group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #08595
[Bug 1630069] Re: Regression tests can not detect binfmt_elf mmpa semantic change
This bug was fixed in the package apparmor - 2.10.95-0ubuntu2.5
---------------
apparmor (2.10.95-0ubuntu2.5) xenial; urgency=medium
* debian/lib/apparmor/functions, debian/apparmor.init,
debian/apparmor.service, debian/apparmor.upstart,
debian/lib/apparmor/profile-load: Adjust the checks that previously kept
AppArmor policy from being loaded while booting a container. Now we
attempt to load policy if we're in a LXD or LXC managed container that is
using profile stacking inside of a policy namespace. (LP: #1628285)
* Fix regression tests for stacking so that the kernel SRU process is not
interrupted by failing tests whenever the AppArmor stacking features are
backported from the 16.10 kernel or when the 16.04 LTS Enablement Stack
receives a 4.8 or newer kernel
- debian/patches/r3509-tests-fix-exec_stack-errors-1.patch: Fix the
exec_stack.sh test when running on 4.8 or newer kernels (LP: #1628745)
- debian/patches/r3558-tests-fix-exec_stack-errors-2.patch: Adjust the
exec_stack.sh fix mentioned above to more accurately test kernels older
than 4.8 (LP: #1630069)
- debian/patches/allow-stacking-tests-to-use-system.patch: Apply this
patch earlier in the series, as to match when it was committed upstream,
so that the above two patches can be cherry-picked from lp:apparmor
-- Tyler Hicks <tyhicks@xxxxxxxxxxxxx> Fri, 07 Oct 2016 05:21:44 +0000
** Changed in: apparmor (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1630069
Title:
Regression tests can not detect binfmt_elf mmpa semantic change
Status in AppArmor:
Fix Committed
Status in apparmor package in Ubuntu:
New
Status in linux package in Ubuntu:
Fix Released
Status in apparmor source package in Xenial:
Fix Released
Status in linux source package in Xenial:
New
Status in apparmor source package in Yakkety:
Won't Fix
Status in linux source package in Yakkety:
Fix Released
Bug description:
== apparmor SRU ==
[Impact]
* The exec_stack.sh regression test fails due to a behavior change in 4.8
kernels from this patch:
commit 9f834ec18defc369d73ccf9e87a2790bfa05bf46
Author: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Date: Mon Aug 22 16:41:46 2016 -0700
binfmt_elf: switch to new creds when switching to new mm
* The regression tests were fixed for this kernel change but they were fixed
in a way that always assumed that kernel change is present. They should have
been adjusted so that they act differently according to whether or not the
kernel change is present (it is a change that could end up being backported
through the stable trees).
[Test Case]
$ apt-get source apparmor # make sure this fetches the new apparmor source
$ sudo apt-get install libapparmor-dev
$ cd tests/regression/apparmor
$ make USE_SYSTEM=1
$ sudo bash exec_stack.sh
The previous command should result in no output and return value of
0.
[Regression Potential]
* This is an extremely low risk change since it only touches regression
testing code that is not user-facing.
[Other]
* Fixed in upstream lp:apparmor tree:
https://bazaar.launchpad.net/~apparmor-
dev/apparmor/master/revision/3558
== Original description ==
The regression tests are currently hard coded to the semantics of mmap
in binfmt_elf
With the recent upstream commit
9f834ec18defc369d73ccf9e87a2790bfa05bf46 the cred used for the mmap
changed resulting in test failures. The tests have been patched for
this change but it results in the test breaking for everyone using
upstream releases against pre 4.8 kernels.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1630069/+subscriptions
