Public bug reported:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
The cloud kernels known to have bluetooth enabled include:
* [B/D/E] linux-aws (arm64 only)
* [X/B/D/E] linux-gcp
* [B] linux-gke-4.15
* [B] linux-gke-5.0
* [X/B/D/E] linux-oracle
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
$ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
** Affects: linux-aws (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-gcp (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-gcp (Ubuntu Xenial)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Xenial)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Bionic)
Importance: Undecided
Status: Triaged
** Affects: linux-gcp (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-gke-5.0 (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-oracle (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Disco)
Importance: Undecided
Status: Triaged
** Affects: linux-gcp (Ubuntu Disco)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Disco)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Disco)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Disco)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Eoan)
Importance: High
Status: Triaged
** Affects: linux-gcp (Ubuntu Eoan)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Eoan)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Eoan)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Eoan)
Importance: High
Status: Triaged
** Also affects: linux-aws (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux-aws (Ubuntu Eoan)
Importance: High
Status: Triaged
** Also affects: linux-aws (Ubuntu Disco)
Importance: Undecided
Status: New
** Changed in: linux-aws (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-aws (Ubuntu Bionic)
Status: New => Triaged
** Description changed:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
+ The cloud kernels known to have bluetooth enabled include:
+
+ * [B/D/E] linux-aws (arm64 only)
+
+
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
- $ grep CONFIG_BT=[my] /boot/config-$(uname -r)
+ $ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
** Also affects: linux-gcp (Ubuntu)
Importance: Undecided
Status: New
** Also affects: linux-aws (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux-gcp (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux-aws (Ubuntu Xenial)
Status: New => Invalid
** Also affects: linux-gke-4.15 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: linux-gke-5.0 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gke-4.15 (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Disco)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Eoan)
Status: New => Invalid
** Also affects: linux-oracle (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gke-5.0 (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-gke-5.0 (Ubuntu Disco)
Status: New => Invalid
** Changed in: linux-gke-5.0 (Ubuntu Eoan)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gke-5.0 (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gke-5.0 (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gke-4.15 (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Xenial)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Disco)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Eoan)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Eoan)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Xenial)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Disco)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Eoan)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Eoan)
Status: New => Triaged
** Description changed:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
The cloud kernels known to have bluetooth enabled include:
* [B/D/E] linux-aws (arm64 only)
-
+ * [X/B/D/E] linux-gcp
+ * [B] linux-gke-4.15
+ * [B] linux-gke-5.0
+ * [X/B/D/E] linux-oracle
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
$ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1840488
Title:
Disable Bluetooth in cloud kernels
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1840488/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
