date:20170227

[Kernel-packages] [Bug 1635063] Re: Ubuntu 16.10: System hangs after crash on Ubuntu KVM guest.

2017-02-27 Thread Michael Hohnbaum

** Changed in: linux (Ubuntu)
 Assignee: Taco Screen team (taco-screen-team) => (unassigned)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1635063

Title:
  Ubuntu 16.10: System hangs after crash on Ubuntu KVM guest.

Status in linux package in Ubuntu:
  Fix Released

Bug description:
  ---Problem Description---

  Ubuntu 16.10: System hangs after crash on Ubuntu KVM guest.

  ---Steps to Reproduce---

  1) apt-get install linux-crashdump
  2) increase crashdump size:
  sudo vim /etc/default/grub.d/kexec-tools.cfg

  GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT crashkernel
  =2G-4G:320M,4G-32G:512M,32G-64G:1024M,64G-128G:2048M,128G-:4096M"

  3) sudo update-grub ; reboot the machine
  4) sudo sed -i 's/USE_KDUMP=0/USE_KDUMP=1/g' /etc/default/kdump-tools
  5) kdump-config show
  6) echo "c" > /proc/sysrq-trigger

  Logs
  
  root@ubuntu:/var/crash# uname -a
  Linux ubuntu 4.8.0-17-generic #19-Ubuntu SMP Sun Sep 25 06:35:40 UTC 2016 
ppc64le ppc64le ppc64le GNU/Linux
  root@ubuntu:/var/crash# kdump-config show
  DUMP_MODE:kdump
  USE_KDUMP:1
  KDUMP_SYSCTL: kernel.panic_on_oops=1
  KDUMP_COREDIR:/var/crash
  crashkernel addr: 
 /var/lib/kdump/vmlinuz: symbolic link to /boot/vmlinux-4.8.0-17-generic
  kdump initrd: 
 /var/lib/kdump/initrd.img: symbolic link to 
/var/lib/kdump/initrd.img-4.8.0-17-generic
  current state:ready to kdump

  kexec command:
/sbin/kexec -p --command-line="BOOT_IMAGE=/boot/vmlinux-4.8.0-17-generic 
root=UUID=70f3c690-fe90-444d-a74c-71c05eef8b0e ro splash quiet irqpoll 
nr_cpus=1 nousb systemd.unit=kdump-tools.service" 
--initrd=/var/lib/kdump/initrd.img /var/lib/kdump/vmlinuz
  root@ubuntu:/var/crash# echo c > /proc/sysrq-trigger
  [  202.677946] sysrq: SysRq : Trigger a crash
  [  202.678018] Unable to handle kernel paging request for data at address 
0x
  [  202.678098] Faulting instruction address: 0xc06de134
  [  202.678169] Oops: Kernel access of bad area, sig: 11 [#1]
  [  202.678222] SMP NR_CPUS=2048 NUMA pSeries
  [  202.678281] Modules linked in: vmx_crypto ip_tables x_tables autofs4 
ibmvscsi crc32c_vpmsum 8139too 8139cp mii
  [  202.678465] CPU: 3 PID: 1992 Comm: bash Not tainted 4.8.0-17-generic 
#19-Ubuntu
  [  202.678547] task: c4c5ce00 task.stack: c428c000
  [  202.678612] NIP: c06de134 LR: c06df218 CTR: 
c06de100
  [  202.678716] REGS: c428f990 TRAP: 0300   Not tainted  
(4.8.0-17-generic)
  [  202.678796] MSR: 80009033   CR: 2824  
XER: 2000
  [  202.678992] CFAR: c0014f84 DAR:  DSISR: 4200 
SOFTE: 1 
  GPR00: c06df218 c428fc10 c14e5e00 0063 
  GPR04: c0007fecaca0 c0007fedfb40 c168d278 4b78 
  GPR08: 0007 0001  0001 
  GPR12: c06de100 c7b81b00  2200 
  GPR16: 10170dc8 010020c60488 10140f58 100c7570 
  GPR20:  1017dd58 10153618 1017b608 
  GPR24: 3fffd5f377c4 0001 c13fe5d0 0004 
  GPR28: c13fe990 0063 c13b2590  
  [  202.680090] NIP [c06de134] sysrq_handle_crash+0x34/0x50
  [  202.680159] LR [c06df218] __handle_sysrq+0xe8/0x280
  [  202.680213] Call Trace:
  [  202.680246] [c428fc10] [c0e79720] 
_fw_tigon_tg3_bin_name+0x2f1a8/0x36f48 (unreliable)
  [  202.680356] [c428fc30] [c06df218] __handle_sysrq+0xe8/0x280
  [  202.680440] [c428fcd0] [c06df9c8] 
write_sysrq_trigger+0x78/0xa0
  [  202.680535] [c428fd00] [c03cf890] proc_reg_write+0xb0/0x110
  [  202.680618] [c428fd50] [c032b5dc] __vfs_write+0x6c/0xe0
  [  202.680702] [c428fd90] [c032cae4] vfs_write+0xd4/0x240
  [  202.680783] [c428fde0] [c032e7fc] SyS_write+0x6c/0x110
  [  202.680867] [c428fe30] [c0009584] system_call+0x38/0xec
  [  202.680948] Instruction dump:
  [  202.680991] 38427d00 7c0802a6 f8010010 f821ffe1 6000 6000 3d22001a 
3949d1e0 
  [  202.681133] 3921 912a 7c0004ac 3940 <992a> 38210020 
e8010010 7c0803a6 
  [  202.681276] ---[ end trace 3e9cbc319000fff4 ]---
  [  202.684658] 
  [  202.684718] Sending IPI to other CPUs
  [  202.686765] IPI complete
  I'm in purgatory
   -> smp_release_cpus()
  spinning_secondaries = 3
   <- smp_release_cpus()
  Linux ppc64le
  #19-Ubuntu SMP S[  242.661649] INFO: task swapper/0:1 blocked for more than 
120 seconds.
  [  242.661708]   Not tainted 4.8.0-17-generic #19-Ubuntu
  [  242.661746] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables 
this message.
  [  363.493648] INFO: task swapper/0:1

[Kernel-packages] [Bug 1633223] Re: rcu_sched detected stalls with kernel 3.19.0-58, NVIDIA driver, and docker

2017-02-27 Thread Andrew Cloke

Revisiting this bug, is this issue still persisting?

** Changed in: linux (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1633223

Title:
  rcu_sched detected stalls with kernel 3.19.0-58, NVIDIA driver, and
  docker

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  ---Problem Description---
  Seeing occasional rcu_sched detected stalls on 14.04 LTS with kernel 
3.19.0-58. The system is running docker containers, and has the NVIDIA GPU 
driver loaded. We've seen about 4 stalls in the last month, all with the 
3.19.0-58 kernel, and with the NVIDIA 352.93 and 361.49 drivers.

  ---uname output---
  Linux dldev1 3.19.0-58-generic #64~14.04.1-Ubuntu SMP Fri Mar 18 19:05:01 UTC 
2016 ppc64le ppc64le ppc64le GNU/Linux
   
  ---Additional Hardware Info---
  2 x NVIDIA K80 GPU adapter:
  $ lspci | grep NV
  0002:03:00.0 3D controller: NVIDIA Corporation GK210GL [Tesla K80] (rev a1)
  0002:04:00.0 3D controller: NVIDIA Corporation GK210GL [Tesla K80] (rev a1)
  0006:03:00.0 3D controller: NVIDIA Corporation GK210GL [Tesla K80] (rev a1)
  0006:04:00.0 3D controller: NVIDIA Corporation GK210GL [Tesla K80] (rev a1) 

   
  Machine Type = 8247-42L 
   
  ---System Hang---
   Usual symptom is that the system is unresponsive except maybe for ping and 
writing the stall-detection messages to the console. Login/getty isn't 
available either via ssh nor on the console. System must be power cycled to 
recover.
   
  Attached is the kernel log from a stall detection on May 18th. The detection 
first occurs at: May 18 15:17:55.

  The system is later rebooted and those messages indicate the kernel
  (3.19.0-58) and NVIDIA driver version (352.93) that were active at the
  time.

  We've suffered 3 or 4 stalls since, all with the same kernel, but some
  with a newer NVIDIA driver (361.49).

  Unfortunately, information about the newer stalls wasn't preserved in
  the various log files (and we're not capturing the console
  constantly), so we don't have detailed data for those.

  We'd welcome any suggestions for how to collect additional data for
  these occurrences.

  I can't say for sure that we haven't seen the stalls on other systems,
  but they're occuring fairly frequently on this system, and it's
  unusual in that it's running both Docker and NVIDIA GPU driver. So
  maybe aufs or the NVIDIA driver are somehow involved.

  From the kern.log,

  The Call trace points to some kind of deadlock in aufs -

  May 18 15:17:55 dldev1 kernel: [713670.798624] Task dump for CPU 3:
  May 18 15:17:55 dldev1 kernel: [713670.798628] cc1 R  running 
task0 99183  99173 0x00040004
  May 18 15:17:55 dldev1 kernel: [713670.798633] Call Trace:
  May 18 15:17:55 dldev1 kernel: [713670.798643] [c00fa64673a0] 
[c00cf004] wake_up_worker+0x44/0x60 (unreliable)
  May 18 15:17:55 dldev1 kernel: [713670.798671] [c00fa6467570] 
[c00fa64675d0] 0xc00fa64675d0
  May 18 15:17:55 dldev1 kernel: [713670.798676] [c00fa64675d0] 
[c0a1b050] __schedule+0x370/0x900
  May 18 15:17:55 dldev1 kernel: [713670.798679] [c00fa64677f0] 
[c00fa6467850] 0xc00fa6467850
  May 18 15:17:55 dldev1 kernel: [713670.798682] Task dump for CPU 75:
  May 18 15:17:55 dldev1 kernel: [713670.798684] cc1 D 
105d9410 0 99427  99405 0x00040004
  May 18 15:17:55 dldev1 kernel: [713670.798688] Call Trace:
  May 18 15:17:55 dldev1 kernel: [713670.798691] [c017efdd3460] 
[c017efdd34a0] 0xc017efdd34a0 (unreliable)
  May 18 15:17:55 dldev1 kernel: [713670.798695] [c017efdd3630] 
[c017efdd3690] 0xc017efdd3690
  May 18 15:17:55 dldev1 kernel: [713670.798698] [c017efdd3690] 
[c0a1b050] __schedule+0x370/0x900
  May 18 15:17:55 dldev1 kernel: [713670.798702] [c017efdd38b0] 
[c0a1f128] rwsem_down_write_failed+0x288/0x400
  May 18 15:17:55 dldev1 kernel: [713670.798706] [c017efdd3940] 
[c0a1e538] down_write+0x88/0x90
  May 18 15:17:55 dldev1 kernel: [713670.798716] [c017efdd3970] 
[d0001ead562c] do_ii_write_lock+0x8c/0xd0 [aufs]
  May 18 15:17:55 dldev1 kernel: [713670.798724] [c017efdd39a0] 
[d0001eac0e98] aufs_read_lock+0xb8/0xd0 [aufs]
  May 18 15:17:55 dldev1 kernel: [713670.798733] [c017efdd39e0] 
[d0001ead8208] aufs_d_revalidate+0x98/0x7a0 [aufs]
  May 18 15:17:55 dldev1 kernel: [713670.798737] [c017efdd3aa0] 
[c02c88f8] lookup_fast+0x368/0x3b0
  May 18 15:17:55 dldev1 kernel: [713670.798740] [c017efdd3b10] 
[c02cb620] path_lookupat+0x180/0x970
  May 18 15:17:55 dldev1 kernel: [713670.798743] [c017efdd3be0] 
[c02cbe68] filename_lookup+0x58/0x140
  May 18 15:17:55 dldev1 kernel: [713670.798746] [c017efdd3c30] 
[c02cde04] user_path_at_empty+0x84/0xe0
  May 18 15:17:55 dldev1 kernel: [713670.798749]

[Kernel-packages] [Bug 1624164] Re: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo

2017-02-27 Thread Simon Déziel

4.4.0-65.86 from -proposed produces no warning, thanks.

** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-firmware in Ubuntu.
https://bugs.launchpad.net/bugs/1624164

Title:
  Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for
  module i915_bpo

Status in linux package in Ubuntu:
  Invalid
Status in linux-firmware package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux-firmware source package in Xenial:
  Won't Fix

Bug description:
  SRU Justification

  Impact: i915_bpo requests some optional firmware which is not present
  in xenial due to causing regressions on some hardware. This produces a
  warning when generating the initrds.

  Fix: Remove the MODULE_FIRMWARE statement for this driver, thus
  removing it from the firmware's modinfo and eliminating the warning.

  Regression Potential: Virtually no risk of regression since it only
  affects the modinfo section of the kernel module and not the runtime
  behavior.

  ---

  Also: Possible missing firmware /lib/firmware/i915/skl_guc_ver6.bin
  for module i915_bpo

  Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for
  module i915_bpo

  Ubuntu 16.04 Xenial

  Packages:

  ii  linux-firmware1.157.3   all   Firmware 
for Linux kernel drivers
  ii  linux-image-generic   4.4.0.36.38   amd64 Generic 
Linux kernel image

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1624164/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1652354] Re: Internal laptop display stops working in 4.4.0-57-generic

2017-02-27 Thread Jason C. McDonald

For the record, I also confirmed this bug on a fresh installation of
Linux Mint 18.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1652354

Title:
  Internal laptop display stops working in 4.4.0-57-generic

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  I have a Toshiba Satellite P745D w/ AMD graphics, and I'm running the
  open source Radeon driver. I can use the internal and/or an external
  VGA monitor just fine in 4.4.0.53-generic and prior. However, upon
  updating to 4.4.0-57-generic, the internal monitor shuts off after
  GRUB and will not display anything. Setting NOMODESET in GRUB does not
  resolve the issue - I had to reboot into 4.4.0-53 to see anything on
  the internal laptop monitor.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-53-generic 4.4.0-53.74
  ProcVersionSignature: Ubuntu 4.4.0-53.74-generic 4.4.30
  Uname: Linux 4.4.0-53-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.4
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/pcmC1D0p:   jason  3081 F...m pulseaudio
   /dev/snd/controlC1:  jason  3081 F pulseaudio
   /dev/snd/controlC0:  jason  3081 F pulseaudio
  CurrentDesktop: Unity
  Date: Fri Dec 23 09:30:44 2016
  HibernationDevice: RESUME=UUID=6428aefe-2277-446d-9209-a012d120611b
  MachineType: TOSHIBA Satellite P745D
  ProcFB: 0 radeondrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-53-generic 
root=UUID=7e97fb33-4ee2-499c-a3c4-69f37f16c4f4 ro quiet splash
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-53-generic N/A
   linux-backports-modules-4.4.0-53-generic  N/A
   linux-firmware1.157.6
  SourcePackage: linux
  UpgradeStatus: Upgraded to xenial on 2016-05-01 (236 days ago)
  dmi.bios.date: 05/26/2011
  dmi.bios.vendor: TOSHIBA
  dmi.bios.version: 1.10
  dmi.board.asset.tag: NULL
  dmi.board.name: QOQAE
  dmi.board.vendor: TOSHIBA
  dmi.board.version: 1.00
  dmi.chassis.asset.tag: *
  dmi.chassis.type: 10
  dmi.chassis.vendor: TOSHIBA
  dmi.chassis.version: N/A
  dmi.modalias: 
dmi:bvnTOSHIBA:bvr1.10:bd05/26/2011:svnTOSHIBA:pnSatelliteP745D:pvrPSMR1U-004001:rvnTOSHIBA:rnQOQAE:rvr1.00:cvnTOSHIBA:ct10:cvrN/A:
  dmi.product.name: Satellite P745D
  dmi.product.version: PSMR1U-004001
  dmi.sys.vendor: TOSHIBA

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1652354/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces

2017-02-27 Thread Simon Déziel

** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660832

Title:
  unix domain socket cross permission check failing with nested
  namespaces

Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Fix Released
Status in apparmor source package in Xenial:
  Confirmed
Status in linux source package in Xenial:
  Fix Committed
Status in apparmor source package in Yakkety:
  Confirmed
Status in linux source package in Yakkety:
  Fix Committed
Status in apparmor source package in Zesty:
  Confirmed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When using nested namespaces policy within the nested namespace is trying 
  
  to cross validate with policy outside of the namespace that is not
  
  visible to it. This results the access being denied and with no way to
  
  add a rule to policy that would allow it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1660832/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1632458] Re: [Ubuntu 16.10] - System crashes and gives out call traces when libhugetlbfs test suite is run.

2017-02-27 Thread Andrew Cloke

Question to IBM: have you made any progress towards identifying a patch
to address this issue?

** Changed in: linux (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1632458

Title:
  [Ubuntu 16.10] - System crashes and gives out call traces when
  libhugetlbfs test suite is run.

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  == Comment: #0 - Santhosh G  - 2016-09-27 01:55:00 ==
  Issue:
  Kernel unable to handle page request when heapshrink test case is run from 
libhugetlbfs suite.

  Environment:
  arch - ppc64le
  ubuntu kvm guest

  Host related Info:
  Kernel:
  -
  uname -a
  Linux ltc-haba1 4.8.0-17-generic #19-Ubuntu SMP Sun Sep 25 06:35:40 UTC 2016 
ppc64le ppc64le ppc64le GNU/Linux

  Memory:
  
  oot@ltc-haba1:~# free -h
totalusedfree  shared  buff/cache   
available
  Mem:   255G 65G187G 22M1.9G
188G
  Swap:  225G  0B225G

  Hugepages configured:
  
  root@ltc-haba1:~# cat /proc/meminfo | grep -i Huge
  AnonHugePages: 81920 kB
  ShmemHugePages:0 kB
  HugePages_Total:4096
  HugePages_Free: 3584
  HugePages_Rsvd:0
  HugePages_Surp:0
  Hugepagesize:  16384 kB

  
  Guest Related Info:
  --
  -
  Kernel:
  -
  root@ubuntu:~/libhugetlbfs# uname -a
  Linux ubuntu 4.8.0-17-generic #19-Ubuntu SMP Sun Sep 25 06:35:40 UTC 2016 
ppc64le ppc64le ppc64le GNU/Linux

  Memory:
  -
  root@ubuntu:~/libhugetlbfs# free -h
totalusedfree  shared  buff/cache   
available
  Mem:   8.0G133M7.7G 15M132M
7.5G
  Swap:  3.3G  0B3.3G

  Hugepages configured:
  ---
  root@ubuntu:~/libhugetlbfs# cat /proc/meminfo | grep -i Huge
  AnonHugePages: 0 kB
  ShmemHugePages:0 kB
  HugePages_Total: 256
  HugePages_Free:  256
  HugePages_Rsvd:0
  HugePages_Surp:0
  Hugepagesize:  16384 kB

  
  Steps to reproduce:
  1- Install a ubuntu kvm guest with hugepages memory Backing.
  2 - git clone the latest libhugetlbfs from 
https://github.com/libhugetlbfs/libhugetlbfs.git
  3 - configure huge[pages in guest and run make check.

  xmon is configured in the system .
  The system gets call traces and enters xmon console:

  HUGETLB_VERBOSE=1 HUGETLB_MORECORE=yes heap-overflow (16M: 64):   [  
281.735713] Unable to handle kernel paging request for data at address 
0x42328e38
  [  281.735804] Faulting instruction address: 0xc027b410
  cpu 0x1: Vector: 300 (Data Access) at [c001fa8c3730]
  pc: c027b410: shrink_active_list+0x300/0x4d0
  lr: c027b3f4: shrink_active_list+0x2e4/0x4d0
  sp: c001fa8c39b0
 msr: 80010280b033
 dar: 42328e38
   dsisr: 4200
current = 0xc001fa8adc00
paca= 0xcfb80900 softe: 0irq_happened: 0x01
  pid   = 50, comm = kswapd0
  Linux version 4.8.0-17-generic (buildd@bos01-ppc64el-025) (gcc version 6.2.0 
20160914 (Ubuntu 6.2.0-3ubuntu15) ) #19-Ubuntu SMP Sun Sep 25 06:35:40 UTC 2016 
(Ubuntu 4.8.0-17.19-generic 4.8.0-rc7)
  enter ? for help
  [c001fa8c3aa0] c027bbdc shrink_node_memcg+0x5fc/0x800
  [c001fa8c3bc0] c027bf0c shrink_node+0x12c/0x3f0
  [c001fa8c3c80] c027d500 kswapd+0x460/0x990
  [c001fa8c3d80] c00fd120 kthread+0x110/0x130
  [c001fa8c3e30] c00098f0 ret_from_kernel_thread+0x5c/0x6c

  xmon logs:

  1:mon> e
  cpu 0x1: Vector: 300 (Data Access) at [c001fa8e7730]
  pc: c027b410: shrink_active_list+0x300/0x4d0
  lr: c027b3f4: shrink_active_list+0x2e4/0x4d0
  sp: c001fa8e79b0
 msr: 80010280b033
 dar: 420c58d0
   dsisr: 4200
current = 0xc001fa8a
paca= 0xcfb80900 softe: 0irq_happened: 0x01
  pid   = 50, comm = kswapd0
  Linux version 4.8.0-17-generic (buildd@bos01-ppc64el-025) (gcc version 6.2.0 
20160914 (Ubuntu 6.2.0-3ubuntu15) ) #19-Ubuntu SMP Sun Sep 25 06:35:40 UTC 2016 
(Ubuntu 4.8.0-17.19-generic 4.8.0-rc7)

  1:mon> r
  R00 = c027b3f4   R16 = c001fffcfe00
  R01 = c001fa8e79b0   R17 = 010a
  R02 = c14e5e00   R18 = 420cbdd0
  R03 = 0001   R19 = c001fffc6300
  R04 = 0005   R20 = c001fa8e79e0
  R05 =    R21 = c001fe144800
  R06 = f03bc9a0   R22 = 0001
  R07 = 0001fee3   R23 =

[Kernel-packages] [Bug 1628988] Re: ISST-LTE:Ubuntu1610: UbuntuKVM 16.10 guest crashed after 30 hours of stress testing

2017-02-27 Thread Andrew Cloke

Revisiting this bug, has this issue been reproduced, and if so, is there
any more information that we can use to attempt to reproduce or debug?

** Changed in: linux (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1628988

Title:
  ISST-LTE:Ubuntu1610: UbuntuKVM 16.10 guest crashed after 30 hours of
  stress testing

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  After running Stress tests for 30 hours, Ubuntu16.10 KVM guest crashed
  and entered xmon.

  Guest Build:
  --
  4.8.0-16-generic

  Tests started on guest:
  --
  BASE: LTP Base tests.. 
  IO: admndisk, aio, fstest tests (on btrfs file system over 6 partitions of 2 
disks).
  TCP: TCP commands: telnet, ssh, rlogin, ping etc..

  XMON traces:
  --
  4:mon> t
  [c0017ffcf800] c024385c end_page_writeback+0x7c/0x120
  [c0017ffcf830] d22d8298 ext4_finish_bio+0x1f0/0x2e0 [ext4]
  [c0017ffcf910] d22d8928 ext4_end_bio+0x70/0x170 [ext4]
  [c0017ffcf9a0] c04c96cc bio_endio+0xfc/0x120
  [c0017ffcf9d0] c04d5f50 blk_update_request+0xf0/0x4d0
  [c0017ffcfa60] c06df2dc scsi_end_request+0x6c/0x260
  [c0017ffcfad0] c06e32a4 scsi_io_completion+0x2d4/0x740
  [c0017ffcfba0] c06d6714 scsi_finish_command+0x144/0x200
  [c0017ffcfc20] c06e25a8 scsi_softirq_done+0x198/0x200
  [c0017ffcfca0] c04e2e98 __blk_mq_complete_request_remote+0x38/0x50
  [c0017ffcfcd0] c0183e80 flush_smp_call_function_queue+0xd0/0x220
  [c0017ffcfd50] c0047aac smp_ipi_demux+0xac/0x110
  [c0017ffcfd90] c00738e4 icp_hv_ipi_action+0x64/0xd0
  [c0017ffcfe00] c01466d0 __handle_irq_event_percpu+0x90/0x340
  [c0017ffcfec0] c01469bc handle_irq_event_percpu+0x3c/0x90
  [c0017ffcff00] c014ced4 handle_percpu_irq+0x84/0xd0
  [c0017ffcff30] c0145664 generic_handle_irq+0x54/0x80
  [c0017ffcff60] c0015b20 __do_irq+0x80/0x230
  [c0017ffcff90] c002a2e0 call_do_irq+0x14/0x24
  [c0013073b210] c0015d68 do_IRQ+0x98/0x140
  [c0013073b260] c00026d8 hardware_interrupt_common+0x158/0x180
  --- Exception: 501 (Hardware Interrupt) at c008fe4c 
plpar_hcall_norets+0x1c/0x28
  [link register   ] c006c094 __spin_yield+0xa4/0xb0
  [c0013073b550] c0017fe28b00 (unreliable)
  [c0013073b5c0] c0949758 _raw_spin_lock_irqsave+0x128/0x130
  [c0013073b600] d17222cc ibmvscsi_queuecommand+0x54/0x4b0 
[ibmvscsi]
  [c0013073b6b0] c06dfc80 scsi_dispatch_cmd+0x140/0x370
  [c0013073b730] c06e1ad0 scsi_queue_rq+0x770/0x920
  [c0013073b800] c04e62f4 __blk_mq_run_hw_queue+0x2e4/0x570
  [c0013073b910] c04e5fc8 blk_mq_run_hw_queue+0xf8/0x140
  [c0013073b940] c04e8f90 blk_mq_flush_plug_list+0x160/0x1b0
  [c0013073b9c0] c04d7fbc blk_flush_plug_list+0xfc/0x2b0
  [c0013073ba30] c04d8708 blk_finish_plug+0x58/0x80
  [c0013073ba60] d22d270c ext4_writepages+0x6c4/0xe60 [ext4]
  [c0013073bbf0] c025ae80 do_writepages+0x60/0xc0
  [c0013073bc20] c0246c18 __filemap_fdatawrite_range+0x108/0x190
  [c0013073bcc0] c0246f20 filemap_write_and_wait_range+0x70/0xf0
  [c0013073bd00] d22c5944 ext4_sync_file+0x24c/0x5a0 [ext4]
  [c0013073bd60] c0365a28 vfs_fsync_range+0x78/0x130
  [c0013073bdb0] c0365b90 do_fsync+0x60/0xb0
  [c0013073be00] c0366000 SyS_fsync+0x30/0x50
  [c0013073be30] c00095e0 system_call+0x38/0x108
  --- Exception: c00 (System Call) at 3fff7b26cc98
  SP (3fffc42b5280) is in userspace
  4:mon> e
  cpu 0x4: Vector: 300 (Data Access) at [c0017ffcf520]
  pc: c025b4ec: test_clear_page_writeback+0x1ec/0x300
  lr: c025b4c0: test_clear_page_writeback+0x1c0/0x300
  sp: c0017ffcf7a0
 msr: 80009033
 dar: 2d0
   dsisr: 4000
current = 0xc00036f59880
paca= 0xc7b82400   softe: 0irq_happened: 0x09
  pid   = 1102, comm = create_datafile
  Linux version 4.8.0-16-generic (buildd@bos01-ppc64el-007) (gcc version 6.2.0 
20160914 (Ubuntu 6.2.0-3ubuntu15) ) #17-Ubuntu SMP Thu Sep 22 22:45:44 UTC 2016 
(Ubuntu 4.8.0-16.17-generic 4.8.0-rc7)
  4:mon>
  4:mon>
  4:mon> r
  R00 = c025b4c0   R16 = 0550
  R01 = c0017ffcf7a0   R17 = 7fff
  R02 = c10af400   R18 = 
  R03 =    R19 = c00172e35b00
  R04 =    R20 = c00035f831b0
  R05 = ffe0   R21 = 0001
  R06 = fffe   R22 = 0002
  R07 = f800   R23 = 0400
  R08 = 00017f18   R24 =

[Kernel-packages] [Bug 1630304] Re: Ubuntu 16.10 KVM: Issue doing hotplug detach to SRIOV VF

2017-02-27 Thread Andrew Cloke

Following the comment "Mirroring bug to Launchpad for Canonical's
awareness..." marking as "opinion".

** Changed in: linux (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1630304

Title:
  Ubuntu 16.10 KVM: Issue doing hotplug detach to SRIOV VF

Status in linux package in Ubuntu:
  Opinion

Bug description:
  ---Problem Description---
  I can not get hotplug attach to work in Ubuntu but if I try to detach a CX4 
VF from a guest I am getting some issues:
  Like in this case:
  [  474.393308] vfio-pci 0001:01:00.3: No device request channel registered, 
blocked until released by user
  [  474.393543] pci 0001:01: 0.3: [PE# 006] Removing DMA window #0
  [  474.393553] pci 0001:01: 0.3: [PE# 006] Removing DMA window #1
  [  474.393906] mlx5_core 0001:01:00.3: enabling device ( -> 0002)
  [  474.393939] mlx5_core 0001:01:00.3: Using 32-bit DMA via iommu
  [  474.400360] pci 0001:01: 0.3: [PE# 006] Setting up window#0 0..7fff 
pg=1000
  [  474.400380] mlx5_core 0001:01:00.3: firmware version: 12.17.226
  [  474.401341] pci 0001:01: 0.3: [PE# 006] Enabling 64-bit DMA bypass
  [  474.402284] EEH: Frozen PE#6 on PHB#1 detected
  [  474.402475] EEH: PE location: Slot4, PHB location: N/A
  [  474.403699] EEH: This PCI device has failed 1 times in the last hour
  [  474.403700] EEH: Notify device drivers to shutdown
  [  474.403707] mlx5_core 0001:01:00.3: mlx5_pci_err_detected was called
  [  474.403711] mlx5_core 0001:01:00.3: 
0001:01:00.3:mlx5_enter_error_state:115:(pid 779): start
  [  474.403870] mlx5_core 0001:01:00.3: 
0001:01:00.3:mlx5_enter_error_state:120:(pid 779): end

  
  One time I saw 
  SSep 13 09:41:32 ltc-fire1 kernel: [70437.943722] vfio-pci 0001:01:00.3: No 
device request channel registered, blocked until released by user
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944076] mlx5_core 0001:01:00.3: 
enabling device ( -> 0002)
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944110] mlx5_core 0001:01:00.3: 
Using 32-bit DMA via iommu
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944145] pci 0001:01: 0.3: [PE# 006] 
Removing DMA window #0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944152] pci 0001:01: 0.3: [PE# 006] 
Removing DMA window #1
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944195] mlx5_core 0001:01:00.3: 
firmware version: 12.17.226
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944260] Unable to handle kernel 
paging request for data at address 0x
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944533] Faulting instruction 
address: 0xc05b37e0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944592] Oops: Kernel access of bad 
area, sig: 11 [#1]
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944636] SMP NR_CPUS=2048 NUMA PowerNV
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944851] Modules linked in: vfio_pci 
irqbypass vfio_iommu_spapr_tce vfio_virqfd vfio vfio_spapr_eeh xt_CHECKSUM 
iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 
nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ipt_REJECT 
nf_reject_ipv4 xt_tcpudp kvm_hv kvm_pr kvm ebtable_filter ebtables 
ip6table_filter ip6_tables iptable_filter rdma_ucm(OE) ib_ucm(OE) rdma_cm(OE) 
iw_cm(OE) configfs ib_ipoib(OE) ib_cm(OE) ib_uverbs(OE) ib_umad(OE) mlx5_ib(OE) 
mlx5_core(OE) mlx4_ib(OE) ib_sa(OE) ib_mad(OE) ib_core(OE) mlx4_en(OE) 
ib_addr(OE) ib_netlink(OE) mlx4_core(OE) mlx_compat(OE) bridge stp llc joydev 
input_leds mac_hid ofpart at24 cmdlinepart powernv_flash ipmi_powernv 
nvmem_core uio_pdrv_genirq opal_prd mtd ipmi_msghandler uio ibmpowernv 
powernv_rng binfmt_misc dm_multipath knem(OE) ip_tables x_tables autofs4 
hid_generic usbhid hid uas usb_storage ast i2c_algo_bit ttm drm_kms_helper 
syscopyarea sysfillrect sys
 imgblt fb_sys_fops drm ahci devlink libahci [last unloaded: mlx4_core]
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946007] CPU: 40 PID: 12501 Comm: 
libvirtd Tainted: G   OE   4.7.0unofficial #5
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946074] task: c00ec319a200 ti: 
c00ec324c000 task.ti: c00ec324c000
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946140] NIP: c05b37e0 LR: 
c05ad070 CTR: 
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946208] REGS: c00ec324f100 TRAP: 
0300   Tainted: G   OE(4.7.0unofficial)
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946286] MSR: 90010280b033 
  CR: 84028844  XER: 2000
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] CFAR: c0008468 DAR: 
 DSISR: 4000 SOFTE: 0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] GPR00: c05d19c8 
c00ec324f380 c13bef00 
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] GPR04:  
  
  Sep 13 09:41:32 ltc-fire1 kernel:

[Kernel-packages] [Bug 1630304] Re: Ubuntu 16.10 KVM: Issue doing hotplug detach to SRIOV VF

2017-02-27 Thread Michael Hohnbaum

** Changed in: linux (Ubuntu)
 Assignee: Taco Screen team (taco-screen-team) => (unassigned)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1630304

Title:
  Ubuntu 16.10 KVM: Issue doing hotplug detach to SRIOV VF

Status in linux package in Ubuntu:
  Opinion

Bug description:
  ---Problem Description---
  I can not get hotplug attach to work in Ubuntu but if I try to detach a CX4 
VF from a guest I am getting some issues:
  Like in this case:
  [  474.393308] vfio-pci 0001:01:00.3: No device request channel registered, 
blocked until released by user
  [  474.393543] pci 0001:01: 0.3: [PE# 006] Removing DMA window #0
  [  474.393553] pci 0001:01: 0.3: [PE# 006] Removing DMA window #1
  [  474.393906] mlx5_core 0001:01:00.3: enabling device ( -> 0002)
  [  474.393939] mlx5_core 0001:01:00.3: Using 32-bit DMA via iommu
  [  474.400360] pci 0001:01: 0.3: [PE# 006] Setting up window#0 0..7fff 
pg=1000
  [  474.400380] mlx5_core 0001:01:00.3: firmware version: 12.17.226
  [  474.401341] pci 0001:01: 0.3: [PE# 006] Enabling 64-bit DMA bypass
  [  474.402284] EEH: Frozen PE#6 on PHB#1 detected
  [  474.402475] EEH: PE location: Slot4, PHB location: N/A
  [  474.403699] EEH: This PCI device has failed 1 times in the last hour
  [  474.403700] EEH: Notify device drivers to shutdown
  [  474.403707] mlx5_core 0001:01:00.3: mlx5_pci_err_detected was called
  [  474.403711] mlx5_core 0001:01:00.3: 
0001:01:00.3:mlx5_enter_error_state:115:(pid 779): start
  [  474.403870] mlx5_core 0001:01:00.3: 
0001:01:00.3:mlx5_enter_error_state:120:(pid 779): end

  
  One time I saw 
  SSep 13 09:41:32 ltc-fire1 kernel: [70437.943722] vfio-pci 0001:01:00.3: No 
device request channel registered, blocked until released by user
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944076] mlx5_core 0001:01:00.3: 
enabling device ( -> 0002)
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944110] mlx5_core 0001:01:00.3: 
Using 32-bit DMA via iommu
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944145] pci 0001:01: 0.3: [PE# 006] 
Removing DMA window #0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944152] pci 0001:01: 0.3: [PE# 006] 
Removing DMA window #1
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944195] mlx5_core 0001:01:00.3: 
firmware version: 12.17.226
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944260] Unable to handle kernel 
paging request for data at address 0x
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944533] Faulting instruction 
address: 0xc05b37e0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944592] Oops: Kernel access of bad 
area, sig: 11 [#1]
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944636] SMP NR_CPUS=2048 NUMA PowerNV
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.944851] Modules linked in: vfio_pci 
irqbypass vfio_iommu_spapr_tce vfio_virqfd vfio vfio_spapr_eeh xt_CHECKSUM 
iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 
nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack ipt_REJECT 
nf_reject_ipv4 xt_tcpudp kvm_hv kvm_pr kvm ebtable_filter ebtables 
ip6table_filter ip6_tables iptable_filter rdma_ucm(OE) ib_ucm(OE) rdma_cm(OE) 
iw_cm(OE) configfs ib_ipoib(OE) ib_cm(OE) ib_uverbs(OE) ib_umad(OE) mlx5_ib(OE) 
mlx5_core(OE) mlx4_ib(OE) ib_sa(OE) ib_mad(OE) ib_core(OE) mlx4_en(OE) 
ib_addr(OE) ib_netlink(OE) mlx4_core(OE) mlx_compat(OE) bridge stp llc joydev 
input_leds mac_hid ofpart at24 cmdlinepart powernv_flash ipmi_powernv 
nvmem_core uio_pdrv_genirq opal_prd mtd ipmi_msghandler uio ibmpowernv 
powernv_rng binfmt_misc dm_multipath knem(OE) ip_tables x_tables autofs4 
hid_generic usbhid hid uas usb_storage ast i2c_algo_bit ttm drm_kms_helper 
syscopyarea sysfillrect sys
 imgblt fb_sys_fops drm ahci devlink libahci [last unloaded: mlx4_core]
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946007] CPU: 40 PID: 12501 Comm: 
libvirtd Tainted: G   OE   4.7.0unofficial #5
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946074] task: c00ec319a200 ti: 
c00ec324c000 task.ti: c00ec324c000
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946140] NIP: c05b37e0 LR: 
c05ad070 CTR: 
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946208] REGS: c00ec324f100 TRAP: 
0300   Tainted: G   OE(4.7.0unofficial)
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946286] MSR: 90010280b033 
  CR: 84028844  XER: 2000
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] CFAR: c0008468 DAR: 
 DSISR: 4000 SOFTE: 0
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] GPR00: c05d19c8 
c00ec324f380 c13bef00 
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] GPR04:  
  
  Sep 13 09:41:32 ltc-fire1 kernel: [70437.946533] GPR08:

[Kernel-packages] [Bug 1660842] Re: apparmor not checking error if security_pin_fs() fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660842

Title:
  apparmor not checking error if security_pin_fs() fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  The error condition of security_pin_fs() was not being checked which
  will result can result in an oops or use after free, due to the fs pin
  count not being incremented.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660842/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1603574] Re: Hotplug remove and re-add adds PCI adapter to next PCI domain (PCI)

2017-02-27 Thread Michael Hohnbaum

** Changed in: linux (Ubuntu)
 Assignee: Taco Screen team (taco-screen-team) => (unassigned)

** Changed in: linux (Ubuntu Yakkety)
 Assignee: Taco Screen team (taco-screen-team) => (unassigned)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1603574

Title:
  Hotplug remove and re-add adds PCI adapter to next PCI domain (PCI)

Status in linux package in Ubuntu:
  Fix Committed
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  == Comment: #26 - Guilherme Guaglianoni Piccoli  - 
2016-07-15 16:26:38 ==
  When performing hotplug operations in PowerPC currently, if we remove a PHB 
and re-add it later, its domain address is incremented. An example below (drmgr 
is the tool we use in PowerPC to perform this operation):

  
  (i) $>  lspci
  :60:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM57810 
10 Gigabit Ethernet
  :60:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM57810 
10 Gigabit Ethernet

  (ii) $>  drmgr -c phb -s "PHB 20" -r  # removing a PHB

  (iii) $>  lspci #empty

  (iv) $>  drmgr -c phb -s "PHB 20" -a  # re-adding the PHB

  (v) $>  lspci
  0001:60:00.0 Ethernet controller: Broadcom Corporation NetXtreme II BCM57810 
10 Gigabit Ethernet
  0001:60:00.1 Ethernet controller: Broadcom Corporation NetXtreme II BCM57810 
10 Gigabit Ethernet

  
  This behavior is harmful when kernel is using network predictable naming for 
interfaces, for example, since after the PHB re-add, the PCI address of NIC 
functions changes, and so the interfaces' naming also change. Recently, a patch 
was merged to powerpc-next to avoid this situation, by relating the PCI domain 
number with device-tree properties. With the patch, the above steps (i) and (v) 
present the same output for lspci.

  We want to ask Canonical to merge the patch in Ubuntu Xenial's kernel,
  since it will solve multiple bugs we've experienced by performing NIC
  hotplug - the commit is present on powerpc-next under the commit-id
  63a72284b15.

  A link to the patch:
  
https://git.kernel.org/cgit/linux/kernel/git/powerpc/linux.git/commit/?id=63a72284b159c569ec52f380c9

  Thanks in advance,


  Guilherme

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1603574/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1662096] Re: ipv6: fix a refcnt leak with peer addr

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'. If the problem still exists,
change the tag 'verification-needed-trusty' to 'verification-failed-
trusty'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-trusty

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1662096

Title:
  ipv6: fix a refcnt leak with peer addr

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  The following upstream patch is missing in ubuntu-14.04:
  f24062b07dda ipv6: fix a refcnt leak with peer addr

  
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f24062b07dda

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1662096/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1661430] Re: [Hyper-V] Fix ring buffer handling to avoid host throttling

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1661430

Title:
[Hyper-V] Fix ring buffer handling to avoid host throttling

Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Yakkety:
Fix Committed
Status in linux source package in Zesty:
Fix Committed

Bug description:
An unfortunate side effect of some of the recent work done to improve
ring buffer performance made a situation where the host would
interpret guest requests as a denial of service attack, pausing guest
communications for five seconds. This series of fixes corrects this
problem.

Needed for each kernel that has included a389fcfd2cb5 ("Drivers: hv:
vmbus: Fix signaling logic in hv_need_to_signal_on_read()")

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=74198eb4a42c4a3c4fbef08fa01a291a282f7c2e

Drivers: hv: vmbus: Base host signaling strictly on the ring state
One of the factors that can result in the host concluding that a given
guest in mounting a DOS attack is if the guest generates interrupts
to the host when the host is not expecting it. If these "spurious"
interrupts reach a certain rate, the host can throttle the guest to
minimize the impact. The host computation of the "expected number
of interrupts" is strictly based on the ring transitions. Until
the host logic is fixed, base the guest logic to interrupt solely
on the ring state.

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f6ee4e7d83586c8b10bd4f2f4346353d04ce884

Drivers: hv: vmbus: On write cleanup the logic to interrupt the host
Signal the host when we determine the host is to be signaled.
The currrent code determines the need to signal in the ringbuffer
code and actually issues the signal elsewhere. This can result
in the host viewing this interrupt as spurious since the host may also
poll the channel. Make the necessary adjustments.

https://git.kernel.org/cgit/linux/kernel/git/next/linux-
next.git/commit/?id=3372592a140db69fd63837e81f048ab4abf8111e

Drivers: hv: vmbus: On the read path cleanup the logic to interrupt the host
Signal the host when we determine the host is to be signaled -
on th read path. The currrent code determines the need to signal in the
ringbuffer code and actually issues the signal elsewhere. This can result
in the host viewing this interrupt as spurious since the host may also
poll the channel. Make the necessary adjustments.

https://git.kernel.org/cgit/linux/kernel/git/next/linux-
next.git/commit/?id=433e19cf33d34bb6751c874a9c00980552fe508c

Drivers: hv: vmbus: finally fix hv_need_to_signal_on_read()
Commit a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in
hv_need_to_signal_on_read()")
added the proper mb(), but removed the test "prev_write_sz < pending_sz"
when making the signal decision.

As a result, the guest can signal the host unnecessarily,
and then the host can throttle the guest because the host
thinks the guest is buggy or malicious; finally the user
running stress test can perceive intermittent freeze of
the guest.

This patch brings back the test, and properly handles the
in-place consumption APIs used by NetVSC (see get_next_pkt_raw(),
put_pkt_raw() and commit_rd_index()).

Fixes: a389fcfd2cb5 ("Drivers: hv: vmbus: Fix signaling logic in
hv_need_to_signal_on_read()")

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1661430/+subscriptions

--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1662666] Re: ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1662666

Title:
  ISST-LTE:pNV: ppc64_cpu command is hung w HDs, SSDs and NVMe

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  -- Problem Description --
  The following upstream patches are needed for Ubuntu to fix a hang situation 
reported when executing ppc64_cpu --smt=on that occurs with various disk types. 
We need whichever ones have not yet been pulled into the base.

  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e57690fe009b2ab0cee8a57f53be634540e49c9d
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0e87e58bf60edb6bb28e493c7a143f41b091a5e5
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=135e8c9250dd5c8c9aae5984fde6f230d0cbfeaf
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c02ebfdddbafa9a6a0f52fbd715e6bfa229af9d3
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d1b1cea1e58477dad88ff769f54c0d2dfa56d923
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=36e1f3d107867b25c616c2fd294f5a1c9d4e5d09
  
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71f79fb3179e69b0c1448a2101a866d871c66e7f

  The hang problem can be reproduced with the following shell script
  using an NVMe device executed on kernel versions 4.4.0-45 and 4.4.0-59
  within 30 minutes. It was also reproduced on a 4.8.0-32-generic
  kernel, although it took over 3 hours to manifest.

  #!/bin/bash

  if [[ ${#} -eq 0 ]]; then
  ${0} breaker &
  while true; do
  dd if=/dev/nvme0n1 bs=1024k of=/dev/null
  done
  elif [[ ${1} == "breaker" ]]; then
  while true; do
  ppc64_cpu --smt=off
  sleep 5
  ppc64_cpu --smt=on
  sleep 5
  done
  fi

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1662666/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660840] Re: apparmor oops in bind_mnt when dev_path lookup fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660840

Title:
  apparmor oops in bind_mnt when dev_path lookup fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Bind mounts can oops when devname lookup fails because the devname is 
  
  unintialized and used in auditing the denial.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660840/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660846] Re: apparmor leaking securityfs pin count

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660846

Title:
  apparmor leaking securityfs pin count

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  apparmor is leaking pinfs refcoutn when inode setup fails.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660846/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660842] Re: apparmor not checking error if security_pin_fs() fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660842

Title:
  apparmor not checking error if security_pin_fs() fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  The error condition of security_pin_fs() was not being checked which
  will result can result in an oops or use after free, due to the fs pin
  count not being incremented.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660842/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660849] Re: apparmor refcount leak of profile namespace when removing profiles

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660849

Title:
  apparmor refcount leak of profile namespace when removing profiles

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When doing profile removal, the parent ns of the profiles is taken,
  but the reference isn't being put, resulting in the ns never being
  freed even after it is removed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660849/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1662554] Re: [Yakkety SRU] Enable KEXEC support in ARM64 kernel

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1662554

Title:
  [Yakkety SRU] Enable KEXEC support in ARM64 kernel

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  [Impact]
   * If the kernel is not built with CONFIG_KEXEC support, kexec-tools will not 
be able to live boot a new kernel over the running one.
   * Our partners/customers have requested this feature.

  [Test Case]
   * Install a version of kexec-tools that supports ARM64
   * Run the command: sudo kexec -l /boot/ --initrd=/boot/ 
--append="
   * You should see the message:  kexec_load failed: Function not implemented

  [Regression Potential]
   * The proposed config changes are limited to ARM64 architecture, overall 
risk of regression is low.

  [Other Info]
   * Please note that kexec-tools currently is not built for ARM64
   * I have an SRU to enable that https://bugs.launchpad.net/bugs/1659618
   * I am working with dannf to get kexec-tools to support ARM64 in yakkety.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1662554/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660840] Re: apparmor oops in bind_mnt when dev_path lookup fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660840

Title:
  apparmor oops in bind_mnt when dev_path lookup fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Bind mounts can oops when devname lookup fails because the devname is 
  
  unintialized and used in auditing the denial.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660840/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1664564] Re: 16.04.2: Extra patches for POWER9

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1664564

Title:
  16.04.2: Extra patches for POWER9

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  == Comment: #0 - Breno Henrique Leitao  - 2017-02-13 
18:21:48 ==
  Other than the initial POWER9 patches made integrated in Bug#149921, there 
are some other patches we need to have integrated into 16.04.2. 

  These patches are also required to boot POWER9.

  d7df2443cd5f67fc6ee7c05a88e4996e8177f91b  powerpc/mm: Fix spurrious
  segfaults on radix with autonuma

  There is also.  We are still working on getting these upstream:

  http://patchwork.ozlabs.org/patch/725916/
  http://patchwork.ozlabs.org/patch/725917/
  http://patchwork.ozlabs.org/patch/725918/
  http://patchwork.ozlabs.org/patch/725919/
  http://patchwork.ozlabs.org/patch/725920/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1664564/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1663687] Re: [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1663687

Title:
  [Hyper-V] Bug fixes for storvsc (tagged queuing, error conditions)

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Patchset:

  1/6 Enable tracking of queue depth.

  2/6 Remove the artificially imposed restriction on max segment size.

  3/6 Enable multi-q support. We will allocate the outgoing channel using
  the following policy:

  1. We will make every effort to pick a channel that is in the
 same NUMA node that is initiating the I/O
  2. The mapping between the guest CPU and the outgoing channel
 is persistent.

  4/6 Properly set SRB flags when hosting device supports tagged queuing.
  This patch improves the performance on Fiber Channel disks.

  5/6 When sense message is present on error, we should pass along to the upper
  layer to decide how to deal with the error.
  This patch fixes connectivity issues with Fiber Channel devices.

  6/6 On I/O errors, the Windows driver doesn't set data_transfer_length
  on error conditions other than SRB_STATUS_DATA_OVERRUN.
  In these cases we need to set data_transfer_length to 0,
  indicating there is no data transferred. On SRB_STATUS_DATA_OVERRUN,
  data_transfer_length is set by the Windows driver to the actual data 
transferred.

  The new feature (multi-q) in this patchset require boot line
  parameters to enable so they are safe to integrate.

  K. Y. Srinivasan (3):
storvsc: Enable tracking of queue depth
storvsc: Remove the restriction on max segment size
storvsc: Enable multi-queue support

  Long Li (3):
storvsc: use tagged SRB requests if supported by the device
storvsc: properly handle SRB_ERROR when sense message is present
storvsc: properly set residual data length on errors

  https://git.kernel.org/cgit/linux/kernel/git/next/linux-
  next.git/commit/?id=40630f462824ee24bc00d692865c86c3828094e0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1663687/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1648143] Re: tor in lxd: apparmor="DENIED" operation="change_onexec" namespace="root//CONTAINERNAME_" profile="unconfined" name="system_tor"

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1648143

Title:
  tor in lxd: apparmor="DENIED" operation="change_onexec"
  namespace="root//CONTAINERNAME_" profile="unconfined"
  name="system_tor"

Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Incomplete
Status in tor package in Ubuntu:
  New
Status in apparmor source package in Xenial:
  New
Status in linux source package in Xenial:
  Fix Committed
Status in tor source package in Xenial:
  New
Status in apparmor source package in Yakkety:
  New
Status in linux source package in Yakkety:
  Fix Committed
Status in tor source package in Yakkety:
  New

Bug description:
  Environment:
  

  Distribution: ubuntu
  Distribution version: 16.10
  lxc info:
  apiextensions:

  storage_zfs_remove_snapshots
  container_host_shutdown_timeout
  container_syscall_filtering
  auth_pki
  container_last_used_at
  etag
  patch
  usb_devices
  https_allowed_credentials
  image_compression_algorithm
  directory_manipulation
  container_cpu_time
  storage_zfs_use_refquota
  storage_lvm_mount_options
  network
  profile_usedby
  container_push
  apistatus: stable
  apiversion: "1.0"
  auth: trusted
  environment:
  addresses:
  163.172.48.149:8443
  172.20.10.1:8443
  172.20.11.1:8443
  172.20.12.1:8443
  172.20.22.1:8443
  172.20.21.1:8443
  10.8.0.1:8443
  architectures:
  x86_64
  i686
  certificate: |
  -BEGIN CERTIFICATE-
  -END CERTIFICATE-
  certificatefingerprint: 
3048baa9f20d316f60a6c602452b58409a6d9e2c3218897e8de7c7c72af0179b
  driver: lxc
  driverversion: 2.0.5
  kernel: Linux
  kernelarchitecture: x86_64
  kernelversion: 4.8.0-27-generic
  server: lxd
  serverpid: 32694
  serverversion: 2.4.1
  storage: btrfs
  storageversion: 4.7.3
  config:
  core.https_address: '[::]:8443'
  core.trust_password: true

  Container: ubuntu 16.10

  
  Issue description
  --

  
  tor can't start in a non privileged container

  
  Logs from the container:
  -

  Dec 7 15:03:00 anonymous tor[302]: Configuration was valid
  Dec 7 15:03:00 anonymous systemd[303]: tor@default.service: Failed at step 
APPARMOR spawning /usr/bin/tor: No such file or directory
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Main process 
exited, code=exited, status=231/APPARMOR
  Dec 7 15:03:00 anonymous systemd[1]: Failed to start Anonymizing overlay 
network for TCP.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Unit entered failed 
state.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed with result 
'exit-code'.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Service hold-off 
time over, scheduling restart.
  Dec 7 15:03:00 anonymous systemd[1]: Stopped Anonymizing overlay network for 
TCP.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed to reset 
devices.list: Operation not permitted
  Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on 
/system.slice/system-tor.slice/tor@default.service: Operation not permitted
  Dec 7 15:03:00 anonymous systemd[1]: message repeated 6 times: [ Failed to 
set devices.allow on /system.slice/system-tor.slice/tor@default.service: 
Operation not permitted]
  Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device 
/run/systemd/inaccessible/chr
  Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device 
/run/systemd/inaccessible/blk
  Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on 
/system.slice/system-tor.slice/tor@default.service: Operation not permitted


  Logs from the host
  

  audit: type=1400 audit(1481119378.856:6950): apparmor="DENIED" 
operation="change_onexec" info="label not found" error=-2 
namespace="root//lxd-anonymous_" profile="unconfined" name="system_tor" 
  pid=12164 comm="(tor)"

  
  Steps to reproduce
  -

  install ubuntu container 16.10 on a ubuntu 16.10 host

[Kernel-packages] [Bug 1628520] Re: nvme: Missing patch in Ubuntu-4.4.0-41.61

2017-02-27 Thread Andrew Cloke

Marking "root" bug as fix released, as the bug is specifically against
the Xenial 4.4 kernel, and that is "Fix Released".

** Changed in: linux (Ubuntu)
 Assignee: Taco Screen team (taco-screen-team) => (unassigned)

** Changed in: linux (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1628520

Title:
  nvme: Missing patch in Ubuntu-4.4.0-41.61

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Released

Bug description:
  == Comment: #0 - Gabriel Krisman Bertazi  - 2016-09-27 
22:59:44 ==
  Ubuntu-4.4.0-40.60 included my backport of :

  b00a726a9fd ("NVMe: Don't unmap controller registers on reset") #upstream 
commit
[ 30d6592fce71 on the Ubuntu -proposed branch]

  But missed the fix up that came later:

  81e9a969c441 ("nvme: Call pci_disable_device on the error path.") #
  4.4.y tree

  This means that we may hit an Oops if we need to go into the error
  path of  the nvme probe.

  
  Please cherry-pick this fix to your kernel.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1628520/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1643087] Re: Yakkety failures on Xeon Phi (Dell Poweredge C6320p)

2017-02-27 Thread Seth Forshee

To update - 4.10 is now in the archive for zesty. Please let us know if
you continue to see these issues on a fully up to date zesty
installation.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1643087

Title:
  Yakkety failures on Xeon Phi (Dell Poweredge C6320p)

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Yakkety:
  Won't Fix

Bug description:
  Dell Poweredge C6320p machine with Intel Xeon Phi processor, running 
certification tests.
  I see 2 segfaults in the logs, there are more errors in the cert tests which 
I will post later.  

  Linux brief-badger 4.8.0-27-generic #29-Ubuntu SMP Thu Oct 20 21:03:13
  UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1643087/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660836] Re: apparmor auditing denied access of special apparmor .null fi\ le

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660836

Title:
  apparmor  auditing denied access of special apparmor .null fi\ le

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When an fd is disallowed from being inherited during exec, instead of 
  
  closed it is duped to a special apparmor/.null file. This prevents the
  
  fd from being reused by another file in case the application expects  
  
  the original file on a give fd (eg stdin/stdout etc). This results in 
  
  a denial message like 
  
  [32375.561535] audit: type=1400 audit(1478825963.441:358): apparmor="DENIED" 
op\
  eration="file_inherit" namespace="root//lxd-t_" 
profile="/sbin/dhc\
  lient" name="/dev/pts/1" pid=16795 comm="dhclient" requested_mask="wr" 
denied_m\
  ask="wr" fsuid=165536 ouid=165536 
  

  
  Further access to the fd is resultin in the rather useless denial message 
  
  of
  
  [32375.566820] audit: type=1400 audit(1478825963.445:359): apparmor="DENIED" 
op\
  eration="file_perm" namespace="root//lxd-t_" 
profile="/sbin/dhclie\
  nt" name="/apparmor/.null" pid=16795 comm="dhclient" requested_mask="w" 
denied_\
  mask="w" fsuid=165536 ouid=0  
  

  
  since we have the original denial, the noisy and useless .null based  
  
  denials can be skipped.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660836/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660833] Re: apparmor reference count bug in label_merge_insert()

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660833

Title:
  apparmor reference count bug in label_merge_insert()

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  @new does not have a reference taken locally and should not have its  
  
  reference put locally either.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660833/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660519] Re: Windows guest got 0x5c BSOD when rebooting

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'. If the problem still exists,
change the tag 'verification-needed-trusty' to 'verification-failed-
trusty'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-trusty

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660519

Title:
  Windows guest got 0x5c BSOD when rebooting

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed

Bug description:
  [Impact]

  When rebooting Windows guest, it gets 0x5c BSOD
  Impact to 3.13 ( trusty )
  no Impact to 4.x

  [Fix]

  Upstream development
  4114c27d450bef228be9c7b0c40a888e18a3a636
  ("KVM: x86: reset RVI upon system reset")
  6d2a0526b09e551d0f395cfb63e7cb965db825af
  ("KVM: x86: Emulator should set DR6 upon GD like real CPU")

  and got one MACRO definition from below commit as 6d2a05's dependency
  6f43ed01e87c8a8dbd8c826eaf0f714c1342c039
  (whole 6f43ed commit has a lot of dependency to the other commits)

  [Testcase]

  Running 6 windows vms( 2012r2 ) on one single server.
  auto rebooting scripts in windows guest.
  after one day (around hundred rebooting), can get 0x5c certainly

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660519/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660834] Re: apparmor label leak when new label is unused

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660834

Title:
  apparmor label leak when new label is unused

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When a new label is created, it is created with a proxy in a circular 
  
  ref count that is broken by replacement. However if the label is not  
  
  used it will never be replaced and the circular ref count will never  
  
  be broken resulting in a leak.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660834/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660834] Re: apparmor label leak when new label is unused

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660834

Title:
  apparmor label leak when new label is unused

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When a new label is created, it is created with a proxy in a circular 
  
  ref count that is broken by replacement. However if the label is not  
  
  used it will never be replaced and the circular ref count will never  
  
  be broken resulting in a leak.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660834/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660832

Title:
  unix domain socket cross permission check failing with nested
  namespaces

Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Fix Released
Status in apparmor source package in Xenial:
  Confirmed
Status in linux source package in Xenial:
  Fix Committed
Status in apparmor source package in Yakkety:
  Confirmed
Status in linux source package in Yakkety:
  Fix Committed
Status in apparmor source package in Zesty:
  Confirmed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When using nested namespaces policy within the nested namespace is trying 
  
  to cross validate with policy outside of the namespace that is not
  
  visible to it. This results the access being denied and with no way to
  
  add a rule to policy that would allow it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1660832/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1593293] Re: brd module compiled as built-in

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1593293

Title:
  brd module compiled as built-in

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Block RAM disk module (brd, CONFIG_BLK_DEV_RAM) compiled as 'y', that
  means it is 'built-in' and can not be unloaded or loaded with
  different parameters. This render module completely useless because
  user can not anymore change it size.

  Please change it back to 'm' (module) to allow users use this module.

  Affected kernels (so far): Xenial, Yakkety (4.4).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1593293/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660634] Re: Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
trusty' to 'verification-done-trusty'. If the problem still exists,
change the tag 'verification-needed-trusty' to 'verification-failed-
trusty'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-trusty

** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660634

Title:
  Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  CONFIG_NET_DROP_MONITOR=m is needed for the dropwatch software.

  At the moment dropwatch is packaged only for Fedora:
  https://fedorahosted.org/dropwatch/

  The kernel compiled with CONFIG_NET_DROP_MONITOR=n makes not possible
  to use this software.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660634/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1638996] Re: apparmor's raw_data file in securityfs is sometimes truncated

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1638996

Title:
  apparmor's raw_data file in securityfs is sometimes truncated

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  Hi,

  It looks like sometimes apparmor's securityfs output is sometimes
  truncated,

  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 ls -al
  total 0
  drwxr-xr-x  3 root root 0 Nov  3 16:45 .
  drwxr-xr-x 13 root root 0 Nov  3 16:44 ..
  -r--r--r--  1 root root 0 Nov  3 16:45 attach
  -r--r--r--  1 root root 0 Nov  3 16:45 mode
  -r--r--r--  1 root root 0 Nov  3 16:45 name
  drwxr-xr-x  3 root root 0 Nov  3 16:45 profiles
  -r--r--r--  1 root root 0 Nov  3 16:45 raw_abi
  -r--r--r--  1 root root 46234 Nov  3 16:45 raw_data
  -r--r--r--  1 root root 0 Nov  3 16:45 raw_hash
  -r--r--r--  1 root root 0 Nov  3 16:45 sha1
  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 cat raw_data > /tmp/out
  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 ls -al /tmp/out 
  -rw-r--r-- 1 root root 4009 Nov  3 16:55 /tmp/out

  and

  2016-11-03 10:58:01 tych0 jjohansen: hi, http://paste.ubuntu.com/23421551/
  2016-11-03 10:58:18 tych0 it looks like fstat is lying to me about the size 
of the policy
  2016-11-03 10:59:20 @jjohansen  tych0: hrmm interesting, can you zip up the 
/tmp/out file so I can see it looks like a complete policy file?
  2016-11-03 11:00:03 @jjohansen  something is definitely not right there. hrmmm
  2016-11-03 11:00:26 @jjohansen  the size is set by the input buffer size
  2016-11-03 11:00:28 tych0 jjohansen: http://files.tycho.ws/tmp/out
  2016-11-03 11:00:36 tych0 yeah, i assume
  2016-11-03 11:01:15 @jjohansen  my guess is something is messing up in the 
seq_file walk of the policy
  2016-11-03 11:02:38 @jjohansen  tych0: yep the file is truncated, can you 
open a bug and I will start looking for it
  2016-11-03 11:03:14 tych0 jjohansen: sure, just on linux?
  2016-11-03 11:03:35 @jjohansen  tych0: yeah for now, just linux
  2016-11-03 11:03:43 @jjohansen  we can add others if needed later
  2016-11-03 11:03:44 tych0 jjohansen: FWIW, somehow it seems racy, becasue 
sometimes it works and sometimes it doesn't

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1638996/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1624164] Re: Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for module i915_bpo

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-firmware in Ubuntu.
https://bugs.launchpad.net/bugs/1624164

Title:
  Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for
  module i915_bpo

Status in linux package in Ubuntu:
  Invalid
Status in linux-firmware package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux-firmware source package in Xenial:
  Won't Fix

Bug description:
  SRU Justification

  Impact: i915_bpo requests some optional firmware which is not present
  in xenial due to causing regressions on some hardware. This produces a
  warning when generating the initrds.

  Fix: Remove the MODULE_FIRMWARE statement for this driver, thus
  removing it from the firmware's modinfo and eliminating the warning.

  Regression Potential: Virtually no risk of regression since it only
  affects the modinfo section of the kernel module and not the runtime
  behavior.

  ---

  Also: Possible missing firmware /lib/firmware/i915/skl_guc_ver6.bin
  for module i915_bpo

  Possible missing firmware /lib/firmware/i915/kbl_dmc_ver1.bin for
  module i915_bpo

  Ubuntu 16.04 Xenial

  Packages:

  ii  linux-firmware1.157.3   all   Firmware 
for Linux kernel drivers
  ii  linux-image-generic   4.4.0.36.38   amd64 Generic 
Linux kernel image

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1624164/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660634] Re: Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660634

Title:
  Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  CONFIG_NET_DROP_MONITOR=m is needed for the dropwatch software.

  At the moment dropwatch is packaged only for Fedora:
  https://fedorahosted.org/dropwatch/

  The kernel compiled with CONFIG_NET_DROP_MONITOR=n makes not possible
  to use this software.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660634/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660634] Re: Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660634

Title:
  Enable CONFIG_NET_DROP_MONITOR=m in Ubuntu Kernel

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Committed
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  CONFIG_NET_DROP_MONITOR=m is needed for the dropwatch software.

  At the moment dropwatch is packaged only for Fedora:
  https://fedorahosted.org/dropwatch/

  The kernel compiled with CONFIG_NET_DROP_MONITOR=n makes not possible
  to use this software.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660634/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1557690] Re: s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense on s390x

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1557690

Title:
  s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any
  sense on s390x

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  == Comment: #0 - Hendrik Brueckner - 2016-03-15 06:33:03 ==
  For NUMA, ensure the setting of these kernel configuration for s390x:

  # CONFIG_NUMA_BALANCING_DEFAULT_ENABLED is not set
  CONFIG_NUMA_EMU=y
  CONFIG_EMU_SIZE=0x1000

  
  CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense. s390 does not 
provide hardware topology information. However, we do support fake NUMA to 
improve performance issues seen with very large memory configurations. 
Therefore, CONFIG_NUMA_EMU has to be enabled.

  Given that we only support fake NUMA
  CONFIG_NUMA_BALANCING_DEFAULT_ENABLED should be disabled, since it
  moves pages without any benefit but costs additional cpu cycles.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1557690/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660833] Re: apparmor reference count bug in label_merge_insert()

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660833

Title:
  apparmor reference count bug in label_merge_insert()

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  @new does not have a reference taken locally and should not have its  
  
  reference put locally either.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660833/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1638996] Re: apparmor's raw_data file in securityfs is sometimes truncated

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1638996

Title:
  apparmor's raw_data file in securityfs is sometimes truncated

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  Hi,

  It looks like sometimes apparmor's securityfs output is sometimes
  truncated,

  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 ls -al
  total 0
  drwxr-xr-x  3 root root 0 Nov  3 16:45 .
  drwxr-xr-x 13 root root 0 Nov  3 16:44 ..
  -r--r--r--  1 root root 0 Nov  3 16:45 attach
  -r--r--r--  1 root root 0 Nov  3 16:45 mode
  -r--r--r--  1 root root 0 Nov  3 16:45 name
  drwxr-xr-x  3 root root 0 Nov  3 16:45 profiles
  -r--r--r--  1 root root 0 Nov  3 16:45 raw_abi
  -r--r--r--  1 root root 46234 Nov  3 16:45 raw_data
  -r--r--r--  1 root root 0 Nov  3 16:45 raw_hash
  -r--r--r--  1 root root 0 Nov  3 16:45 sha1
  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 cat raw_data > /tmp/out
  
root@zesty:/sys/kernel/security/apparmor/policy/namespaces/lxd-zest_/profiles/usr.lib.snapd.snap-confine.1#
 ls -al /tmp/out 
  -rw-r--r-- 1 root root 4009 Nov  3 16:55 /tmp/out

  and

  2016-11-03 10:58:01 tych0 jjohansen: hi, http://paste.ubuntu.com/23421551/
  2016-11-03 10:58:18 tych0 it looks like fstat is lying to me about the size 
of the policy
  2016-11-03 10:59:20 @jjohansen  tych0: hrmm interesting, can you zip up the 
/tmp/out file so I can see it looks like a complete policy file?
  2016-11-03 11:00:03 @jjohansen  something is definitely not right there. hrmmm
  2016-11-03 11:00:26 @jjohansen  the size is set by the input buffer size
  2016-11-03 11:00:28 tych0 jjohansen: http://files.tycho.ws/tmp/out
  2016-11-03 11:00:36 tych0 yeah, i assume
  2016-11-03 11:01:15 @jjohansen  my guess is something is messing up in the 
seq_file walk of the policy
  2016-11-03 11:02:38 @jjohansen  tych0: yep the file is truncated, can you 
open a bug and I will start looking for it
  2016-11-03 11:03:14 tych0 jjohansen: sure, just on linux?
  2016-11-03 11:03:35 @jjohansen  tych0: yeah for now, just linux
  2016-11-03 11:03:43 @jjohansen  we can add others if needed later
  2016-11-03 11:03:44 tych0 jjohansen: FWIW, somehow it seems racy, becasue 
sometimes it works and sometimes it doesn't

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1638996/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660832

Title:
  unix domain socket cross permission check failing with nested
  namespaces

Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Fix Released
Status in apparmor source package in Xenial:
  Confirmed
Status in linux source package in Xenial:
  Fix Committed
Status in apparmor source package in Yakkety:
  Confirmed
Status in linux source package in Yakkety:
  Fix Committed
Status in apparmor source package in Zesty:
  Confirmed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When using nested namespaces policy within the nested namespace is trying 
  
  to cross validate with policy outside of the namespace that is not
  
  visible to it. This results the access being denied and with no way to
  
  add a rule to policy that would allow it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1660832/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1593293] Re: brd module compiled as built-in

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1593293

Title:
  brd module compiled as built-in

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Block RAM disk module (brd, CONFIG_BLK_DEV_RAM) compiled as 'y', that
  means it is 'built-in' and can not be unloaded or loaded with
  different parameters. This render module completely useless because
  user can not anymore change it size.

  Please change it back to 'm' (module) to allow users use this module.

  Affected kernels (so far): Xenial, Yakkety (4.4).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1593293/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1659417] Re: docker permission issues with overlay2 storage driver

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1659417

Title:
  docker permission issues with overlay2 storage driver

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed

Bug description:
  SRU Justification

  Impact: Under some conditions docker users using the overlay2 storage
  driver with xenial kernels will get "permission denied" errors when
  they should not. This is due to a bug in overlayfs.

  Fix: Backport upstream fix, plus some cleanup to make the backup
  cleaner.

  Regression Potential: All changes are straightforward and have low
  risk of introducing regressions.

  ---

  Due to an issue in overlayfs, in some scenrios docker users can get
  erroneous "permission denied" errors when using the overlay2 storage
  driver. When a user has search permissions on the upper dir but not
  the lower dir they may get this error, where having search permissions
  for the upper dir should be sufficient. This is fixed by upstream
  commit 38b78a5f18584db6fa7441e0f4531b283b0e6725.

  Originally reported at https://github.com/docker/docker/issues/28391.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1659417/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1659340] Re: Linux kernel 4.8 hangs at boot up

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1659340

Title:
  Linux kernel 4.8 hangs at boot up

Status in linux package in Ubuntu:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Committed

Bug description:
  I've got an Acer Aspire V5-551G with a 64-bit AMD processor with dual boot,
  Windows 10 and Ubuntu 16.10.

  Ubuntu can be started and runs without problems with Linux kernel 4.4.0-45.
  When I try to start with any of the 4.8.0 kernels delivered with regular
  Ubuntu updates, they all hang after printing

Läser in Linux 4.8.0-34-generic ...
Läser in initial ramdisk ...

  Sorry for the partly Swedish text. I guess that the lines would start with
  "Loading" instead of "Läser in" on an English version.

  The behaviour is the same with all 4.8.0 versions up to the latest 4.8.0-34
  and with -generic, -generic (upstart) and -generic (recovery mode).

  After a while the fan runs at full speed, as if the processor is working
  hard, but nothing happens.

  After I've tried in vain to start with Linux 4.8.0-xx, and then starts
  with 4.4.0-45, the following errors are usually printed:

  [  2.511733] usb 4-3: string descriptor 0 read error: -22
  [  3.841872] [drm:radeon_scpi_init [radeon]] *ERROR* Cannot find backlight 
controller
  /dev/sda7: clean, 807007/9363456 files, 7364300/37423360 blocks
  [ 21.335117] usb 4-3: string descriptor 0 read error: -22

  When a successful start has not been immediately preceded by a failed start,
  only the line beginning "/dev/sda7" is printed.

  I have previously commented on bug #1635447. As recommended there, I've
  also tested with the upstream kernel 4.10-rc3. It worked just as bad as
  4.8.0.

  I tried to report this bug with 'ubuntu-bug linux' after I had booted with
  the 4.4.0-45 kernel, but I couldn't. It said that linux-image-4.4.0-45-
  generic is not an official Ubuntu package.
  --- 
  ApportVersion: 2.20.3-0ubuntu8.2
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC2:  kjell  2022 F pulseaudio
   /dev/snd/controlC1:  kjell  2022 F pulseaudio
   /dev/snd/controlC0:  kjell  2022 F pulseaudio
  CurrentDesktop: GNOME-Flashback:Unity
  DistroRelease: Ubuntu 16.10
  HibernationDevice: RESUME=UUID=d42f8b71-8244-45d9-a814-ca7b9fb474bb
  InstallationDate: Installed on 2013-09-25 (1218 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
  MachineType: Acer Aspire V5-551G
  Package: linux (not installed)
  ProcFB: 0 radeondrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-45-generic.efi.signed 
root=UUID=b953dea5-2c7a-4d65-9b8e-446b111ccce8 ro quiet splash vt.handoff=7
  ProcVersionSignature: Ubuntu 4.4.0-45.66-generic 4.4.21
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-45-generic N/A
   linux-backports-modules-4.4.0-45-generic  N/A
   linux-firmware1.161.1
  Tags:  yakkety
  Uname: Linux 4.4.0-45-generic x86_64
  UpgradeStatus: Upgraded to yakkety on 2016-10-26 (91 days ago)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
  _MarkForUpload: True
  dmi.bios.date: 03/11/2013
  dmi.bios.vendor: Insyde Corp.
  dmi.bios.version: V2.14
  dmi.board.asset.tag: Base Board Asset Tag
  dmi.board.name: Havok
  dmi.board.vendor: Acer
  dmi.board.version: Type2 - A01 Board Version
  dmi.chassis.type: 10
  dmi.chassis.vendor: Chassis Manufacturer
  dmi.chassis.version: Chassis Version
  dmi.modalias: 
dmi:bvnInsydeCorp.:bvrV2.14:bd03/11/2013:svnAcer:pnAspireV5-551G:pvrV2.14:rvnAcer:rnHavok:rvrType2-A01BoardVersion:cvnChassisManufacturer:ct10:cvrChassisVersion:
  dmi.product.name: Aspire V5-551G
  dmi.product.version: V2.14
  dmi.sys.vendor: Acer

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1659340/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660836] Re: apparmor auditing denied access of special apparmor .null fi\ le

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660836

Title:
  apparmor  auditing denied access of special apparmor .null fi\ le

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When an fd is disallowed from being inherited during exec, instead of 
  
  closed it is duped to a special apparmor/.null file. This prevents the
  
  fd from being reused by another file in case the application expects  
  
  the original file on a give fd (eg stdin/stdout etc). This results in 
  
  a denial message like 
  
  [32375.561535] audit: type=1400 audit(1478825963.441:358): apparmor="DENIED" 
op\
  eration="file_inherit" namespace="root//lxd-t_" 
profile="/sbin/dhc\
  lient" name="/dev/pts/1" pid=16795 comm="dhclient" requested_mask="wr" 
denied_m\
  ask="wr" fsuid=165536 ouid=165536 
  

  
  Further access to the fd is resultin in the rather useless denial message 
  
  of
  
  [32375.566820] audit: type=1400 audit(1478825963.445:359): apparmor="DENIED" 
op\
  eration="file_perm" namespace="root//lxd-t_" 
profile="/sbin/dhclie\
  nt" name="/apparmor/.null" pid=16795 comm="dhclient" requested_mask="w" 
denied_\
  mask="w" fsuid=165536 ouid=0  
  

  
  since we have the original denial, the noisy and useless .null based  
  
  denials can be skipped.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660836/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1645037] Re: apparmor_parser hangs indefinitely when called by multiple threads

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1645037

Title:
  apparmor_parser hangs indefinitely when called by multiple threads

Status in apparmor package in Ubuntu:
  Triaged
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  This bug surfaced when starting ~50 LXC container with LXD in parallel
  multiple times:

  # Create the containers
  for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done

  # Exectute this loop multiple times until you observe errors.
  for c in c foo{1..50}; do lxc restart $c & done

  After this you can

  ps aux | grep apparmor

  and you should see output similar to:

  root 19774  0.0  0.0  12524  1116 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo30
  root 19775  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo26
  root 19776  0.0  0.0  13592  3224 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo30
  root 19778  0.0  0.0  13592  3384 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo26
  root 19780  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo43
  root 19782  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo34
  root 19783  0.0  0.0  13592  3388 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo43
  root 19784  0.0  0.0  13592  3252 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo34
  root 19794  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo25
  root 19795  0.0  0.0  13592  3256 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo25

  apparmor_parser remains stuck even after all LXC/LXD commands have
  exited.

  dmesg output yields lines like:

  [41902.815174] audit: type=1400 audit(1480191089.678:43):
  apparmor="STATUS" operation="profile_load" profile="unconfined" name
  ="lxd-foo30_" pid=12545 comm="apparmor_parser"

  and cat /proc/12545/stack shows:

  [] aa_remove_profiles+0x88/0x270
  21:19   brauner  [] profile_remove+0x144/0x2e0
  21:19   brauner  [] __vfs_write+0x18/0x40
  21:19   brauner  [] vfs_write+0xb8/0x1b0
  21:19   brauner  [] SyS_write+0x55/0xc0
  21:19   brauner  [] entry_SYSCALL_64_fastpath+0x1e/0xa8
  21:19   brauner  [] 0x

  This looks like a potential kernel bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1645037/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1664809] Re: [0bda:0328] Card reader failed after S3

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1664809

Title:
  [0bda:0328] Card reader failed after S3

Status in HWE Next:
  New
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Summary: [0bda:0328] Card reader failed after S3

  Steps:
  1. Check card reader can be used before S3
  2. Enter into S3
  3. Resume from S3
  4. Insert SD/MMC/SDHC into the card reader

  Expected results: Card reader passed after S3

  Actual results: Card reader failed after S3
  The card reader device is gone from lsusb
  Bus 002 Device 002: ID 0bda:0328 Realtek Semiconductor Corp.

To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1664809/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1650058] Re: [Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel and image

2017-02-27 Thread Brad Figg

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-xenial

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1650058

Title:
[Hyper-V/Azure] Please include Mellanox OFED drivers in Azure kernel
and image

Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Xenial:
Fix Committed

Bug description:
In order to have the correct VF driver to support SR-IOV in Azure, the
Mellanox OFED distribution needs to be included in the kernel and the
image. Mellanox's drivers are not upstream, but they are available
from here:

https://www.mellanox.com/page/products_dyn?product_family=26=linux_sw_drivers=3nnhohirh5htv6dnp1uk7tf487

While this configuration is not explicitly listed as supported in the
release notes, Microsoft and Mellanox engineers are working on the
corresponding Windows Server 2016 PF driver to support this VF driver
in operation in Ubuntu guests.

I file file a corresponding rebase request to pick up the PCI
passthrough and other SR-IOV work done for the Hyper-V capabilities in
the upstream 4.9 kernel.

Only 64-bit support for Ubuntu 16.04's HWE kernel is needed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1650058/+subscriptions

[Kernel-packages] [Bug 1649292] Re: NFS client : permission denied when trying to access subshare, since kernel 4.4.0-31

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1649292

Title:
NFS client : permission denied when trying to access subshare, since
kernel 4.4.0-31

Status in linux package in Ubuntu:
In Progress
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Yakkety:
Fix Committed

Bug description:
SRU Justification

Impact: A regression has caused mounting of NFS subshares with
kerberos authentication to fail. This is a result of
follow_automount() overriding the user credentials before calling
dentry->d_automount().

Fix: Cherry pick from linux-next.

Regression Potential: The commit fixes a regression and makes the
automount behavior more like it was prior to changes in 4.8 (which we
also backported to xenial). Therefore the regression potential should
be minimal.

---

Similar like Bug #1603719 or Bug #1604396 i got a "Permission denied"
when trying to access a NFS subshare from our NFSv4 Server.

I tried this under (K)ubuntu Trusty and Xenial and also with the
ubuntu based Mint Versions 17.3 Rosa an 18 Sarah.

Kernel Versions higher than 4.4.0-31 from offical Ubuntu Repository has the
problem.
Before 4.4.0-31 not. For safety reasons i used the linux-generic-lts-wily
meta package

The 4.4 mainline kernel also works without problem currently
(4.4.37-040437-generic)

Our NFS server runs under FreeBSD 11, but same problems to the clients
with FreeBSD 10.3 and OmniOS r151018.

All NFS servers use ZFS as the filesystem and NFSv4 with kerberos for
sharing. For the basic structure we use also ZFS filesystems.

So my homefolder is located on the server under
/apool/AIS/share/home/staff/fili/linux ... each level is a ZFS
filesystem. On the client nfs share /apool/AIS/share/home is mounted
under /home/VI

My posix homedirectory path is /home/VI/staff/fili/linux

When i try to login i got access to /home/VI/staff/fili ... but when i
try to access the linux directory / zfs filesystem i got the
permission denied.

The fstab options for /home/VI are
_netdev,rw,sync,sec=krb5,nfsvers=4,clientaddr=w.x.y.z

I tried also autofs but with the same result.

---
ApportVersion: 2.20.1-0ubuntu2.2
Architecture: amd64
AudioDevicesInUse:
USERPID ACCESS COMMAND
/dev/snd/controlC1: system 1812 F pulseaudio
/dev/snd/controlC0: system 1812 F pulseaudio
DistroRelease: Ubuntu 16.04
HibernationDevice: RESUME=UUID=85a1880e-b78e-49d6-888c-342e47405712
InstallationDate: Installed on 2016-10-17 (56 days ago)
InstallationMedia: Kubuntu 16.04.1 LTS "Xenial Xerus" - Release amd64
(20160719)
IwConfig:
enp7s0no wireless extensions.

lono wireless extensions.
MachineType: System manufacturer System Product Name
NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
Package: linux (not installed)
ProcFB:

ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-57-generic
root=UUID=db11df78-a07d-44b5-8fe3-0f67e7a5ff51 ro
ProcVersionSignature: Ubuntu 4.4.0-57.78-generic 4.4.35
PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No
PulseAudio daemon running, or not running as session daemon.
RelatedPackageVersions:
linux-restricted-modules-4.4.0-57-generic N/A
linux-backports-modules-4.4.0-57-generic N/A
linux-firmware1.157.5
RfKill:

Tags: xenial
Uname: Linux 4.4.0-57-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

_MarkForUpload: True
dmi.bios.date: 09/24/2010
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 1205
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: P6T WS PRO
dmi.board.vendor: ASUSTeK Computer INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: Asset-1234567890
dmi.chassis.type: 3
dmi.chassis.vendor: Chassis Manufacture
dmi.chassis.version: Chassis Version
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvr1205:bd09/24/2010:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP6TWSPRO:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:
dmi.product.name: System Product Name
dmi.product.version: System Version
dmi.sys.vendor: System

[Kernel-packages] [Bug 1651248] Re: Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV VFs caused KVM host hung and all KVM guests down.

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1651248

Title:
  Ubuntu16.10-KVM:Big configuration with multiple guests running SRIOV
  VFs caused KVM host hung and all KVM guests down.

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  Hello Canonical.

  This appears to be related to LP1636330

  There are additional patches we would like picked up once they
  accepted upstream:

  http://www.spinics.net/lists/kvm/msg141747.html

  [PATCH 1/5] KVM: PPC: XICS cleanup: remove XICS_RM_REJECT
  [PATCH 2/5] KVM: PPC: XICS: correct the real mode ICP rejecting counter
  [PATCH 3/5] KVM: PPC: XICS: Fix potential resend twice issue
  [PATCH 4/5] KVM: PPC: XICS: Implement ICS P/Q states
  [PATCH 5/5] KVM: PPC: XICS: Don't lock twice when doing check resend

  
  Bug history context:

  == Comment: #1 - Application Cdeadmin  - 2016-10-17 11:05:07 ==
   State: Open by: nguyenp on 17 October 2016 09:54:13 

  Ubuntu16.10-KVM host:
  =
  tul612p01.aus.stglabs.ibm.com

  Problem Description:
  ===
  I set up a big configure with multiple guests running SRIOV on tul612fp1 
system. For VFs, I created 64 of them on Ubuntu16.10-KVM host (32 VFs per 
port). I have 6 guests total (mix of ubuntu16.10 and ubuntu16.04.01 guests). I 
assigned 4 VFs for each guest.

  I kicked off network tests on VFs on all guests late Friday night. The test 
ran good on Friday night then it all failed on sometime on Saturday night. 
Right now, all guests are currently are down. Another bad part is that the 
Ubuntu-KVM host is currently hung. So the whole system is very much down. I 
could not get to neither the KVM host nor any guest.
   
  I have talked to my team leads, Siraj I. and Brian C. about the problem this 
morning. They want me to open the defect so that I/O developer to looking into 
the SRIOV problem on Ubuntu16.10-KVM again.

  == Comment: #11 - Paul Nguyen - 2016-10-18 17:55:40 ==
  Worked with Carol earlier today on the SRIOV configuration on this tul612 
system.  Thanks for your help, Carol !

  I just want to document the differences of this configuration .vs. previous 
run configuration. So that we can keep track of what we have tried.
   

  Here are the differences:

  1) In this configuration, Carol installed patch driver on KVM host to
  avoid the BUG_ON.

  2) To avoid missing interrupt issue, Carol told me to reduce the
  number of VFs to 16 VFs per port. (on previous run, I had 32 VFs per
  port which was 64 VFs total for 2 ports of the adapter)

  3) Also Carol wanted to reduce number of guests down to 4 guests.
(on previous run, I had 6 guests running and 4 VFs per guest)

  4) Carol also configured NUMA for the 4 guests.
 
16

  


  
  All SRIOV tests have been running good for about 3 hours already.  Let's see 
how long it hit the problem.

  == Comment: #12 - Paul Nguyen - 2016-10-19 10:15:50 ==
  I have 4 guests running SRIOV and 2 guests hit with TX timeout problem last 
night.  The other 2 guests seem running fine.

  
  tul612p05_unbuntu1610 guest:
  
  tul612p05.aus.stglabs.ibm.com

  [Tue Oct 18 15:15:42 2016] nfsd: peername failed (err 107)!
  [Tue Oct 18 16:04:06 2016] hrtimer: interrupt took 12062308 ns
  [Wed Oct 19 00:28:52 2016] NETDEV WATCHDOG: enp0s4 (mlx5_core): transmit 
queue 2 timed out
  [Wed Oct 19 00:28:52 2016] [ cut here ]
  [Wed Oct 19 00:28:52 2016] WARNING: CPU: 13 PID: 28503 at 
/build/linux-PXWOzW/linux-4.8.0/net/sched/sch_generic.c:316 
dev_watchdog+0x380/0x390
  [Wed Oct 19 00:28:52 2016] Modules linked in: iptable_filter rdma_ucm(OE) 
ib_ucm(OE) rdma_cm(OE) iw_cm(OE) configfs ib_ipoib(OE) ib_cm(OE) ib_uverbs(OE) 
ib_umad(OE) mlx5_ib(OE) mlx4_ib(OE) ib_sa(OE) ib_mad(OE) ib_core(OE) 
ib_addr(OE) ib_netlink(OE) mlx4_en(OE) mlx4_core(OE) vmx_crypto binfmt_misc 
nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables x_tables autofs4 ibmvscsi 
crc32c_vpmsum mlx5_core(OE) mlx_compat(OE)
  [Wed Oct 19 00:28:52 2016] CPU: 13 PID: 28503 Comm: hxecpu Tainted: G 
  OE   4.8.0-22-generic

[Kernel-packages] [Bug 1656908] Re: In Ubuntu 17.04 : after reboot getting message in console like Unable to open file: /etc/keys/x509_ima.der (-2)

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1656908

Title:
  In Ubuntu 17.04 : after reboot getting message in console like Unable
  to open file: /etc/keys/x509_ima.der (-2)

Status in linux package in Ubuntu:
  Won't Fix
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Committed

Bug description:
  Installed Ubuntu17.04 as PowerVM/KVM or NV , after installation every
  reboot getting message in console

  Unable to open file: /etc/keys/x509_ima.der (-2)

  
  LOG:

  Booting Linux via __start() @ 0x0a6c ...
   -> smp_release_cpus()
  spinning_secondaries = 7
   <- smp_release_cpus()
  [0.663066] Unable to open file: /etc/keys/x509_ima.der (-2)[0.663129] 
Unable to open file: /etc/keys/x509_evm.der (-2)
  [0.792300] sd 0:0:1:0: [sda] Assuming drive cache: write through

  Ubuntu Zesty Zapus (development branch) ubuntu  hvc0

  ubuntu  login:

  Maybe this was introduced by
  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1643652 ? Will
  mirror this over to Launchpad for Canonical to review...

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1656908/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1648903] Re: Permission denied and inconsistent behavior in complain mode with 'ip netns list' command

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1648903

Title:
  Permission denied and inconsistent behavior in complain mode with 'ip
  netns list' command

Status in AppArmor:
  New
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  On 16.04 with Ubuntu 4.4.0-53.74-generic 4.4.30

  With this profile:

  #include 

  profile test (attach_disconnected,complain) {
  #include 

  /{,usr/}{,s}bin/ip ixr,  # COMMENT OUT THIS RULE TO SEE WEIRDNESS

  capability sys_admin,
  capability net_admin,
  capability sys_ptrace,

  network netlink raw,

  ptrace (trace),

  / r,
  /run/netns/ rw,
  /run/netns/* rw,

  mount options=(rw, rshared) -> /run/netns/,
  mount options=(rw, bind) /run/netns/ -> /run/netns/,
  mount options=(rw, bind) / -> /run/netns/*,
  mount options=(rw, rslave) /,
  mount options=(rw, rslave), # LP: #1648245
  umount /sys/,
  umount /,

  
  /bin/dash ixr,
  }

  Everything is fine when I do:
  $ sudo apparmor_parser -r /home/jamie/apparmor.profile && sudo aa-exec -p 
test -- sh -c 'ip netns list'
  $

  and there are no ALLOWED entries in syslog.

  
  However, if I comment out the '/{,usr/}{,s}bin/ip ixr,' rule, I get a 
permission denied and a bunch of ALLOWED entries:

  $ sudo apparmor_parser -r /home/jamie/apparmor.profile && sudo aa-exec -p 
test -- sh -c 'ip netns list'
  open("/proc/self/ns/net"): Permission denied
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.862629] audit: type=1400 
audit(1481324889.782:469): apparmor="STATUS" operation="profile_replace" 
profile="unconfined" name="test" pid=4314 comm="apparmor_parser"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870339] audit: type=1400 
audit(1481324889.790:470): apparmor="ALLOWED" operation="exec" profile="test" 
name="/bin/ip" pid=4317 comm="sh" requested_mask="x" denied_mask="x" fsuid=0 
ouid=0 target="test//null-/bin/ip"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870559] audit: type=1400 
audit(1481324889.790:471): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/etc/ld.so.cache" pid=4317 comm="ip" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870628] audit: type=1400 
audit(1481324889.790:472): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/libdl-2.23.so" 
pid=4317 comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870703] audit: type=1400 
audit(1481324889.790:473): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/libc-2.23.so" pid=4317 
comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870861] audit: type=1400 
audit(1481324889.790:474): apparmor="ALLOWED" operation="file_mprotect" 
profile="test//null-/bin/ip" name="/bin/ip" pid=4317 comm="ip" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870913] audit: type=1400 
audit(1481324889.790:475): apparmor="ALLOWED" operation="file_mprotect" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/ld-2.23.so" pid=4317 
comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871019] audit: type=1400 
audit(1481324889.790:476): apparmor="ALLOWED" operation="create" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="create" denied_mask="create"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871066] audit: type=1400 
audit(1481324889.790:477): apparmor="ALLOWED" operation="setsockopt" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="setopt" denied_mask="setopt"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871099] audit: type=1400 
audit(1481324889.790:478): apparmor="ALLOWED" operation="setsockopt" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="setopt" denied_mask="setopt"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871128] audit: type=1400

[Kernel-packages] [Bug 1648143] Re: tor in lxd: apparmor="DENIED" operation="change_onexec" namespace="root//CONTAINERNAME_" profile="unconfined" name="system_tor"

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1648143

Title:
  tor in lxd: apparmor="DENIED" operation="change_onexec"
  namespace="root//CONTAINERNAME_" profile="unconfined"
  name="system_tor"

Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Incomplete
Status in tor package in Ubuntu:
  New
Status in apparmor source package in Xenial:
  New
Status in linux source package in Xenial:
  Fix Committed
Status in tor source package in Xenial:
  New
Status in apparmor source package in Yakkety:
  New
Status in linux source package in Yakkety:
  Fix Committed
Status in tor source package in Yakkety:
  New

Bug description:
  Environment:
  

  Distribution: ubuntu
  Distribution version: 16.10
  lxc info:
  apiextensions:

  storage_zfs_remove_snapshots
  container_host_shutdown_timeout
  container_syscall_filtering
  auth_pki
  container_last_used_at
  etag
  patch
  usb_devices
  https_allowed_credentials
  image_compression_algorithm
  directory_manipulation
  container_cpu_time
  storage_zfs_use_refquota
  storage_lvm_mount_options
  network
  profile_usedby
  container_push
  apistatus: stable
  apiversion: "1.0"
  auth: trusted
  environment:
  addresses:
  163.172.48.149:8443
  172.20.10.1:8443
  172.20.11.1:8443
  172.20.12.1:8443
  172.20.22.1:8443
  172.20.21.1:8443
  10.8.0.1:8443
  architectures:
  x86_64
  i686
  certificate: |
  -BEGIN CERTIFICATE-
  -END CERTIFICATE-
  certificatefingerprint: 
3048baa9f20d316f60a6c602452b58409a6d9e2c3218897e8de7c7c72af0179b
  driver: lxc
  driverversion: 2.0.5
  kernel: Linux
  kernelarchitecture: x86_64
  kernelversion: 4.8.0-27-generic
  server: lxd
  serverpid: 32694
  serverversion: 2.4.1
  storage: btrfs
  storageversion: 4.7.3
  config:
  core.https_address: '[::]:8443'
  core.trust_password: true

  Container: ubuntu 16.10

  
  Issue description
  --

  
  tor can't start in a non privileged container

  
  Logs from the container:
  -

  Dec 7 15:03:00 anonymous tor[302]: Configuration was valid
  Dec 7 15:03:00 anonymous systemd[303]: tor@default.service: Failed at step 
APPARMOR spawning /usr/bin/tor: No such file or directory
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Main process 
exited, code=exited, status=231/APPARMOR
  Dec 7 15:03:00 anonymous systemd[1]: Failed to start Anonymizing overlay 
network for TCP.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Unit entered failed 
state.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed with result 
'exit-code'.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Service hold-off 
time over, scheduling restart.
  Dec 7 15:03:00 anonymous systemd[1]: Stopped Anonymizing overlay network for 
TCP.
  Dec 7 15:03:00 anonymous systemd[1]: tor@default.service: Failed to reset 
devices.list: Operation not permitted
  Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on 
/system.slice/system-tor.slice/tor@default.service: Operation not permitted
  Dec 7 15:03:00 anonymous systemd[1]: message repeated 6 times: [ Failed to 
set devices.allow on /system.slice/system-tor.slice/tor@default.service: 
Operation not permitted]
  Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device 
/run/systemd/inaccessible/chr
  Dec 7 15:03:00 anonymous systemd[1]: Couldn't stat device 
/run/systemd/inaccessible/blk
  Dec 7 15:03:00 anonymous systemd[1]: Failed to set devices.allow on 
/system.slice/system-tor.slice/tor@default.service: Operation not permitted


  Logs from the host
  

  audit: type=1400 audit(1481119378.856:6950): apparmor="DENIED" 
operation="change_onexec" info="label not found" error=-2 
namespace="root//lxd-anonymous_" profile="unconfined" name="system_tor" 
  pid=12164 comm="(tor)"

  
  Steps to reproduce

[Kernel-packages] [Bug 1648903] Re: Permission denied and inconsistent behavior in complain mode with 'ip netns list' command

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1648903

Title:
  Permission denied and inconsistent behavior in complain mode with 'ip
  netns list' command

Status in AppArmor:
  New
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  On 16.04 with Ubuntu 4.4.0-53.74-generic 4.4.30

  With this profile:

  #include 

  profile test (attach_disconnected,complain) {
  #include 

  /{,usr/}{,s}bin/ip ixr,  # COMMENT OUT THIS RULE TO SEE WEIRDNESS

  capability sys_admin,
  capability net_admin,
  capability sys_ptrace,

  network netlink raw,

  ptrace (trace),

  / r,
  /run/netns/ rw,
  /run/netns/* rw,

  mount options=(rw, rshared) -> /run/netns/,
  mount options=(rw, bind) /run/netns/ -> /run/netns/,
  mount options=(rw, bind) / -> /run/netns/*,
  mount options=(rw, rslave) /,
  mount options=(rw, rslave), # LP: #1648245
  umount /sys/,
  umount /,

  
  /bin/dash ixr,
  }

  Everything is fine when I do:
  $ sudo apparmor_parser -r /home/jamie/apparmor.profile && sudo aa-exec -p 
test -- sh -c 'ip netns list'
  $

  and there are no ALLOWED entries in syslog.

  
  However, if I comment out the '/{,usr/}{,s}bin/ip ixr,' rule, I get a 
permission denied and a bunch of ALLOWED entries:

  $ sudo apparmor_parser -r /home/jamie/apparmor.profile && sudo aa-exec -p 
test -- sh -c 'ip netns list'
  open("/proc/self/ns/net"): Permission denied
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.862629] audit: type=1400 
audit(1481324889.782:469): apparmor="STATUS" operation="profile_replace" 
profile="unconfined" name="test" pid=4314 comm="apparmor_parser"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870339] audit: type=1400 
audit(1481324889.790:470): apparmor="ALLOWED" operation="exec" profile="test" 
name="/bin/ip" pid=4317 comm="sh" requested_mask="x" denied_mask="x" fsuid=0 
ouid=0 target="test//null-/bin/ip"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870559] audit: type=1400 
audit(1481324889.790:471): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/etc/ld.so.cache" pid=4317 comm="ip" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870628] audit: type=1400 
audit(1481324889.790:472): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/libdl-2.23.so" 
pid=4317 comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870703] audit: type=1400 
audit(1481324889.790:473): apparmor="ALLOWED" operation="open" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/libc-2.23.so" pid=4317 
comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870861] audit: type=1400 
audit(1481324889.790:474): apparmor="ALLOWED" operation="file_mprotect" 
profile="test//null-/bin/ip" name="/bin/ip" pid=4317 comm="ip" 
requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.870913] audit: type=1400 
audit(1481324889.790:475): apparmor="ALLOWED" operation="file_mprotect" 
profile="test//null-/bin/ip" name="/lib/x86_64-linux-gnu/ld-2.23.so" pid=4317 
comm="ip" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871019] audit: type=1400 
audit(1481324889.790:476): apparmor="ALLOWED" operation="create" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="create" denied_mask="create"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871066] audit: type=1400 
audit(1481324889.790:477): apparmor="ALLOWED" operation="setsockopt" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="setopt" denied_mask="setopt"
  Dec  9 17:08:09 sec-xenial-amd64 kernel: [ 3117.871099] audit: type=1400 
audit(1481324889.790:478): apparmor="ALLOWED" operation="setsockopt" 
profile="test//null-/bin/ip" pid=4317 comm="ip" family="netlink" 
sock_type="raw" protocol=0 requested_mask="setopt"

[Kernel-packages] [Bug 1649292] Re: NFS client : permission denied when trying to access subshare, since kernel 4.4.0-31

2017-02-27 Thread Brad Figg

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1649292

Title:
NFS client : permission denied when trying to access subshare, since
kernel 4.4.0-31

Status in linux package in Ubuntu:
In Progress
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Yakkety:
Fix Committed

Bug description:
SRU Justification

Fix: Cherry pick from linux-next.

---

Similar like Bug #1603719 or Bug #1604396 i got a "Permission denied"
when trying to access a NFS subshare from our NFSv4 Server.

I tried this under (K)ubuntu Trusty and Xenial and also with the
ubuntu based Mint Versions 17.3 Rosa an 18 Sarah.

Kernel Versions higher than 4.4.0-31 from offical Ubuntu Repository has the
problem.
Before 4.4.0-31 not. For safety reasons i used the linux-generic-lts-wily
meta package

The 4.4 mainline kernel also works without problem currently
(4.4.37-040437-generic)

Our NFS server runs under FreeBSD 11, but same problems to the clients
with FreeBSD 10.3 and OmniOS r151018.

All NFS servers use ZFS as the filesystem and NFSv4 with kerberos for
sharing. For the basic structure we use also ZFS filesystems.

So my homefolder is located on the server under
/apool/AIS/share/home/staff/fili/linux ... each level is a ZFS
filesystem. On the client nfs share /apool/AIS/share/home is mounted
under /home/VI

My posix homedirectory path is /home/VI/staff/fili/linux

When i try to login i got access to /home/VI/staff/fili ... but when i
try to access the linux directory / zfs filesystem i got the
permission denied.

The fstab options for /home/VI are
_netdev,rw,sync,sec=krb5,nfsvers=4,clientaddr=w.x.y.z

I tried also autofs but with the same result.

lono wireless extensions.
MachineType: System manufacturer System Product Name
NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia
Package: linux (not installed)
ProcFB:

Tags: xenial
Uname: Linux 4.4.0-57-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:

[Kernel-packages] [Bug 1645037] Re: apparmor_parser hangs indefinitely when called by multiple threads

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1645037

Title:
  apparmor_parser hangs indefinitely when called by multiple threads

Status in apparmor package in Ubuntu:
  Triaged
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  This bug surfaced when starting ~50 LXC container with LXD in parallel
  multiple times:

  # Create the containers
  for c in c foo{1..50}; do lxc launch images:ubuntu/xenial $c; done

  # Exectute this loop multiple times until you observe errors.
  for c in c foo{1..50}; do lxc restart $c & done

  After this you can

  ps aux | grep apparmor

  and you should see output similar to:

  root 19774  0.0  0.0  12524  1116 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo30
  root 19775  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo26
  root 19776  0.0  0.0  13592  3224 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo30
  root 19778  0.0  0.0  13592  3384 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo26
  root 19780  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo43
  root 19782  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo34
  root 19783  0.0  0.0  13592  3388 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo43
  root 19784  0.0  0.0  13592  3252 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo34
  root 19794  0.0  0.0  12524  1208 pts/1S+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo25
  root 19795  0.0  0.0  13592  3256 pts/1D+   20:14   0:00 
apparmor_parser -RWL /var/lib/lxd/security/apparmor/cache 
/var/lib/lxd/security/apparmor/profiles/lxd-foo25

  apparmor_parser remains stuck even after all LXC/LXD commands have
  exited.

  dmesg output yields lines like:

  [41902.815174] audit: type=1400 audit(1480191089.678:43):
  apparmor="STATUS" operation="profile_load" profile="unconfined" name
  ="lxd-foo30_" pid=12545 comm="apparmor_parser"

  and cat /proc/12545/stack shows:

  [] aa_remove_profiles+0x88/0x270
  21:19   brauner  [] profile_remove+0x144/0x2e0
  21:19   brauner  [] __vfs_write+0x18/0x40
  21:19   brauner  [] vfs_write+0xb8/0x1b0
  21:19   brauner  [] SyS_write+0x55/0xc0
  21:19   brauner  [] entry_SYSCALL_64_fastpath+0x1e/0xa8
  21:19   brauner  [] 0x

  This looks like a potential kernel bug.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1645037/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1650336] Re: NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1650336

Title:
  NFS client : kernel 4.4.0-57 crash with nfsv4 enries in /etc/fstab

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed

Bug description:
  SRU Justification

  Impact: A commit from upstream 4.4 stable introduced a regression in
  refcounting auth_gss messages which can lead to an oops.

  Fix: Cherry pick upstream commit
  1cded9d2974fe4fe339fc0ccd6638b80d465ab2c "SUNRPC: fix refcounting
  problems with auth_gss messages."

  Regresssion Potential: Test results confirm that the commit fixes an
  existing regression. It's pretty straightforward and is already
  present in some upstream stable kernels, so I think the potential for
  regressions is minimal.

  ---

  On (K)ubuntu 16.04.01 (Xenial) Upgrading to kernel 4.4.0-57 the kernel
  crash on boot when in /etc/fstab a nfsv4 entry is active

  When comment the line or set to noauto the kernel boot with no error
  and mounting the nfs shares (after uncomment ) is also possible
  without error

  4.4.0-54 boots without this problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1650336/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1656121] Re: unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt from a unshared mount namespace

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1656121

Title:
  unexpected errno=13 and disconnected path when trying to open
  /proc/1/ns/mnt from a unshared mount namespace

Status in AppArmor:
  Confirmed
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  This bug is based on a discussion with jjohansen on IRC.

  While working on a feature for snapd
  (https://github.com/snapcore/snapd/pull/2624) we came across an
  unexpected EACCES that only seems to happen when apparmor is in the
  loop.

  The kernel log shows something interesting. The full log is available
  here: http://paste.ubuntu.com/23789099/

  Jan 12 23:16:43 autopkgtest kernel: [  498.616822] audit: type=1400
  audit(1484259403.009:67): apparmor="ALLOWED" operation="open"
  info="Failed name lookup - disconnected path" error=-13 profile="snap
  .test-snapd-tools.cmd//null-/usr/bin/snap//null-/usr/lib/snapd/snap-
  confine" name="" pid=25299 comm="snap-confine" requested_mask="r"
  denied_mask="r" fsuid=0 ouid=0

  The code that triggers this is reproduced below (also visible here
  https://github.com/snapcore/snapd/pull/2624/files)

  +void sc_reassociate_with_pid1_mount_ns()
   +{
   +int init_mnt_fd __attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +int self_mnt_fd __attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +
   +debug("checking if the current process shares mount namespace"
   +  "with the init process");
   +
   +init_mnt_fd = open("/proc/1/ns/mnt",
   +   O_RDONLY | O_CLOEXEC | O_NOFOLLOW | O_PATH);
   +if (init_mnt_fd < 0) {
   +die("cannot open mount namespace of the init process (O_PATH)");
   +}
   +self_mnt_fd = open("/proc/self/ns/mnt",
   +   O_RDONLY | O_CLOEXEC | O_NOFOLLOW | O_PATH);
   +if (self_mnt_fd < 0) {
   +die("cannot open mount namespace of the current process 
(O_PATH)");
   +}
   +char init_buf[128], self_buf[128];
   +memset(init_buf, 0, sizeof init_buf);
   +if (readlinkat(init_mnt_fd, "", init_buf, sizeof init_buf) < 0) {
   +die("cannot perform readlinkat() on the mount namespace file "
   +"descriptor of the init process");
   +}
   +memset(self_buf, 0, sizeof self_buf);
   +if (readlinkat(self_mnt_fd, "", self_buf, sizeof self_buf) < 0) {
   +die("cannot perform readlinkat() on the mount namespace file "
   +"descriptor of the current process");
   +}
   +if (memcmp(init_buf, self_buf, sizeof init_buf) != 0) {
   +debug("the current process does not share mount namespace with "
   +  "the init process, re-association required");
   +// NOTE: we cannot use O_NOFOLLOW here because that file will 
always be a
   +// symbolic link. We actually want to open it this way.
   +int init_mnt_fd_real
   +__attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +init_mnt_fd_real = open("/proc/1/ns/mnt", O_RDONLY | O_CLOEXEC);
   +if (init_mnt_fd_real < 0) {
   +die("cannot open mount namespace of the init process");
   +}
   +if (setns(init_mnt_fd_real, CLONE_NEWNS) < 0) {
   +die("cannot re-associate the mount namespace with the 
init process");
   +}
   +} else {
   +debug("re-associating is not required");
   +}
   +}

  The specific part that causes the error is:

   +  init_mnt_fd_real = open("/proc/1/ns/mnt", O_RDONLY |
  O_CLOEXEC);

  The call to open returns -1 and errno set to 13 (EACCES) despite using
  attach_disconnected.

  The code in question is executed from a seguid root executable that
  runs under a complain-mode profile (it is started from a process that
  is already confined with such a profile). All of the profiles are
  using attach_disconnected.

  I can reproduce this issue each time by running:

  spread -debug -v qemu:ubuntu-16.04-64:tests/regression/lp-1644439

  Against the code in this pull request:

[Kernel-packages] [Bug 1658219] Re: flock not mediated by 'k'

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1658219

Title:
  flock not mediated by 'k'

Status in AppArmor:
  Triaged
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  $ cat ./apparmor.profile 
  #include 

  profile test {
#include 

/bin/bash ixr,
/dev/pts/* rw,
/usr/bin/flock ixr,
# Not blocked:
# aa-exec -p test -- flock -w 1 /tmp/test.lock -c true
/tmp/test.lock rw,

  }

  $ sudo apparmor_parser -r ./apparmor.profile

  $ aa-exec -p test -- flock -w 1 /tmp/test.lock -c true && echo yes
  yes

  $ ls -l /tmp/test.lock 
  -rw-rw-r-- 1 jamie jamie 0 Jan 20 15:57 /tmp/test.lock

  The flock command uses flock(LOCK_EX) and I expected it to be blocked
  due to the lack of 'k'.

  apparmor userspace 2.10.95-0ubuntu2.5 (xenial) and 4.9.0-12.13-generic
  kernel on amd64.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1658219/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1658219] Re: flock not mediated by 'k'

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1658219

Title:
  flock not mediated by 'k'

Status in AppArmor:
  Triaged
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  $ cat ./apparmor.profile 
  #include 

  profile test {
#include 

/bin/bash ixr,
/dev/pts/* rw,
/usr/bin/flock ixr,
# Not blocked:
# aa-exec -p test -- flock -w 1 /tmp/test.lock -c true
/tmp/test.lock rw,

  }

  $ sudo apparmor_parser -r ./apparmor.profile

  $ aa-exec -p test -- flock -w 1 /tmp/test.lock -c true && echo yes
  yes

  $ ls -l /tmp/test.lock 
  -rw-rw-r-- 1 jamie jamie 0 Jan 20 15:57 /tmp/test.lock

  The flock command uses flock(LOCK_EX) and I expected it to be blocked
  due to the lack of 'k'.

  apparmor userspace 2.10.95-0ubuntu2.5 (xenial) and 4.9.0-12.13-generic
  kernel on amd64.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1658219/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1656121] Re: unexpected errno=13 and disconnected path when trying to open /proc/1/ns/mnt from a unshared mount namespace

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1656121

Title:
  unexpected errno=13 and disconnected path when trying to open
  /proc/1/ns/mnt from a unshared mount namespace

Status in AppArmor:
  Confirmed
Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  This bug is based on a discussion with jjohansen on IRC.

  While working on a feature for snapd
  (https://github.com/snapcore/snapd/pull/2624) we came across an
  unexpected EACCES that only seems to happen when apparmor is in the
  loop.

  The kernel log shows something interesting. The full log is available
  here: http://paste.ubuntu.com/23789099/

  Jan 12 23:16:43 autopkgtest kernel: [  498.616822] audit: type=1400
  audit(1484259403.009:67): apparmor="ALLOWED" operation="open"
  info="Failed name lookup - disconnected path" error=-13 profile="snap
  .test-snapd-tools.cmd//null-/usr/bin/snap//null-/usr/lib/snapd/snap-
  confine" name="" pid=25299 comm="snap-confine" requested_mask="r"
  denied_mask="r" fsuid=0 ouid=0

  The code that triggers this is reproduced below (also visible here
  https://github.com/snapcore/snapd/pull/2624/files)

  +void sc_reassociate_with_pid1_mount_ns()
   +{
   +int init_mnt_fd __attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +int self_mnt_fd __attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +
   +debug("checking if the current process shares mount namespace"
   +  "with the init process");
   +
   +init_mnt_fd = open("/proc/1/ns/mnt",
   +   O_RDONLY | O_CLOEXEC | O_NOFOLLOW | O_PATH);
   +if (init_mnt_fd < 0) {
   +die("cannot open mount namespace of the init process (O_PATH)");
   +}
   +self_mnt_fd = open("/proc/self/ns/mnt",
   +   O_RDONLY | O_CLOEXEC | O_NOFOLLOW | O_PATH);
   +if (self_mnt_fd < 0) {
   +die("cannot open mount namespace of the current process 
(O_PATH)");
   +}
   +char init_buf[128], self_buf[128];
   +memset(init_buf, 0, sizeof init_buf);
   +if (readlinkat(init_mnt_fd, "", init_buf, sizeof init_buf) < 0) {
   +die("cannot perform readlinkat() on the mount namespace file "
   +"descriptor of the init process");
   +}
   +memset(self_buf, 0, sizeof self_buf);
   +if (readlinkat(self_mnt_fd, "", self_buf, sizeof self_buf) < 0) {
   +die("cannot perform readlinkat() on the mount namespace file "
   +"descriptor of the current process");
   +}
   +if (memcmp(init_buf, self_buf, sizeof init_buf) != 0) {
   +debug("the current process does not share mount namespace with "
   +  "the init process, re-association required");
   +// NOTE: we cannot use O_NOFOLLOW here because that file will 
always be a
   +// symbolic link. We actually want to open it this way.
   +int init_mnt_fd_real
   +__attribute__ ((cleanup(sc_cleanup_close))) = -1;
   +init_mnt_fd_real = open("/proc/1/ns/mnt", O_RDONLY | O_CLOEXEC);
   +if (init_mnt_fd_real < 0) {
   +die("cannot open mount namespace of the init process");
   +}
   +if (setns(init_mnt_fd_real, CLONE_NEWNS) < 0) {
   +die("cannot re-associate the mount namespace with the 
init process");
   +}
   +} else {
   +debug("re-associating is not required");
   +}
   +}

  The specific part that causes the error is:

   +  init_mnt_fd_real = open("/proc/1/ns/mnt", O_RDONLY |
  O_CLOEXEC);

  The call to open returns -1 and errno set to 13 (EACCES) despite using
  attach_disconnected.

  The code in question is executed from a seguid root executable that
  runs under a complain-mode profile (it is started from a process that
  is already confined with such a profile). All of the profiles are
  using attach_disconnected.

  I can reproduce this issue each time by running:

  spread -debug -v qemu:ubuntu-16.04-64:tests/regression/lp-1644439

[Kernel-packages] [Bug 1651981] Re: shaking screen

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1651981

Title:
  shaking screen

Status in linux package in Ubuntu:
  Triaged
Status in linux source package in Yakkety:
  Fix Committed

Bug description:
  After login into Ubuntu the screen starts to shake permanently.
  The login screen is still fine, problem start after log in.
  The problem is caused by last kernel update: running Ubuntu with the older 
kernel 4.8.0-30-generic fixes the issue.

  Upstream patch submission:
  https://lists.freedesktop.org/archives/dri-devel/2016-December/128331.html

  WORKAROUND: Revert:
  # first bad commit: [9cc4fd5b9fbb0d74e77c81521da1e2fe712f6787] 
drm/radeon/si_dpm: workaround for SI kickers

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: linux-image-4.8.0-32-generic 4.8.0-32.34
  ProcVersionSignature: Ubuntu 4.8.0-32.34-generic 4.8.11
  Uname: Linux 4.8.0-32-generic x86_64
  NonfreeKernelModules: openafs
  ApportVersion: 2.20.3-0ubuntu8.2
  Architecture: amd64
  AudioDevicesInUse:
   USERPID ACCESS COMMAND
   /dev/snd/controlC0:  afiergol   7797 F pulseaudio
   /dev/snd/controlC1:  afiergol   7797 F pulseaudio
   /dev/snd/seq:timidity   6155 F timidity
  Date: Thu Dec 22 10:02:30 2016
  HibernationDevice: RESUME=UUID=7ca97ca1-ca2d-43f6-9b4c-cd61421c0831
  InstallationDate: Installed on 2015-04-02 (629 days ago)
  InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
  MachineType: Hewlett-Packard HP ZBook 15 G2
  ProcFB: 0 radeondrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.8.0-32-generic 
root=/dev/mapper/ubuntu--vg-root ro radeon.dpm=1
  PulseList:
   Error: command ['pacmd', 'list'] failed with exit code 1: Home directory not 
accessible: Permission denied
   No PulseAudio daemon running, or not running as session daemon.
  RelatedPackageVersions:
   linux-restricted-modules-4.8.0-32-generic N/A
   linux-backports-modules-4.8.0-32-generic  N/A
   linux-firmware1.161.1
  SourcePackage: linux
  UpgradeStatus: Upgraded to yakkety on 2016-10-16 (66 days ago)
  dmi.bios.date: 04/25/2016
  dmi.bios.vendor: Hewlett-Packard
  dmi.bios.version: M70 Ver. 01.15
  dmi.board.name: 2253
  dmi.board.vendor: Hewlett-Packard
  dmi.board.version: KBC Version 03.12
  dmi.chassis.type: 10
  dmi.chassis.vendor: Hewlett-Packard
  dmi.modalias: 
dmi:bvnHewlett-Packard:bvrM70Ver.01.15:bd04/25/2016:svnHewlett-Packard:pnHPZBook15G2:pvrA3008CD10003:rvnHewlett-Packard:rn2253:rvrKBCVersion03.12:cvnHewlett-Packard:ct10:cvr:
  dmi.product.name: HP ZBook 15 G2
  dmi.product.version: A3008CD10003
  dmi.sys.vendor: Hewlett-Packard

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1651981/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660845] Re: apparmor reference count leak when securityfs_setup_d_inode\ () fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660845

Title:
  apparmor reference count leak when securityfs_setup_d_inode\ () fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  apparmor is leaking the parent ns ref count, by directly returning the
  error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660845/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660846] Re: apparmor leaking securityfs pin count

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660846

Title:
  apparmor leaking securityfs pin count

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  apparmor is leaking pinfs refcoutn when inode setup fails.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660846/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660845] Re: apparmor reference count leak when securityfs_setup_d_inode\ () fails

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660845

Title:
  apparmor reference count leak when securityfs_setup_d_inode\ () fails

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  apparmor is leaking the parent ns ref count, by directly returning the
  error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660845/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1660849] Re: apparmor refcount leak of profile namespace when removing profiles

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag 'verification-needed-xenial' to 'verification-failed-
xenial'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: verification-needed-xenial

** Tags added: verification-needed-yakkety

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1660849

Title:
  apparmor refcount leak of profile namespace when removing profiles

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  When doing profile removal, the parent ns of the profiles is taken,
  but the reference isn't being put, resulting in the ns never being
  freed even after it is removed.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660849/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1661030] Re: regession tests failing after stackprofile test is run

2017-02-27 Thread Brad Figg

This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
yakkety' to 'verification-done-yakkety'. If the problem still exists,
change the tag 'verification-needed-yakkety' to 'verification-failed-
yakkety'.

If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1661030

Title:
  regession tests failing after stackprofile test is run

Status in apparmor package in Ubuntu:
  Fix Released
Status in linux package in Ubuntu:
  Incomplete
Status in apparmor source package in Xenial:
  Fix Committed
Status in linux source package in Xenial:
  Fix Committed
Status in apparmor source package in Yakkety:
  Fix Committed
Status in linux source package in Yakkety:
  Fix Committed
Status in apparmor source package in Zesty:
  Fix Released
Status in linux source package in Zesty:
  Incomplete

Bug description:
  from source, I'm running the tests and the makefile fails at the end
  with:

  running stackprofile
  Makefile:303: recipe for target 'tests' failed
  make: *** [tests] Error 1

  No idea why that is happening. It's breaking on our kernel team
  regression tests runs, so can this be investigated?  The source was
  fetched using "apt-get source apparmor".

  A full run is below:

  king@ubuntu:~/apparmor-2.10.95/tests/regression/apparmor$ sudo make
  USE_SYSTEM=1 tests

  running aa_exec

  running access
  xfail: ACCESS file rx (r)
  xfail: ACCESS file rwx (r)
  xfail: ACCESS file r (wx)
  xfail: ACCESS file rx (wx)
  xfail: ACCESS file rwx (wx)
  xfail: ACCESS dir rwx (r)
  xfail: ACCESS dir r (wx)
  xfail: ACCESS dir rx (wx)
  xfail: ACCESS dir rwx (wx)

  running at_secure

  running introspect

  running capabilities
  (ptrace)
  (sethostname)
  (setdomainname)
  (setpriority)
  (setscheduler)
  (reboot)
  (chroot)
  (mlockall)
  (net_raw)
  (ioperm)
  (iopl)

  running changeprofile

  running onexec

  running changehat

  running changehat_fork

  running changehat_misc

  *** A 'Killed' message from bash is expected for the following test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12503 Killed  $testexec "$@" > $outfile 2>&1

  *** A 'Killed' message from bash is expected for the following test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12537 Killed  $testexec "$@" > $outfile 2>&1

  running chdir

  running clone

  running coredump
  *** A 'Segmentation Fault' message from bash is expected for the following 
test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12803 Segmentation fault  (core dumped) $testexec "$@" > $outfile 2>&1

  *** A 'Segmentation Fault' message from bash is expected for the following 
test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12833 Segmentation fault  $testexec "$@" > $outfile 2>&1

  *** A 'Segmentation Fault' message from bash is expected for the following 
test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12869 Segmentation fault  $testexec "$@" > $outfile 2>&1

  *** A 'Segmentation Fault' message from bash is expected for the following 
test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12905 Segmentation fault  $testexec "$@" > $outfile 2>&1

  *** A 'Segmentation Fault' message from bash is expected for the following 
test
  /home/king/apparmor-2.10.95/tests/regression/apparmor/prologue.inc: line 219: 
12941 Segmentation fault  $testexec "$@" > $outfile 2>&1
  XFAIL: Error: corefile present when not expected -- COREDUMP (ix confinement)

  running deleted

  running environ
  Fatal Error (environ): Unable to run test sub-executable

  running exec

  running exec_qual

  running fchdir

  running fd_inheritance

  running fork

  running i18n

  running link

  running link_subset

  running mkdir

  running mmap

  running mount
  using mount rules ...

  running mult_mount

  running named_pipe

  running namespaces

  running net_raw

  running open

  running openat

  running pipe

  running pivot_root

  running ptrace
 using ptrace v6 tests ...

  running pwrite

  running query_label
  Alert: query_label passed. Test 'QUERY file (all base perms #1)' was marked 
as expected pass but known problem (xpass)
  xpass: QUERY file (all base perms #1)
  Alert: query_label passed. Test 'QUERY file (all base perms