** Changed in: lxc (Ubuntu)
Status: Confirmed => Invalid
** Changed in: upstart (Ubuntu)
Status: New => Won't Fix
** Changed in: linux (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is
** No longer affects: lxc (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-goldfish in Ubuntu.
https://bugs.launchpad.net/bugs/1527374
Title:
CVE-2015-8709
Status in linux package in Ubuntu:
Fix Released
Status in
** Changed in: lxc (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1684481
Title:
KVM guest execution start apparmor blocks on
Hmm, actually, CONFIG_EFI_STUB is the one we were missing and I'm not
seeing that in your VM either, which makes me wonder how it was booted
in the first place :)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
Ok, fixed the bug tasks and re-opened the bug as we still need this
kernel to get signed.
** Changed in: linux-kvm (Ubuntu)
Status: Fix Released => Triaged
** Changed in: cloud-images
Assignee: Roufique Hossain (roufique) => (unassigned)
** Changed in: linux-kvm (Ubuntu)
Thanks Louis, so our testing may in fact have been accurate and things
regressed afterwards :)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Title:
Make linux-kvm bootable
@Khaled yes, it is and we have it now. What's still needed is for the
kernel to be signed so it can be used under secureboot.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Moved the bug over to the kernel.
Those log messages are caused by reference issues in a network namespace
preventing it from being flushed, in turn preventing the LXC monitor
from exiting, holding everything up.
** Package changed: lxd (Ubuntu) => linux (Ubuntu)
--
You received this bug
To confirm that this isn't shiftfs related and that we were just causing
the issue to be hidden, I've run the same test on OpenSuse tumbleweed.
I chose that distro because it's apparmor-enabled, has snapd and a 5.4
kernel.
```
localhost:~ # snap install docker
docker 18.09.9 from Canonical*
/var/log/audit.log on Suse logs the same:
type=AVC msg=audit(1590086639.489:8595): apparmor="DENIED"
operation="open" profile="snap.docker.dockerd" name="/entrypoint.sh"
pid=5656 comm="entrypoint.sh" requested_mask="r" denied_mask="r" fsuid=0
ouid=0
--
You received this bug notification
We weren't planning to as the previous releases (xenial and bionic) did
not have "-kvm" image and their default image includes an initrd making
them boot just fine under LXD.
So it's really just groovy+focal that we need before we can start using those
images.
focal has been taken care of so
Right, I've sent a tweak to LXD upstream to detect such kernel setup and
fallback to xtables, but that's obviously not a situation we'd like to
rely on.
nftables is the current supported way of doing firewalling and is what
Ubuntu uses by default (through shim packages) as of 20.04, so we need
to
** No longer affects: apparmor (Ubuntu)
** No longer affects: linux (Ubuntu Xenial)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1645037
Title:
apparmor_parser hangs indefinitely
Pinged in #ubuntu-kernel today for an update. It'd be good to have
groovy signed soon so we can then roll this out to focal users.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
** Changed in: apparmor (Ubuntu)
Status: Confirmed => Invalid
** No longer affects: apparmor (Ubuntu Xenial)
** No longer affects: apparmor (Ubuntu Yakkety)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
Re-opening as I'm not seeing any mention of this being signed now.
** Changed in: linux-kvm (Ubuntu)
Status: Fix Released => Triaged
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
** Changed in: linux (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1884767
Title:
shiftfs: fix btrfs regression
Status in linux
Trying to boot the proposed kernel in LXD:
"""
BdsDxe: loading Boot0007 "ubuntu" from
HD(1,GPT,25633192-5DBD-412A-8A50-E29B79F72A50,0x800,0x32000)/\EFI\ubuntu\shimx64.efi
BdsDxe: starting Boot0007 "ubuntu" from
HD(1,GPT,25633192-5DBD-412A-8A50-E29B79F72A50,0x800,0x32000)/\EFI\ubuntu\shimx64.efi
"""
Jun 18 13:56:15 f1 kernel: [0.383207] Trying to unpack rootfs image as
initramfs...
Jun 18 13:56:15 f1 kernel: [0.463102] Initramfs unpacking failed: Decoding
failed
"""
Is what we're getting on current generic kernel, though boot continues after
that.
I don't know if when that
All LXD virtual machines are hitting this too.
Run:
- lxc launch images:ubuntu/focal/cloud f1 && lxc console f1
And you'll see it show that message. As mentioned above, boot then still
goes ahead and you get a login prompt, but as that may not always be the
case.
For example in linux-kvm, that
@Stefan, so actually this is an actual regression.
1015 will boot just fine in LXD with secureboot disabled.
1017 will not boot at all in LXD with or without secureboot disabled.
I don't know if it's switching to a signed kernel which causes the lz4
issue but the result is a clear regression so
Yeah, I think you're right, I also had the exact same panic happen now
on 1015, so it's likely some grub weirdness rather than kernel
regression.
It just so happened that in my last test I managed to get a working grub
config after moving to 1015 and not with 1017. Looks like we'll need to
poke
"""
Loading Linux 5.4.0-1015-kvm ...
Loading initial ramdisk ...
Linux version 5.4.0-1015-kvm (buildd@lcy01-amd64-027) (gcc version 9.3.0
(Ubuntu 9.3.0-10ubuntu2)) #15-Ubuntu SMP Fri Jun 5 00:55:20 UTC 2020 (Ubuntu
5.4.0-1015.15-kvm 5.4.41)
Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-1015-kvm
Hmm, actually no luck at booting either 1015 or 1017 on
security.secureboot=false here, poked at grub and it does load both
kernel and initrd...
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
@smb Can you confirm that your system indeed goes through the initrd and
isn't just silently falling back to directly mounting and booting /?
Booting with break=mount would likely be a valid way to test this
(should drop you in a shell).
--
You received this bug notification because you are a
It's not the log above clearly shows the kernel loading an initrd.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
https://bugs.launchpad.net/bugs/1873809
Title:
Make linux-kvm bootable in LXD VMs
Status in
"""
stgraber@castiana:~$ lxc launch images:ubuntu/focal f1 --vm
Creating f1
Starting f1
stgraber@castiana:~$ lxc exec f1 bash
root@f1:~# echo "deb http://archive.ubuntu.com/ubuntu focal-proposed main
restricted universe multiverse" >> /etc/apt/sources.list
root@f1:~# apt-get update
Hit:1
https://paste.ubuntu.com/p/7yHDCFt75m/ for additional proof that the
initrd is never executed (break=top would immediately drop to a shell).
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
Confirmed, 1018 boots fine here under Secure Boot, all good!
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-kvm in Ubuntu.
@smb what's the state of groovy, did you push the config update there
too?
For the cloud images, we'll want to switch over to those using linux-kvm
in groovy first, then focal, so just want to make sure we'll get a
working kernel on there too!
--
You received this bug notification because you
Good to hear. I just ran into this today when working on a LXD appliance based
on Ubuntu Core.
btrfs isn't exactly great as an alternative and the 8GB Pi is definitely ZFS
capable so would be great to have :)
--
You received this bug notification because you are a member of Kernel
Packages,
Public bug reported:
This is another case of linux-kvm having unexplained differences
compared to linux-generic in areas that aren't related to hardware
drivers (see other bug we filed for missing nft).
This time, CPC is reporting that LXD no longer works on linux-kvm as we
now set vlan
Public bug reported:
Reported here: https://github.com/lxc/lxd/issues/8735
After investigation, the issue is:
```
# CONFIG_NFT_FIB_INET is not set
```
As found on current 5.11 raspberry pi kernel.
Generic Ubuntu kernel has:
```
CONFIG_NFT_FIB_INET=m
```
The rest of the config related to
When a single test fails occasionally, it can be an issue with LXD or
with the test, but when a bugfix release of a stable kernel suddenly
causes one of the most trivial tests to fail on all architectures, this
strongly suggests that the kernel is the issue.
--
You received this bug notification
This looks like a kernel regression to me.
** Package changed: lxd (Ubuntu) => linux (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1921969
Title:
lxd 2.0.11-0ubuntu1~16.04.4
Confirmed that on a working system, just updating to the new kernel breaks it.
So that SRU kernel is definitely broken and should not be shipped.
[8.996651] BUG: unable to handle kernel NULL pointer dereference at
e12c1a77
[8.998738] IP: []
In my case I was constantly getting corruption of /etc/apparmor.d with
the matching zfs PANIC. I'd fix that directory and it'd break again on
next boot.
System is impish with 5.13 kernel (same on 5.11) using zfs encryption.
After fighting with this for over a day, I just gave the 2.1.0 dkms a go
** Package changed: zfs-linux (Ubuntu) => linux (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1940083
Title:
zfs send encrypt causes kernel NULL pointer dereference
Status in
** Changed in: linux (Ubuntu)
Status: Incomplete => Won't Fix
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1063354
Title:
[Dell Studio XPS 1640] Sudden Read-Only Filesystems
Let's close this as our kernels pretty much all support ZFS and LXD is a
snap and therefore does not need additional userspace tools.
** Changed in: zfs-linux (Ubuntu)
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Kernel
Packages,
** Changed in: linux (Ubuntu)
Status: Incomplete => New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1940083
Title:
zfs send encrypt causes kernel NULL pointer dereference
Your `dmesg` output shows some serious kernel errors related to ZFS, I
bet that's the source of this.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1946437
Title:
snap install lxd
Removing the LXD task as this isn't a LXD bug, the error is coming from
snapd when setting up the apparmor profiles. Most likely explanation is
that there's something pretty wrong going on with your /etc/apparmor.d
on your system. The errors indicate a variety of missing abstractions
files.
**
** Package changed: lxd (Ubuntu) => linux-raspi (Ubuntu)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-raspi in Ubuntu.
https://bugs.launchpad.net/bugs/1948573
Title:
Failure to start container “Failed to start device “eth0”:
Ah yeah, that could be. I figured I'd test what's in -proposed but if
-proposed is a security only fix on top of -37, that wouldn't help much.
It's a bit frustrating because users would have gotten the busted kernel
as part of -37 which includes a security fix but then the only real
option to get
Mar 25 16:18:30 abydos kernel: [ 1319.549186] [ cut here
]
Mar 25 16:18:30 abydos kernel: [ 1319.549191] WARNING: CPU: 12 PID: 15052 at
arch/x86/kvm/vmx/vmx.c:6336 vmx_sync_pir_to_irr+0x9f/0xc0 [kvm_intel]
Mar 25 16:18:30 abydos kernel: [ 1319.549213] Modules linked in:
This repeats in a loop and fills tens of GBs of space with kernel logs
in just a few minutes before crashing the entire system.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1966499
Public bug reported:
Upgrading to 5.13.0-37 or 5.13.0-39 immediately crashes my production servers
as they hit:
https://lore.kernel.org/all/f1ea22d3-cff8-406a-ad6a-cb8e0124a...@leemhuis.info/T/#md1f5c8c4aa01130a449a47f3e7559f06b0372f55
It looks like we need to get e90e51d5f01d included in those
Adding linux-kvm to the bug. It looks like if we can have the commit
above backported, it would take care of this issue for most users.
** Also affects: linux-kvm (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-kvm (Ubuntu)
Status: New => Confirmed
--
You
Moving over to the kernel as a userspace process shouldn't be able to
cause such a hang regardless of what it does so this looks like a kernel
bug (lock related by the looks of it).
** Package changed: lxc (Ubuntu) => linux (Ubuntu)
--
You received this bug notification because you are a member
Closing the LXC side of this bug as there's nothing we can really do here.
It's either a kernel issue (needs support for their socket option within a
network namespace) or an open-iscsi issue where they could have some kind of
fallback mechanism.
** Changed in: lxc (Ubuntu)
Status:
I think the strlcat thing is a red herring or an indication that the
test environment is somehow in a bad shape. This could be explained if
there was two versions of liblxc on the system for example.
Outside of that, I'm also seeing:
```
lxc-start tmp.KEpxw2rh0e 20220205081512.354 ERROR
** Changed in: lxc (Ubuntu)
Status: Incomplete => Invalid
** Changed in: lxc (Ubuntu Focal)
Status: Incomplete => Invalid
** No longer affects: lxc (Ubuntu)
** No longer affects: lxc (Ubuntu Focal)
--
You received this bug notification because you are a member of Kernel
Closing the LXC task for now as that seems to be unrelated to a LXC
change (we haven't uploaded in a while) and not related to a new kernel
release which could actually cause such a change.
If you track this down to something other than an issue in your test
environment, please add lxc to this
Re-opening as until linux-kvm is deprecated or the CPC team moves over
to using linux-virtual for KVM images, this is the kernel we're dealing
with and that kernel should be functional.
** Changed in: linux-kvm (Ubuntu)
Status: Invalid => Triaged
--
You received this bug notification
201 - 255 of 255 matches
Mail list logo