[Kernel-packages] [Bug 1847478] Re: eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule"
The proposed kernel works fine, tested with wireguard on multiple systems and the one liner mentioned in #4 does not crash the system. ** Tags removed: verification-needed-eoan ** Tags added: verification-done-eoan -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1847478 Title: eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule" Status in linux package in Ubuntu: Fix Committed Status in linux source package in Eoan: Fix Committed Bug description: [Impact] An unprivileged local attacker could cause a denial of service, or possibly execute arbitrary code due to an ipv6 regression. [Test Case] An unpatched system will crash with the following command: $ unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add table main suppress_prefixlength 0 && ping -f 1234::1' [Regression Potential] Low. The change could theoretically introduce a memory leak but that would still be an improvement over immediate loss of system availability. [Original Description] Having recently upgraded to Eoan Ermine from Disco Dingo, my previously rock-solid wireguard now locks the system up shortly after I take the connection down with wg-quick down wg0. Package: wireguard: Installed: 0.0.20190913-1ubuntu1 Candidate: 0.0.20190913-1ubuntu1 Version table: *** 0.0.20190913-1ubuntu1 500 500 http://gb.archive.ubuntu.com/ubuntu eoan/universe amd64 Packages 500 http://gb.archive.ubuntu.com/ubuntu eoan/universe i386 Packages 100 /var/lib/dpkg/status Kernel: 5.3.0-13-generic Snipped from /var/log/syslog: kernel: [ 776.930804] BUG: unable to handle page fault for address: 1070 kernel: [ 776.930807] #PF: supervisor read access in kernel mode kernel: [ 776.930808] #PF: error_code(0x) - not-present page kernel: [ 776.930809] PGD 0 P4D 0 kernel: [ 776.930811] Oops: [#1] SMP NOPTI kernel: [ 776.930813] CPU: 3 PID: 2598 Comm: Chrome_ChildIOT Tainted: G OE 5.3.0-13-generic #14-Ubuntu kernel: [ 776.930813] Hardware name: Dell Inc. XPS 13 9380/0KTW76, BIOS 1.7.0 08/05/2019 kernel: [ 776.930817] RIP: 0010:ip6_sk_dst_store_flow+0x80/0xc0 kernel: [ 776.930819] Code: 48 8b 42 30 48 33 47 40 48 09 c1 0f b6 4f 12 b8 01 00 00 00 4d 0f 45 e9 31 db d3 e0 a9 bf ef ff ff 74 07 48 8b 9f f8 02 00 00 <48> 8b 46 70 31 d2 48 85 c0 74 0c 48 8b 40 10 48 85 c0 74 03 8b 50 kernel: [ 776.930820] RSP: 0018:beb841a9fcd8 EFLAGS: 00010202 kernel: [ 776.930821] RAX: 0080 RBX: a0933c829360 RCX: 0007 kernel: [ 776.930822] RDX: beb841a9fd20 RSI: 1000 RDI: a0933c828f00 kernel: [ 776.930823] RBP: beb841a9fcf0 R08: R09: kernel: [ 776.930823] R10: R11: a093948fd800 R12: a0933c829360 kernel: [ 776.930824] R13: a0933c828f38 R14: 0001 R15: a0933c829360 kernel: [ 776.930825] FS: 7fbcd8a82700() GS:a0939e4c() knlGS: kernel: [ 776.930826] CS: 0010 DS: ES: CR0: 80050033 kernel: [ 776.930827] CR2: 1070 CR3: 00049172a004 CR4: 003606e0 kernel: [ 776.930828] Call Trace: kernel: [ 776.930832] ip6_datagram_dst_update+0x15e/0x280 kernel: [ 776.930835] ? _raw_read_unlock_bh+0x20/0x30 kernel: [ 776.930837] __ip6_datagram_connect+0x1da/0x380 kernel: [ 776.930839] ip6_datagram_connect+0x2d/0x50 kernel: [ 776.930841] inet_dgram_connect+0x3f/0xc0 kernel: [ 776.930843] __sys_connect+0xf1/0x130 kernel: [ 776.930846] ? do_fcntl+0xe4/0x550 kernel: [ 776.930848] ? fput+0x13/0x15 kernel: [ 776.930849] __x64_sys_connect+0x1a/0x20 kernel: [ 776.930852] do_syscall_64+0x5a/0x130 kernel: [ 776.930854] entry_SYSCALL_64_after_hwframe+0x44/0xa9 kernel: [ 776.930855] RIP: 0033:0x7fbcde6324eb kernel: [ 776.930856] Code: 83 ec 18 89 54 24 0c 48 89 34 24 89 7c 24 08 e8 ab fa ff ff 8b 54 24 0c 48 8b 34 24 41 89 c0 8b 7c 24 08 b8 2a 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 2f 44 89 c7 89 44 24 08 e8 e1 fa ff ff 8b 44 kernel: [ 776.930857] RSP: 002b:7fbcd8a7ec90 EFLAGS: 0293 ORIG_RAX: 002a kernel: [ 776.930859] RAX: ffda RBX: ff94 RCX: 7fbcde6324eb kernel: [ 776.930859] RDX: 001c RSI: 7fbcd8a7ecf0 RDI: 0022 kernel: [ 776.930860] RBP: 7fbcd8a7edb0 R08: R09: 7fbcd8a7edf8 kernel: [ 776.930861] R10: 7fbcd8a7edf0 R11: 0293 R12: 250e77c19710 kernel: [ 776.930862] R13: 250e77c19900 R14: 7fbcd8a7edc8 R15: 7fbcd8a7edc8 kernel: [ 776.930863] Modules linked in: binfmt_misc wireguard(OE) ip
[Kernel-packages] [Bug 1354046] Re: no 3d acceleration with error [drm:intel_dp_start_link_train] *ERROR* too many full retries, give up
I had the same issue on Dell Latitude E6510 and utopic. Upgrading to vivid solved the issue (3.19 kernel). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1354046 Title: no 3d acceleration with error [drm:intel_dp_start_link_train] *ERROR* too many full retries, give up Status in linux package in Ubuntu: Confirmed Status in ubuntu package in Ubuntu: Confirmed Status in xserver-xorg-video-intel package in Ubuntu: Confirmed Bug description: Description: 3D games, video (especially flash) makes computer unresponsive. The problem has been present since upgrade to Utopic, but have recently become worse, maybe because of error message [drm:intel_dp_start_link_train] *ERROR* too many full retries, give up which appears in all terminals. How to reproduce: Start a 1080p video. e.g. Note that the video is not run from an encrypted folder. Or watch a video on youtube. Reproducable for new users as well, so not related to /home/$USER What happens: Usage on all four CPUs on my DELL XPS 13 DEVELOPER EDITION will be between 30% and 100%. What I expected: Expected same 3D performance as on Thrusty. ProblemType: Bug DistroRelease: Ubuntu 14.10 Package: xorg 1:7.7+1ubuntu8 ProcVersionSignature: Ubuntu 3.16.0-6.11-generic 3.16.0-rc7 Uname: Linux 3.16.0-6-generic x86_64 .tmp.unity.support.test.0: ApportVersion: 2.14.5-0ubuntu3 Architecture: amd64 BootLog: Scanning for Btrfs filesystems * Setting up X socket directories... [240G [234G[ OK ] CompizPlugins: [core,composite,opengl,compiztoolbox,decor,vpswitch,snap,mousepoll,resize,place,move,wall,grid,regex,imgpng,session,gnomecompat,animation,fade,unitymtgrabhandles,workarounds,scale,expo,ezoom,unityshell] CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Thu Aug 7 17:03:51 2014 DistUpgraded: Fresh install DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-precise-amd64-20120703-2 DistroCodename: utopic DistroVariant: ubuntu DkmsStatus: vboxhost, 4.3.12, 3.13.0-24-generic, x86_64: installed vboxhost, 4.3.12, 3.13.0-27-generic, x86_64: installed vboxhost, 4.3.12, 3.13.0-29-generic, x86_64: installed vboxhost, 4.3.12, 3.16.0-5-generic, x86_64: installed vboxhost, 4.3.12, 3.16.0-6-generic, x86_64: installed EcryptfsInUse: Yes ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation 3rd Gen Core processor Graphics Controller [8086:0166] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Dell Device [1028:058b] InstallationDate: Installed on 2013-08-27 (345 days ago) InstallationMedia: Ubuntu 12.04 "Precise" - Build amd64 LIVE Binary 20120703-15:08 MachineType: Dell Inc. Dell System XPS L322X ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.16.0-6-generic root=UUID=221de9c1-f10a-4be4-9273-5c12864c8680 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display SystemImageInfo: Error: [Errno 2] No such file or directory: 'system-image-cli' UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/15/2013 dmi.bios.vendor: Dell Inc. dmi.bios.version: A09 dmi.board.name: 0PJHXN dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 8 dmi.chassis.vendor: Dell Inc. dmi.chassis.version: 0.1 dmi.modalias: dmi:bvnDellInc.:bvrA09:bd05/15/2013:svnDellInc.:pnDellSystemXPSL322X:pvr:rvnDellInc.:rn0PJHXN:rvrA00:cvnDellInc.:ct8:cvr0.1: dmi.product.name: Dell System XPS L322X dmi.sys.vendor: Dell Inc. version.compiz: compiz 1:0.9.11+14.10.20140707-0ubuntu1b1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.54-1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.2.3-0ubuntu1 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental 10.0.0-1ubuntu2 version.libgl1-mesa-glx: libgl1-mesa-glx 10.2.3-0ubuntu1 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu9 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.9.0-1ubuntu1 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.4.0-2ubuntu1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.914-1~exp1ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Thu Aug 7 16:54:59 2014 xserver.configfile: default xserver.errors: intel: Failed to load module "dri3" (module does not exist, 0) intel: Failed to load module "present" (module does not exist, 0) xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id4933 vendor CMN xserver.version: 2:1.15.1-0ubuntu9 To manage not
[Kernel-packages] [Bug 1390223] Re: Apparmor related regression on access to unix sockets on a candidate 3.16 backport kernel
I am seeing same kind of behaviour after upgrade to utopic, mailq fails with permission denied. The odd thing is it doesn't happen every time. Sometimes when running mailq in a loop it might work occasionally. Sometimes not. Sometimes it works for period of time just fine and then starts failing again. mailq does not have an apparmor profile. audit.log does not show any denied apparmor requests. If I remove all postfix apparmor profiles by apparmor_parser -R, the problem appears to go away. The kernel is 3.16.0-24-generic. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1390223 Title: Apparmor related regression on access to unix sockets on a candidate 3.16 backport kernel Status in “linux” package in Ubuntu: Confirmed Bug description: I recently noticed a bunch of containers failing in a rather odd way when running postfix. The most visible example is when running mailq on an empty queue. Without apparmor (unconfined container) I see that the queue is empty, with apparmor, I get Permission denied. That's all running as root so the permission denied looks a tiny bit odd. Also, running the 3.13 kernel, I don't get any of that weirdness. My guess is that it has to do with the work that went into the 3.16 kernel for socket mediation. In theory only systems that run the utopic apparmor (which I DO NOT) should be seeing that kind of behavior, but it looks like some code path isn't checking things properly :) == strace in unconfined container == chdir("/var/spool/postfix") = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7f8963a62c30}, {SIG_IGN, [], 0}, 8) = 0 getuid()= 0 socket(PF_LOCAL, SOCK_STREAM, 0)= 4 fcntl(4, F_GETFL) = 0x2 (flags O_RDWR) fcntl(4, F_SETFL, O_RDWR) = 0 connect(4, {sa_family=AF_LOCAL, sun_path="public/showq"}, 110) = 0 poll([{fd=4, events=POLLIN}], 1, 360) = 1 ([{fd=4, revents=POLLIN|POLLHUP}]) read(4, "Mail queue is empty\n", 4096) = 20 poll([{fd=4, events=POLLIN}], 1, 360) = 1 ([{fd=4, revents=POLLIN|POLLHUP}]) read(4, "", 4096) = 0 write(1, "Mail queue is empty\n", 20Mail queue is empty ) = 20 close(4)= 0 exit_group(0) = ? +++ exited with 0 +++ == strace in confined container == chdir("/var/spool/postfix") = 0 rt_sigaction(SIGPIPE, {SIG_IGN, [PIPE], SA_RESTORER|SA_RESTART, 0x7ffe62de4c30}, {SIG_IGN, [], 0}, 8) = 0 getuid()= 0 socket(PF_LOCAL, SOCK_STREAM, 0)= 4 fcntl(4, F_GETFL) = 0x2 (flags O_RDWR) fcntl(4, F_SETFL, O_RDWR) = 0 connect(4, {sa_family=AF_LOCAL, sun_path="public/showq"}, 110) = 0 poll([{fd=4, events=POLLIN}], 1, 360) = 1 ([{fd=4, revents=POLLIN|POLLHUP}]) read(4, 0x7ffe65b35c00, 4096) = -1 EACCES (Permission denied) close(4)= 0 write(2, "postqueue: warning: close: Permi"..., 45postqueue: warning: close: Permission denied ) = 45 sendto(3, "<20>Nov 6 20:40:42 postfix/post"..., 78, MSG_NOSIGNAL, NULL, 0) = 78 exit_group(0) = ? Kernel is a slightly outdated version of the kernel from the kernel team PPA: Linux shell01 3.16.0-23-generic #31-Ubuntu SMP Thu Oct 23 20:13:35 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux If you think the latest build will improve this, I can test it, but seeing how this is a production server, I can't just flip kernels every 5 minutes (I'm running 3.16 to avoid a nasty btrfs bug on 3.13). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1390223/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp