[SRU][Artful][Bionic][PATCH 0/2] Fixed for LP:1734327

Joseph Salisbury joseph.salisbury at canonical.com
Mon Dec 11 15:44:56 UTC 2017

On 12/08/2017 06:02 PM, Tetsuo Handa wrote:
> Seth Forshee wrote:
>> On Fri, Dec 08, 2017 at 12:59:03PM -0500, Joseph Salisbury wrote:
>>> BugLink: http://bugs.launchpad.net/bugs/1734327
>>> == SRU Justification ==
>>> The following commit introduced a regression identified in bug 1734327:
>>> ac8f82a0b6d9 ("UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs")
>>> The regression causes a kernel panic to occur after multiple TCP connection 
>>> creations/closures to the localhost.  The bug was found using STAF RPC calls, 
>>> but is easily reproducible with SSH.    
>>> A revert of commit ac8f82a0b6d9 is needed to resolve this bug.  However, commit 4ae2508f0bed
>>> also needs to be reverted because it depend on commit ac8f82a0b6d9.
>>> == Fix ==
>>> Revert 4ae2508f0bed ("UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor network hooks")
>>> Revert ac8f82a0b6d9 ("UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the remaining blobs")
>>> == Test Case ==
>>> A test kernel was built with these two commits reverted and tested by the original bug reporter.
>>> The bug reporter states the test kernel resolved the bug.
>> Two problems with the patches, they lack your s-o-b and they lack any
>> information about why they're being reverted in the commit message.
>> They also didn't apply cleanly on bionic/master-next (at least not the
>> first one, I didn't try the second), so I just reverted them directly
>> and pushed. I had to drop the whole series when rebasing to 4.15 so
>> there's nothing to revert in unstable.
> Isn't https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734686 same bug where the patch
> is at http://kernsec.org/pipermail/linux-security-module-archive/2017-December/004638.html ?

Thanks for the pointer!  I will build a test kernel with that patch and
see if it fixes the bug, so the reverts are not needed.



More information about the kernel-team mailing list