This is because boot params are processed before apparmor is fully initialized and policy_view_capable() will oops because the rootns is not setup.
We should by-pass policy_view_capable() for params being set at boot. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1678048 Title: apparmor: oops on boot if parameters set on grub command line Status in linux package in Ubuntu: New Status in linux source package in Xenial: New Status in linux source package in Yakkety: New Status in linux source package in Zesty: New Bug description: When an apparmor parameter is set on the grub kernel line it results in an oops and failure to boot. eg. setting apparmor.audit=noquiet will cause the kernel to fail to boot. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1678048/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
