flags: 0x17c0008100(slab|head)
> [ 148.525481] raw: 0017c0008100 880106b938d0 880106b938d0
> 880106f4dfc0
> [ 148.527503] raw: 8801e52ee840 00190011 0001
> 0000
> [ 148.529547] page dumped because: kasan: bad access dete
Starting with the following net-next commit, I see a BUG when starting a
LXD container inside of a KVM guest using virtio-net:
d4546c2509b1 net: Convert GRO SKB handling to list_head.
Here's what the kernel spits out:
kernel BUG at /var/scm/kernel/linux/include/linux/skbuff.h:2080!
invalid
On 05/17/2016 09:13 AM, Tyler Hicks wrote:
> On 05/08/2016 10:56 PM, David Miller wrote:
>> From: Tyler Hicks <tyhi...@canonical.com>
>> Date: Fri, 6 May 2016 18:04:12 -0500
>>
>>> This pair of patches does away with what I believe is a useless denial
>>
On 05/08/2016 10:56 PM, David Miller wrote:
> From: Tyler Hicks <tyhi...@canonical.com>
> Date: Fri, 6 May 2016 18:04:12 -0500
>
>> This pair of patches does away with what I believe is a useless denial
>> audit message when a privileged process initially accesses
application authors
because root-running Go applications always triggered the denial. To
prevent this confusion, the capability check in net_ctl_permissions() is
switched to the noaudit variant.
BugLink: https://launchpad.net/bugs/1465724
Signed-off-by: Tyler Hicks <tyhi...@canonical.com>
--
()
is moved into a single, shared function to keep duplicated code to a
minimum and ease maintainability.
Signed-off-by: Tyler Hicks <tyhi...@canonical.com>
---
include/linux/capability.h | 5 +
kernel/capability.c| 46 --
2 files chang
This pair of patches does away with what I believe is a useless denial
audit message when a privileged process initially accesses a net sysctl.
The bug was first discovered when running Go applications under AppArmor
confinement. It can be triggered like so:
$ echo "profile test { file, }" |
th skcipher,
> and the long obsolete hash interface with shash.
>
> Signed-off-by: Herbert Xu <herb...@gondor.apana.org.au>
Acked-by: Tyler Hicks <tyhi...@canonical.com>
I have no problem with you taking this through the cryptodev tree.
Thanks!
Tyler
>
> diff --git
the correct solution would be for openswan to pass valid selectors in
UPDSA messages, even if it is the larval selectors we gave them.
On a side note, Joy Latten has reported to see the same behavior while
using ipsec-tools.
Thanks!
Tyler Hicks
--
To unsubscribe from this list: send the line unsubscribe
in the flowi. Prior to this patch, the fields in the flowi were always
used.
Signed-off-by: Tyler Hicks [EMAIL PROTECTED]
diff --git a/include/linux/xfrm.h b/include/linux/xfrm.h
index b58adc5..ce6b1b5 100644
--- a/include/linux/xfrm.h
+++ b/include/linux/xfrm.h
@@ -362,6 +362,11 @@ struct
10 matches
Mail list logo