[Kernel-packages] [Bug 1585434] Re: ecryptfs_decrypt_page: Error attempting to read lower page; rc = [-4]
Hello. Today, I've noticed two entries about 'ecryptfs_decrypt_page' and 'ecryptfs_readpage' errors in `/var/log/syslog` file. I have no idea if there was/is more such entries. However, it looks this way: ,[ ✖ Error ] | kernel: [25312.360714] ecryptfs_decrypt_page: Error attempting to read lower page; rc = [-4] | kernel: [25312.360724] ecryptfs_readpage: Error decrypting page; rc = [-4] ` There was not any system slowdowns, freezing etc. Anyway, `/home` partition was encrypted during installation with eCryptfs (vide `/home/.ecryptfs/t4/.Private`). Here are some technical informations about system: ,[ ✖ lsb_release ] | Distributor ID: Ubuntu | Description: Ubuntu 16.04.6 LTS | Release: 16.04 | Codename: xenial | --- | Linux:4.4.0-173-generic | Architecture: i686/x86_32 ` It seems, that I'm not only one Xenial user who's seeing these errors (I mean another comments, for example #16 by Stefan Wagner etc). Thanks, best regards. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1585434 Title: ecryptfs_decrypt_page: Error attempting to read lower page; rc = [-4] Status in linux package in Ubuntu: Confirmed Bug description: ecryptfs_decrypt_page: Error attempting to read lower page; rc = [-4] ecryptfs_readpage: Error decrypting page; rc = [-4] I dont' have this issue showing in dmesg when using 3.19 kernel, only with later kernels. Is it related to selecting encrypted home on install or something? I don't notice any issues with performance because of it or have any other error messages. I am using default ubuntu xenial 16.04 with unity. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-22-generic 4.4.0-22.40 ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8 Uname: Linux 4.4.0-22-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia ApportVersion: 2.20.1-0ubuntu2 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: cooloutac 2054 F pulseaudio /dev/snd/pcmC0D0p: cooloutac 2054 F...m pulseaudio /dev/snd/controlC0: cooloutac 2054 F pulseaudio CurrentDesktop: Unity Date: Tue May 24 22:38:44 2016 EcryptfsInUse: Yes HibernationDevice: RESUME=UUID=0118ec29-2bd5-4cbc-9800-9c04bbe083d1 InstallationDate: Installed on 2016-05-20 (5 days ago) InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1) IwConfig: enp2s0no wireless extensions. lono wireless extensions. MachineType: Dell Inc. Studio XPS 7100 ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-22-generic root=UUID=fcd92967-7d59-44bf-bb88-06efa6fac5f7 ro ipv6.disable=1 quiet splash RelatedPackageVersions: linux-restricted-modules-4.4.0-22-generic N/A linux-backports-modules-4.4.0-22-generic N/A linux-firmware1.157 RfKill: SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/10/2010 dmi.bios.vendor: Dell Inc. dmi.bios.version: A06 dmi.board.name: 0NWWY0 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 3 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvrA06:bd09/10/2010:svnDellInc.:pnStudioXPS7100:pvr:rvnDellInc.:rn0NWWY0:rvrA00:cvnDellInc.:ct3:cvr: dmi.product.name: Studio XPS 7100 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1585434/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1838090] Re: Ubuntu 16.04: read access incorrectly implies 'm' rule
*** This bug is a duplicate of bug 1658219 ***
https://bugs.launchpad.net/bugs/1658219
Hello.
I would like to note, that when Linux kernel has been updated to
4.4.0-160.188 version[1] (with, among others, patches for LP:#1658219
and LP:#1838090), I've had to update a few profiles (such as Audacious,
Parole, Xorg, Logrotate etc.), because of a lot of "DENIED" entries in
system log files. If it's about access controls (vide
'requested{denied}_mask'): most new rules required 'm' (memory map as
executable), but some of them needed 'k' (file locking) etc.)
However, it seems everything is okay now and I hope, that there will be
no such issues anymore. Anyway, Mr Tyler Hicks was right: "users with
custom policy have some reasonable expectation that upgrading to the new
Ubuntu release or kernel version will require them to update their
custom policy".
By the way; what is an impact of these changes? (I mean LP:#1658219 and
LP:#1838090). Does it means, that now, use of 'm' and 'k' access is
secured/restricted/checked correctly by AppArmor? And one more thing:
this problem is related to v4.4 kernel only, right?
Thanks, best regards.
__
[1] https://launchpad.net/ubuntu/+source/linux/4.4.0-160.188
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1838090
Title:
Ubuntu 16.04: read access incorrectly implies 'm' rule
Status in AppArmor:
Invalid
Status in linux package in Ubuntu:
New
Status in linux source package in Xenial:
Confirmed
Bug description:
I've already been corresponding with jjohansen privately via email on
this, filing a bug here based on our conversation. To summarize the
email thread:
I was poking around some stuff today, and noticed that it seems like
the 'm' rule doesn't actually do anything. I've tested this on two
separate machines, both running Ubuntu 16.04:
$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.6 LTS
Release: 16.04
Codename: xenial
PoC:
$ sudo dmesg -c
$ cp /bin/ls /tmp
$ echo "/tmp/ls {
> /** r,
> }" > /tmp/tmp.ls
$ sudo apparmor_parser -C -r /tmp/tmp.ls
$ /tmp/ls
.
$ sudo dmesg
[1746349.392925] audit: type=1400 audit(1562018298.880:81): apparmor="STATUS"
operation="profile_replace" profile="unconfined" name="/tmp/ls" pid=28205
comm="apparmor_parser"
There are no "ALLOWED" messages stating that we're missing the
necessary "mr," rule for mmap'ing shared objects such as libc.
As a follow-up, even with an empty profile running in complain mode, I
do not see any mention of needing the 'm' rule in the requested /
denied mask, it just asks for read access:
[1748198.369441] audit: type=1400 audit(1562020148.006:82): apparmor="STATUS"
operation="profile_replace" profile="unconfined" name="/tmp/ls" pid=28677
comm="apparmor_parser"
[1748203.023838] audit: type=1400 audit(1562020152.662:83):
apparmor="ALLOWED" operation="open" profile="/tmp/ls" name="/etc/ld.so.cache"
pid=28678 comm="ls" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[1748203.023877] audit: type=1400 audit(1562020152.662:84):
apparmor="ALLOWED" operation="open" profile="/tmp/ls"
name="/lib/x86_64-linux-gnu/libselinux.so.1" pid=28678 comm="ls"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[1748203.023945] audit: type=1400 audit(1562020152.662:85):
apparmor="ALLOWED" operation="open" profile="/tmp/ls"
name="/lib/x86_64-linux-gnu/libc-2.23.so" pid=28678 comm="ls"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[1748203.023998] audit: type=1400 audit(1562020152.662:86):
apparmor="ALLOWED" operation="open" profile="/tmp/ls"
name="/lib/x86_64-linux-gnu/libpcre.so.3.13.2" pid=28678 comm="ls"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[1748203.024039] audit: type=1400 audit(1562020152.662:87):
apparmor="ALLOWED" operation="open" profile="/tmp/ls"
name="/lib/x86_64-linux-gnu/libdl-2.23.so" pid=28678 comm="ls"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
[1748203.024076] audit: type=1400 audit(1562020152.662:88):
apparmor="ALLOWED" operation="open" profile="/tmp/ls"
name="/lib/x86_64-linux-gnu/libpthread-2.23.so" pid=28678 comm="ls"
requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
I tested this on Ubuntu 12.04, 18.04, and 19.04, and the expected
behavior is indeed there. Seems like a regression in specifically
16.04.
Response from jjohansen:
"This bug was fixed in Ubuntu in the Ubuntu zesty kernel (4.10) but
the fix was for a different issue and never cherry-picked back to
Xenial. We are going to need a bug report to get this fixed in the
Xenial kernel. So please do file a bug report. I can then attach the
patch and send it to the kt for inclusion in the next SRU."
To manage notifications about this bug go to:
[Kernel-packages] [Bug 1658219] Re: flock not mediated by 'k'
Hello.
I would like to note, that when Linux kernel has been updated to
4.4.0-160.188 version[1] (with, among others, patches for LP:#1658219
and LP:#1838090), I've had to update a few profiles (such as Audacious,
Parole, Xorg, Logrotate etc.), because of a lot of "DENIED" entries in
system log files. If it's about access controls (vide
'requested{denied}_mask'): most new rules required 'm' (memory map as
executable), but some of them needed 'k' (file locking) etc.)
However, it seems everything is okay now and I hope, that there will be
no such issues anymore. Anyway, Mr Tyler Hicks was right: "users with
custom policy have some reasonable expectation that upgrading to the new
Ubuntu release or kernel version will require them to update their
custom policy".
By the way; what is an impact of these changes? (I mean LP:#1658219 and
LP:#1838090). Does it means, that now, use of 'm' and 'k' access is
secured/restricted/checked correctly by AppArmor? And one more thing:
this problem is related to v4.4 kernel only, right?
Thanks, best regards.
__
[1] https://launchpad.net/ubuntu/+source/linux/4.4.0-160.188
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1658219
Title:
flock not mediated by 'k'
Status in AppArmor:
In Progress
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Yakkety:
Won't Fix
Bug description:
$ cat ./apparmor.profile
#include
profile test {
#include
/bin/bash ixr,
/dev/pts/* rw,
/usr/bin/flock ixr,
# Not blocked:
# aa-exec -p test -- flock -w 1 /tmp/test.lock -c true
/tmp/test.lock rw,
}
$ sudo apparmor_parser -r ./apparmor.profile
$ aa-exec -p test -- flock -w 1 /tmp/test.lock -c true && echo yes
yes
$ ls -l /tmp/test.lock
-rw-rw-r-- 1 jamie jamie 0 Jan 20 15:57 /tmp/test.lock
The flock command uses flock(LOCK_EX) and I expected it to be blocked
due to the lack of 'k'.
apparmor userspace 2.10.95-0ubuntu2.5 (xenial) and 4.9.0-12.13-generic
kernel on amd64.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1658219/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1790688] Re: x86/pti: 32-bit x86 systems support already available.
Hello H Buus.
Thank You for a comment. According to BUGs with call traces from
'kern.log' file (I mean especially 'unable to handle kernel NULL pointer
dereference at 0008' messages etc.) I think you should report all
these informations on the linux-kernel mailing list (please see 1).
Also, I think, that the kernel-team mailing list is a good place -maybe
even better than 'lkml' - to report, because this mailing list is used
to coordinate and plan kernel uploads for Ubuntu (please see 2).
I hope, that 'PTI' will be backported soon, to the Linux kernel used in
16.04 LTS Release and x86_32/i386 architecture.
Thanks, best regards.
_
1.: https://lkml.org/
2.: https://lists.ubuntu.com/archives/kernel-team/
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790688
Title:
x86/pti: 32-bit x86 systems support already available.
Status in linux package in Ubuntu:
Triaged
Bug description:
Hello.
This is a very good news: 'PTI' support for x86-32 architecture is
available. Linux kernel v4.19 release candidate, finally have Kernel
Page-Table Isolation ('PTI', previously known as 'KAISER') support. As
we know, 'PTI' provides protection against attack, known as the
"Meltdown" (CVE-2017-5754), that breaks isolation between user
applications and the operating system etc. However, this protection -
needed for "Meltdown" mitigation - wasn't available on 32-bit x86
systems. Until now.
So, I would like to ask a question: are there any plans to backport
Kernel Page-Table Isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I'm
asking, because it seems, that pretty much no developers run 32-bit
any more. However, there still are many 32-bit users out there.
For more informations about how 'PTI' was implemented, created for 32
bit x86 architecture, please check - for example - commit
'7757d607c6b31' ("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for
x86_32") and these messages on lkml mailing list and lwn.net website
(which contains summary of the first half of the 4.19 kernel merge
window):
✗ http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html ('PTI' on
x86-32; PATCH v.8)
✗ https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
I would like to send a big "Thank You" to Mr Joerg Roedel (and Others,
of course) for his amazing work - a whole raft of measures and patches
to make this possible - to enable 'PTI' mitigation on x86-32
architecture etc.
Thanks, best regards.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1790688/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1815776] Re: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build
Hello. Once agains - I'm sorry for writing post by post, but there is a very interesting comment I found, while checking patches/fixes in Linux v4.4.0-143.169 version (see '1.'). This is excatly the same error, that happened when I updated kernel to the latest '-proposed' release etc. In both cases, it's about "Processing triggers for linux- image-4.4.0-143-generic" and bad return status for 'nvidia' module build. So, maybe the whole problem with building 'nvidia' module is related with "signing: only install a signed kernel (LP: #1764794)" (see '2.')? Thanks, best regards. _ [1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1764794/comments/6 [2] https://launchpad.net/ubuntu/+source/linux/4.4.0-143.169 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to nvidia-graphics-drivers-384 in Ubuntu. https://bugs.launchpad.net/bugs/1815776 Title: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build Status in nvidia-graphics-drivers-384 package in Ubuntu: Confirmed Bug description: fails on latest kernel 134 on get_user_pages calls. Arguments changed for the function between -142 and -143 kernels. common/inc/nv-mm.h includes a macro to deal with this problem, but it is not working. ProblemType: Package DistroRelease: Ubuntu 16.04 Package: nvidia-384 (not installed) ProcVersionSignature: Ubuntu 4.4.0-142.168-generic 4.4.167 Uname: Linux 4.4.0-142-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 DKMSKernelVersion: 4.4.0-143-generic Date: Wed Feb 13 10:15:20 2019 DuplicateSignature: dkms:nvidia-384:384.130-0ubuntu0.16.04.1:/var/lib/dkms/nvidia-384/384.130/build/common/inc/nv-mm.h:49:35: error: too few arguments to function ‘get_user_pages’ InstallationDate: Installed on 2011-08-11 (2743 days ago) InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110427.1) PackageVersion: 384.130-0ubuntu0.16.04.1 RelatedPackageVersions: dpkg 1.18.4ubuntu1.5 apt 1.2.29ubuntu0.1 SourcePackage: nvidia-graphics-drivers-384 Title: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.modprobe.d.nvidia-384_hybrid.conf: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/+bug/1815776/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1815776] Re: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build
Hello. There is a similar raport about failed 'nvidia_304' module build on latest '-proposed' v4.4.0-143-generic kernel: ✗ https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics- drivers-304/+bug/1815858 Mentioned issue happened on both: amd64 and i385/i686 architectures. Best regards. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to nvidia-graphics-drivers-384 in Ubuntu. https://bugs.launchpad.net/bugs/1815776 Title: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build Status in nvidia-graphics-drivers-384 package in Ubuntu: Confirmed Bug description: fails on latest kernel 134 on get_user_pages calls. Arguments changed for the function between -142 and -143 kernels. common/inc/nv-mm.h includes a macro to deal with this problem, but it is not working. ProblemType: Package DistroRelease: Ubuntu 16.04 Package: nvidia-384 (not installed) ProcVersionSignature: Ubuntu 4.4.0-142.168-generic 4.4.167 Uname: Linux 4.4.0-142-generic x86_64 NonfreeKernelModules: nvidia ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 DKMSKernelVersion: 4.4.0-143-generic Date: Wed Feb 13 10:15:20 2019 DuplicateSignature: dkms:nvidia-384:384.130-0ubuntu0.16.04.1:/var/lib/dkms/nvidia-384/384.130/build/common/inc/nv-mm.h:49:35: error: too few arguments to function ‘get_user_pages’ InstallationDate: Installed on 2011-08-11 (2743 days ago) InstallationMedia: Ubuntu 11.04 "Natty Narwhal" - Release amd64 (20110427.1) PackageVersion: 384.130-0ubuntu0.16.04.1 RelatedPackageVersions: dpkg 1.18.4ubuntu1.5 apt 1.2.29ubuntu0.1 SourcePackage: nvidia-graphics-drivers-384 Title: nvidia-384 384.130-0ubuntu0.16.04.1: nvidia-384 kernel module failed to build UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.modprobe.d.nvidia-384_hybrid.conf: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-384/+bug/1815776/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1790688] Re: x86/pti: 32-bit x86 systems support already available.
Hello. I would like to note, that "Meltdown" mitigation - for i386
architecture - among others improvements, is already available in
OpenBSD 6.4 release (see "Security improvements" section [in:]
https://www.openbsd.org/64.html).
Best regards.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790688
Title:
x86/pti: 32-bit x86 systems support already available.
Status in linux package in Ubuntu:
Triaged
Bug description:
Hello.
This is a very good news: 'PTI' support for x86-32 architecture is
available. Linux kernel v4.19 release candidate, finally have Kernel
Page-Table Isolation ('PTI', previously known as 'KAISER') support. As
we know, 'PTI' provides protection against attack, known as the
"Meltdown" (CVE-2017-5754), that breaks isolation between user
applications and the operating system etc. However, this protection -
needed for "Meltdown" mitigation - wasn't available on 32-bit x86
systems. Until now.
So, I would like to ask a question: are there any plans to backport
Kernel Page-Table Isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I'm
asking, because it seems, that pretty much no developers run 32-bit
any more. However, there still are many 32-bit users out there.
For more informations about how 'PTI' was implemented, created for 32
bit x86 architecture, please check - for example - commit
'7757d607c6b31' ("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for
x86_32") and these messages on lkml mailing list and lwn.net website
(which contains summary of the first half of the 4.19 kernel merge
window):
✗ http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html ('PTI' on
x86-32; PATCH v.8)
✗ https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
I would like to send a big "Thank You" to Mr Joerg Roedel (and Others,
of course) for his amazing work - a whole raft of measures and patches
to make this possible - to enable 'PTI' mitigation on x86-32
architecture etc.
Thanks, best regards.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1790688/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1790688] Re: x86/pti: 32-bit x86 systems support already available.
** Summary changed:
- x86/pti: 32-Bit x86 systems support already available.
+ x86/pti: 32-bit x86 systems support already available.
** Description changed:
Hello.
- Linux kernel v4.19 release candidate [1], finally have kernel page-table
- isolation ('PTI', previously known as 'KAISER') support for x86_32
- architecture. As we know, 'PTI' provides protection against attack,
- known as the "Meltdown" (CVE-2017-5754), that breaks isolation between
- user applications and the operating system etc. However, kernel page-
- table isolation wasn't available on 32-Bit x86 systems. Until now.
+ This is a very good news: 'PTI' support for x86-32 architecture is
+ available. Linux kernel v4.19 release candidate, finally have Kernel
+ Page-Table Isolation ('PTI', previously known as 'KAISER') support. As
+ we know, 'PTI' provides protection against attack, known as the
+ "Meltdown" (CVE-2017-5754), that breaks isolation between user
+ applications and the operating system etc. However, this protection -
+ needed for "Meltdown" mitigation - wasn't available on 32-bit x86
+ systems. Until now.
So, I would like to ask a question: are there any plans to backport
- kernel page-table isolation patches for Linux kernels available in
- "Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I mean
- x86_32 bit architecture, of course. I'm asking, because it seems, that
- pretty much no developers run 32-bit any more. However, there still are
- many 32-bit users out there.
+ Kernel Page-Table Isolation patches for Linux kernels available in
+ "Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I'm
+ asking, because it seems, that pretty much no developers run 32-bit any
+ more. However, there still are many 32-bit users out there.
- For more informations about how 'PTI' was implementing on 32-Bit x86
- architecture, plase check - for example - commit '7757d607c6b31'
- ("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32"). Here are
- messages about 'PTI' support (PATCH v7, v8) for x86_32 [1]. Next, 'PTI'
- fixes for x86-32 [2] and more patches related to 'x86/mm/pti' [3]. There
- is also a short report for the first half of the 4.19 kernel merge
- window [4].
+ For more informations about how 'PTI' was implemented, created for 32
+ bit x86 architecture, please check - for example - commit
+ '7757d607c6b31' ("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for
+ x86_32") and these messages on lkml mailing list and lwn.net website
+ (which contains summary of the first half of the 4.19 kernel merge
+ window):
- I'm sorry for such a long message, but I'm very happy that 'PTI' support
- is already available for x86_32 architecture and I hope, that it will be
- backported to all Ubuntu LTS releases etc.
+ ✗ http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html ('PTI' on
x86-32; PATCH v.8)
+ ✗ https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
+
+ I would like to send a big "Thank You" to Mr Joerg Roedel (and Others,
+ of course) for his amazing work - a whole raft of measures and patches
+ to make this possible - to enable 'PTI' mitigation on x86-32
+ architecture etc.
Thanks, best regards.
- __
-
- [1] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03578.html (please see
every next patches etc.)
- http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03181.html
- http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html
- [2] http://lkml.iu.edu/hypermail/linux/kernel/1808.0/05516.html
- [3] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03161.html
- [4] https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790688
Title:
x86/pti: 32-bit x86 systems support already available.
Status in linux package in Ubuntu:
Triaged
Bug description:
Hello.
This is a very good news: 'PTI' support for x86-32 architecture is
available. Linux kernel v4.19 release candidate, finally have Kernel
Page-Table Isolation ('PTI', previously known as 'KAISER') support. As
we know, 'PTI' provides protection against attack, known as the
"Meltdown" (CVE-2017-5754), that breaks isolation between user
applications and the operating system etc. However, this protection -
needed for "Meltdown" mitigation - wasn't available on 32-bit x86
systems. Until now.
So, I would like to ask a question: are there any plans to backport
Kernel Page-Table Isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I'm
asking, because it seems, that pretty much no developers run 32-bit
any more. However, there still are many 32-bit users out there.
For more informations about how 'PTI' was implemented, created for 32
bit x86 architecture, please check - for example - commit
'7757d607c6b31' ("x86/pti: Allow
[Kernel-packages] [Bug 1790688] Re: x86/pti: 32-Bit x86 systems support already available.
Hello.
One more thing: since kernel page-table isolation is already available
on 32-Bit x86 systems (see Bug Description), maybe "SpectreAndMeltdown"
information page (see 1.) should be updated, because of such a statement
(see "Current Status"):
"No fix is currently available for Meltdown on 32-bit x86; moving to a
64-bit kernel is the currently recommended mitigation."
Maybe, it could be changed to note, that: "32-bit x86 finally have
kernel page-table isolation support to mitigate "Meltdown". It is
already available in Linux kernel v4.19". Or above statement, available
on "SpectreAndMeltdown" page, could be changed to:
"Fix/mitigation for Meltdown on 32-bit x86 is already available in Linux
v4.19 kernel".
But that's just my opinion.
Best regards.
__
1.
https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown#Current_Status
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790688
Title:
x86/pti: 32-Bit x86 systems support already available.
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
Linux kernel v4.19 release candidate [1], finally have kernel page-
table isolation ('PTI', previously known as 'KAISER') support for
x86_32 architecture. As we know, 'PTI' provides protection against
attack, known as the "Meltdown" (CVE-2017-5754), that breaks isolation
between user applications and the operating system etc. However,
kernel page-table isolation wasn't available on 32-Bit x86 systems.
Until now.
So, I would like to ask a question: are there any plans to backport
kernel page-table isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I
mean x86_32 bit architecture, of course. I'm asking, because it seems,
that pretty much no developers run 32-bit any more. However, there
still are many 32-bit users out there.
For more informations about how 'PTI' was implementing on 32-Bit x86
architecture, plase check - for example - commit '7757d607c6b31'
("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32"). Here are
messages about 'PTI' support (PATCH v7, v8) for x86_32 [1]. Next,
'PTI' fixes for x86-32 [2] and more patches related to 'x86/mm/pti'
[3]. There is also a short report for the first half of the 4.19
kernel merge window [4].
I'm sorry for such a long message, but I'm very happy that 'PTI'
support is already available for x86_32 architecture and I hope, that
it will be backported to all Ubuntu LTS releases etc.
Thanks, best regards.
__
[1] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03578.html (please see
every next patches etc.)
http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03181.html
http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html
[2] http://lkml.iu.edu/hypermail/linux/kernel/1808.0/05516.html
[3] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03161.html
[4] https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1790688/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1790688] Re: x86/pti: 32-Bit x86 systems support already available.
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1790688
Title:
x86/pti: 32-Bit x86 systems support already available.
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
Linux kernel v4.19 release candidate [1], finally have kernel page-
table isolation ('PTI', previously known as 'KAISER') support for
x86_32 architecture. As we know, 'PTI' provides protection against
attack, known as the "Meltdown" (CVE-2017-5754), that breaks isolation
between user applications and the operating system etc. However,
kernel page-table isolation wasn't available on 32-Bit x86 systems.
Until now.
So, I would like to ask a question: are there any plans to backport
kernel page-table isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I
mean x86_32 bit architecture, of course. I'm asking, because it seems,
that pretty much no developers run 32-bit any more. However, there
still are many 32-bit users out there.
For more informations about how 'PTI' was implementing on 32-Bit x86
architecture, plase check - for example - commit '7757d607c6b31'
("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32"). Here are
messages about 'PTI' support (PATCH v7, v8) for x86_32 [1]. Next,
'PTI' fixes for x86-32 [2] and more patches related to 'x86/mm/pti'
[3]. There is also a short report for the first half of the 4.19
kernel merge window [4].
I'm sorry for such a long message, but I'm very happy that 'PTI'
support is already available for x86_32 architecture and I hope, that
it will be backported to all Ubuntu LTS releases etc.
Thanks, best regards.
__
[1] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03578.html (please see
every next patches etc.)
http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03181.html
http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html
[2] http://lkml.iu.edu/hypermail/linux/kernel/1808.0/05516.html
[3] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03161.html
[4] https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1790688/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1790688] [NEW] x86/pti: 32-Bit x86 systems support already available.
Public bug reported:
Hello.
Linux kernel v4.19 release candidate [1], finally have kernel page-table
isolation ('PTI', previously known as 'KAISER') support for x86_32
architecture. As we know, 'PTI' provides protection against attack,
known as the "Meltdown" (CVE-2017-5754), that breaks isolation between
user applications and the operating system etc. However, kernel page-
table isolation wasn't available on 32-Bit x86 systems. Until now.
So, I would like to ask a question: are there any plans to backport
kernel page-table isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I mean
x86_32 bit architecture, of course. I'm asking, because it seems, that
pretty much no developers run 32-bit any more. However, there still are
many 32-bit users out there.
For more informations about how 'PTI' was implementing on 32-Bit x86
architecture, plase check - for example - commit '7757d607c6b31'
("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for x86_32"). Here are
messages about 'PTI' support (PATCH v7, v8) for x86_32 [1]. Next, 'PTI'
fixes for x86-32 [2] and more patches related to 'x86/mm/pti' [3]. There
is also a short report for the first half of the 4.19 kernel merge
window [4].
I'm sorry for such a long message, but I'm very happy that 'PTI' support
is already available for x86_32 architecture and I hope, that it will be
backported to all Ubuntu LTS releases etc.
Thanks, best regards.
__
[1] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03578.html (please see
every next patches etc.)
http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03181.html
http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html
[2] http://lkml.iu.edu/hypermail/linux/kernel/1808.0/05516.html
[3] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03161.html
[4] https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Incomplete
** Tags: i386 meltdown pti spectre x86-32
** Description changed:
Hello.
Linux kernel v4.19 release candidate [1], finally have kernel page-table
isolation ('PTI', previously known as 'KAISER') support for x86_32
architecture. As we know, 'PTI' provides protection against attack,
known as the "Meltdown" (CVE-2017-5754), that breaks isolation between
user applications and the operating system etc. However, kernel page-
table isolation wasn't available on 32-Bit x86 systems. Until now.
So, I would like to ask a question: are there any plans to backport
kernel page-table isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I mean
x86_32 bit architecture, of course. I'm asking, because it seems, that
pretty much no developers run 32-bit any more. However, there still are
many 32-bit users out there.
- For more informations about how 'PTI' implementing on 32-Bit x86
+ For more informations about how 'PTI' was implementing on 32-Bit x86
architecture looks like, plase check - for example - commit
'7757d607c6b31' ("x86/pti: Allow CONFIG_PAGE_TABLE_ISOLATION for
x86_32"). Here are messages about 'PTI' support (PATCH v7, v8) for
x86_32 [1]. Next, 'PTI' fixes for x86-32 [2] and more patches related to
'x86/mm/pti' [3]. There is also a short report for the first half of the
4.19 kernel merge window [4].
I'm sorry for such a long message, but I'm very happy that 'PTI' support
is already available for x86_32 architecture and I hope, that it will be
backported to all Ubuntu LTS releases etc.
Thanks, best regards.
__
[1] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03578.html (please see
every next patches etc.)
http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03181.html
http://lkml.iu.edu/hypermail/linux/kernel/1807.2/02790.html
[2] http://lkml.iu.edu/hypermail/linux/kernel/1808.0/05516.html
[3] http://lkml.iu.edu/hypermail/linux/kernel/1807.1/03161.html
[4] https://lwn.net/Articles/762566/ (See "Architecture-specific" changes)
** Description changed:
Hello.
Linux kernel v4.19 release candidate [1], finally have kernel page-table
isolation ('PTI', previously known as 'KAISER') support for x86_32
architecture. As we know, 'PTI' provides protection against attack,
known as the "Meltdown" (CVE-2017-5754), that breaks isolation between
user applications and the operating system etc. However, kernel page-
table isolation wasn't available on 32-Bit x86 systems. Until now.
So, I would like to ask a question: are there any plans to backport
kernel page-table isolation patches for Linux kernels available in
"Trusty"/14.04, "Xenial"/16.04 and "Bionic"/18.04 releases etc.? I mean
x86_32 bit architecture, of course. I'm asking, because it seems, that
pretty much no developers run 32-bit any more. However, there still are
many 32-bit users out there.
For more
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
Hello.
I just wanto to confirm: everything seems to be okay after updating
Linux kernel to v4.4.0-123-generic. However, I would like to ask a
question about 'intel-microcode' and 'amd64-microcode' packages. During
system updating process via apt(8), there was an information that "The
following NEW packages will be installed" etc. and it was about two
mentioned 'microcode' packages.
I did not have these packages installed, until then. It's an Intel
processor, but it seems, that Intel Corporation will not publish any
microcode updates for some processor. Intel reveals (on Apr. 3., 2018)
list of processors that won't receive Meltdown and Spectre patches. It
seems, that some of older processors won't receive microcode updates
designed to mitigate the vulnerabilities: Bloomfield, Bloomfield Xeon,
Clarksfield, Gulftown etc.
So, I would like to ask if it was normal, that apt(8) installed such a
packages? And why both since it's an Intel processor? Can I remove both
packages (since there is no changes related to the microcode and
"Spectre & Meltdown" mitigation; just 'revision' change in
'/proc/cpuinfo' virtual file or/and dmesg(1) etc.)?
In sum two questions:
✗ why apt(8) installed two 'microcode' packages during Linux kernel
v4.4.0-123-generic updates?
✗ can 'intel/amd64-microcode' packages be removed (since there is no difference
with "Spectre & Meltdown" mitigations)?
I apologize for asking such a questions here, but this bug is about
'ibrs/ibpb' (a method to "Spectre & Meltdown" mitigation etc.) and Linux
kernel update (v4.4.0-123-generic) during which, two 'microcode'
packages were installed.
Thanks, best regards.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755627
Title:
ibrs/ibpb fixes result in excessive kernel logging
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Trusty:
Fix Committed
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Artful:
Fix Committed
Bug description:
Since at least kernel 4.4.0-116, every invocation of `sysctl -a`
results in kernel logs similar to the following:
% sysctl -a &>/dev/null; dmesg -T | tail -8
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
The output varies with the number of CPUs.
After digging a bit, it turns out this is triggered upon every read of
`kernel.ibrs_dump`:
% for i in {1..3}; do sysctl kernel.ibrs_dump; dmesg -T | tail -8; echo;
sleep 1; done
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
Those tests were against an EC2 instance running Ubuntu 4.4.0-116.140-generic
4.4.98 per /proc/version_signature
Normally this would not be the biggest concern but we have tooling
that gathers instance info on a schedule, including sysctl output,
thus resulting in the kernel ring buffer being full of nothing but
said output in most cases and hindering live troubleshooting as a
result.
To manage notifications about this bug go to:
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
Hello.
Yes, Mr. Kamal Mostafa is right. Linux kernel v4.4.0-123.147 will
contain a fix for all of these issues with, for example,
'/var/log/syslog' flooding with 'ibrs_dump', 'use_ibrs/ibpb' and
'sysctl_ibrs{,ibpb}_enabled' entries. Now, a "proposed" kernel is
v4.4.0-122.146 with a fix for "Redpine: WiFi scan stopping issue
observed with BLE (LP: #1757435)".
Anyway, next kernel version, mentioned above will be updated, at last,
to the v4.4.128 stable release (current version, available e.g. in 16.04
LTS is v4.4.117) and will contain this patch, of course:
* ibrs/ibpb fixes result in excessive kernel logging (LP: #1755627)
- SAUCE: remove ibrs_dump sysctl interface
So, we have to wait a little more, because so-called "master-next"
branch (with all needed patches for already mentioned v4.4.128 Stable
release) was updated only 24 hours ago. Additionally, there will be also
a couple of 'x86/spectre' and 'x86/retpoline' patches (mainly in
v4.4.118).
Thanks, best regards.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755627
Title:
ibrs/ibpb fixes result in excessive kernel logging
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Trusty:
Fix Committed
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Artful:
Fix Committed
Bug description:
Since at least kernel 4.4.0-116, every invocation of `sysctl -a`
results in kernel logs similar to the following:
% sysctl -a &>/dev/null; dmesg -T | tail -8
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
The output varies with the number of CPUs.
After digging a bit, it turns out this is triggered upon every read of
`kernel.ibrs_dump`:
% for i in {1..3}; do sysctl kernel.ibrs_dump; dmesg -T | tail -8; echo;
sleep 1; done
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
Those tests were against an EC2 instance running Ubuntu 4.4.0-116.140-generic
4.4.98 per /proc/version_signature
Normally this would not be the biggest concern but we have tooling
that gathers instance info on a schedule, including sysctl output,
thus resulting in the kernel ring buffer being full of nothing but
said output in most cases and hindering live troubleshooting as a
result.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755627/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1755627] Re: ibrs/ibpb fixes result in excessive kernel logging
Hello.
Today, I noticed the same entries in a log files such as
'/var/log/syslog' and via dmesg(1) on 16.04 LTS Release (i386/x86_32
arch) with v4.4.0-120-generic (4.4.117) Linux kernel. The one thing,
that is different is 'use_ibrs' value. In my case it's:
[~]$ sudo dmesg
[ 464.877859] use_ibrs = 0, use_ibpb = 4
[ 467.893757] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[ 467.893762] use_ibrs = 4, use_ibpb = 4
(...)
I'm writing about this, because I don't see '0' in any of the above
posts etc. Anyway, as Mr Kamal Mostafa wrote, I will wait for a
"-proposed" kernel.
Thanks, best regards.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1755627
Title:
ibrs/ibpb fixes result in excessive kernel logging
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Trusty:
Fix Committed
Status in linux source package in Xenial:
Fix Committed
Status in linux source package in Artful:
Fix Committed
Bug description:
Since at least kernel 4.4.0-116, every invocation of `sysctl -a`
results in kernel logs similar to the following:
% sysctl -a &>/dev/null; dmesg -T | tail -8
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:06:36 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:06:36 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:06:36 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:06:36 2018] read cpu 1 ibrs val 0
The output varies with the number of CPUs.
After digging a bit, it turns out this is triggered upon every read of
`kernel.ibrs_dump`:
% for i in {1..3}; do sysctl kernel.ibrs_dump; dmesg -T | tail -8; echo;
sleep 1; done
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:48 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:48 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:48 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:48 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:49 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:49 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:49 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:49 2018] read cpu 1 ibrs val 0
kernel.ibrs_dump = 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
[Wed Mar 14 00:08:50 2018] sysctl_ibrs_enabled = 0, sysctl_ibpb_enabled = 0
[Wed Mar 14 00:08:50 2018] use_ibrs = 4, use_ibpb = 4
[Wed Mar 14 00:08:50 2018] read cpu 0 ibrs val 0
[Wed Mar 14 00:08:50 2018] read cpu 1 ibrs val 0
Those tests were against an EC2 instance running Ubuntu 4.4.0-116.140-generic
4.4.98 per /proc/version_signature
Normally this would not be the biggest concern but we have tooling
that gathers instance info on a schedule, including sysctl output,
thus resulting in the kernel ring buffer being full of nothing but
said output in most cases and hindering live troubleshooting as a
result.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1755627/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1751021] Re: retpoline abi files are empty on i386
** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1751021 Title: retpoline abi files are empty on i386 Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Artful: Fix Committed Bug description: The .retpoline files in the current abi are actually blank. This is due to incorrect handling in retpoline-extract. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1751021/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748936] Re: kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels ("Spectre & Meltdown" patches.)
** Tags added: kernel-fixed-upstream
** Changed in: linux (Ubuntu)
Status: Fix Released => Confirmed
** Summary changed:
- kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels ("Spectre
& Meltdown" patches.)
+ kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels;
i386/x86_32 ("Spectre & Meltdown")
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748936
Title:
kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels;
i386/x86_32 ("Spectre & Meltdown")
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
It seems, that 'kaslr' option is responsible for issues with system
booting. The latest working kernel is v4.4.0-112.135. Every next
release: v4.4.0-113.136 and v4.4.0-115.139 are unable to boot if
'kaslr' option is in use etc. Everything is described in my previous
bug report (please see 1.), but I've decided to create a new one,
because it seems, that some of the "Spectre & Meltdown" patches are
not compatible with kASLR and are responsible for this regressions.
Thanks, best regards.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748936/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot when 'kaslr' option is in use.
** Summary changed:
- Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
+ Linux 4.4.0-113.136 (i386/x86_32): failed to boot when 'kaslr' option is in
use.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot when 'kaslr' option
is in use.
Status in linux package in Ubuntu:
Confirmed
Status in linux source package in Xenial:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
→ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
→ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type
of processor etc.? Especially on i386/x86_32 architecture.
● UPDATE/WARNING: It seems, that 'kaslr' option is responsible for
this issue. After booting the latest v4.4.0-115.139 kernel, I've had
the same problems as described above. However, after removing 'kaslr'
option from a command line via GRUB menu, system started normally etc.
The latest, working kernel with 'kaslr' option is v4.4.0-112.135.
According to all of this I think, that 'kaslr' is not compatible with
some "Spectre & Meltdown" mitigation patches and fixes etc.
✗ Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
✗ Architecture: i386/x86_32
✗ PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1751021] Re: retpoline abi files are empty on i386
Hello. Retpoline file, is not empty now. After update Linux kernel to the v4.4.0.117.123 (v4.4.114) version in 16.04 LTS Release (i386/x86_32 architecture), '/boot/retpoline-4.4.0-117-generic' file contains some data etc. (2,0K size). Previous files (see post #4) are empty, of course. Thanks. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1751021 Title: retpoline abi files are empty on i386 Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Artful: Fix Committed Bug description: The .retpoline files in the current abi are actually blank. This is due to incorrect handling in retpoline-extract. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1751021/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
Hello.
I apologize for not testing the latest v4.16 kernel, but I've decided to
wait for an update to the v4.4 kernel used in "Xenial". And it seems,
that everything is okay now and 'kaslr' option is working again. After
update Linux kernel to the v4.4.0-117-generic (v4.4.114) version, system
boots normally. I've done some tests:
● boot system via GRUB (add 'kaslr' option and press 'CTRL + X')
● edit '/etc/default/grub' file and add 'kaslr' option to the
'GRUB_CMDLINE_LINUX_DEFAULT='
Everything is fine, system starts normally etc. There is no problem, as
I've described in my post #4. So, some of the patches (see 1.) fixed
this issue.
Thanks, best regards.
_
1.
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial/commit/?id=fc74a5c4a98418105b4b246b935e3be90d6a635c
** Tags added: kernel-fixed-upstream
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
** Changed in: linux (Ubuntu Xenial)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Confirmed
Status in linux source package in Xenial:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
→ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
→ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type
of processor etc.? Especially on i386/x86_32 architecture.
● UPDATE/WARNING: It seems, that 'kaslr' option is responsible for
this issue. After booting the latest v4.4.0-115.139 kernel, I've had
the same problems as described above. However, after removing 'kaslr'
option from a command line via GRUB menu, system started normally etc.
The latest, working kernel with 'kaslr' option is v4.4.0-112.135.
According to all of this I think, that 'kaslr' is not compatible with
some "Spectre & Meltdown" mitigation patches and fixes etc.
✗ Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
✗ Architecture: i386/x86_32
✗ PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748936] Re: kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels ("Spectre & Meltdown" patches.)
Hello. It seems, that everything is okay now and 'kaslr' option is
working again. After update Linux kernel to the v4.4.0-117-generic
(v4.4.114) version, system boots normally. So, some of the patches (see
1.) fixed this issue.
Thanks, best regards.
_
1.
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial/commit/?id=fc74a5c4a98418105b4b246b935e3be90d6a635c
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748936
Title:
kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels
("Spectre & Meltdown" patches.)
Status in linux package in Ubuntu:
Fix Released
Bug description:
Hello.
It seems, that 'kaslr' option is responsible for issues with system
booting. The latest working kernel is v4.4.0-112.135. Every next
release: v4.4.0-113.136 and v4.4.0-115.139 are unable to boot if
'kaslr' option is in use etc. Everything is described in my previous
bug report (please see 1.), but I've decided to create a new one,
because it seems, that some of the "Spectre & Meltdown" patches are
not compatible with kASLR and are responsible for this regressions.
Thanks, best regards.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748936/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748936] Re: kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels ("Spectre & Meltdown" patches.)
Linux kernel v4.4.0-117-generic (v4.4.114) works okay and 'kaslr' option
can be used again.
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748936
Title:
kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels
("Spectre & Meltdown" patches.)
Status in linux package in Ubuntu:
Fix Released
Bug description:
Hello.
It seems, that 'kaslr' option is responsible for issues with system
booting. The latest working kernel is v4.4.0-112.135. Every next
release: v4.4.0-113.136 and v4.4.0-115.139 are unable to boot if
'kaslr' option is in use etc. Everything is described in my previous
bug report (please see 1.), but I've decided to create a new one,
because it seems, that some of the "Spectre & Meltdown" patches are
not compatible with kASLR and are responsible for this regressions.
Thanks, best regards.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748936/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1751021] Re: retpoline abi files are empty on i386
Hello. I've noticed this issue with blank '/boot/retpoline-*' files in 16.04 LTS Release (i386/x86_32) after Linux kernel update to the v4.4.0-115 version. (Generally, I've started to seeing these files when "Spectre_V12" patches were available for i386 architecture. I wanted to ask a question or report a bug about it etc.) So, these files are empty and it looks this way on 16.04 LTS Release: [~]$ ls -al /boot/retpoline-4.4.0-11* -rw-r--r-- 1 root root 0 lut 11 19:00 /boot/retpoline-4.4.0-115-generic -rw-r--r-- 1 root root 0 lut 13 00:14 /boot/retpoline-4.4.0-116-generic [~]$ uname -m i686 Thanks, best regards. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1751021 Title: retpoline abi files are empty on i386 Status in linux package in Ubuntu: In Progress Status in linux source package in Trusty: Fix Released Status in linux source package in Xenial: Fix Committed Status in linux source package in Artful: Fix Committed Bug description: The .retpoline files in the current abi are actually blank. This is due to incorrect handling in retpoline-extract. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1751021/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
Here is a new, separate bug report about 'kASLR' and system booting
issues (v4.4.0-113.136 - v4.4.0-115-generic kernel versions):
● https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748936
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Xenial:
Incomplete
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
→ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
→ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type
of processor etc.? Especially on i386/x86_32 architecture.
● UPDATE/WARNING: It seems, that 'kaslr' option is responsible for
this issue. After booting the latest v4.4.0-115.139 kernel, I've had
the same problems as described above. However, after removing 'kaslr'
option from a command line via GRUB menu, system started normally etc.
The latest, working kernel with 'kaslr' option is v4.4.0-112.135.
According to all of this I think, that 'kaslr' is not compatible with
some "Spectre & Meltdown" mitigation patches and fixes etc.
✗ Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
✗ Architecture: i386/x86_32
✗ PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
Good day, Mr Salisbury.
Yes, I can test the latest kernel, but I have a few very naive questions
(I just want to be sure for one hundred percent etc.) So, because it's
an i386/x86_32 architecture I should:
✗ download
'linux-headers-4.16.0-041600rc1-generic_4.16.0-041600rc1.201802120030_i386.deb'
and
'linux-image-4.16.0-041600rc1-generic_4.16.0-041600rc1.201802120030_i386.deb'
packages;
✗ use, for example, dpkg(1) command to install these two packages ($ sudo dpkg
-i ...);
✗ add "kaslr" option to the '/etc/default/grub' file (in
'GRUB_CMDLINE_LINUX_DEFAULT' option);
✗ update GRUB with update-grub(8) command to generate a grub2 config file etc.;
✗ reboot.
Once again: I apologize for such a naive questions. Mr Salisbury, can
You confirm if what I've wrote is okay? Generally: is it a proper way to
test the latest kernel? And what about dpkg(1) command: I should use
'-i, --install' action only, right? I'm asking, because there is - for
example - a 'gdebi' package, which is a simple tool to install deb files
etc.
Geez, what a shame...
Thanks.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Xenial:
Incomplete
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
→ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
→ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type
of processor etc.? Especially on i386/x86_32 architecture.
● UPDATE/WARNING: It seems, that 'kaslr' option is responsible for
this issue. After booting the latest v4.4.0-115.139 kernel, I've had
the same problems as described above. However, after removing 'kaslr'
option from a command line via GRUB menu, system started normally etc.
The latest, working kernel with 'kaslr' option is v4.4.0-112.135.
According to all of this I think, that 'kaslr' is not compatible with
some "Spectre & Meltdown" mitigation patches and fixes etc.
✗ Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
✗ Architecture: i386/x86_32
✗ PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748936] [NEW] kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels ("Spectre & Meltdown" patches.)
Public bug reported:
Hello.
It seems, that 'kaslr' option is responsible for issues with system
booting. The latest working kernel is v4.4.0-112.135. Every next
release: v4.4.0-113.136 and v4.4.0-115.139 are unable to boot if 'kaslr'
option is in use etc. Everything is described in my previous bug report
(please see 1.), but I've decided to create a new one, because it seems,
that some of the "Spectre & Meltdown" patches are not compatible with
kASLR and are responsible for this regressions.
Thanks, best regards.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Confirmed
** Tags: i386 kaslr linux meltdown spectre
** Changed in: linux (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748936
Title:
kASLR: unable to boot Linux v4.4.0-113.136 - v4.4.0-115.139 kernels
("Spectre & Meltdown" patches.)
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
It seems, that 'kaslr' option is responsible for issues with system
booting. The latest working kernel is v4.4.0-112.135. Every next
release: v4.4.0-113.136 and v4.4.0-115.139 are unable to boot if
'kaslr' option is in use etc. Everything is described in my previous
bug report (please see 1.), but I've decided to create a new one,
because it seems, that some of the "Spectre & Meltdown" patches are
not compatible with kASLR and are responsible for this regressions.
Thanks, best regards.
[1] https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748936/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
** Description changed:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond. The
only way to solve this issue is a "hard reset" and in GRUB menu choosing
an earlier kernel, which is linux 4.4.0-112.135. Now, everything works
okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not contain
PTI yet, right? I'm asking, because mentioned -proposed updates contains
a couple of PTI-related patches and bugs in PTI can cause a few
different signatures of crashes etc. For example:
- ✗ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
- ✗ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
+ → Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
+ → Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there is
one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type of
processor etc.? Especially on i386/x86_32 architecture.
- I hope, that all mitigations and fixes for "Metldown & Spectre_v1.2"
- atacks will be available for 32-bit x86 architecture. (OpenSUSE
- Developers are working on such a fixes/patches, right?) If I could
- provide some more informations, please let me know. Here are some
- technical informations:
+ ● UPDATE/WARNING: It seems, that 'kaslr' option is responsible for this
+ issue. After booting the latest v4.4.0-115.139 kernel, I've had the same
+ problems as described above. However, after removing 'kaslr' option from
+ a command line via GRUB menu, system started normally etc. The latest,
+ working kernel with 'kaslr' option is v4.4.0-112.135. According to all
+ of this I think, that 'kaslr' is not compatible with some "Spectre &
+ Meltdown" mitigation patches and fixes etc.
- ● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
- ● Architecture: i386/x86_32
- ● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
+ ✗ Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
+ ✗ Architecture: i386/x86_32
+ ✗ PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
** Tags added: kaslr
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
Hello. There is the same problem with a new, latest Linux
4.4.0-115-generic kernel (updated today). I've tried to boot system with
'nosplash' option (set via GRUB etc.) and it seems, that there is a
problem with:
Gave up waiting for root device. Common problems:
- Boot args (cat /proc/cmdline)
- Check rootdelay= (did the system wait long enough?)
- Check root= (did the system wait for the right device?)
- Missing modules (cat /proc/modules; ls /dev)
ALERT! UUID=* does not exist. Dropping to a shell!
BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
Enter 'help' for a lost of built-in commands.
(initramfs) _
However, I've decided try to boot v4.4.0-115-generic kernel once again,
because above 'ALERT!' message was very interesting for me, but this
time, without 'kaslr' option. So, in a GRUB menu I removed this option
and press CTRL + x. Everything was okay - system boot normally.
It seems, that there is a problem with a 'kaslr' in latest 16.04 LTS
Release kernels (I'm having this problem since update to the
v4.4.0-113.136 kernel version.
Should I create a new bug report about 'kaslr' and latest kernel
versions?
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
✗ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
✗ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
series. So, I don't know if mentioned patches are good for this type
of processor etc.? Especially on i386/x86_32 architecture.
I hope, that all mitigations and fixes for "Metldown & Spectre_v1.2"
atacks will be available for 32-bit x86 architecture. (OpenSUSE
Developers are working on such a fixes/patches, right?) If I could
provide some more informations, please let me know. Here are some
technical informations:
● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
● Architecture: i386/x86_32
● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell (initramfs).
** Summary changed:
- Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell.
+ Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
** Description changed:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
- plymouth freezes during start, and keys on a keyboard were in-active.
- After several seconds, the BusyBox screen appeared. It looks this way:
+ plymouth freezes during start, and keys on an USB keyboard were in-
+ active. After several seconds, the BusyBox shell screen appeared. It
+ looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
- Unfortunately, the keyboard does not work and does not respond. The only
- way to solve this issue is a "hard reset" and in GRUB menu choosing an
- earlier kernel, which is linux 4.4.0-112.135. Now, everything works
+ Unfortunately, the USB keyboard does not work and does not respond. The
+ only way to solve this issue is a "hard reset" and in GRUB menu choosing
+ an earlier kernel, which is linux 4.4.0-112.135. Now, everything works
okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not contain
PTI yet, right? I'm asking, because mentioned -proposed updates contains
a couple of PTI-related patches and bugs in PTI can cause a few
different signatures of crashes etc. For example:
✗ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
✗ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there is
one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
- '/var/log/syslog' or '/var/log/kern.log'. Maybe only that one (but I
- have no idea if it's important)?
+ '/var/log/syslog' or '/var/log/kern.log'. However, it's a Celeron, "E"
+ series. So, I don't know if mentioned patches are good for this type of
+ processor etc.? Especially on i386/x86_32 architecture.
- ✗ PCI: Using host bridge windows from ACPI; if necessary, use
- "pci=nocrs" and report a bug
-
- If I could provide some more informations, please let me know. Here are
- some technical informations:
+ I hope, that all mitigations and fixes for "Metldown & Spectre_v1.2"
+ atacks will be available for 32-bit x86 architecture. (OpenSUSE
+ Developers are working on such a fixes/patches, right?) If I could
+ provide some more informations, please let me know. Here are some
+ technical informations:
● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
● Architecture: i386/x86_32
● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell (initramfs).
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on an USB keyboard were in-
active. After several seconds, the BusyBox shell screen appeared. It
looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the USB keyboard does not work and does not respond.
The only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
✗ Crashes in early boot, especially
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell.
Please see "Ubuntu Kernel Bot (ubuntu-kernel-bot)" comment and answer.
** Changed in: linux (Ubuntu)
Status: Incomplete => Confirmed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell.
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on a keyboard were in-active.
After several seconds, the BusyBox screen appeared. It looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the keyboard does not work and does not respond. The
only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
✗ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
✗ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. Maybe only that one (but I
have no idea if it's important)?
✗ PCI: Using host bridge windows from ACPI; if necessary, use
"pci=nocrs" and report a bug
If I could provide some more informations, please let me know. Here
are some technical informations:
● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
● Architecture: i386/x86_32
● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] Re: Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell.
Hi. I can not enter mentioned command, because during system boot
plymouth freezes and keyboard is unresponsive. After several seconds
plymouth disappears and BusyBox v1.22.1 "console" appears (here,
keyboard does not work and does not respond either). The only solution
is to use hard reboot and choose an earlier v4.4.0-112.135 Linux kernel
in GRUB menu etc.
Maybe I can execute 'apport-collect 1748710' command in v4.4.0-112.135
kernel? But this issue appeared after update to the "-proposed" kernel:
v4.4.0-112.135.
Thanks.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1748710
Title:
Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1
built-in shell.
Status in linux package in Ubuntu:
Confirmed
Bug description:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on a keyboard were in-active.
After several seconds, the BusyBox screen appeared. It looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the keyboard does not work and does not respond. The
only way to solve this issue is a "hard reset" and in GRUB menu
choosing an earlier kernel, which is linux 4.4.0-112.135. Now,
everything works okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not
contain PTI yet, right? I'm asking, because mentioned -proposed
updates contains a couple of PTI-related patches and bugs in PTI can
cause a few different signatures of crashes etc. For example:
✗ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
✗ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there
is one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. Maybe only that one (but I
have no idea if it's important)?
✗ PCI: Using host bridge windows from ACPI; if necessary, use
"pci=nocrs" and report a bug
If I could provide some more informations, please let me know. Here
are some technical informations:
● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
● Architecture: i386/x86_32
● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
PCI Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1748710/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1748710] [NEW] Linux 4.4.0-113.136 (i386/x86_32): failed to boot and BusyBox v1.22.1 built-in shell.
Public bug reported:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on a keyboard were in-active.
After several seconds, the BusyBox screen appeared. It looks this way:
,--
| BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
| Enter 'help' for a list of built-in commands.
|
| (initramfs) _
`--
Unfortunately, the keyboard does not work and does not respond. The only
way to solve this issue is a "hard reset" and in GRUB menu choosing an
earlier kernel, which is linux 4.4.0-112.135. Now, everything works
okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not contain
PTI yet, right? I'm asking, because mentioned -proposed updates contains
a couple of PTI-related patches and bugs in PTI can cause a few
different signatures of crashes etc. For example:
✗ Crashes in early boot, especially around CPU bringup. Bugs in the trampoline
code or mappings cause these.
✗ Userspace segfaults early in boot, sometimes manifesting as mount(8) failing
to mount the rootfs. These have tended to be TLB invalidation issues. Usually
invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there is
one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. Maybe only that one (but I
have no idea if it's important)?
✗ PCI: Using host bridge windows from ACPI; if necessary, use
"pci=nocrs" and report a bug
If I could provide some more informations, please let me know. Here are
some technical informations:
● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
● Architecture: i386/x86_32
● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73 PCI
Express bridge [10de:056d] (rev a1) (prog-if 01 [Subtractive decode])
Capabilities: [b8] Subsystem: Gigabyte Technology Co., Ltd MCP73 PCI Express
bridge [1458:026f]
Thanks, regards.
1. https://lists.ubuntu.com/archives/xenial-
changes/2018-February/020108.html
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Tags: i386 linux meltdown spectre xenial
** Description changed:
Hello.
On Thu Feb 8, Linux kernel for Ubuntu 16.04.3 LTS has been updated to
the 4.4.0-113.136 version (xenial-proposed). However, after reboot,
plymouth freezes during start, and keys on a keyboard were in-active.
After several seconds, the BusyBox screen appeared. It looks this way:
- ✗
✗ BusyBox v1.22.1 (Ubuntu 1:1.22.0-15ubuntu1) built-in shell (ash)
✗ Enter 'help' for a list of built-in commands.
✗
✗ (initramfs) _
- ✗
Unfortunately, the keyboard does not work and does not respond. The only
way to solve this issue is a "hard reset" and in GRUB menu choosing an
earlier kernel, which is linux 4.4.0-112.135. Now, everything works
okay.
Proposed update to the Linux 4.4.0-113.136 contains many new updates
(please see 1.) It's an i386/x86_32 architecture, which does not contain
PTI yet, right? I'm asking, because mentioned -proposed updates contains
a couple of PTI-related patches and bugs in PTI can cause a few
different signatures of crashes etc. For example:
- ✓ Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
- ✓ Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
+ ● Crashes in early boot, especially around CPU bringup. Bugs in the
trampoline code or mappings cause these.
+ ● Userspace segfaults early in boot, sometimes manifesting as mount(8)
failing to mount the rootfs. These have tended to be TLB invalidation issues.
Usually invalidating the wrong PCID, or otherwise missing an invalidation.
NOTE: if it's about PCID, which is mentioned in a second point, there is
one patch in -proposed update: "x86/mm/32: Move
setup_clear_cpu_cap(X86_FEATURE_PCID) earlier". Maybe that's is the
cause of a boot failure? There are no errors in log files, such as
'/var/log/syslog' or '/var/log/kern.log'. Maybe only that one (but I
have no idea if it's important)?
✗ PCI: Using host bridge windows from ACPI; if necessary, use
"pci=nocrs" and report a bug
If I could provide some more informations, please let me know. Here are
some technical informations:
- ● Release ('/proc/version_signature'): Ubuntu 4.4.0-112.135-generic 4.4.98
- ● Architecture: i386/x86_32
- ● PCI ('lspci -vnvn'): 00:0a.0 PCI bridge [0604]: NVIDIA Corporation MCP73
[Kernel-packages] [Bug 1556419] Re: nf_conntrack: automatic helper assignment is deprecated
Hi. The same problem here. Release 16.04.2 LTS, iptables 1.6.0-2ubuntu3 etc. I noticed this one in dmesg entry: $ sudo dmesg |grep iptables [ 1168.282586] nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead. I have one more problem with this release; when iptables is in use (with very simple rules) there is not internet connection. But using ufw firewall, everything seems to work OK. Thanks. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1556419 Title: nf_conntrack: automatic helper assignment is deprecated Status in iptables package in Ubuntu: Confirmed Status in linux package in Ubuntu: Confirmed Bug description: Get this logged into journalctl (since a moment): kernel: nf_conntrack: automatic helper assignment is deprecated and it will be removed soon. Use the iptables CT target to attach helpers instead. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: linux-image-4.4.0-13-generic 4.4.0-13.29 ProcVersionSignature: Ubuntu 4.4.0-13.29-generic 4.4.5 Uname: Linux 4.4.0-13-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia ApportVersion: 2.20-0ubuntu3 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: oem1942 F pulseaudio /dev/snd/pcmC0D0p: oem1942 F...m pulseaudio /dev/snd/controlC0: oem1942 F pulseaudio CurrentDesktop: GNOME Date: Sat Mar 12 14:52:09 2016 HibernationDevice: RESUME=UUID=0a9ca7f0-6eeb-4b21-b70f-670fa600de16 IwConfig: eth0 no wireless extensions. eth1 no wireless extensions. lono wireless extensions. Lsusb: Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 003 Device 002: ID 046d:c062 Logitech, Inc. M-UAS144 [LS1 Laser Mouse] Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub MachineType: ASUSTEK COMPUTER INC P5W DH Deluxe ProcFB: ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.4.0-13-generic root=UUID=7c755ed6-51cc-4b75-88ac-9c75acf82749 ro RelatedPackageVersions: linux-restricted-modules-4.4.0-13-generic N/A linux-backports-modules-4.4.0-13-generic N/A linux-firmware1.156 RfKill: SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/22/2010 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 3002 dmi.board.asset.tag: To Be Filled By O.E.M. dmi.board.name: P5W DH Deluxe dmi.board.vendor: ASUSTeK Computer INC. dmi.board.version: Rev 1.xx dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3002:bd07/22/2010:svnASUSTEKCOMPUTERINC:pnP5WDHDeluxe:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP5WDHDeluxe:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.name: P5W DH Deluxe dmi.product.version: System Version dmi.sys.vendor: ASUSTEK COMPUTER INC To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1556419/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1540807] Re: ArpON ver. 2.7: the DARPI and -d (--darpi) flag bug.
Change package to arpon.
** Package changed: linux (Ubuntu) => arpon (Ubuntu)
** Description changed:
Hello. Because on Ubuntu 12.04 LTS an ArpON package is pretty outdated
(ver. 2.0-2.1 0) I've decided to use a version from a Vivid release -
2.7.
It seems that ArpON ver. 2.7 has a bug related to a DARPI anti Arp
Poisoning techniques. Because I am using a DHCP method to obtain an IP
address I needed to use a DARPI method (Dynamin Arp Inspect.) instead of
SARPI (Static Arp Inspect). After installation via 'apt-get' utility,
configuring "arpon" file from '/etc/default/' directory and uncomment
line responsible for a DARPI method, ArpON failed to start with a
following error:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:38:55 PID =
/usr/bin/arpon: invalid option -- 'd' [fail]
- For a DARPI method line in the '/etc/default/arpon' file looks this way:
- DAEMON_OPTS="-q -f /var/log/arpon/arpon.log -g -d". According to the
- Ubuntu manpage[1] '-g' flag stands for "Works in logging mode", since
- '-d' flag means "Manages Arp Cache dynamically". Everything should work
- okay, but it does not. I've tried many possibilities, configurations
- etc.
+ For a DARPI method a line in the '/etc/default/arpon' file looks this
+ way: DAEMON_OPTS="-q -f /var/log/arpon/arpon.log -g -d". According to
+ the Ubuntu manpage[1] '-g' flag stands for "Works in logging mode",
+ since '-d' flag means "Manages Arp Cache dynamically". Everything should
+ work okay, but it does not. I've tried many possibilities,
+ configurations etc.
And it seems, that a new ArpON 2.7 version requires a '-D' flag instead
'-d'. So, now there must be the '-D' flag not '-d'. After this small
change everything started to work okay:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:43:32 PID =[OK]
One more test, to be one hundred percent sure: after running
'/etc/init.d/arpon status' command, status of anti ARP poisoning daemon
arpon is [OK]. Here are some technical details:
* Ubuntu 3.2.0-98.138-generic-pae 3.2.75 ('cat /proc/version_signature'
command result)
* lsb_release -rd
-Description: Ubuntu 12.04.5 LTS
-Release: 12.04
+ Description: Ubuntu 12.04.5 LTS
+ Release: 12.04
* arpon: 2.7.2-1
By the way: ArpON sometimes crashed with "SIGSEGV in pthread_kill()"
(after user login), but I will have to create a new bug report.
Best regards.
_
[1] http://manpages.ubuntu.com/manpages/trusty/man8/arpon.8.html
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1540807
Title:
ArpON ver. 2.7: the DARPI and -d (--darpi) flag bug.
Status in arpon package in Ubuntu:
New
Bug description:
Hello. Because on Ubuntu 12.04 LTS an ArpON package is pretty outdated
(ver. 2.0-2.1 0) I've decided to use a version from a Vivid release -
2.7.
It seems that ArpON ver. 2.7 has a bug related to a DARPI anti Arp
Poisoning techniques. Because I am using a DHCP method to obtain an IP
address I needed to use a DARPI method (Dynamin Arp Inspect.) instead
of SARPI (Static Arp Inspect). After installation via 'apt-get'
utility, configuring "arpon" file from '/etc/default/' directory and
uncomment line responsible for a DARPI method, ArpON failed to start
with a following error:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:38:55 PID =
/usr/bin/arpon: invalid option -- 'd' [fail]
For a DARPI method a line in the '/etc/default/arpon' file looks this
way: DAEMON_OPTS="-q -f /var/log/arpon/arpon.log -g -d". According to
the Ubuntu manpage[1] '-g' flag stands for "Works in logging mode",
since '-d' flag means "Manages Arp Cache dynamically". Everything
should work okay, but it does not. I've tried many possibilities,
configurations etc.
And it seems, that a new ArpON 2.7 version requires a '-D' flag
instead '-d'. So, now there must be the '-D' flag not '-d'. After this
small change everything started to work okay:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:43:32 PID =[OK]
One more test, to be one hundred percent sure: after running
'/etc/init.d/arpon status' command, status of anti ARP poisoning
daemon arpon is [OK]. Here are some technical details:
* Ubuntu 3.2.0-98.138-generic-pae 3.2.75 ('cat /proc/version_signature'
command result)
* lsb_release -rd
Description: Ubuntu 12.04.5 LTS
Release: 12.04
* arpon: 2.7.2-1
By the way: ArpON sometimes crashed with "SIGSEGV in pthread_kill()"
(after user login), but I will have to create a new bug report.
Best regards.
_
[1] http://manpages.ubuntu.com/manpages/trusty/man8/arpon.8.html
To manage notifications about this bug go to:
[Kernel-packages] [Bug 1540807] [NEW] ArpON ver. 2.7: the DARPI and -d (--darpi) flag bug.
Public bug reported:
Hello. Because on Ubuntu 12.04 LTS an ArpON package is pretty outdated
(ver. 2.0-2.1 0) I've decided to use a version from a Vivid release -
2.7.
It seems that ArpON ver. 2.7 has a bug related to a DARPI anti Arp
Poisoning techniques. Because I am using a DHCP method to obtain an IP
address I needed to use a DARPI method (Dynamin Arp Inspect.) instead of
SARPI (Static Arp Inspect). After installation via 'apt-get' utility,
configuring "arpon" file from '/etc/default/' directory and uncomment
line responsible for a DARPI method, ArpON failed to start with a
following error:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:38:55 PID =
/usr/bin/arpon: invalid option -- 'd' [fail]
For a DARPI method a line in the '/etc/default/arpon' file looks this
way: DAEMON_OPTS="-q -f /var/log/arpon/arpon.log -g -d". According to
the Ubuntu manpage[1] '-g' flag stands for "Works in logging mode",
since '-d' flag means "Manages Arp Cache dynamically". Everything should
work okay, but it does not. I've tried many possibilities,
configurations etc.
And it seems, that a new ArpON 2.7 version requires a '-D' flag instead
'-d'. So, now there must be the '-D' flag not '-d'. After this small
change everything started to work okay:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:43:32 PID =[OK]
One more test, to be one hundred percent sure: after running
'/etc/init.d/arpon status' command, status of anti ARP poisoning daemon
arpon is [OK]. Here are some technical details:
* Ubuntu 3.2.0-98.138-generic-pae 3.2.75 ('cat /proc/version_signature' command
result)
* lsb_release -rd
Description: Ubuntu 12.04.5 LTS
Release: 12.04
* arpon: 2.7.2-1
By the way: ArpON sometimes crashed with "SIGSEGV in pthread_kill()"
(after user login), but I will have to create a new bug report.
Best regards.
_
[1] http://manpages.ubuntu.com/manpages/trusty/man8/arpon.8.html
** Affects: arpon (Ubuntu)
Importance: Undecided
Status: New
** Tags: arpon darpi
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1540807
Title:
ArpON ver. 2.7: the DARPI and -d (--darpi) flag bug.
Status in arpon package in Ubuntu:
New
Bug description:
Hello. Because on Ubuntu 12.04 LTS an ArpON package is pretty outdated
(ver. 2.0-2.1 0) I've decided to use a version from a Vivid release -
2.7.
It seems that ArpON ver. 2.7 has a bug related to a DARPI anti Arp
Poisoning techniques. Because I am using a DHCP method to obtain an IP
address I needed to use a DARPI method (Dynamin Arp Inspect.) instead
of SARPI (Static Arp Inspect). After installation via 'apt-get'
utility, configuring "arpon" file from '/etc/default/' directory and
uncomment line responsible for a DARPI method, ArpON failed to start
with a following error:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:38:55 PID =
/usr/bin/arpon: invalid option -- 'd' [fail]
For a DARPI method a line in the '/etc/default/arpon' file looks this
way: DAEMON_OPTS="-q -f /var/log/arpon/arpon.log -g -d". According to
the Ubuntu manpage[1] '-g' flag stands for "Works in logging mode",
since '-d' flag means "Manages Arp Cache dynamically". Everything
should work okay, but it does not. I've tried many possibilities,
configurations etc.
And it seems, that a new ArpON 2.7 version requires a '-D' flag
instead '-d'. So, now there must be the '-D' flag not '-d'. After this
small change everything started to work okay:
$ sudo /etc/init.d/arpon start
* Starting anti ARP poisoning daemon arpon
20:43:32 PID =[OK]
One more test, to be one hundred percent sure: after running
'/etc/init.d/arpon status' command, status of anti ARP poisoning
daemon arpon is [OK]. Here are some technical details:
* Ubuntu 3.2.0-98.138-generic-pae 3.2.75 ('cat /proc/version_signature'
command result)
* lsb_release -rd
Description: Ubuntu 12.04.5 LTS
Release: 12.04
* arpon: 2.7.2-1
By the way: ArpON sometimes crashed with "SIGSEGV in pthread_kill()"
(after user login), but I will have to create a new bug report.
Best regards.
_
[1] http://manpages.ubuntu.com/manpages/trusty/man8/arpon.8.html
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/arpon/+bug/1540807/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
