[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
This bug was fixed in the package linux - 4.4.0-21.37 --- linux (4.4.0-21.37) xenial; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1571791 * linux: MokSBState is ignored (LP: #1571691) - SAUCE: (noup) MODSIGN: Import certificates from UEFI Secure Boot - SAUCE: (noup) efi: Disable secure boot if shim is in insecure mode - SAUCE: (noup) Display MOKSBState when disabled linux (4.4.0-20.36) xenial; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1571069 * sysfs mount failure during stateful lxd snapshots (LP: #1570906) - SAUCE: kernfs: Do not match superblock in another user namespace when mounting * Kernel Panic in Ubuntu 16.04 netboot installer (LP: #1570441) - x86/topology: Fix logical package mapping - x86/topology: Fix Intel HT disable - x86/topology: Use total_cpus not nr_cpu_ids for logical packages - xen/apic: Provide Xen-specific version of cpu_present_to_apicid APIC op - x86/topology: Fix AMD core count * [regression]: Failed to call clock_adjtime(): Invalid argument (LP: #1566465) - ntp: Fix ADJ_SETOFFSET being used w/ ADJ_NANO linux (4.4.0-19.35) xenial; urgency=low [ Tim Gardner ] * Release Tracking Bug - LP: #1570348 * CVE-2016-2847 (LP: #1554260) - pipe: limit the per-user amount of pages allocated in pipes * xenial kernel crash on HP BL460c G7 (qla24xx problem?) (LP: #1554003) - SAUCE: (noup) qla2xxx: Add irq affinity notification V2 * arm64: guest hangs when ntpd is running (LP: #1549494) - SAUCE: (noup) KVM: arm/arm64: Handle forward time correction gracefully * linux: Enforce signed module loading when UEFI secure boot (LP: #1566221) - [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y * s390/cpumf: Fix lpp detection (LP: #1555344) - s390/facilities: use stfl mnemonic instead of insn magic - s390/facilities: always use lowcore's stfle field for storing facility bits - s390/cpumf: Fix lpp detection * s390x kernel image needs weightwatchers (LP: #1536245) - [Config] s390x: Use compressed kernel bzImage * Surelock GA2 SP1: surelock02p05: Not seeing sgX devices for LUNs after upgrading to Ubuntu 16.04 (LP: #1567581) - Revert "UBUNTU: SAUCE: (noup) powerpc/pci: Assign fixed PHB number based on device-tree properties" * Backport upstream bugfixes to ubuntu-16.04 (LP: #1555765) - cpufreq: powernv: Define per_cpu chip pointer to optimize hot-path - Revert "cpufreq: postfix policy directory with the first CPU in related_cpus" - cpufreq: powernv: Add sysfs attributes to show throttle stats * systemd-modules-load.service: Failing due to missing module 'ib_iser' (LP: #1566468) - [Config] Add ib_iser to generic inclusion list * thunderx nic performance improvements (LP: #1567093) - net: thunderx: Set recevie buffer page usage count in bulk - net: thunderx: Adjust nicvf structure to reduce cache misses * fixes for thunderx nic in multiqueue mode (LP: #1567091) - net: thunderx: Fix for multiqset not configured upon interface toggle - net: thunderx: Fix for HW TSO not enabled for secondary qsets - net: thunderx: Fix receive packet stats * Miscellaneous Ubuntu changes - [Config] updateconfigs after CONFIG_DRM_I915_BPO_PRELIMINARY_HW_SUPPORT=n * Miscellaneous upstream changes (LP: #1564901) - Input: xpad - correctly handle concurrent LED and FF requests -- Tim Gardner Mon, 18 Apr 2016 07:00:22 -0600 ** Changed in: linux (Ubuntu Xenial) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2016-2847 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Released Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: Fix Committed Status in linux source package in Xenial: Fix Committed Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
I can confirm that the kernels at http://kernel.ubuntu.com/~sforshee/lp1570906/ work for me. Thanks, Seth! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
New test build: http://kernel.ubuntu.com/~sforshee/lp1570906/ -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
** Description changed: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to - avoid similar problems. In fact we can revert part of the cgroupfs - changes to make this happen if we push this behavior into kernfs. + avoid similar problems. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
** Description changed: + SRU Justification: + + Impact: Stateful lxd container snapshotting fails due to a failure to + mount the container's sysfs in the host's user namespace. This is a + regression. + + Fix: Force kernfs to use a new super block for mounts in different user + namespaces. + + Test Case: "lxc snapshot --statefull " fails in the current + xenial kernel without the fix. It succeeds with the fix applied. + + --- + During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. In fact we can revert part of the cgroupfs changes to make this happen if we push this behavior into kernfs. ** Description changed: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. - Test Case: "lxc snapshot --statefull " fails in the current + Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. In fact we can revert part of the cgroupfs changes to make this happen if we push this behavior into kernfs. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Bug description: SRU Justification: Impact: Stateful lxd container snapshotting fails due to a failure to mount the container's sysfs in the host's user namespace. This is a regression. Fix: Force kernfs to use a new super block for mounts in different user namespaces. Test Case: "lxc snapshot --stateful " fails in the current xenial kernel without the fix. It succeeds with the fix applied. --- During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. In fact we can revert part of the cgroupfs changes to make this happen if we push this behavior into kernfs. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1570906] Re: sysfs mount failure during stateful lxd snapshots
Test build is at http://kernel.ubuntu.com/~sforshee/for-tych0/, confirmed to fix the problem by @tycho-s. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1570906 Title: sysfs mount failure during stateful lxd snapshots Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Bug description: During a stateful lxd snapshot criu tries to mount sysfs for the container's network namespace from a different user namespace. This fails in xenial because sget() won't allow mounting the same super block in different user namespaces. With sysfs there's no reason that this needs to use the same super block, so kernfs can be updated so that a super block with the same ns tag but in a different userns is not matched. The only other kernfs- based filesystem mountable from non-init user namespaces is cgroupfs, and it's already forcing kernfs to return different super blocks to avoid similar problems. In fact we can revert part of the cgroupfs changes to make this happen if we push this behavior into kernfs. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1570906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
