- 06 Dec, 2016 14 commits
-
-
Vladimir Zapolskiy authored
BugLink: http://bugs.launchpad.net/bugs/1642572 commit 147b36d5 upstream. Race condition between registering an I2C device driver and deregistering an I2C adapter device which is assumed to manage that I2C device may lead to a NULL pointer dereference due to the uninitialized list head of driver clients. The root cause of the issue is that the I2C bus may know about the registered device driver and thus it is matched by bus_for_each_drv(), but the list of clients is not initialized and commonly it is NULL, because I2C device drivers define struct i2c_driver as static and clients field is expected to be initialized by I2C core: i2c_register_driver() i2c_del_adapter() driver_register() ... bus_add_driver() ... ... bus_for_each_drv(..., __process_removed_adapter) ... i2c_do_del_adapter() ... list_for_each_entry_safe(..., &driver->clients, ...) INIT_LIST_HEAD(&driver->clients); To solve the problem it is sufficient to do clients list head initialization before calling driver_register(). The problem was found while using an I2C device driver with a sluggish registration routine on a bus provided by a physically detachable I2C master controller, but practically the oops may be reproduced under the race between arbitraty I2C device driver registration and managing I2C bus device removal e.g. by unbinding the latter over sysfs: % echo 21a4000.i2c > /sys/bus/platform/drivers/imx-i2c/unbind Unable to handle kernel NULL pointer dereference at virtual address 00000000 Internal error: Oops: 17 [#1] SMP ARM CPU: 2 PID: 533 Comm: sh Not tainted 4.9.0-rc3+ #61 Hardware name: Freescale i.MX6 Quad/DualLite (Device Tree) task: e5ada400 task.stack: e4936000 PC is at i2c_do_del_adapter+0x20/0xcc LR is at __process_removed_adapter+0x14/0x1c Flags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none Control: 10c5387d Table: 35bd004a DAC: 00000051 Process sh (pid: 533, stack limit = 0xe4936210) Stack: (0xe4937d28 to 0xe4938000) Backtrace: [<c0667be0>] (i2c_do_del_adapter) from [<c0667cc0>] (__process_removed_adapter+0x14/0x1c) [<c0667cac>] (__process_removed_adapter) from [<c0516998>] (bus_for_each_drv+0x6c/0xa0) [<c051692c>] (bus_for_each_drv) from [<c06685ec>] (i2c_del_adapter+0xbc/0x284) [<c0668530>] (i2c_del_adapter) from [<bf0110ec>] (i2c_imx_remove+0x44/0x164 [i2c_imx]) [<bf0110a8>] (i2c_imx_remove [i2c_imx]) from [<c051a838>] (platform_drv_remove+0x2c/0x44) [<c051a80c>] (platform_drv_remove) from [<c05183d8>] (__device_release_driver+0x90/0x12c) [<c0518348>] (__device_release_driver) from [<c051849c>] (device_release_driver+0x28/0x34) [<c0518474>] (device_release_driver) from [<c0517150>] (unbind_store+0x80/0x104) [<c05170d0>] (unbind_store) from [<c0516520>] (drv_attr_store+0x28/0x34) [<c05164f8>] (drv_attr_store) from [<c0298acc>] (sysfs_kf_write+0x50/0x54) [<c0298a7c>] (sysfs_kf_write) from [<c029801c>] (kernfs_fop_write+0x100/0x214) [<c0297f1c>] (kernfs_fop_write) from [<c0220130>] (__vfs_write+0x34/0x120) [<c02200fc>] (__vfs_write) from [<c0221088>] (vfs_write+0xa8/0x170) [<c0220fe0>] (vfs_write) from [<c0221e74>] (SyS_write+0x4c/0xa8) [<c0221e28>] (SyS_write) from [<c0108a20>] (ret_fast_syscall+0x0/0x1c) Signed-off-by: Vladimir Zapolskiy <vladimir_zapolskiy@mentor.com> Signed-off-by: Wolfram Sang <wsa@the-dreams.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Hoan Tran authored
BugLink: http://bugs.launchpad.net/bugs/1642572 commit 60361601 upstream. SMBus block command uses the first byte of buffer for the data length. The dma_buffer should be increased by 1 to avoid the overrun issue. Reported-by: Phil Endecott <phil_gjouf_endecott@chezphil.org> Signed-off-by: Hoan Tran <hotran@apm.com> Signed-off-by: Wolfram Sang <wsa@the-dreams.de> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Eric W. Biederman authored
CAI Qian <caiqian@redhat.com> pointed out that the semantics of shared subtrees make it possible to create an exponentially increasing number of mounts in a mount namespace. mkdir /tmp/1 /tmp/2 mount --make-rshared / for i in $(seq 1 20) ; do mount --bind /tmp/1 /tmp/2 ; done Will create create 2^20 or 1048576 mounts, which is a practical problem as some people have managed to hit this by accident. As such CVE-2016-6213 was assigned. Ian Kent <raven@themaw.net> described the situation for autofs users as follows: > The number of mounts for direct mount maps is usually not very large because of > the way they are implemented, large direct mount maps can have performance > problems. There can be anywhere from a few (likely case a few hundred) to less > than 10000, plus mounts that have been triggered and not yet expired. > > Indirect mounts have one autofs mount at the root plus the number of mounts that > have been triggered and not yet expired. > > The number of autofs indirect map entries can range from a few to the common > case of several thousand and in rare cases up to between 30000 and 50000. I've > not heard of people with maps larger than 50000 entries. > > The larger the number of map entries the greater the possibility for a large > number of active mounts so it's not hard to expect cases of a 1000 or somewhat > more active mounts. So I am setting the default number of mounts allowed per mount namespace at 100,000. This is more than enough for any use case I know of, but small enough to quickly stop an exponential increase in mounts. Which should be perfect to catch misconfigurations and malfunctioning programs. For anyone who needs a higher limit this can be changed by writing to the new /proc/sys/fs/mount-max sysctl. Tested-by: CAI Qian <caiqian@redhat.com> Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com> CVE-2016-6213 (backported from commit d2921684) [ luis: adjust context ] Signed-off-by: Luis Henriques <luis.henriques@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com>
-
Dennis Wassenberg authored
Lenovo Thinkpad devices T460, T460s, T460p, T560, X260 use HKEY version 0x200 without adaptive keyboard. HKEY version 0x200 has method MHKA with one parameter value. Passing parameter value 1 will get hotkey_all_mask (the same like HKEY version 0x100 without parameter). Passing parameter value 2 to MHKA method will retrieve hotkey_all_adaptive_mask. If 0 is returned in that case there is no adaptive keyboard available. BugLink: http://bugs.launchpad.net/bugs/1642114Signed-off-by: Dennis Wassenberg <dennis.wassenberg@secunet.com> Signed-off-by: Lyude <cpaul@redhat.com> Tested-by: Lyude <cpaul@redhat.com> Tested-by: Marco Trevisan <marco@ubuntu.com> Acked-by: Henrique de Moraes Holschuh <hmh@hmh.eng.br> [dvhart: Keep MHKA error string on one line in new and existing pr_err calls] Signed-off-by: Darren Hart <dvhart@linux.intel.com> (cherry picked from commit 0118c2d3) Signed-off-by: Alex Hung <alex.hung@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Sakari Ailus authored
When a buffer is being dequeued using VIDIOC_DQBUF IOCTL, the exact buffer which will be dequeued is not known until the buffer has been removed from the queue. The number of planes is specific to a buffer, not to the queue. This does lead to the situation where multi-plane buffers may be requested and queued with n planes, but VIDIOC_DQBUF IOCTL may be passed an argument struct with fewer planes. __fill_v4l2_buffer() however uses the number of planes from the dequeued videobuf2 buffer, overwriting kernel memory (the m.planes array allocated in video_usercopy() in v4l2-ioctl.c) if the user provided fewer planes than the dequeued buffer had. Oops! Fixes: b0e0e1f8 ("[media] media: videobuf2: Prepare to divide videobuf2") Signed-off-by: Sakari Ailus <sakari.ailus@linux.intel.com> Acked-by: Hans Verkuil <hans.verkuil@cisco.com> Cc: stable@vger.kernel.org # for v4.4 and later Signed-off-by: Mauro Carvalho Chehab <mchehab@osg.samsung.com> Signed-off-by: Mauro Carvalho Chehab <mchehab@s-opensource.com> CVE-2016-4568 (cherry picked from commit 83934b75) Signed-off-by: Luis Henriques <luis.henriques@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com>
-
Kai-Heng Feng authored
BugLink: http://bugs.launchpad.net/bugs/1641562 Device 0cf3:e009 is one of the QCA ROME family. T: Bus=01 Lev=01 Prnt=01 Port=07 Cnt=04 Dev#= 4 Spd=12 MxCh= 0 D: Ver= 2.01 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1 P: Vendor=0cf3 ProdID=e009 Rev=00.01 C: #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=100mA I: If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb I: If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb Signed-off-by: Kai-Heng Feng <kai.heng.feng@canonical.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org> (backported from commit 93519934) Signed-off-by: Phidias Chiang <phidias.chiang@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Wen-chien Jesse Sung authored
BugLink: https://launchpad.net/bugs/1641569 pci_get_subsys() will increase pci device refcount if it finds a match. Explicitly decrease refcount if a device is found. Signed-off-by: Wen-chien Jesse Sung <jesse.sung@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Wen-chien Jesse Sung authored
BugLink: https://launchpad.net/bugs/1640418 The DMI ID string may be changed in some models. Use PCI ID as an indentification instead. Signed-off-by: Wen-chien Jesse Sung <jesse.sung@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Long Li authored
BugLink: http://bugs.launchpad.net/bugs/1632786 The host keeps sending heartbeat packets independent of the guest responding to them. Even though we respond to the heartbeat messages at interrupt level, we can have situations where there maybe multiple heartbeat messages pending that have not been responded to. For instance this occurs when the VM is paused and the host continues to send the heartbeat messages. Address this issue by draining and responding to all the heartbeat messages that maybe pending. Signed-off-by: Long Li <longli@microsoft.com> Signed-off-by: K. Y. Srinivasan <kys@microsoft.com> CC: Stable <stable@vger.kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit 407a3aee) Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Nicolas Dichtel authored
BugLink: http://bugs.launchpad.net/bugs/1634545 The goal of the patch is to fix this scenario: ip link add dummy1 type dummy ip link set dummy1 up ip link set lo down ; ip link set lo up After that sequence, the local route to the link layer address of dummy1 is not there anymore. When the loopback is set down, all local routes are deleted by addrconf_ifdown()/rt6_ifdown(). At this time, the rt6_info entry still exists, because the corresponding idev has a reference on it. After the rcu grace period, dst_rcu_free() is called, and thus ___dst_free(), which will set obsolete to DST_OBSOLETE_DEAD. In this case, init_loopback() is called before dst_rcu_free(), thus obsolete is still sets to something <= 0. So, the function doesn't add the route again. To avoid that race, let's check the rt6 refcnt instead. Fixes: 25fb6ca4 ("net IPv6 : Fix broken IPv6 routing table after loopback down-up") Fixes: a881ae1f ("ipv6: don't call addrconf_dst_alloc again when enable lo") Fixes: 33d99113 ("ipv6: reallocate addrconf router for ipv6 address when lo device up") Reported-by: Francesco Santoro <francesco.santoro@6wind.com> Reported-by: Samuel Gauthier <samuel.gauthier@6wind.com> CC: Balakumaran Kannan <Balakumaran.Kannan@ap.sony.com> CC: Maruthi Thotad <Maruthi.Thotad@ap.sony.com> CC: Sabrina Dubroca <sd@queasysnail.net> CC: Hannes Frederic Sowa <hannes@stressinduktion.org> CC: Weilong Chen <chenweilong@huawei.com> CC: Gao feng <gaofeng@cn.fujitsu.com> Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit a220445f) Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Richard Guy Briggs authored
BugLink: http://bugs.launchpad.net/bugs/1633404 Nothing prevents a new auditd starting up and replacing a valid audit_pid when an old auditd is still running, effectively starving out the old auditd since audit_pid no longer points to the old valid auditd. If no message to auditd has been attempted since auditd died unnaturally or got killed, audit_pid will still indicate it is alive. There isn't an easy way to detect if an old auditd is still running on the existing audit_pid other than attempting to send a message to see if it fails. An -ECONNREFUSED almost certainly means it disappeared and can be replaced. Other errors are not so straightforward and may indicate transient problems that will resolve themselves and the old auditd will recover. Yet others will likely need manual intervention for which a new auditd will not solve the problem. Send a new message type (AUDIT_REPLACE) to the old auditd containing a u32 with the PID of the new auditd. If the audit replace message succeeds (or doesn't fail with certainty), fail to register the new auditd and return an error (-EEXIST). This is expected to make the patch preventing an old auditd orphaning a new auditd redundant. V3: Switch audit message type from 1000 to 1300 block. Signed-off-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <pmoore@redhat.com> (cherry picked from commit 133e1e5a) Signed-off-by: Joseph Salisbury <joseph.salisbury@canonical.com> Acked-by: Seth Forshee <seth.forshee@canonical.com> Acked-by: Tim Gardner <tim.gardner@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Andy Whitcroft authored
BugLink: http://bugs.launchpad.net/bugs/1640109Signed-off-by: Andy Whitcroft <apw@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Andy Whitcroft authored
BugLink: http://bugs.launchpad.net/bugs/1640109Signed-off-by: Andy Whitcroft <apw@canonical.com> Acked-by: Colin Ian King <colin.king@canonical.com> Acked-by: Brad Figg <brad.figg@canonical.com> Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Ignore: yes Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 01 Dec, 2016 3 commits
-
-
Brad Figg authored
Signed-off-by: Brad Figg <brad.figg@canonical.com>
-
Philip Pettersson authored
CVE-2016-8655 BugLink: http://bugs.launchpad.net/bugs/1646318 When packet_set_ring creates a ring buffer it will initialize a struct timer_list if the packet version is TPACKET_V3. This value can then be raced by a different thread calling setsockopt to set the version to TPACKET_V1 before packet_set_ring has finished. This leads to a use-after-free on a function pointer in the struct timer_list when the socket is closed as the previously initialized timer will not be deleted. The bug is fixed by taking lock_sock(sk) in packet_setsockopt when changing the packet version while also taking the lock at the start of packet_set_ring. Fixes: f6fb8f10 ("af-packet: TPACKET_V3 flexible buffer implementation.") Signed-off-by: Philip Pettersson <philip.pettersson@gmail.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Signed-off-by: Brad Figg <brad.figg@canonical.com> Acked-by: Stefan Bader <stefan.bader@canonical.com> Acked-by: Ben Romer <ben.romer@canonical.com>
-
Brad Figg authored
Ignore: yes Signed-off-by: Brad Figg <brad.figg@canonical.com>
-
- 24 Nov, 2016 4 commits
-
-
Luis Henriques authored
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 7c50722a. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 96530c8a. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644596 This reverts commit 3fbd4bc4. The backports that fix bug #1633128 for xenial, in particular the backport of upstream commit a9a62c93 ("dma-mapping: introduce the DMA_ATTR_NO_WARN attribute"), introduce a regression. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
- 23 Nov, 2016 19 commits
-
-
Luis Henriques authored
Ignore: yes Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 813a6f60. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Refuse uid/gid changes which don't map into s_user_ns"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 412b16ef. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit dc0d66cb. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Update posix_acl support to handle user namespace mounts"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit aad49181. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 392767a8. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 5a10b5bd. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 2036ce60. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ac7f3f73. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ca52383a. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: quota: Require that qids passed to dqget() be valid and map into s_user_ns"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 70c252de. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit e56ac922. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit ec41f5ac. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 0beac1b4. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit c6c8dc16. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit db19ff87. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 038b77f6. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-
Luis Henriques authored
Revert "(namespace) Revert "UBUNTU: SAUCE: fs: Allow superblock owner to change ownership of inodes with unmappable ids"" BugLink: https://bugs.launchpad.net/bugs/1644165 This reverts commit 65d51ade. The kernel fix for bug #1634964 breaks LXD userspace, in particular the following commits: ac7f3f73 (namespace) vfs: Don't modify inodes with a uid or gid unknown to the vfs ca52383a (namespace) vfs: Don't create inodes with a uid or gid unknown to the vfs LXD 2.0.6 will include changes to support these kernel changes, but it isn't available yet on xenial, so for now we just revert these commits. Signed-off-by: Luis Henriques <luis.henriques@canonical.com>
-