- 06 Dec, 2016 4 commits
-
-
Richard Guy Briggs authored
BugLink: http://bugs.launchpad.net/bugs/1633404 Nothing prevents a new auditd starting up and replacing a valid audit_pid when an old auditd is still running, effectively starving out the old auditd since audit_pid no longer points to the old valid auditd. If no message to auditd has been attempted since auditd died unnaturally or got killed, audit_pid will still indicate it is alive. There isn't an easy way to detect if an old auditd is still running on the existing audit_pid other than attempting to send a message to see if it fails. An -ECONNREFUSED almost certainly means it disappeared and can be replaced. Other errors are not so straightforward and may indicate transient problems that will resolve themselves and the old auditd will recover. Yet others will likely need manual intervention for which a new auditd will not solve the problem. Send a new message type (AUDIT_REPLACE) to the old auditd containing a u32 with the PID of the new auditd. If the audit replace message succeeds (or doesn't fail with certainty), fail to register the new auditd and return an error (-EEXIST). This is expected to make the patch preventing an old auditd orphaning a new auditd redundant. V3: Switch audit message type from 1000 to 1300 block. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <pmoore@redhat.com> (cherry picked from commit 133e1e5a) Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Andy Whitcroft authored
BugLink: http://bugs.launchpad.net/bugs/1640109Signed-off-by: Andy Whitcroft <apw@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Andy Whitcroft authored
BugLink: http://bugs.launchpad.net/bugs/1640109Signed-off-by: Andy Whitcroft <apw@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Ignore: yes Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 01 Dec, 2016 3 commits
-
-
Brad Figg authored
Signed-off-by: Brad Figg <brad.figg@canonical.com>
-
Philip Pettersson authored
CVE-2016-8655 BugLink: http://bugs.launchpad.net/bugs/1646318 When packet_set_ring creates a ring buffer it will initialize a struct timer_list if the packet version is TPACKET_V3. This value can then be raced by a different thread calling setsockopt to set the version to TPACKET_V1 before packet_set_ring has finished. This leads to a use-after-free on a function pointer in the struct timer_list when the socket is closed as the previously initialized timer will not be deleted. The bug is fixed by taking lock_sock(sk) in packet_setsockopt when changing the packet version while also taking the lock at the start of packet_set_ring. Fixes: f6fb8f10 ("af-packet: TPACKET_V3 flexible buffer implementation.") Signed-off-by: Philip Pettersson <philip.pettersson@gmail.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Brad Figg <brad.figg@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> Acked-by: Ben Romer <ben.romer@canonical.com>
-
Brad Figg authored
Ignore: yes Signed-off-by: Brad Figg <brad.figg@canonical.com>
-
- 24 Nov, 2016 4 commits
-
-
Luis Henriques authored
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 7c50722a. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 96530c8a. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 3fbd4bc4. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 23 Nov, 2016 23 commits
-
-
Luis Henriques authored
Ignore: yes Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 813a6f60. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Refuse uid/gid changes which don't map into s_user_ns"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 412b16ef. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit dc0d66cb. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Update posix_acl support to handle user namespace mounts"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit aad49181. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 392767a8. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 5a10b5bd. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 2036ce60. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ac7f3f73. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ca52383a. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: quota: Require that qids passed to dqget() be valid and map into s_user_ns"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 70c252de. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit e56ac922. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ec41f5ac. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 0beac1b4. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit c6c8dc16. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit db19ff87. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 038b77f6. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Allow superblock owner to change ownership of inodes with unmappable ids"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 65d51ade. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 07053c83. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit e47ad83f. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit bd088dae. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 40ccb4df. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 14 Nov, 2016 1 commit
-
-
Luis Henriques authored
Ignore: yes Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 11 Nov, 2016 5 commits
-
-
Luis Henriques authored
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Tim Gardner authored
BugLink: http://bugs.launchpad.net/bugs/1641139Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Tim Gardner authored
BugLink: http://bugs.launchpad.net/bugs/1641139Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Ubuntu authored
BugLink: http://bugs.launchpad.net/bugs/1641139 Committer: Long Li <longli@microsoft.com> Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Tim Gardner authored
BugLink: http://bugs.launchpad.net/bugs/1641139Signed-off-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-