[   83.491350][   T28] audit: type=1400 audit(1576805781.276:37): avc:  denied  { watch } for  pid=9659 comm="restorecond" path="/root/.ssh" dev="sda1" ino=16179 scontext=system_u:system_r:kernel_t:s0 tcontext=unconfined_u:object_r:ssh_home_t:s0 tclass=dir permissive=1
[   83.532931][   T28] audit: type=1400 audit(1576805781.316:38): avc:  denied  { watch } for  pid=9659 comm="restorecond" path="/etc/selinux/restorecond.conf" dev="sda1" ino=2232 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
[....] Starting file context maintaining daemon: restorecond[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[1G[[32m ok [39;49m8[?25h[?0c.
[   83.853642][   T28] audit: type=1800 audit(1576805781.646:39): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rc.local" dev="sda1" ino=2432 res=0
[   83.876012][   T28] audit: type=1800 audit(1576805781.646:40): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:kernel_t:s0 op=collect_data cause=failed(directio) comm="startpar" name="rmnologin" dev="sda1" ino=2423 res=0

Debian GNU/Linux 7 syzkaller ttyS0

syzkaller login: [   87.771330][   T28] audit: type=1400 audit(1576805785.556:41): avc:  denied  { map } for  pid=9747 comm="bash" path="/bin/bash" dev="sda1" ino=1457 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:file_t:s0 tclass=file permissive=1
Warning: Permanently added '10.128.1.12' (ECDSA) to the list of known hosts.
[   94.336418][   T28] audit: type=1400 audit(1576805792.126:42): avc:  denied  { map } for  pid=9759 comm="syz-executor149" path="/root/syz-executor149930918" dev="sda1" ino=16483 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1
[   94.365719][ T9760] IPVS: ftp: loaded support on port[0] = 21
[   94.395895][   T28] audit: type=1400 audit(1576805792.186:43): avc:  denied  { create } for  pid=9760 comm="syz-executor149" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   94.420744][   T28] audit: type=1400 audit(1576805792.186:44): avc:  denied  { write } for  pid=9760 comm="syz-executor149" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   94.420773][   T28] audit: type=1400 audit(1576805792.186:45): avc:  denied  { read } for  pid=9760 comm="syz-executor149" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_generic_socket permissive=1
[   94.499485][ T9760] chnl_net:caif_netlink_parms(): no params data found
[   94.529154][ T9760] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.536849][ T9760] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.545424][ T9760] device bridge_slave_0 entered promiscuous mode
[   94.553829][ T9760] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.560934][ T9760] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.569453][ T9760] device bridge_slave_1 entered promiscuous mode
[   94.587646][ T9760] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   94.599231][ T9760] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   94.619594][ T9760] team0: Port device team_slave_0 added
[   94.627891][ T9760] team0: Port device team_slave_1 added
[   94.685411][ T9760] device hsr_slave_0 entered promiscuous mode
[   94.723983][ T9760] device hsr_slave_1 entered promiscuous mode
[   94.819015][ T9760] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   94.874889][ T9760] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   94.914600][ T9760] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   94.965161][ T9760] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   95.023396][ T9760] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.030619][ T9760] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.038490][ T9760] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.045588][ T9760] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.081758][ T9760] 8021q: adding VLAN 0 to HW filter on device bond0
[   95.097465][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.118737][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.138135][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.146211][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   95.158374][ T9760] 8021q: adding VLAN 0 to HW filter on device team0
[   95.169510][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.178794][   T22] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.185957][   T22] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.197062][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.205801][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.212934][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.236046][ T3287] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   95.246053][ T3287] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   95.255214][ T3287] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.264912][ T3287] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   95.276230][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
executing program
[   95.286560][ T9760] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   95.302875][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   95.310390][   T22] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   95.324032][ T9760] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.382906][ T9760] ------------[ cut here ]------------
[   95.388414][ T9760] net/hsr/hsr_forward.c:354: Malformed frame (port_src hsr0)
[   95.396405][ T9760] WARNING: CPU: 1 PID: 9760 at net/hsr/hsr_forward.c:353 hsr_forward_skb+0x127b/0x1d30
[   95.406041][ T9760] Kernel panic - not syncing: panic_on_warn set ...
[   95.412623][ T9760] CPU: 1 PID: 9760 Comm: syz-executor149 Not tainted 5.5.0-rc2-syzkaller #0
[   95.421285][ T9760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[   95.431336][ T9760] Call Trace:
[   95.434618][ T9760]  dump_stack+0x197/0x210
[   95.438930][ T9760]  ? hsr_forward_skb+0x1230/0x1d30
[   95.444025][ T9760]  panic+0x2e3/0x75c
[   95.447899][ T9760]  ? add_taint.cold+0x16/0x16
[   95.452569][ T9760]  ? __kasan_check_write+0x14/0x20
[   95.458232][ T9760]  ? __warn.cold+0x14/0x3e
[   95.462725][ T9760]  ? __warn+0xd9/0x1cf
[   95.466833][ T9760]  ? hsr_forward_skb+0x127b/0x1d30
[   95.471939][ T9760]  __warn.cold+0x2f/0x3e
[   95.476171][ T9760]  ? hsr_forward_skb+0x127b/0x1d30
[   95.481266][ T9760]  report_bug+0x289/0x300
[   95.485597][ T9760]  do_error_trap+0x11b/0x200
[   95.490172][ T9760]  do_invalid_op+0x37/0x50
[   95.494572][ T9760]  ? hsr_forward_skb+0x127b/0x1d30
[   95.499665][ T9760]  invalid_op+0x23/0x30
[   95.503817][ T9760] RIP: 0010:hsr_forward_skb+0x127b/0x1d30
[   95.509528][ T9760] Code: fa ff ff e8 77 dc b7 f9 4c 89 e1 ba 62 01 00 00 48 c7 c6 80 61 f5 88 48 c7 c7 c0 61 f5 88 c6 05 f2 b7 b7 02 01 e8 14 86 88 f9 <0f> 0b 48 b8 00 00 00 00 00 fc ff df 4c 89 ea 48 c1 ea 03 80 3c 02
[   95.529125][ T9760] RSP: 0018:ffffc90001ddf8c0 EFLAGS: 00010286
[   95.535172][ T9760] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000
[   95.544339][ T9760] RDX: 0000000000000000 RSI: ffffffff815e8906 RDI: fffff520003bbf0a
[   95.552303][ T9760] RBP: ffffc90001ddf970 R08: ffff8880a1634480 R09: 0000000000000000
[   95.560256][ T9760] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88809150a000
[   95.568215][ T9760] R13: ffff888098282710 R14: 000000000000ffff R15: ffff88808ed67640
[   95.576180][ T9760]  ? vprintk_func+0x86/0x189
[   95.580754][ T9760]  ? validate_xmit_skb+0x81f/0xe50
[   95.585849][ T9760]  ? netdev_pick_tx+0x4c6/0xb00
[   95.590687][ T9760]  ? __sanitizer_cov_trace_cmp4+0x16/0x20
[   95.596393][ T9760]  hsr_dev_xmit+0x7d/0xe0
[   95.600705][ T9760]  dev_direct_xmit+0x419/0x630
[   95.605455][ T9760]  ? __kasan_check_read+0x1/0x20
[   95.610375][ T9760]  ? validate_xmit_skb_list+0x150/0x150
[   95.616075][ T9760]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[   95.622300][ T9760]  ? netdev_pick_tx+0x14e/0xb00
[   95.627135][ T9760]  packet_direct_xmit+0x1a9/0x250
[   95.632138][ T9760]  packet_sendmsg+0x260d/0x6220
[   95.637037][ T9760]  ? mark_held_locks+0xf0/0xf0
[   95.641848][ T9760]  ? tomoyo_path2_perm+0x150/0x670
[   95.647046][ T9760]  ? packet_notifier+0x880/0x880
[   95.651988][ T9760]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[   95.658216][ T9760]  ? security_socket_sendmsg+0x8d/0xc0
[   95.663680][ T9760]  ? packet_notifier+0x880/0x880
[   95.668613][ T9760]  sock_sendmsg+0xd7/0x130
[   95.673009][ T9760]  __sys_sendto+0x262/0x380
[   95.677495][ T9760]  ? __ia32_sys_getpeername+0xb0/0xb0
[   95.682873][ T9760]  ? __ia32_sys_socketpair+0xf0/0xf0
[   95.688173][ T9760]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   95.693631][ T9760]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[   95.699167][ T9760]  ? do_syscall_64+0x26/0x790
[   95.703825][ T9760]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   95.709877][ T9760]  __x64_sys_sendto+0xe1/0x1a0
[   95.714629][ T9760]  do_syscall_64+0xfa/0x790
[   95.719123][ T9760]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[   95.725103][ T9760] RIP: 0033:0x442099
[   95.728979][ T9760] Code: 18 89 d0 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 5b 10 fc ff c3 66 2e 0f 1f 84 00 00 00 00
[   95.748606][ T9760] RSP: 002b:00007ffffa96fab8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   95.757000][ T9760] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000442099
[   95.764955][ T9760] RDX: 000000000000000e RSI: 0000000020000100 RDI: 0000000000000003
[   95.772906][ T9760] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
[   95.780951][ T9760] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.788912][ T9760] R13: 0000000000403610 R14: 0000000000000000 R15: 0000000000000000
[   95.798335][ T9760] Kernel Offset: disabled
[   95.802718][ T9760] Rebooting in 86400 seconds..