Bug#1003844:
Hi, On Tue, Feb 08, 2022 at 11:03:11PM +, Wayne Warren wrote: > > Do you have the possiblity to test the most current 4.19.y version? > > I'm currently attempting to do this following instructions on > https://kernel-team.pages.debian.net/kernel-handbook/ch-common-tasks.html#s-common-building > so I can get a .deb package that i can push up to one of my Kubernetes > cluster nodes exhibiting the Cilium breakage. Many thanks for taking the time and helping debugging it! > However, I get stuck on `debian/rules orig` after running > `debian/bin/genorig.py ./tarball` because several of the patches no longer > apply cleanly and it's not clear how I should go about either viewing or > resolving the patch conflicts. Got any advice as far as that goes? Or do > you think it would be sufficient just to build a vanilla v4.19.228 kernel > using the linux repo's built-in deb package building tools (assuming that > still exists and works, it's been several years since i tried it)? My > assumption so far has been that the best approach would be to build the > kernel using the tooling and patches from the debian source. You can either base it on https://salsa.debian.org/kernel-team/linux/-/merge_requests/405 which is my current WIP for the imports and aimed to be uploaded at the next point release (I have not yet imported 4.19.228, but up to 4.19.227) or for a first step just try it with the 4.19.228 upstream directly and build the vanilla 4.19.228 and test it with it. Regards, Salvatore
Bug#1003844:
Hi, On Tue, Feb 08, 2022 at 01:11:47AM +, Wayne Warren wrote: > Hey there, if I understand correctly this bug which definitely affects > linux 4.19.208-1 was closed because it doesn't affect some other version? > 5.10.40-1? Right, and because the BTS can then close a bug in multiple versions. We know thus that the issue is still present in buster and the 4.19.208-1 kernel. > I'm asking because (maybe obviously) this bug is affecting my use of > 4.19.208-1 in a Kubernetes cluster. I would just pin to > 4.19.194-3/4.19.0-17-cloud-amd64 but am mildly concerned about the polkit > CVE which, to my understanding, is addressed in 4.19.208-1 but not in > 4.19.194-3. > > So I guess my question is -- does anyone involved with maintaining the > Debian 4.19 image know if there is a fix in sight for this that will > eventually be available, maybe for a 4.19.0-19-cloud-amd64 image or > something like that? I don't really know how Debian kernel maintenance > works. If it would be helpful I could test the latest 4.19 upstream kernel > to verify any fixes that might have come through between 4.19.208 and > 4.19.227 (the current upstream patch version). I may do it anyway, but it > would be encouraging to know if there is some kind of Debian process for > getting a new kernel out if my effort succeeds. Yes that would be helpful, in particular because we try to rebase to the latest 4.19.y version in each point release. So the next update will be to at least 4.19.227. Even better though if we can identify the fix itself. As mentioned in https://bugs.debian.org/1003844#15 if the issue is present in the most current 4.19.y stable version then the next step would be to report it to upstream, keeping us ideally in the loop. Do you have the possiblity to test the most current 4.19.y version? Regards, Salvatore
Processed: Re: Bug#1003844: linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18
Processing control commands: > severity -1 important Bug #1003844 [src:linux] linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18 Severity set to 'important' from 'grave' > forwarded -1 https://issueexplorer.com/issue/cilium/cilium/17647 Bug #1003844 [src:linux] linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18 Set Bug forwarded-to-address to 'https://issueexplorer.com/issue/cilium/cilium/17647'. > fixed -1 5.10.40-1 Bug #1003844 [src:linux] linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18 Marked as fixed in versions linux/5.10.40-1. -- 1003844: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003844 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1003844: linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18
Control: severity -1 important Control: forwarded -1 https://issueexplorer.com/issue/cilium/cilium/17647 Control: fixed -1 5.10.40-1 Hi Vladimir, On Sun, Jan 16, 2022 at 07:45:31PM +, Vladimir Tiukhtin wrote: > Package: src:linux > Version: 4.19.208-1 > Severity: grave > Justification: renders package unusable > > Dear Maintainer, > > * What led up to the situation? > Regular "apt upgrade" made kubernetes cluster driven by cilium unusable > > * What exactly did you do (or not do) that was effective (or ineffective)? > Cilium ran perfectly fine on Kernel 4.19.0.16. After upgrade to > 4.19.0.18 it could no longer > load BPF programs. Downgrade back to 4.19.0.16 fixes the problem. I > also tried 4.19.0.14 where > cilium works as expected According to the cilium thread you linked, this is not anymore an issue with 5.10.40-1, so I'm marking version already as fixed. Can you check with the most current 4.19.225 upstream if this is still an issue? If so can you report the issue for the 4.19.y branch to upstream stable (including Daniel Borkmann) and please keep us in the loop. Regards, Salvatore
Bug#1003844:
Here is an interesting discussion in cilium thread https://issueexplorer.com/issue/cilium/cilium/17647
Bug#1003844: linux-image-4.19.0-18-amd64: Cilium fails on linux 4.19.0-18
Package: src:linux Version: 4.19.208-1 Severity: grave Justification: renders package unusable Dear Maintainer, * What led up to the situation? Regular "apt upgrade" made kubernetes cluster driven by cilium unusable * What exactly did you do (or not do) that was effective (or ineffective)? Cilium ran perfectly fine on Kernel 4.19.0.16. After upgrade to 4.19.0.18 it could no longer load BPF programs. Downgrade back to 4.19.0.16 fixes the problem. I also tried 4.19.0.14 where cilium works as expected -- Package-specific info: ** Kernel log: boot messages should be attached ** Model information sys_vendor: Hetzner product_name: vServer product_version: 2017 chassis_vendor: QEMU chassis_version: Not Specified bios_vendor: Hetzner bios_version: 2017 ** PCI devices: not available ** USB devices: not available -- System Information: Debian Release: 10.11 APT prefers oldstable-updates APT policy: (500, 'oldstable-updates'), (500, 'oldstable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-14-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages linux-image-4.19.0-18-amd64 depends on: ii initramfs-tools [linux-initramfs-tool] 0.133+deb10u1 ii kmod26-1 ii linux-base 4.6 Versions of packages linux-image-4.19.0-18-amd64 recommends: pn apparmor pn firmware-linux-free Versions of packages linux-image-4.19.0-18-amd64 suggests: pn debian-kernel-handbook ii grub-efi-amd64 2.02+dfsg1-20+deb10u4 pn linux-doc-4.19 Versions of packages linux-image-4.19.0-18-amd64 is related to: pn firmware-amd-graphics pn firmware-atheros pn firmware-bnx2 pn firmware-bnx2x pn firmware-brcm80211 pn firmware-cavium pn firmware-intel-sound pn firmware-intelwimax pn firmware-ipw2x00 pn firmware-ivtv pn firmware-iwlwifi pn firmware-libertas pn firmware-linux-nonfree pn firmware-misc-nonfree pn firmware-myricom pn firmware-netxen pn firmware-qlogic pn firmware-realtek pn firmware-samsung pn firmware-siano pn firmware-ti-connectivity pn xen-hypervisor -- no debconf information
