45 d0 e8 43 03 55 [ 40.087023] RIP: ebt_among_mt_check+0x137/0x390 RSP: ffff8801bc837210 [ 40.093572] CR2: ffffc9003181552c [ 40.097087] ---[ end trace 94d069ff6a1006ce ]--- [ 40.101819] Kernel panic - not syncing: Fatal exception [ 40.107518] Dumping ftrace buffer: [ 40.111032] (ftrace buffer empty) [ 40.114714] Kernel Offset: disabled [ 40.118313] Rebooting in 86400 seconds..