ubuntu-kernel-tests

lxc autotest failure with kernel >= 5.13

Bug #1931064 reported by Andrea Righi
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-kernel-tests
New
Undecided
Unassigned
lxc (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

The lxc autotest is failing with the following error(s) on the latest kernel linux-unstable 5.13:

FAIL: lxc-tests: lxc-test-apparmor (1s)
---
failed - opened /sys/kernel/uevent_helper
---
PASS: lxc-tests: lxc-test-apparmor-generated (0s)
PASS: lxc-tests: lxc-test-apparmor-mount (29s)
FAIL: lxc-tests: lxc-test-attach (1s)
---
attach.c: 410: main: Using "/tmp/attach_x8lgO2" as temporary log file for container lxc-attach-test

I was able to bisect the problem and found that the offending commit is:

bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 ("proc: Check /proc/$pid/attr/ writes against file opener")

This commit looks like a sane fix, so simply reverting it in the kernel doesn't seem a viable solution.

I think we should address and understand the issue in the lxc package.

Detailed log of the failure: https://autopkgtest.ubuntu.com/results/autopkgtest-impish-canonical-kernel-team-bootstrap/impish/amd64/l/lxc/20210601_082733_a3ae4@/log.gz

See original description
Andrea Righi (arighi)
description: updated
Po-Hsu Lin (cypressyew)
tags: added: 5.13 ubuntu-lxc
tags: added: sru-20210531
Po-Hsu Lin (cypressyew)
tags: added: impish
Revision history for this message
Christian Brauner (cbrauner) wrote : Re: [Bug 1931064] [NEW] lxc autotest failure with kernel >= 5.13
Download full text (3.9 KiB)

On Mon, Jun 07, 2021 at 05:14:50AM -0000, Andrea Righi wrote:
> Public bug reported:
>
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/uevent_helper
> ---
> PASS: lxc-tests: lxc-test-apparmor-generated (0s)
> PASS: lxc-tests: lxc-test-apparmor-mount (29s)
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---
> attach.c: 410: main: Using "/tmp/attach_x8lgO2" as temporary log file for container lxc-attach-test
>
> I was able to bisect the problem and found that the offending commit is:
>
> bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 ("proc: Check /proc/$pid/attr/
> writes against file opener")
>
> This commit looks like a sane fix, so simply reverting it in the kernel
> doesn't seem a viable solution.
>
> I think we should address and understand the issue in the lxc package.

So this failure implies that the
/sys/kernel/uevent_helper
file that we denied access to via AppArmor can now be opened. And then
lxc-test-attach reports an LSM label mismatch in the link you posted
below too so that seems scary...

>
> Detailed log of the failure: https://autopkgtest.ubuntu.com/results
> /autopkgtest-impish-canonical-kernel-team-
> bootstrap/impish/amd64/l/lxc/20210601_082733_a3ae4@/log.gz
>
> ** Affects: lxc (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Description changed:
>
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/uevent_helper
> ---
> PASS: lxc-tests: lxc-test-apparmor-generated (0s)
> PASS: lxc-tests: lxc-test-apparmor-mount (29s)
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---
> attach.c: 410: main: Using "/tmp/attach_x8lgO2" as temporary log file for container lxc-attach-test
>
> I was able to bisect the problem and found that the offending commit is:
>
> bfb819ea20ce8bbeeba17e1a6418bf8bda91fc28 ("proc: Check /proc/$pid/attr/
> writes against file opener")
>
> This commit looks like a sane fix, so simply reverting it in the kernel
> doesn't seem a viable solution.
>
> I think we should address and understand the issue in the lxc package.
> +
> + Detailed log of the failure: https://autopkgtest.ubuntu.com/results
> + /autopkgtest-impish-canonical-kernel-team-
> + bootstrap/impish/amd64/l/lxc/20210601_082733_a3ae4@/log.gz
>
> --
> You received this bug notification because you are a member of Ubuntu
> containers team, which is subscribed to lxc in Ubuntu.
> Matching subscriptions: lxc
> https://bugs.launchpad.net/bugs/1931064
>
> Title:
> lxc autotest failure with kernel >= 5.13
>
> Status in lxc package in Ubuntu:
> New
>
> Bug description:
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/uevent_helper
> ---
> PASS: lxc-tests: lxc-test-apparmor-generated (0s)
> PASS: lxc-tests: lxc-test-apparmor-mount (29s)
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---...

Read more...

Revision history for this message
Christian Brauner (cbrauner) wrote :

I'm currently treating this as an upstream kernel regression reported here

https://lore.kernel.org/regressions/20210607142245.eikvyeacqwwu6dn3@wittgenstein

We should wait whether a simple revert will be acceptable or whether anything else is needed from LXC specifically.

Kelsey Steele (kelsey-steele)
tags: added: focal sru-20210621
Revision history for this message
Stéphane Graber (stgraber) wrote :

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=591a22c14d3f45cc38bd1931c593c221df2f1881

Changed in lxc (Ubuntu):
status: New → Invalid
Revision history for this message
Stéphane Graber (stgraber) wrote :

Marking as invalid as this wasn't an LXC bug but a kernel bug.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.