| 2009-07-03 16:24:13 |
Caleb Case |
bug |
|
|
added bug |
| 2009-07-03 16:24:13 |
Caleb Case |
attachment added |
|
jjs.32 @ 2009-07-03 11:55:24.png http://launchpadlibrarian.net/28664244/jjs.32%20%40%202009-07-03%2011%3A55%3A24.png |
|
| 2009-07-03 16:28:04 |
Caleb Case |
tags |
|
regression-potential |
|
| 2009-07-05 16:15:33 |
Manoj Iyer |
linux (Ubuntu): assignee |
|
Manoj Iyer (manjo) |
|
| 2009-07-05 16:50:38 |
Manoj Iyer |
linux (Ubuntu): status |
New |
In Progress |
|
| 2009-07-05 17:26:52 |
Manoj Iyer |
linux (Ubuntu): status |
In Progress |
Incomplete |
|
| 2009-07-07 12:28:15 |
Stefan Bader |
description |
I believe this is an accidental regression related to:
https://bugs.launchpad.net/bugs/357041
Several patches were tried for this bug, with most of them causing kernel panics similar to the one attached. The final patch was tested out for the -14 kernel and worked ok.
Thanks,
Caleb |
SRU Justification:
Impact: kernel panics when SELinux is enabled.
Fix: A non-upstream patch from Eric Paris fixes this issue specifically for Ubuntu.
"Ubuntu users were experiencing a kernel panic when they enabled SELinuxdue to an old bug in our handling of the compatibility mode network controls, introduced Jan 1 2008 effad8df44261031a882e1a895415f7186a5098e
Most distros have not used the compat_net code since the new code was introduced and so noone has hit this problem before. Ubuntu is the only distro I know that enabled that legacy cruft by default. But, I was ask
to look at it and found that the above patch changed a call to avc_has_perm from if(send_perm) to if(!send_perm) in selinux_ip_postroute_iptables_compat(). The result is that users who turn on SELinux and have compat_net set can (and oftern will) BUG() in avc_has_perm_noaudit since they are requesting 0 permissions.
This patch corrects that accidental bug introduction."
Testcase: Testkernel (see below)
---
I believe this is an accidental regression related to:
https://bugs.launchpad.net/bugs/357041
Several patches were tried for this bug, with most of them causing kernel panics similar to the one attached. The final patch was tested out for the -14 kernel and worked ok.
Thanks,
Caleb |
|
| 2009-07-08 08:35:54 |
Stefan Bader |
bug task added |
|
linux (Ubuntu Jaunty) |
|
| 2009-07-08 08:37:59 |
Stefan Bader |
linux (Ubuntu Jaunty): importance |
Undecided |
Medium |
|
| 2009-07-08 08:37:59 |
Stefan Bader |
linux (Ubuntu Jaunty): status |
New |
Fix Committed |
|
| 2009-07-08 08:37:59 |
Stefan Bader |
linux (Ubuntu Jaunty): assignee |
|
Manoj Iyer (manjo) |
|
| 2009-08-31 13:26:30 |
Martin Pitt |
tags |
regression-potential |
regression-potential verification-needed |
|
| 2009-09-15 15:29:13 |
Martin Pitt |
tags |
regression-potential verification-needed |
regression-potential verification-done |
|
| 2009-09-29 08:48:26 |
Launchpad Janitor |
linux (Ubuntu Jaunty): status |
Fix Committed |
Fix Released |
|
| 2009-10-07 15:28:32 |
Andy Whitcroft |
linux (Ubuntu): importance |
Undecided |
Medium |
|
| 2009-10-07 15:34:46 |
Andy Whitcroft |
linux (Ubuntu): importance |
Medium |
Undecided |
|
| 2009-10-07 15:34:46 |
Andy Whitcroft |
linux (Ubuntu): status |
Incomplete |
Invalid |
|
| 2009-10-07 15:34:46 |
Andy Whitcroft |
linux (Ubuntu): assignee |
Manoj Iyer (manjo) |
Andy Whitcroft (apw) |
|
| 2009-10-07 15:35:07 |
Andy Whitcroft |
linux (Ubuntu): importance |
Undecided |
Medium |
|
