[Bug 2037567] [NEW] mantic kernel 6.5.0.1006 Adds io_uring apparmor feature
John Chittum
2037567 at bugs.launchpad.net
Wed Sep 27 15:34:33 UTC 2023
Public bug reported:
starting with kernel package(s) 6.5.0.1006, currently in mantic-
proposed, `io_uring` is added as a apparmor feature. This change results
in preseeded snaps being unoptimized, as the mounted apparmor features
in the chroot do not match the 6.5.0.1006 kernels. On a system running
with the kernel
cat /sys/kernel/security/apparmor/features/io_uring/mask
sqpoll override_creds
1. ensure that this is correct with kernel and security teams
2. ensure that this is the default going forward
if 1 and 2, then set the default in `livecd-rootfs` for mounted apparmor
features to include io_uring
** Affects: livecd-rootfs (Ubuntu)
Importance: Undecided
Assignee: John Chittum (jchittum)
Status: New
** Changed in: livecd-rootfs (Ubuntu)
Assignee: (unassigned) => John Chittum (jchittum)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/2037567
Title:
mantic kernel 6.5.0.1006 Adds io_uring apparmor feature
Status in livecd-rootfs package in Ubuntu:
New
Bug description:
starting with kernel package(s) 6.5.0.1006, currently in mantic-
proposed, `io_uring` is added as a apparmor feature. This change
results in preseeded snaps being unoptimized, as the mounted apparmor
features in the chroot do not match the 6.5.0.1006 kernels. On a
system running with the kernel
cat /sys/kernel/security/apparmor/features/io_uring/mask
sqpoll override_creds
1. ensure that this is correct with kernel and security teams
2. ensure that this is the default going forward
if 1 and 2, then set the default in `livecd-rootfs` for mounted
apparmor features to include io_uring
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/2037567/+subscriptions
More information about the foundations-bugs
mailing list