lxc autotest failure with kernel >= 5.13
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-kernel-tests |
New
|
Undecided
|
Unassigned | ||
lxc (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
The lxc autotest is failing with the following error(s) on the latest kernel linux-unstable 5.13:
FAIL: lxc-tests: lxc-test-apparmor (1s)
---
failed - opened /sys/kernel/
---
PASS: lxc-tests: lxc-test-
PASS: lxc-tests: lxc-test-
FAIL: lxc-tests: lxc-test-attach (1s)
---
attach.c: 410: main: Using "/tmp/attach_
I was able to bisect the problem and found that the offending commit is:
bfb819ea20ce8bb
This commit looks like a sane fix, so simply reverting it in the kernel doesn't seem a viable solution.
I think we should address and understand the issue in the lxc package.
Detailed log of the failure: https:/
description: | updated |
tags: | added: 5.13 ubuntu-lxc |
tags: | added: sru-20210531 |
tags: | added: impish |
tags: | added: focal sru-20210621 |
On Mon, Jun 07, 2021 at 05:14:50AM -0000, Andrea Righi wrote: uevent_ helper apparmor- generated (0s) apparmor- mount (29s) x8lgO2" as temporary log file for container lxc-attach-test eeba17e1a6418bf 8bda91fc28 ("proc: Check /proc/$pid/attr/
> Public bug reported:
>
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/
> ---
> PASS: lxc-tests: lxc-test-
> PASS: lxc-tests: lxc-test-
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---
> attach.c: 410: main: Using "/tmp/attach_
>
> I was able to bisect the problem and found that the offending commit is:
>
> bfb819ea20ce8bb
> writes against file opener")
>
> This commit looks like a sane fix, so simply reverting it in the kernel
> doesn't seem a viable solution.
>
> I think we should address and understand the issue in the lxc package.
So this failure implies that the uevent_ helper
/sys/kernel/
file that we denied access to via AppArmor can now be opened. And then
lxc-test-attach reports an LSM label mismatch in the link you posted
below too so that seems scary...
> /autopkgtest. ubuntu. com/results impish- canonical- kernel- team- impish/ amd64/l/ lxc/20210601_ 082733_ a3ae4@/ log.gz uevent_ helper apparmor- generated (0s) apparmor- mount (29s) x8lgO2" as temporary log file for container lxc-attach-test eeba17e1a6418bf 8bda91fc28 ("proc: Check /proc/$pid/attr/ /autopkgtest. ubuntu. com/results impish- canonical- kernel- team- impish/ amd64/l/ lxc/20210601_ 082733_ a3ae4@/ log.gz /bugs.launchpad .net/bugs/ 1931064 uevent_ helper apparmor- generated (0s) apparmor- mount (29s)
> Detailed log of the failure: https:/
> /autopkgtest-
> bootstrap/
>
> ** Affects: lxc (Ubuntu)
> Importance: Undecided
> Status: New
>
> ** Description changed:
>
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/
> ---
> PASS: lxc-tests: lxc-test-
> PASS: lxc-tests: lxc-test-
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---
> attach.c: 410: main: Using "/tmp/attach_
>
> I was able to bisect the problem and found that the offending commit is:
>
> bfb819ea20ce8bb
> writes against file opener")
>
> This commit looks like a sane fix, so simply reverting it in the kernel
> doesn't seem a viable solution.
>
> I think we should address and understand the issue in the lxc package.
> +
> + Detailed log of the failure: https:/
> + /autopkgtest-
> + bootstrap/
>
> --
> You received this bug notification because you are a member of Ubuntu
> containers team, which is subscribed to lxc in Ubuntu.
> Matching subscriptions: lxc
> https:/
>
> Title:
> lxc autotest failure with kernel >= 5.13
>
> Status in lxc package in Ubuntu:
> New
>
> Bug description:
> The lxc autotest is failing with the following error(s) on the latest
> kernel linux-unstable 5.13:
>
> FAIL: lxc-tests: lxc-test-apparmor (1s)
> ---
> failed - opened /sys/kernel/
> ---
> PASS: lxc-tests: lxc-test-
> PASS: lxc-tests: lxc-test-
> FAIL: lxc-tests: lxc-test-attach (1s)
> ---...