Bug#887932: firmware-iwlwifi: Bluetooth not working

[Ryan Lue]

Package: firmware-iwlwifi
Followup-For: Bug #887932

I’d like to add that upgrading
from stretch (20161130-3) to buster (20170823-1)
broke bluetooth on my machine.

I suspect the symptoms were different —
I don’t use GNOME, but ‘hciconfig -a’ did report my Bluetooth adapter.
However, ‘bluetoothctl’ would fail unpredictably in a couple places:

1. On a fresh boot with no devices connected,
   I could ‘power on’, ‘scan on’, and even sometimes ‘pair ’,
   but ‘connect ’ would time out (‘hci0 command tx timeout’).
2. But more often, I could only ‘power on’ and ‘scan on’,
   and then ‘devices’ always turned up empty.

I have an Intel 8260 WiFi/Bluetooth adapter (from a ThinkPad T460).
Downgrading to the stretch version (20161130-3) fixes the problem.


-- System Information:
Debian Release: buster/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.16.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

firmware-iwlwifi depends on no packages.

firmware-iwlwifi recommends no packages.

Versions of packages firmware-iwlwifi suggests:
ii  initramfs-tools  0.130

-- no debconf information

Re: [PATCH v2] kbuild: deb-pkg improve maintainer address generation

[Masahiro Yamada]

2018-05-08 20:56 GMT+09:00 Riku Voipio :
> On 7 May 2018 at 16:35, Masahiro Yamada  wrote:
>> Hi Riku,
>>
>> 2018-05-07 16:11 GMT+09:00  :
>>> From: Riku Voipio 
>>>
>>> There is multiple issues with the genaration of maintainer string
>>>
>>> It uses DEBEMAIL and EMAIL enviroment variables, which may contain angle 
>>> brackets,
>>> creating invalid maintainer strings. The documented KBUILD_BUILD_USER and
>>> KBUILD_BUILD_HOST variables are not used. Undocumented and uncommon NAME
>>> variable is used.
>>
>> Sorry, I missed to ask you about 'NAME' variable.
>>
>>
>> I checked the Debian Administrator's Handbook.
>>
>> I see the following description
>>
>>
>>   TIP
>>   Maintainer’s name and email address
>>
>>   Most of the programs involved in package maintenance will look for
>> your name and
>>   email address in the DEBFULLNAME and DEBEMAIL or EMAIL environment 
>> variables.
>>   Defining them once and for all will avoid you having to type them
>> multiple times.
>>   If your usual shell is bash , it is a simple matter of adding the
>> following two lines
>>   in your ~/.bashrc file (you will obviously replace the values with
>> more relevant
>>   ones!):
>>
>>   export EMAIL=”hert...@debian.org”
>>   export DEBFULLNAME=”Raphael Hertzog”
>>
>>
>> Indeed, 'NAME' is not mentioned at all here.
>>
>>
>> On the other hand, I also checked the following link
>> referred by Mathieu:
>> https://manpages.debian.org/unstable/devscripts/dch.1.en.html
>>
>>   If the environment variable DEBFULLNAME is set, this will be used for the
>>   maintainer full name; if not, then NAME will be checked. If the environment
>>   variable DEBEMAIL is set, this will be used for the email address. If this
>>   variable has the form "name ", then the maintainer name will also be
>>   taken from here if neither DEBFULLNAME nor NAME is set.
>>
>>
>> Hmm, debchange checks 'NAME' too.
>
> dch is symlink to debchange. I found one common tool that falls back
> from DEBFULLNAME to NAME, reportbug. But almost all other users of
> DEBFULLNAME don't:
>
> https://codesearch.debian.net/search?q=DEBFULLNAME=1
>
> Supporting DEBFULLNAME and DEBEMAIL makes sense, since they are
> explicitly documented Debian variables. EMAIL is commonly used
> elsewhere (such as with git). NAME otoh is is not used outside Debian.
> And you will have a poor experience in Debian if you have only NAME
> set - reportbug will use it, but bts wont.
>
> The main reason to keep NAME, would be historic reasons ("has been
> supported in deb-pkg before"). Given that setting a) either
> DEBFULLNAME or KBUILD_BUILD_USER is trivial, and b) it's a cosmetic
> issue to begin with, I'm not sure it's worth it.
>

Okay, applied now.
Thanks for detailed explanation!


-- 
Best Regards
Masahiro Yamada

linux_4.9.88-1+deb9u1_source.changes ACCEPTED into proposed-updates->stable-new

[Debian FTP Masters]

Mapping stable-security to proposed-updates.

Accepted:

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

Format: 1.8
Date: Mon, 07 May 2018 23:38:25 +0100
Source: linux
Binary: linux-source-4.9 linux-support-4.9.0-6 linux-doc-4.9 linux-manual-4.9 
linux-kbuild-4.9 linux-cpupower libcpupower1 libcpupower-dev linux-perf-4.9 
libusbip-dev usbip hyperv-daemons linux-headers-4.9.0-6-common 
linux-headers-4.9.0-6-common-rt linux-libc-dev linux-headers-4.9.0-6-all 
linux-headers-4.9.0-6-all-alpha kernel-image-4.9.0-6-alpha-generic-di 
nic-modules-4.9.0-6-alpha-generic-di 
nic-wireless-modules-4.9.0-6-alpha-generic-di 
nic-shared-modules-4.9.0-6-alpha-generic-di 
serial-modules-4.9.0-6-alpha-generic-di 
usb-serial-modules-4.9.0-6-alpha-generic-di 
ppp-modules-4.9.0-6-alpha-generic-di pata-modules-4.9.0-6-alpha-generic-di 
cdrom-core-modules-4.9.0-6-alpha-generic-di 
scsi-core-modules-4.9.0-6-alpha-generic-di 
scsi-modules-4.9.0-6-alpha-generic-di loop-modules-4.9.0-6-alpha-generic-di 
btrfs-modules-4.9.0-6-alpha-generic-di ext4-modules-4.9.0-6-alpha-generic-di 
isofs-modules-4.9.0-6-alpha-generic-di jfs-modules-4.9.0-6-alpha-generic-di
 xfs-modules-4.9.0-6-alpha-generic-di fat-modules-4.9.0-6-alpha-generic-di 
md-modules-4.9.0-6-alpha-generic-di multipath-modules-4.9.0-6-alpha-generic-di 
usb-modules-4.9.0-6-alpha-generic-di 
usb-storage-modules-4.9.0-6-alpha-generic-di 
fb-modules-4.9.0-6-alpha-generic-di input-modules-4.9.0-6-alpha-generic-di 
event-modules-4.9.0-6-alpha-generic-di mouse-modules-4.9.0-6-alpha-generic-di 
nic-pcmcia-modules-4.9.0-6-alpha-generic-di 
pcmcia-modules-4.9.0-6-alpha-generic-di 
nic-usb-modules-4.9.0-6-alpha-generic-di sata-modules-4.9.0-6-alpha-generic-di 
crc-modules-4.9.0-6-alpha-generic-di crypto-modules-4.9.0-6-alpha-generic-di 
crypto-dm-modules-4.9.0-6-alpha-generic-di ata-modules-4.9.0-6-alpha-generic-di 
nbd-modules-4.9.0-6-alpha-generic-di squashfs-modules-4.9.0-6-alpha-generic-di 
virtio-modules-4.9.0-6-alpha-generic-di zlib-modules-4.9.0-6-alpha-generic-di 
fuse-modules-4.9.0-6-alpha-generic-di srm-modules-4.9.0-6-alpha-generic-di 
linux-image-4.9.0-6-alpha-generic
 linux-headers-4.9.0-6-alpha-generic linux-image-4.9.0-6-alpha-generic-dbg 
linux-image-4.9.0-6-alpha-smp linux-headers-4.9.0-6-alpha-smp 
linux-image-4.9.0-6-alpha-smp-dbg linux-headers-4.9.0-6-all-amd64 
kernel-image-4.9.0-6-amd64-di nic-modules-4.9.0-6-amd64-di 
nic-wireless-modules-4.9.0-6-amd64-di nic-shared-modules-4.9.0-6-amd64-di 
serial-modules-4.9.0-6-amd64-di usb-serial-modules-4.9.0-6-amd64-di 
ppp-modules-4.9.0-6-amd64-di pata-modules-4.9.0-6-amd64-di 
cdrom-core-modules-4.9.0-6-amd64-di firewire-core-modules-4.9.0-6-amd64-di 
scsi-core-modules-4.9.0-6-amd64-di scsi-modules-4.9.0-6-amd64-di 
loop-modules-4.9.0-6-amd64-di btrfs-modules-4.9.0-6-amd64-di 
ext4-modules-4.9.0-6-amd64-di isofs-modules-4.9.0-6-amd64-di 
jfs-modules-4.9.0-6-amd64-di ntfs-modules-4.9.0-6-amd64-di 
xfs-modules-4.9.0-6-amd64-di fat-modules-4.9.0-6-amd64-di 
md-modules-4.9.0-6-amd64-di multipath-modules-4.9.0-6-amd64-di 
usb-modules-4.9.0-6-amd64-di usb-storage-modules-4.9.0-6-amd64-di
 pcmcia-storage-modules-4.9.0-6-amd64-di fb-modules-4.9.0-6-amd64-di 
input-modules-4.9.0-6-amd64-di event-modules-4.9.0-6-amd64-di 
mouse-modules-4.9.0-6-amd64-di nic-pcmcia-modules-4.9.0-6-amd64-di 
pcmcia-modules-4.9.0-6-amd64-di nic-usb-modules-4.9.0-6-amd64-di 
sata-modules-4.9.0-6-amd64-di acpi-modules-4.9.0-6-amd64-di 
i2c-modules-4.9.0-6-amd64-di crc-modules-4.9.0-6-amd64-di 
crypto-modules-4.9.0-6-amd64-di crypto-dm-modules-4.9.0-6-amd64-di 
efi-modules-4.9.0-6-amd64-di ata-modules-4.9.0-6-amd64-di 
mmc-core-modules-4.9.0-6-amd64-di mmc-modules-4.9.0-6-amd64-di 
nbd-modules-4.9.0-6-amd64-di squashfs-modules-4.9.0-6-amd64-di 
speakup-modules-4.9.0-6-amd64-di virtio-modules-4.9.0-6-amd64-di 
uinput-modules-4.9.0-6-amd64-di sound-modules-4.9.0-6-amd64-di 
hyperv-modules-4.9.0-6-amd64-di udf-modules-4.9.0-6-amd64-di 
fuse-modules-4.9.0-6-amd64-di linux-image-4.9.0-6-amd64 
linux-headers-4.9.0-6-amd64 linux-image-4.9.0-6-amd64-dbg 
linux-image-4.9.0-6-rt-amd64
 linux-headers-4.9.0-6-rt-amd64 linux-image-4.9.0-6-rt-amd64-dbg 
linux-headers-4.9.0-6-all-arm64 kernel-image-4.9.0-6-arm64-di 
nic-modules-4.9.0-6-arm64-di nic-wireless-modules-4.9.0-6-arm64-di 
nic-shared-modules-4.9.0-6-arm64-di ppp-modules-4.9.0-6-arm64-di 
cdrom-core-modules-4.9.0-6-arm64-di scsi-core-modules-4.9.0-6-arm64-di 
scsi-modules-4.9.0-6-arm64-di loop-modules-4.9.0-6-arm64-di 
btrfs-modules-4.9.0-6-arm64-di ext4-modules-4.9.0-6-arm64-di 
isofs-modules-4.9.0-6-arm64-di jfs-modules-4.9.0-6-arm64-di 
xfs-modules-4.9.0-6-arm64-di fat-modules-4.9.0-6-arm64-di 
md-modules-4.9.0-6-arm64-di multipath-modules-4.9.0-6-arm64-di 
usb-modules-4.9.0-6-arm64-di usb-storage-modules-4.9.0-6-arm64-di 
fb-modules-4.9.0-6-arm64-di input-modules-4.9.0-6-arm64-di 
event-modules-4.9.0-6-arm64-di nic-usb-modules-4.9.0-6-arm64-di 
sata-modules-4.9.0-6-arm64-di i2c-modules-4.9.0-6-arm64-di 

linux_3.16.56-1+deb8u1_multi.changes is NEW

[Debian FTP Masters]

Mapping oldstable-security to oldstable-proposed-updates.
binary:acpi-modules-3.16.0-6-586-di is NEW.
binary:acpi-modules-3.16.0-6-686-pae-di is NEW.
binary:acpi-modules-3.16.0-6-amd64-di is NEW.
binary:affs-modules-3.16.0-6-4kc-malta-di is NEW.
binary:affs-modules-3.16.0-6-loongson-2e-di is NEW.
binary:affs-modules-3.16.0-6-loongson-2f-di is NEW.
binary:affs-modules-3.16.0-6-loongson-3-di is NEW.
binary:affs-modules-3.16.0-6-octeon-di is NEW.
binary:affs-modules-3.16.0-6-powerpc-di is NEW.
binary:affs-modules-3.16.0-6-powerpc64-di is NEW.
binary:affs-modules-3.16.0-6-sb1-bcm91250a-di is NEW.
binary:ata-modules-3.16.0-6-586-di is NEW.
binary:ata-modules-3.16.0-6-686-pae-di is NEW.
binary:ata-modules-3.16.0-6-amd64-di is NEW.
binary:ata-modules-3.16.0-6-arm64-di is NEW.
binary:ata-modules-3.16.0-6-armmp-di is NEW.
binary:ata-modules-3.16.0-6-loongson-2e-di is NEW.
binary:ata-modules-3.16.0-6-loongson-2f-di is NEW.
binary:ata-modules-3.16.0-6-loongson-3-di is NEW.
binary:ata-modules-3.16.0-6-powerpc-di is NEW.
binary:ata-modules-3.16.0-6-powerpc64-di is NEW.
binary:ata-modules-3.16.0-6-powerpc64le-di is NEW.
binary:ata-modules-3.16.0-6-sb1-bcm91250a-di is NEW.
binary:btrfs-modules-3.16.0-6-4kc-malta-di is NEW.
binary:btrfs-modules-3.16.0-6-586-di is NEW.
binary:btrfs-modules-3.16.0-6-686-pae-di is NEW.
binary:btrfs-modules-3.16.0-6-amd64-di is NEW.
binary:btrfs-modules-3.16.0-6-arm64-di is NEW.
binary:btrfs-modules-3.16.0-6-armmp-di is NEW.
binary:btrfs-modules-3.16.0-6-kirkwood-di is NEW.
binary:btrfs-modules-3.16.0-6-loongson-2e-di is NEW.
binary:btrfs-modules-3.16.0-6-loongson-2f-di is NEW.
binary:btrfs-modules-3.16.0-6-loongson-3-di is NEW.
binary:btrfs-modules-3.16.0-6-octeon-di is NEW.
binary:btrfs-modules-3.16.0-6-orion5x-di is NEW.
binary:btrfs-modules-3.16.0-6-powerpc-di is NEW.
binary:btrfs-modules-3.16.0-6-powerpc64-di is NEW.
binary:btrfs-modules-3.16.0-6-powerpc64le-di is NEW.
binary:btrfs-modules-3.16.0-6-r4k-ip22-di is NEW.
binary:btrfs-modules-3.16.0-6-r5k-ip32-di is NEW.
binary:btrfs-modules-3.16.0-6-sb1-bcm91250a-di is NEW.
binary:btrfs-modules-3.16.0-6-versatile-di is NEW.
binary:cdrom-core-modules-3.16.0-6-4kc-malta-di is NEW.
binary:cdrom-core-modules-3.16.0-6-586-di is NEW.
binary:cdrom-core-modules-3.16.0-6-686-pae-di is NEW.
binary:cdrom-core-modules-3.16.0-6-amd64-di is NEW.
binary:cdrom-core-modules-3.16.0-6-arm64-di is NEW.
binary:cdrom-core-modules-3.16.0-6-kirkwood-di is NEW.
binary:cdrom-core-modules-3.16.0-6-loongson-2e-di is NEW.
binary:cdrom-core-modules-3.16.0-6-loongson-2f-di is NEW.
binary:cdrom-core-modules-3.16.0-6-loongson-3-di is NEW.
binary:cdrom-core-modules-3.16.0-6-octeon-di is NEW.
binary:cdrom-core-modules-3.16.0-6-orion5x-di is NEW.
binary:cdrom-core-modules-3.16.0-6-powerpc-di is NEW.
binary:cdrom-core-modules-3.16.0-6-powerpc64-di is NEW.
binary:cdrom-core-modules-3.16.0-6-powerpc64le-di is NEW.
binary:cdrom-core-modules-3.16.0-6-sb1-bcm91250a-di is NEW.
binary:cdrom-core-modules-3.16.0-6-versatile-di is NEW.
binary:core-modules-3.16.0-6-586-di is NEW.
binary:core-modules-3.16.0-6-686-pae-di is NEW.
binary:core-modules-3.16.0-6-amd64-di is NEW.
binary:core-modules-3.16.0-6-arm64-di is NEW.
binary:core-modules-3.16.0-6-armmp-di is NEW.
binary:core-modules-3.16.0-6-kirkwood-di is NEW.
binary:core-modules-3.16.0-6-orion5x-di is NEW.
binary:core-modules-3.16.0-6-powerpc-di is NEW.
binary:core-modules-3.16.0-6-powerpc64-di is NEW.
binary:core-modules-3.16.0-6-powerpc64le-di is NEW.
binary:core-modules-3.16.0-6-s390x-di is NEW.
binary:core-modules-3.16.0-6-versatile-di is NEW.
binary:crc-modules-3.16.0-6-4kc-malta-di is NEW.
binary:crc-modules-3.16.0-6-586-di is NEW.
binary:crc-modules-3.16.0-6-686-pae-di is NEW.
binary:crc-modules-3.16.0-6-amd64-di is NEW.
binary:crc-modules-3.16.0-6-arm64-di is NEW.
binary:crc-modules-3.16.0-6-armmp-di is NEW.
binary:crc-modules-3.16.0-6-kirkwood-di is NEW.
binary:crc-modules-3.16.0-6-loongson-2e-di is NEW.
binary:crc-modules-3.16.0-6-loongson-2f-di is NEW.
binary:crc-modules-3.16.0-6-loongson-3-di is NEW.
binary:crc-modules-3.16.0-6-octeon-di is NEW.
binary:crc-modules-3.16.0-6-orion5x-di is NEW.
binary:crc-modules-3.16.0-6-powerpc-di is NEW.
binary:crc-modules-3.16.0-6-powerpc64-di is NEW.
binary:crc-modules-3.16.0-6-powerpc64le-di is NEW.
binary:crc-modules-3.16.0-6-r4k-ip22-di is NEW.
binary:crc-modules-3.16.0-6-r5k-ip32-di is NEW.
binary:crc-modules-3.16.0-6-sb1-bcm91250a-di is NEW.
binary:crc-modules-3.16.0-6-versatile-di is NEW.
binary:crypto-dm-modules-3.16.0-6-4kc-malta-di is NEW.
binary:crypto-dm-modules-3.16.0-6-586-di is NEW.
binary:crypto-dm-modules-3.16.0-6-686-pae-di is NEW.
binary:crypto-dm-modules-3.16.0-6-amd64-di is NEW.
binary:crypto-dm-modules-3.16.0-6-arm64-di is NEW.
binary:crypto-dm-modules-3.16.0-6-armmp-di is NEW.
binary:crypto-dm-modules-3.16.0-6-kirkwood-di is NEW.
binary:crypto-dm-modules-3.16.0-6-loongson-2e-di is NEW.
binary:crypto-dm-modules-3.16.0-6-loongson-2f-di is NEW.

Bug#894731: linux-image-4.15.0-2-amd64: Setting drm.edid_firmware or drm_kms_firmware.edid_firmware has no effect

[Andreas Schreiner]

Hi!

I can also confirm the issue with a TV that does not provide any EDID data.

The "drm_kms_firmware.edid_firmware" option worked with the 4.13 Kernel.

With the 4.15.x Kernel it stopped working. In fact it seems to disable
the display completely at boot so that I have to remove it as a boot option
to be able to use the system at all. Kernel 4.16.0-1 still has the
issue.

Neither drm_kms_firmware.edid_firmware=edid/1920x1080.bin nor
drm.edid_firmware=edid/1920x1080.bin do work currently.

X11 later recognizes the correct resolution but has the DPI setting
completely wrong (it guesses a 7" Display at 1920x1080). Applications
that regard the DPI settings (like VLC v3) are thus unusable.

Thank you!

Re: [PATCH v2] kbuild: deb-pkg improve maintainer address generation

[Riku Voipio]

On 7 May 2018 at 16:35, Masahiro Yamada  wrote:
> Hi Riku,
>
> 2018-05-07 16:11 GMT+09:00  :
>> From: Riku Voipio 
>>
>> There is multiple issues with the genaration of maintainer string
>>
>> It uses DEBEMAIL and EMAIL enviroment variables, which may contain angle 
>> brackets,
>> creating invalid maintainer strings. The documented KBUILD_BUILD_USER and
>> KBUILD_BUILD_HOST variables are not used. Undocumented and uncommon NAME
>> variable is used.
>
> Sorry, I missed to ask you about 'NAME' variable.
>
>
> I checked the Debian Administrator's Handbook.
>
> I see the following description
>
>
>   TIP
>   Maintainer’s name and email address
>
>   Most of the programs involved in package maintenance will look for
> your name and
>   email address in the DEBFULLNAME and DEBEMAIL or EMAIL environment 
> variables.
>   Defining them once and for all will avoid you having to type them
> multiple times.
>   If your usual shell is bash , it is a simple matter of adding the
> following two lines
>   in your ~/.bashrc file (you will obviously replace the values with
> more relevant
>   ones!):
>
>   export EMAIL=”hert...@debian.org”
>   export DEBFULLNAME=”Raphael Hertzog”
>
>
> Indeed, 'NAME' is not mentioned at all here.
>
>
> On the other hand, I also checked the following link
> referred by Mathieu:
> https://manpages.debian.org/unstable/devscripts/dch.1.en.html
>
>   If the environment variable DEBFULLNAME is set, this will be used for the
>   maintainer full name; if not, then NAME will be checked. If the environment
>   variable DEBEMAIL is set, this will be used for the email address. If this
>   variable has the form "name ", then the maintainer name will also be
>   taken from here if neither DEBFULLNAME nor NAME is set.
>
>
> Hmm, debchange checks 'NAME' too.

dch is symlink to debchange. I found one common tool that falls back
from DEBFULLNAME to NAME, reportbug. But almost all other users of
DEBFULLNAME don't:

https://codesearch.debian.net/search?q=DEBFULLNAME=1

Supporting DEBFULLNAME and DEBEMAIL makes sense, since they are
explicitly documented Debian variables. EMAIL is commonly used
elsewhere (such as with git). NAME otoh is is not used outside Debian.
And you will have a poor experience in Debian if you have only NAME
set - reportbug will use it, but bts wont.

The main reason to keep NAME, would be historic reasons ("has been
supported in deb-pkg before"). Given that setting a) either
DEBFULLNAME or KBUILD_BUILD_USER is trivial, and b) it's a cosmetic
issue to begin with, I'm not sure it's worth it.

Riku

Bug#898165: linux-image-3.16.0-6-amd64: can't mount NFS shares via nfs referrals

[Moritz Schlarb]

Hi everyone,

we have performed additional tests that led to the conclusion that this
bug did already exist in 3.16.0-5-amd64, but not in 3.16.0-4-amd64.
Given that, it must have been some change in  3.16.51-3+deb8u1 which
luckily are only few.
I hope its not fallout from the KPTI patch, so the only other thing that
seems relevant (since we're using Kerberos) would be:

>  * KEYS: add missing permission check for request_key() destination
>(CVE-2017-17807)

Does that seem valid?

Regards,
-- 
Moritz Schlarb
Unix-Gruppe | Systembetreuung
Zentrum für Datenverarbeitung
Johannes Gutenberg-Universität Mainz
Raum 01-331 - Tel. +49 6131 39-29441
OpenPGP Fingerprint: DF01 2247 BFC6
5501 AFF2 8445 0C24 B841 C7DD BAAF
<>

signature.asc
Description: OpenPGP digital signature

Bug#897572: urandom hang in early boot

[Bjørn Mork]

Ben Hutchings  writes:
> On Tue, 2018-05-08 at 11:12 +1200, Ben Caradoc-Davies wrote:
>> On 08/05/18 05:34, Laurent Bigonville wrote:
>> > Apparently it's also happening for other applications that are starting 
>> > later during the boot like GDM.
>> > Somebody has reported an issue on IRC where GDM was taking upto 8 
>> > minutes to start (dmesg was showing several "random: systemd: 
>> > uninitialized urandom read (16 bytes read)" during boot)
>> > That problem might impact lot of people I'm afraid.
>> 
>> systemd is the underlying cause: plymouthd uses libudev1, which expects 
>> getrandom/urandom(?) to never block:
>> https://github.com/systemd/systemd/blob/master/src/basic/random-util.c#L34
>> 
>> See discussion here about systemd usage of random numbers:
>> systemd reads from urandom before initialization
>> https://github.com/systemd/systemd/issues/4167
>> 
>> The new problem is that 43838a23a05f ("random: fix crng_ready() test") 
>> turns an ugly warning and cryptographic weakness into an indefinite 
>> hang. Security achieved!
>
> You keep saying this, but based on my reading of the code I don't see
> how reads from /dev/urandom can end up blocking.

It's a bit convoluted, but if I read the code correctly then
acquire_random_bytes() falls back to busy-loop reading from /dev/urandom
until it has the requested number of bytes if 'high_quality_required' is
true.

There aren't more than two such calls, but one of then is
sd_id128_randomize() which calls acquire_random_bytes(, sizeof t, true).

And sd_id128_randomize() is called from all over the place.  I haven't
bothered looking at all the call sites, but would be surprised if not at
least one of them is unconditionally called at boot.

If I am correct, then I guess this is a systemd bug?


Bjørn

Processed: fixed 898165 in linux/4.9.88-1~bpo8+1, fixed 898165 in linux/4.9.88-1 ...

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 898165 linux/4.9.88-1~bpo8+1
Bug #898165 [src:linux] linux-image-3.16.0-6-amd64: can't mount NFS shares via 
nfs referrals
Marked as fixed in versions linux/4.9.88-1~bpo8+1.
> fixed 898165 linux/4.9.88-1
Bug #898165 [src:linux] linux-image-3.16.0-6-amd64: can't mount NFS shares via 
nfs referrals
Marked as fixed in versions linux/4.9.88-1.
> found 898165 linux/3.16.51-3+deb8u1
Bug #898165 [src:linux] linux-image-3.16.0-6-amd64: can't mount NFS shares via 
nfs referrals
Marked as found in versions linux/3.16.51-3+deb8u1.
> fixed 898165 linux/3.16.51-3
Bug #898165 [src:linux] linux-image-3.16.0-6-amd64: can't mount NFS shares via 
nfs referrals
Marked as fixed in versions linux/3.16.51-3.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
898165: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898165
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#898165: linux-image-3.16.0-6-amd64: can't mount NFS shares via nfs referrals

[Moritz Schlarb]

Package: src:linux
Version: 3.16.56-1
Severity: important

Control: fixed -1 linux/4.9.88-1~bpo8+1
Control: fixed -1 linux/4.9.88-1

Hello,

after getting the latest stable security kernel version on one of our
NFS clients, said client can't mount our user home directories via our
NFS referer server anymore.

This problem is only similar to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850713
but (for us) far more severe, since *this* bug affects home directories.

Our workaround is to install the latest kernel from jessie-backports,
which does not have this problem.

The logs aren't saying anything at the time of login, where the home
should be mounted.

There are only some patches regarding nfs listed in the package
changelog, maybe if you could point us to a specific one, we could try
to bisect it.

Regards,
Moritz

-- Package-specific info:
** Kernel log: boot messages should be attached

** Model information
sys_vendor: Dell Inc.
product_name: OptiPlex 7010
product_version: 01
chassis_vendor: Dell Inc.
chassis_version: 
bios_vendor: Dell Inc.
bios_version: A28
board_vendor: Dell Inc.
board_name: 0GY6Y8
board_version: A03

** PCI devices:
00:00.0 Host bridge [0600]: Intel Corporation Xeon E3-1200 v2/3rd Gen Core 
processor DRAM Controller [8086:0150] (rev 09)
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: ivb_uncore

00:02.0 VGA compatible controller [0300]: Intel Corporation Xeon E3-1200 v2/3rd 
Gen Core processor Graphics Controller [8086:0162] (rev 09) (prog-if 00 [VGA 
controller])
Subsystem: Dell Device [1028:0577]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: i915

00:14.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset 
Family USB xHCI Host Controller [8086:1e31] (rev 04) (prog-if 30 [XHCI])
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: xhci_hcd

00:16.0 Communication controller [0780]: Intel Corporation 7 Series/C210 Series 
Chipset Family MEI Controller #1 [8086:1e3a] (rev 04)
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: mei_me

00:19.0 Ethernet controller [0200]: Intel Corporation 82579LM Gigabit Network 
Connection [8086:1502] (rev 04)
Subsystem: Dell Device [1028:052c]
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: e1000e

00:1a.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset 
Family USB Enhanced Host Controller #2 [8086:1e2d] (rev 04) (prog-if 20 [EHCI])
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: ehci-pci

00:1b.0 Audio device [0403]: Intel Corporation 7 Series/C210 Series Chipset 
Family High Definition Audio Controller [8086:1e20] (rev 04)
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx+
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- 
Kernel driver in use: snd_hda_intel

00:1d.0 USB controller [0c03]: Intel Corporation 7 Series/C210 Series Chipset 
Family USB Enhanced Host Controller #1 [8086:1e26] (rev 04) (prog-if 20 [EHCI])
Subsystem: Dell Device [1028:0577]
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort- 
SERR- 
Kernel driver in use: ehci-pci

00:1e.0 PCI bridge [0604]: Intel Corporation 82801 PCI Bridge [8086:244e] (rev 
a4) (prog-if 01 [Subtractive decode])
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- 
Stepping- SERR- FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR- TAbort- 
Reset- FastB2B-
PriDiscTmr- SecDiscTmr- DiscTmrStat- DiscTmrSERREn-
Capabilities: 

00:1f.0 ISA bridge [0601]: Intel Corporation Q77 Express Chipset LPC 

Bug#897685: linux-image-3.16.0-6-amd64: Unable to start multiple KVM instances with libvirt

[Sedat Dilek]

Hi,

yesterday, we had maintenance day and wanted to upgrade our Ganeti clusters.

Our Ganeti clusters use KVM and libvirt.
Clusters running with Debian/stretch were not affected whereas clusters running 
Debian/jessie failed reproducible when starting more than 2 Ganeti instances.

First, we want to confirm this issue with linux-image-3.16.0-6-amd64.

We saw DRBD errors in our logs like...

drbdX: Discarding network configuration (X = Number of Ganeti instance)

As a workaround, we did a downgrade to the previous Debian-kernel release and 
put it on hold:

root# echo linux-image-3.16.0-5-amd64 hold | dpkg --set-selections
root# echo linux-image-amd64 hold | dpkg --set-selections

root# dpkg --get-selections | grep hold
linux-image-3.16.0-5-amd64  hold
linux-image-amd64   hold

Hope this helps.

Thanks,
- Sedat -

[1] 
https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1602078.html
[2] 
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/log/?h=v3.16.56

-- 
Mit freundlichen Grüssen, 
Sedat Dilek 

Telefon: +49 2166 9901-153 
E-Mail: sedat.di...@credativ.de 
Internet: https://www.credativ.de/ 

GPG-Fingerprint: EA6D E17D D269 AC7E 101D C910 476F 2B3B 0AF7 F86B

credativ GmbH, Trompeterallee 108, 41189 Mönchengladbach
Handelsregister: Amtsgericht Mönchengladbach, HR-Nummer: HRB 12080, UID-Nummer: 
DE204566209
Geschäftsführung: Dr. Michael Meskes, Jörg Folz, Sascha Heuer

**
Jetzt neu:
Elephant Shed - PostgreSQL Appliance
PostgreSQL und alles was dazugehört

Von Backup über Monitoring bis Reporting:
https://elephant-shed.io/
**

Processed: your mail

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> fixed 850713 linux/4.9.18-1
Bug #850713 [src:linux] linux-image-4.8.0-0.bpo.2-amd64: can't mount NFS shares 
via nfs referrals
Marked as fixed in versions linux/4.9.18-1.
> --
Stopping processing here.

Please contact me if you need assistance.
-- 
850713: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850713
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems