[ 11.060841] audit: type=1400 audit(1566345847.478:4): avc: denied { syslog } for pid=1902 comm="rsyslogd" capability=34 scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=capability2 permissive=1 [....] Starting enhanced syslogd: rsyslogd[?25l[?1c7[ ok 8[?25h[?0c. Starting mcstransd: [....] Starting periodic command scheduler: cron[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting OpenBSD Secure Shell server: sshd[?25l[?1c7[ ok 8[?25h[?0c. [....] Starting file context maintaining daemon: restorecond[?25l[?1c7[ ok 8[?25h[?0c. Debian GNU/Linux 7 syzkaller ttyS0 Warning: Permanently added '10.128.1.54' (ECDSA) to the list of known hosts. executing program syzkaller login: [ 27.646962] netlink: 12 bytes leftover after parsing attributes in process `syz-executor397'. [ 27.648665] ------------[ cut here ]------------ [ 27.649333] WARNING: CPU: 0 PID: 2056 at net/xfrm/xfrm_user.c:2210 xfrm_add_acquire+0x7a1/0x9c0() [ 27.650537] BAD policy passed [ 27.651024] Kernel panic - not syncing: panic_on_warn set ... [ 27.651024] [ 27.651992] CPU: 0 PID: 2056 Comm: syz-executor397 Not tainted 4.4.174+ #4 [ 27.652989] 0000000000000000 0951d8c1a74c3c61 ffff8801d45c73f0 ffffffff81aad1a1 [ 27.654146] ffff8801d45c7540 ffffffff82835ee0 ffffffff82a9d500 00000000000008a2 [ 27.655437] ffffffff825836c1 ffff8801d45c74d0 ffffffff813a48c2 0000000041b58ab3 [ 27.656701] Call Trace: [ 27.657185] [] dump_stack+0xc1/0x120 [ 27.658089] [] ? xfrm_add_acquire+0x7a1/0x9c0 [ 27.658982] [] panic+0x1b9/0x37b [ 27.659677] [] ? add_taint.cold+0x16/0x16 [ 27.660470] [] ? vprintk_emit+0x248/0x820 [ 27.661317] [] ? warn_slowpath_common.cold+0x5/0x20 [ 27.662244] [] warn_slowpath_common.cold+0x20/0x20 [ 27.663172] [] warn_slowpath_fmt+0xbf/0x100 [ 27.663990] [] ? warn_slowpath_common+0x120/0x120 [ 27.665048] [] ? lockdep_init_map+0x114/0x1520 [ 27.665936] [] ? __raw_spin_lock_init+0x2d/0x100 [ 27.666835] [] xfrm_add_acquire+0x7a1/0x9c0 [ 27.667628] [] ? log_wakeup_reason.cold+0x145/0x145 [ 27.674260] [] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 27.681066] [] ? _raw_spin_unlock_irqrestore+0x45/0x70 [ 27.688270] [] ? xfrm_policy_construct+0x770/0x770 [ 27.694818] [] ? nla_parse+0x15f/0x1c0 [ 27.700319] [] ? xfrm_policy_construct+0x770/0x770 [ 27.706863] [] xfrm_user_rcv_msg+0x37c/0x630 [ 27.712884] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 27.718908] [] ? trace_hardirqs_on+0x10/0x10 [ 27.724932] [] ? __lock_acquire+0xa4f/0x4f50 [ 27.730959] [] ? mutex_trylock+0x500/0x500 [ 27.736813] [] netlink_rcv_skb+0xd4/0x2e0 [ 27.742576] [] ? xfrm_dump_sa_done+0xa0/0xa0 [ 27.748600] [] xfrm_netlink_rcv+0x70/0x90 [ 27.754363] [] netlink_unicast+0x4d7/0x700 [ 27.760213] [] ? netlink_sendskb+0x60/0x60 [ 27.766067] [] netlink_sendmsg+0x6b6/0xc80 [ 27.771918] [] ? nlmsg_notify+0x170/0x170 [ 27.777682] [] ? selinux_socket_sendmsg+0x3f/0x50 [ 27.784138] [] ? security_socket_sendmsg+0x8f/0xc0 [ 27.790682] [] ? nlmsg_notify+0x170/0x170 [ 27.796461] [] sock_sendmsg+0xbe/0x110 [ 27.801969] [] ___sys_sendmsg+0x769/0x890 [ 27.807732] [] ? copy_msghdr_from_user+0x550/0x550 [ 27.814277] [] ? __alloc_pages_direct_compact+0x220/0x220 [ 27.821431] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 27.828154] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 27.834875] [] ? check_preemption_disabled+0x3c/0x200 [ 27.841871] [] ? check_preemption_disabled+0x3c/0x200 [ 27.848684] [] ? handle_mm_fault+0xc10/0x3140 [ 27.854799] [] ? _raw_spin_unlock+0x2d/0x50 [ 27.860736] [] ? handle_mm_fault+0x98d/0x3140 [ 27.866852] [] ? __fd_install+0x25b/0x640 [ 27.872615] [] ? debug_lockdep_rcu_enabled+0x71/0xa0 [ 27.879331] [] ? __fget_light+0xa3/0x1f0 [ 27.885007] [] ? __fdget+0x1b/0x20 [ 27.890165] [] __sys_sendmsg+0xc5/0x160 [ 27.895754] [] ? SyS_shutdown+0x1a0/0x1a0 [ 27.901522] [] ? retint_user+0x18/0x3c [ 27.907029] [] ? trace_hardirqs_on_caller+0x385/0x5a0 [ 27.913834] [] SyS_sendmsg+0x2d/0x50 [ 27.919167] [] entry_SYSCALL_64_fastpath+0x1e/0x9a [ 27.926216] Kernel Offset: disabled [ 27.929839] Rebooting in 86400 seconds..