** Description changed: + SRU justification + + Impact: when using IMA with aufs in trusty potential exists for very + hard to diagnose lockups. + + Testcase: enable IMA and use an aufs filesystem. + + Regression Potential: the fix is an upstream cherry-pick from the version of + aufs in Utopic which is used widly for lxc there so regression potential is low. The fix removes code which also lessens the risk. + + === + The trusty kernel misses the following patch that already landed in utopic with the recent aufs update: https://github.com/sfjro/aufs3-linux/commit/7aac34b421441b701cd0e6de4685b51e4c462d67 This unbreaks aufs with IMA (Integrity Measurement Architecture) enabled. When IMA is enabled and mmaps are being tracked, the kernel hits a lock ordering bug because a needed semaphore is already held. This patch fixes this issue by not calling out to IMA for the access to the underlying file. However IMA will still see the access to the file in the merged aufs, which should be good enough. Please cherry-pick above patch.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1371316 Title: Please cherry-pick an aufs patch to unbreak it in conjunction with IMA To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1371316/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
