Profile state should never crash apparmor. The userspace no matter it state should never be able to crash the kernel. Profiles go through a verification process before the kernel will make them available.
The "half" configured state may mean that not all apparmor profiles are loaded, or that some of the userspace functions aren't available but that should never result in a kernel oops. The userspace obviously got far enough along to replace some policy and from the kernel trace we can see that apparmor oopsed during profile replacement, after the profile has been verified and it is being activated kernel side. I believe this bug is already fixed by commit 57d3b8969c47b1dabeb9d122a88df2c14d4f1b9f UBUNTU: SAUCE: apparmor: fix vec_unique for vectors larger than 8 which was released in Ubuntu-4.4.0-37.56 ** Changed in: apparmor (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1615144 Title: BUG: unable to handle kernel NULL pointer dereference To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1615144/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs