[Bug 2050017] Re: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider
Yes, I thought about https://launchpad.net/~ahasenack/+archive/ubuntu/apache2-modssl- provider-support/ But we can also copy it to another PPA or I can re-create it based on your, if you prefer not to leave yours. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2050017 Title: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2050017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Thank you Steffen once again! I'm updating the tags accordingly ... ** Tags removed: verification-needed verification-needed-focal verification-needed-jammy verification-needed-mantic ** Tags added: verification-done verification-done-focal verification-done-jammy verification-done-mantic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2050017] Re: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider
The IBM team agreed upon the proposal to let's go with the PPA solution for now, until upstream accepted (and reconsider in this case). (So I think I'm updating the status of this ticket to 'Opinion'.) ** Changed in: ubuntu-z-systems Status: Triaged => Opinion ** Changed in: apache2 (Ubuntu) Status: Triaged => Opinion -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2050017 Title: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2050017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Changed in: ubuntu-z-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2045250] Re: pam_lastlog doesn't handle localtime_r related errors properly
Hello Boris, unfortunately no, not really any further actions - as of now. The problem is that bringing it into M, J and F would require a testplan, and with that a stable reproducer that we do not have (and couldn't find - even at looking at this bug in other distros). So it was first of all decided to pick it up for noble (since at that time this problem was looked at, noble was still in development). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2045250 Title: pam_lastlog doesn't handle localtime_r related errors properly To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2045250/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056173] Re: dotnet 8/s390x (8.0.2 runtime / 8.0.102 SDK) feedback
** Also affects: dotnet8 (Ubuntu) Importance: Undecided Status: New ** Changed in: dotnet8 (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056173 Title: dotnet 8/s390x (8.0.2 runtime / 8.0.102 SDK) feedback To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2056173/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2065579] Re: [UBUNTU 22.04] OS guest boot issues on 9p filesystem
** Package changed: linux (Ubuntu) => qemu (Ubuntu) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: qemu (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2065579 Title: [UBUNTU 22.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2065579/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064530] Re: Include support for .NET 8 for Ubuntu on Power
** Changed in: ubuntu-power-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064530 Title: Include support for .NET 8 for Ubuntu on Power To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056373] Re: Problems with HVCS and hotplugging
** Changed in: ubuntu-power-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056373 Title: Problems with HVCS and hotplugging To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056373/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062556] Re: [Ubuntu-24.04] Hugepage memory is not getting released even after destroying the guest!
Many thanks for your confirmation Kowshik Jois. With that I'm updating the tags accordingly (and set them to verification done). ** Tags removed: verification-needed-noble-linux ** Tags added: verification-done-noble-linux -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062556 Title: [Ubuntu-24.04] Hugepage memory is not getting released even after destroying the guest! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2062556/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2050017] Re: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider
** Summary changed: - [FFe] [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider + [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider ** Description changed: - Feature Freeze Exception (FFe): - --- - - Since the work on this request may take a little longer and noble's FF is - today, this request got transferred into a feature freeze exception (FFe). - The driver for this is the need to update mod_ssl in Apache2 to support openssl 3.x providers, since engines are deprecated in openssl 3.x. This new functionality (openssl provider support) is required for the use case that one wants to protect the private key of a httpd server by using a PKCS#11 based (HSM based) private key for the server instead of using a clear key. This would subsequently open business opportunity esp. on the s390x platform. The diff/delta in the 2.5.x/trunk CHANGES file (https://github.com/apache/httpd/blob/trunk/CHANGES) is: " *) mod_ssl: Support loading certificates and private keys from the PKCS#11 OpenSSL engine. [Anderson Sasaki , Joe Orton] " In addition the reference to Revision 1914365 seems to be useful reference, that provides further details: https://svn.apache.org/viewvc?view=revision=1914365 Once backports for 2.4.x are available: - a test build in PPA will be done (and a build log can be provided) - install and upgrade tests will be done (and an install log can be provided) The new package should not break any other packages that depend on it, since there are no changes in the dependencies (or package meta data in general) expected. A description of a sample setup, incl. all affected components, can be taken from here: https://www.ibm.com/docs/en/linux-on-z?topic=linuxone-libp11-engine (The sample is based on RHEL, but except the patches discussed here, this generally applies to other distributions as well). 'Figure - 1' provides a graphical representation of the overall use case setup. The above sample setup does incl. test steps; look for 'Testing' --> 'Test with Apache web server' (Test uses "httpd -X" and "openssl s_client".) Once an Ubuntu based Apache 2.4.x test build for noble is available, and the logs (see above are available) the 'ubuntu-release' team can finally be subscribed. __ Enable an E2E use case that allows to configure an Apache webserver to protect its private keys with an HSM that is addressable via an PKCS #11 (signing) provider configured for an openSSL 3.0 library. Accepted for httpd > 2.4.58, see https://svn.apache.org/viewvc?view=revision=1914365 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2050017 Title: [24.04 FEAT] [SEC2339] HSM protected signing support for Apache httpd for openSSL 3.0 with PKCS #11 provider To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2050017/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061913] Re: FTBFS ppc64el obj_basic_integration/TEST5 crashed
I've just found this statement at the upstream github project and want to reference the info here: https://github.com/pmem/pmdk " Experimental Support for PowerPC There is initial support for ppc64le processors provided. It is currently not validated nor maintained. Thus, this architecture should not be used in a production environment. The on-media pool layout is tightly attached to the page size of 64KiB used by default on ppc64le, so it is not interchangeable with different page sizes, includes those on other architectures. For more information on this port, contact Rajalakshmi Srinivasaraghavan (ra...@linux.ibm.com) or Lucas Magalhães (lucm...@gmail.com). " ** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Assignee: (unassigned) => bugproxy (bugproxy) ** Summary changed: - FTBFS ppc64el obj_basic_integration/TEST5 crashed + PMDK FTBFS on ppc64el obj_basic_integration/TEST5 crashed ** Tags added: reverse-proxy-bugzilla -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061913 Title: PMDK FTBFS on ppc64el obj_basic_integration/TEST5 crashed To manage notifications about this bug go to: https://bugs.launchpad.net/pmdk/+bug/2061913/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064530] Re: Include support for .NET 8 for Ubuntu on Power
Hi Seth, this request came in via the Bugzilla-to-LP bridge, and the default for packages (if unknown to BZ, or for other reasons) is "linux (Ubuntu)". We (the PE IBM Squad) usually update this when we triage the incoming bugs - and I was a bit late (since we have a pub. holiday today), but already changed it in parallel when you've added your comment. I'm already in contact with the dotnet tool-chain team on this. And yes, it will be needed to get it into oracular first (before we can think of getting it into noble). ** Description changed: == Comment: #0 - JAMIE L. DOLAN - 2024-05-01 12:19:47 == This is a bug to track adding the feature of .NET 8 to Ubuntu 24.04 - This has already been added for s390x - - Customer survey showed strong interest in .NET on Linux on Power, having .NET on Ubuntu on Power will help in adoption of .NET on Power + - Customer survey showed strong interest in .NET on Linux on Power, having .NET on Ubuntu on Power will help in adoption of .NET on Power as well as pushing Ubuntu for Power. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064530 Title: Include support for .NET 8 for Ubuntu on Power To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064530] Re: Include support for .NET 8 for Ubuntu on Power
** Also affects: dotnet8 (Ubuntu Noble) Importance: Undecided Status: New ** Also affects: dotnet8 (Ubuntu Oracular) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064530 Title: Include support for .NET 8 for Ubuntu on Power To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2064530] Re: Include support for .NET 8 for Ubuntu on Power
** Package changed: linux (Ubuntu) => dotnet8 (Ubuntu) ** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Assignee: (unassigned) => Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) ** Changed in: dotnet8 (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2064530 Title: Include support for .NET 8 for Ubuntu on Power To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2064530/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2016860] Re: Error/crash while trying to wipe disk during 23.04+ install
Based on the recent ISO, QA Tracker and installation tests around the 24.04 release, this issues got solved and it did not happened anymore with recent images, hence I'm closing this LP bug. ** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released ** Changed in: subiquity Status: Fix Committed => Fix Released ** Changed in: subiquity (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2016860 Title: Error/crash while trying to wipe disk during 23.04+ install To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2016860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2009495] Re: [Ubuntu 22.04] smc_run does not work, libsmc-preload.so cannot be preloaded
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2009495 Title: [Ubuntu 22.04] smc_run does not work, libsmc-preload.so cannot be preloaded To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2009495/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Hi @seth-arnold,
I am not in-depth familiar with security related updates (since they happen
rarely for me, and if private-security are handled by the security team anyway).
"
My assumption is that these package updates should be published first to
-updates for autopkgtest testing, and once they have passed testing and phased
to users, then we should republish these updates to -security so that they are
available to all users. Does this sound correct?
"
There are no autopkgtests (for historical reasons and since lot's of functions
in that package req. the hw to be configured in a certain way, which cannot
guaranteed by the build systems), but the packages get (and already got)
already manually tested upfront, with focus on the changes (according to test
plan in SRU justification).
"
This is much easier to execute if the updates have been built in a PPA with
only -security enabled, and not -updates. (The -security pocket is built with
only packages from -release and -security, not -updates.) Do packages built in
such a PPA exist?
"
I've now kicked off build in a -security only PPA here:
https://launchpad.net/~fheimes/+archive/ubuntu/lp2059303-sec
(so yes, they build there, but it'll take a while until published)
"
The SRU workflow asks for packages to be either uploaded with dput to the queue
or debdiffs provided. I see some debdiffs here, but some additional work was
performed after most of the debdiffs were uploaded.
"
The changes are some broken URL references in some quilt patch headers, I've
fixed those.
"
Are the posted debdiffs something that the SRU team should work with? The
Ubuntu Sponsors team was added around three weeks ago, before much of the work
was done, it's entirely possible that this has fallen off their radar as a
result. (And, the general hustle of responding to the xz-utils issue, release
time goals, etc.)
"
I think the debdiffs should be taken (as usual).
It's difficult to get SRUs processed around release times.
One concern I have is that copying the packages might not work, since there is
a bootloader component that is signed, and the signing key is based on the
location where the package is build.
Hence a package build in PPA will be signed with the PPA key and not with the
official ('production') key
and so copying it over from PPA to archive will probably mess up things.
So I believe the debdiffs need to be the base for an upload (by a
sponsor), then build for the archives (that will ensure signing with the
proper key), then published on -proposed, verified there and then
eventually released.
(I'm attaching the debdiffs again, with fixed urls)
** Attachment added: "debdiffs.tgz"
https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/2059303/+attachment/5769649/+files/debdiffs.tgz
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2059303
Title:
[UBUNTU 20.04] SE-tooling: New IBM host-key subject locality
(s390-tools)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
With that I'm closing this LP bug by updating it to Won't Fix. (This does not mean that fixes will never be possible or done at all, 'Won't Fix' in this case indicates that the workaround / alternative fix was not desired, hence was not chosen; and it was taken in lieu of a better status.) ** Changed in: ubuntu-power-systems Status: In Progress => Won't Fix ** Changed in: socat (Ubuntu Focal) Status: Incomplete => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056485 Title: Behaviour of socat in Ubuntu 20.04 unexpected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060311] Re: Setting "optional: true" to overcome he timeout "Job systemd-networkd-wait-online" does no longer work with latest noble image
** Changed in: ubuntu-z-systems Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060311 Title: Setting "optional: true" to overcome he timeout "Job systemd-networkd- wait-online" does no longer work with latest noble image To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/2060311/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
Hello @Jamie, thanks for your answer and feedback. Your decision is understood. @Robie Based on this, there is no need to follow the alternative approach anymore, and I think this SRU request can be recalled and I would like to ask you to reject socat from the focal unapproved queue. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056485 Title: Behaviour of socat in Ubuntu 20.04 unexpected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062556] Re: [Ubuntu-24.04] Hugepage memory is not getting released even after destroying the guest!
I just had a look at noble's master-next tree:
$ git remote get-url origin
git://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble
$ git branch
* master-next
and found that commit 19c1ceeca8ed is already applied:
$ git log --oneline | grep -n "block: Fix page refcounts for unaligned buffers
in __bio_release_pages"
300:19c1ceeca8ed block: Fix page refcounts for unaligned buffers in
__bio_release_pages()
but not yet tagged with (incl. in) any version:
$ git tag --contains 19c1ceeca8ed
$
This is probably because it just came in via upstream stable updates:
$ git show 19c1ceeca8ed | sed '/^diff --git/q'
commit 19c1ceeca8ed31d207859e659482ee83ea1959f5
Author: Tony Battersby
Date: Thu Feb 29 13:08:09 2024 -0500
block: Fix page refcounts for unaligned buffers in __bio_release_pages()
BugLink: https://bugs.launchpad.net/bugs/2060531
[ Upstream commit 38b43539d64b2fa020b3b9a752a986769f87f7a6 ]
Fix an incorrect number of pages being released for buffers that do not
start at the beginning of a page.
Fixes: 1b151e2435fc ("block: Remove special-casing of compound pages")
Cc: sta...@vger.kernel.org
Signed-off-by: Tony Battersby
Tested-by: Greg Edwards
Link:
https://lore.kernel.org/r/86e592a9-98d4-4cff-a646-0c0084328...@cybernetics.com
Signed-off-by: Jens Axboe
Signed-off-by: Sasha Levin
Signed-off-by: Paolo Pisati
diff --git a/block/bio.c b/block/bio.c
And since the lastest tagged Ubuntu kernel version in master-next is:
Ubuntu-6.8.0-31.31
$ git log --oneline | grep -n $(git describe --tags --abbrev=0)
1170:7fdb45c9bbbc (tag: Ubuntu-6.8.0-31.31) UBUNTU: Ubuntu-6.8.0-31.31
commit 19c1ceeca8ed will be automatically part of the next/upcoming
Ubuntu kernel (> Ubuntu-6.8.0-31.31).
With that I'm updating the status of this bug to Fix Committed.
** Changed in: ubuntu-power-systems
Status: New => Fix Committed
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Committed
** Changed in: ubuntu-power-systems
Assignee: (unassigned) => Ubuntu on IBM Power Systems Bug Triage
(ubuntu-power-triage)
** Changed in: linux (Ubuntu)
Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) =>
(unassigned)
** Changed in: linux (Ubuntu)
Importance: Undecided => High
** Changed in: ubuntu-power-systems
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2062556
Title:
[Ubuntu-24.04] Hugepage memory is not getting released even after
destroying the guest!
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/2062556/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062556] Re: [Ubuntu-24.04] Hugepage memory is not getting released even after destroying the guest!
** Also affects: ubuntu-power-systems Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062556 Title: [Ubuntu-24.04] Hugepage memory is not getting released even after destroying the guest! To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2062556/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2050019] Re: [24.04 FEAT] [SEC2353] zcrypt: extend error recovery to deal with device scans
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2050019 Title: [24.04 FEAT] [SEC2353] zcrypt: extend error recovery to deal with device scans To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2050019/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages (s390x)
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages (s390x) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060217] Re: NFSv4 fails to mount in noble/s390x
I've noticed that Vasily's commit has meanwhile landed in linux-next, so I took it from there and applied it to noble master-next, but it failed due to changed context. Hence I did a bit of backporting work and got now it in. I triggered appropriate kernel test builds here: https://launchpad.net/~fheimes/+archive/ubuntu/lp2060217 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060217 Title: NFSv4 fails to mount in noble/s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/2060217/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062118] Re: autopkgtests fail on s390x (segfault)
Is it know if 'Test: trace pid events filter' also ended up in a segfault on earlier versions, e.g. 1.7.0-1 / mantic? (Probably not, looks like the test suite is only triggered during build starting with 1.8.0-1ubuntu1 / noble...) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062118 Title: autopkgtests fail on s390x (segfault) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2062118/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062118] Re: autopkgtests fail on s390x (segfault)
** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => bugproxy (bugproxy) ** Tags added: reverse-proxy-bugzilla -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062118 Title: autopkgtests fail on s390x (segfault) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2062118/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Description changed: SRU Justification: [ Impact ] * Symptom: * There is an issue with the Secure Execution (SE) tooling, especially the new IBM host-key subject locality, that leads to the fact that on April 24 (z15) / March 29 (z16) users will notice that the tooling for Secure execution will no longer detect that the provided IBM signing key for that generation is a valid IBM signing key. * The error message will contain "no IBM signing key found" or similar. The respective tool will reject creating an encrypted request/image as it could not verify the host-key for its validity. * This affects the genprotimg, pvattest, and pvsecret tools. (Please notice that these tools got introduced over time with different s390-tools versions that belong to different Ubuntu releases). * Problem: * The new IBM signing keys no longer contain 'Poughkeepsie' as 'subject locality' and 'Armonk' is used. * The SE tooling checks, beside other things, for the subject in the IBM signing key. * If the subject is not the expected one, the certificate is not recognized as a valid IBM signing key. And without a valid IBM signing key, the host-key verification cannot succeed and users cannot build trustable SE images and attestation or add-secret requests. * Solution: * Mitigations are available upstream. * The fixes allow Armonk as additional locality in the subject and allow potential mismatches in the locality of revocation list or host-key issuer subject that may still contain Poughkeepsie instead of Armonk. [ Test Plan ] * The testing is required for all three affected tools: genprotimg, pvattest, and pvsecret - * Obtain a (z15) Host-key document e.g. via the official channel -see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-obtain-host-key-document + * Obtain a (z15) Host-key document e.g. via the official channel + see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-obtain-host-key-document - * Get a signing key (z15) + intermediate certificate -see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-verify-host-key-document + * Get a signing key (z15) + intermediate certificate + see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-verify-host-key-document - * (optional) verify that the signing key is a new one -check for: Locality Armonk -$ openssl x509 -text -in international_business_machines_corporation.crt | grep Subject -Subject: C = US, ST = New York, L = Armonk, O = International Business Machines Corporation, OU = IBM Z Host Key Signing Service, CN = International Business Machines Corporation -Here "L" **must** be Armonk, and not Poughkeepsie! + * (optional) verify that the signing key is a new one + check for: Locality Armonk + $ openssl x509 -text -in international_business_machines_corporation.crt | grep Subject + Subject: C = US, ST = New York, L = Armonk, O = International Business Machines Corporation, OU = IBM Z Host Key Signing Service, CN = International Business Machines Corporation + Here "L" **must** be Armonk, and not Poughkeepsie! - * Run the tools (if available, depends on the s390-tools version): -The fixed tools will accept the cert chain and exit with exit code 0 -and the output generated. -The non-fixed will print n error message, abort, and report exit != 0 + * Run the tools (if available, depends on the s390-tools version): + The fixed tools will accept the cert chain and exit with exit code 0 + and the output generated. + The non-fixed will print n error message, abort, and report exit != 0 - * $ genprotimg: genprotimg -o tmp -i /boot/vmlinuz-$(uname -r) -k ~/hostkey.crt --cert ~/international_business_machines_corporation.crt --cert ~/DigiCertCA.crt -# BEFORE_FIX: -Failed to verify host-key document: please specify at least one IBM Z signing key -# AFTER_FIX: -# exit code 0 + * $ genprotimg: genprotimg -o tmp -i /boot/vmlinuz-$(uname -r) -k ~/hostkey.crt --cert ~/international_business_machines_corporation.crt --cert ~/DigiCertCA.crt + # BEFORE_FIX: + Failed to verify host-key document: please specify at least one IBM Z signing key + # AFTER_FIX: + # exit code 0 - * $ pvattest create -VVV -o tmp --arpk arpk -k ~/hostkey.crt --cert ~/international_business_machines_corporation.crt --cert ~/DigiCertCA.crt -# BEFORE_FIX: -ERROR: Creating the attestation request failed: -Specify at least one IBM Z signing key -# AFTER_FIX: -# exit code 0 + * $ pvattest create -VVV -o tmp --arpk arpk -k ~/hostkey.crt --cert ~/international_business_machines_corporation.crt --cert ~/DigiCertCA.crt + # BEFORE_FIX: + ERROR: Creating the attestation request failed: +
[Bug 2048917] Re: [needs-packaging] Intel Integrated Performance Primitives - ipp-crypto
** Also affects: ipp-crypto (Ubuntu) Importance: Undecided Status: New ** Changed in: ipp-crypto (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048917 Title: [needs-packaging] Intel Integrated Performance Primitives - ipp-crypto To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2048917/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Cool, thanks a lot Steffen! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060311] Re: Setting "optional: true" to overcome he timeout "Job systemd-networkd-wait-online" does no longer work with latest noble image
I gave ~ppa5 a try on my s390x system. If I set all interfaces to "optional: true" (incl. encc000), but except encc000.2653, I don't face the timeout anymore. But if I UNset "optional: true" for encc000 on top, I tap into the timeout again. In the past it was okay to NOT have "optional: true" set for both: encc000 and encc000.2653 (and I found that logical, since both interfaces are needed in a VLAN context). Knowing now what's missing, I could live with that (even if it's a change in behavior). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060311 Title: Setting "optional: true" to overcome he timeout "Job systemd-networkd- wait-online" does no longer work with latest noble image To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/2060311/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Marc and me, we had a side discussion and finally found the missing commits and have a proper build for focal. The build is available here: https://launchpad.net/~fheimes/+archive/ubuntu/lp205930 and the debdiff(s) attached. ** Attachment added: "debdiff_focal.tgz" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/2059303/+attachment/5766321/+files/debdiff_focal.tgz ** Changed in: s390-tools (Ubuntu Focal) Status: Incomplete => In Progress ** Changed in: s390-tools-signed (Ubuntu Focal) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Hi Marc, I've added f5744b95db9, but I unfortunately still get the build errors: https://launchpadlibrarian.net/724893134/buildlog_ubuntu-focal-s390x.s390-tools_2.12.0-0ubuntu3.9_BUILDING.txt.gz (search for "error:") -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Description changed: SRU Justification: [ Impact ] - * Symptom: + * Symptom: -* There is an issue with the Secure Execution (SE) tooling, - especially the new IBM host-key subject locality, - that leads to the fact that on April 24 (z15) / March 29 (z16) - users will notice that the tooling for Secure execution will no - longer detect that the provided IBM signing key for that generation - is a valid IBM signing key. + * There is an issue with the Secure Execution (SE) tooling, + especially the new IBM host-key subject locality, + that leads to the fact that on April 24 (z15) / March 29 (z16) + users will notice that the tooling for Secure execution will no + longer detect that the provided IBM signing key for that generation + is a valid IBM signing key. -* The error message will contain "no IBM signing key found" or similar. - The respective tool will reject creating an encrypted request/image - as it could not verify the host-key for its validity. + * The error message will contain "no IBM signing key found" or similar. + The respective tool will reject creating an encrypted request/image + as it could not verify the host-key for its validity. -* This affects the genprotimg, pvattest, and pvsecret tools. - (Please notice that these tools got introduced over time with different - s390-tools versions that belong to different Ubuntu releases). + * This affects the genprotimg, pvattest, and pvsecret tools. + (Please notice that these tools got introduced over time with different + s390-tools versions that belong to different Ubuntu releases). - * Problem: + * Problem: -* The new IBM signing keys no longer contain 'Poughkeepsie' as - 'subject locality' and 'Armonk' is used. + * The new IBM signing keys no longer contain 'Poughkeepsie' as + 'subject locality' and 'Armonk' is used. -* The SE tooling checks, beside other things, for the subject in the - IBM signing key. + * The SE tooling checks, beside other things, for the subject in the + IBM signing key. -* If the subject is not the expected one, the certificate is not - recognized as a valid IBM signing key. - And without a valid IBM signing key, the host-key verification - cannot succeed and users cannot build trustable SE images and - attestation or add-secret requests. + * If the subject is not the expected one, the certificate is not + recognized as a valid IBM signing key. + And without a valid IBM signing key, the host-key verification + cannot succeed and users cannot build trustable SE images and + attestation or add-secret requests. - * Solution: + * Solution: -* Mitigations are available upstream. + * Mitigations are available upstream. -* The fixes allow Armonk as additional locality in the subject - and allow potential mismatches in the locality of revocation list - or host-key issuer subject that may still contain Poughkeepsie - instead of Armonk. + * The fixes allow Armonk as additional locality in the subject + and allow potential mismatches in the locality of revocation list + or host-key issuer subject that may still contain Poughkeepsie + instead of Armonk. [ Test Plan ] - * + * The testing is required for all three affected tools: + genprotimg, pvattest, and pvsecret - * The testing is required for all three affected tools: -genprotimg, pvattest, and pvsecret + * Obtain a (z15) Host-key document e.g. via the official channel +see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-obtain-host-key-document - * Without the fixed code, but with the new IBM signing keys -(that have 'Armonk' as 'subject locality'), users will get a msgs like: -"no IBM signing key found" -and the validation will fail. + * Get a signing key (z15) + intermediate certificate +see: https://www.ibm.com/docs/en/linux-on-systems?topic=execution-verify-host-key-document - * With the patches included, the validation will succeed. + * (optional) verify that the signing key is a new one +check for: Locality Armonk +$ openssl x509 -text -in international_business_machines_corporation.crt | grep Subject +Subject: C = US, ST = New York, L = Armonk, O = International Business Machines Corporation, OU = IBM Z Host Key Signing Service, CN = International Business Machines Corporation +Here "L" **must** be Armonk, and not Poughkeepsie! + + * Run the tools (if available, depends on the s390-tools version): +The fixed tools will accept the cert chain and exit with exit code 0 +and the output generated. +The non-fixed will print n error message, abort, and report exit != 0 + + * $ genprotimg: genprotimg -o tmp -i /boot/vmlinuz-$(uname -r) -k ~/hostkey.crt --cert
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
For focal the commit d14e7593cc6
(https://github.com/ibm-s390-linux/s390-tools/commit/d14e7593cc6380911ca42b09e11c53477ae13d5c)
does not properly build and the logs show a few errors:
https://launchpadlibrarian.net/723098720/buildlog_ubuntu-focal-s390x.s390-tools_2.12.0-0ubuntu3.8_BUILDING.txt.gz
(search for "error:")
"
utils/crypto.c: In function ‘x509_armonk_locality_fixup’:
utils/crypto.c:770:22: error: passing argument 1 of ‘X509_NAME_dup’ discards
‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
770 | ret = X509_NAME_dup(name);
| ^~~~
In file included from /usr/include/openssl/pem.h:17,
from utils/crypto.c:17:
/usr/include/openssl/x509.h:482:12: note: expected ‘X509_NAME *’ {aka ‘struct
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka ‘const struct
X509_name_st *’}
482 | X509_NAME *X509_NAME_dup(X509_NAME *xn);
|^
utils/crypto.c: In function ‘quirk_X509_STORE_ctx_get1_crls’:
utils/crypto.c:888:8: error: implicit declaration of function
‘Pv_X509_STORE_CTX_get1_crls’; did you mean ‘X509_STORE_CTX_get1_crls’?
[-Werror=implicit-function-declaration]
888 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, subject);
|^~~
|X509_STORE_CTX_get1_crls
utils/crypto.c:888:8: error: nested extern declaration of
‘Pv_X509_STORE_CTX_get1_crls’ [-Werror=nested-externs]
utils/crypto.c:888:6: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
888 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, subject);
| ^
utils/crypto.c:902:7: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
902 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
utils/crypto.c:913:7: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
913 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
utils/crypto.c:925:6: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
925 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
"
and
"
utils/crypto.c: In function ‘x509_armonk_locality_fixup’:
utils/crypto.c:770:22: error: passing argument 1 of ‘X509_NAME_dup’ discards
‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
770 | ret = X509_NAME_dup(name);
| ^~~~
In file included from /usr/include/openssl/pem.h:17,
from utils/crypto.c:17:
/usr/include/openssl/x509.h:482:12: note: expected ‘X509_NAME *’ {aka ‘struct
X509_name_st *’} but argument is of type ‘const X509_NAME *’ {aka ‘const struct
X509_name_st *’}
482 | X509_NAME *X509_NAME_dup(X509_NAME *xn);
|^
utils/crypto.c: In function ‘quirk_X509_STORE_ctx_get1_crls’:
utils/crypto.c:888:8: error: implicit declaration of function
‘Pv_X509_STORE_CTX_get1_crls’; did you mean ‘X509_STORE_CTX_get1_crls’?
[-Werror=implicit-function-declaration]
888 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, subject);
|^~~
|X509_STORE_CTX_get1_crls
utils/crypto.c:888:8: error: nested extern declaration of
‘Pv_X509_STORE_CTX_get1_crls’ [-Werror=nested-externs]
utils/crypto.c:888:6: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
888 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, subject);
| ^
utils/crypto.c:902:7: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
902 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
utils/crypto.c:913:7: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
913 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
utils/crypto.c:925:6: error: assignment to ‘STACK_OF_X509_CRL_autoptr’ {aka
‘struct stack_st_X509_CRL *’} from ‘int’ makes pointer from integer without a
cast [-Werror=int-conversion]
925 | ret = Pv_X509_STORE_CTX_get1_crls(ctx, fixed_subject);
| ^
utils/crypto.c: In function ‘x509_armonk_locality_fixup’:
utils/crypto.c:770:22: error: passing argument 1 of ‘X509_NAME_dup’ discards
‘const’ qualifier from pointer target type [-Werror=discarded-qualifiers]
770 | ret = X509_NAME_dup(name);
| ^~~~
In file included
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
s390-tools and s390-tools-signed debdiffs for 22.04/jammy ** Attachment added: "debdiff_jammy.tgz" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/2059303/+attachment/5765796/+files/debdiff_jammy.tgz -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Hi Steffen, many thanks for the tests, that's highly appreciated! I'm glad to see that we are fine with noble, mantic and jammy. It was btw. good to pick the version from the noble archive, since it's in beta). (And btw. we usually do not alter DISTRELEASE in common.mak.) I'm uploading first of all the debdiffs for mantic and jammy (to not loose much time), and will investigate focal in a bit... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
s390-tools and s390-tools-signed debdiffs for 23.10/mantic ** Attachment added: "debdiff_mantic.tgz" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/2059303/+attachment/5765782/+files/debdiff_mantic.tgz -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060020] Re: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt-install
Ok, this came out of the discussions. With that I'm closing this bug ... ** Changed in: virtinst (Ubuntu) Status: Confirmed => Invalid ** Changed in: ubuntu-power-systems Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060020 Title: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt- install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2060020/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
Well, to me it looks like socat is like a Swiss army knife, where some features are popular and are used often, but others are very rarely used. Also please consider potential reactions of users that run into this (or similar cases): 1) (trivial) Users notice this problem (or not) and don't do anything. We would not become aware of a problem, hence nothing will be done. Things are probably less important and critical. 2) Users notice this problem and work around this, but do not open a bug. It is fixed for that particular user, and this user is well aware about the bug, since it got fixed by him/her; but this is not the desired reaction, since a bug should have been opened on top to report this. 3) Users notice this problem (and work around this or not), and open a bug. This is (imho) the desired behavior - due to the report and with that the ask to get it fixed. And with an update on the bug, they'll get a notification. Item 3) might cause an adjustment on their side once a fix got rolled out, but will protect for upgrade regressions. The fact that a package wasn't modified for a while does not necessarily mean that no modifications were needed. In this case here, several users reported this (way) earlier in LP: #1883957, and (I think) are waiting for a fix, and we do not know all their use cases, hence it's virtually impossible to have workarounds in place for all potential cases (we only have the needed details for just one: LP#1883957, but shouldn't limit ourselves to this). So I am still an advocate for getting things fixed where they are broken and believe that this also helps to reduce risk, compared to touching more/other components and at the end maybe not being able cover everything. The idea of using LP2056485_SOCAT_BEHAVIOUR could work, but might again lead to other risks, like cases where user may switch accounts, but in a way that they loose previously set environment variables etc. - I personally would consider that as more risky and overkill. But the final decision is of course at the SRU team. Meanwhile I've modified the patched package to just cover the two hunks that are related to the TERMIOS_PH_ALL test case - if we will go that route or not. Just try to speed up things in case this will be the way to go ... (since this is about a customer case) (Btw. I have marked LP#1883957 as dup of LP#2056485, because as partner/customer case LP#2056485 came in via the BZ-2-LP-bridge and will cause issues otherwise. But I've referenced both bugs in the changelog, see debdiff - it's probably not the best way, but want to ensure that people who reported this will be notified in case of a fix. If there is a better way, I am happy t adapt it ...) PPA test build (with minimized patch for test case): https://launchpad.net/~fheimes/+archive/ubuntu/lp2056485-3 (build includes successful tests) The updated debdiff is attached. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056485 Title: Behaviour of socat in Ubuntu 20.04 unexpected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1883957] Re: socat-1.7.3.3 (focal) termios options incorrectly applied to the second address
*** This bug is a duplicate of bug 2056485 *** https://bugs.launchpad.net/bugs/2056485 ** This bug has been marked a duplicate of bug 2056485 Behaviour of socat in Ubuntu 20.04 unexpected -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1883957 Title: socat-1.7.3.3 (focal) termios options incorrectly applied to the second address To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/socat/+bug/1883957/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060807] Re: [UBUNTU 24.04] s390x: clone clobbers r7
*** This bug is a duplicate of bug 2055175 *** https://bugs.launchpad.net/bugs/2055175 I strongly believe that this is a duplicate of LP#2055175, which is meanwhile Fix Released and should be included in the latest noble/24.04 daily images. glibc in noble (release) is currently (Apr 10th) 2.39-0ubuntu8 and glibc 2.39-0ubuntu7 changelog incl: - S390: Do not clobber r7 in clone [BZ #31402] (LP: #2055175) So I consider this as duplicate and closed/Fix Released. Please feel free to object, in case you think this is not fixed or if there is another issue. ** Package changed: linux (Ubuntu) => glibc (Ubuntu) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Also affects: glibc (Ubuntu Noble) Importance: Undecided Assignee: Skipper Bug Screeners (skipper-screen-team) Status: New ** Changed in: glibc (Ubuntu Noble) Status: New => Fix Released ** Changed in: ubuntu-z-systems Status: New => Fix Released ** Changed in: glibc (Ubuntu Noble) Assignee: Skipper Bug Screeners (skipper-screen-team) => (unassigned) ** This bug has been marked a duplicate of bug 2055175 [UBUNTU 23.10] s390x: clone clobbers r7 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060807 Title: [UBUNTU 24.04] s390x: clone clobbers r7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2060807/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Changed in: ubuntu-z-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060217] Re: NFSv4 fails to mount in noble/s390x
** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Tags added: s390x ** Changed in: ubuntu-z-systems Assignee: (unassigned) => bugproxy (bugproxy) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060217 Title: NFSv4 fails to mount in noble/s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2060217/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Hi Steffen, thanks for checking the updated packages. Indeed, I had to restart the build of the s390-tools-signed packages for mantic/23.10, /jammy/22.04 and focal/20.04. These build will be complete in an hour or so (so well before Monday). Since the updates need to be done starting with the newest to oldest, a test on noble/24.04 would be most important. Do you have a mantic/23.10 or jammy/22.04 test system over? In this case you should be able to upgrade to noble/24.04 in just a few minutes. First of all ensure that your current system (mantic or jammy) is up-to- date with: sudo apt update && && sudo apt full-upgrade (with a potential reboot) You should then be able to upgrade with: sudo do-release-upgrade -d (or in case you are brave enough - but on a test/dev system ;-) : sudo do-release-upgrade --quiet --devel-release --frontend=DistUpgradeViewNonInteractive && sudo reboot ) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
** Changed in: socat (Ubuntu Focal) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056485 Title: Behaviour of socat in Ubuntu 20.04 unexpected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056491] Re: not able to install noble on PowerVM LPARs `Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block`
Fantastic, thanks for re-testing and confirming! Closing this ticket as Fix Released. ** Changed in: ubuntu-power-systems Status: New => Fix Released ** Changed in: linux (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056491 Title: not able to install noble on PowerVM LPARs `Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060311] Re: Setting "optional: true" to overcome he timeout "Job systemd-networkd-wait-online" does no longer work with latest noble image
I see (deep in my mind I remember that such a discussion happened or at least started somewhere). Just notice that one interface is still _not_ optional, here in my case: encc000 And the behavior changed recently, with the above config I didn not hit the timeout in the past (even with earlier noble daily images). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060311 Title: Setting "optional: true" to overcome he timeout "Job systemd-networkd- wait-online" does no longer work with latest noble image To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/2060311/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2046439] Re: Wrong code execution of s390x code with qemu TCG
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2046439 Title: Wrong code execution of s390x code with qemu TCG To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2046439/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055175] Re: [UBUNTU 23.10] s390x: clone clobbers r7
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055175 Title: [UBUNTU 23.10] s390x: clone clobbers r7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2055175/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Builds finally completed: noble: https://launchpad.net/~fheimes/+archive/ubuntu/lp2059303 mantic, jammy, focal: https://launchpad.net/~fheimes/+archive/ubuntu/test -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
Thanks for having a look at this SRU. The general compile of the socat code works after just having commit 5ebf36038f39 "Under certain circumstances, options of the first address were applied to the second address" applied. However, the build also triggers a huge amount of tests, and one, test case 385 'TERMIOS_PH_ALL', is related to this modification and starts to fail. (Btw. this is roughly like the case you mentioned that "affected users of 20.04 may rely on the current behaviour".) Hence a fix is needed to make the 'TERMIOS_PH_ALL' test case work again. And I think this is also reasonable for other (non-test) cases. This was meanwhile upstream fixed "as part of" 9de26f1d0528 "minor corrections, not affecting binaries" (not a great commit msg). The commit 9de26f1d0528 covers different aspects, that are not well documented in the commit description. For this case the modification (as part of 9de26f1d0528) in Makefile.in (and obviously in CHANGES). are not needed. And even the hunks in test.sh: @@ -183,7 +183,7 @@ and @@ -13020,7 +13020,7 @@ are not relevant for the 'TERMIOS_PH_ALL' test case. Only the hunks: @@ -13057,8 +13057,10 @@ and @@ -13066,6 +13068,7 @@ (Whereas hunk '@@ -13066,6 +13068,7 @@' is again not absolutely required for a fixed test.) So yes, the patch could be minimized, for example to cover only: @@ -13057,8 +13057,10 @@ and @@ -13066,6 +13068,7 @@ Well, I thought about this, but from other work (esp. in the kernel area) I've learned (and I generally agree with that) that it is better to stick to entire upstream commits/patches (if possible) for the reason of future maintainability. I think this can be helpful if further patches (due to other bugs are needed) and will reduce risk as well, since the patch is like upstream, means tested like this and incl. like this in never versions. However, if you insist of having this patch minimized; I can do that of course. I think it's close to a philosophical question what is best to do in case "users of 20.04 relying on the current behaviour". I personally believe that since the behavior is wrong, that it needs to be corrected. Please notice that the behavior is correct in all releases newer than focal - means if not fixing this now with an upgrade, things will break at least after a dist-upgrade. Working around this in mkvterm might make the situation (imho) not a lot better (or even worse) and would introduce modification at another place (and would be for focal only, and mkvterm code in never releases might diverge). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056485 Title: Behaviour of socat in Ubuntu 20.04 unexpected To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Description changed:
+ SRU Justification:
+
+ [ Impact ]
+
+ * Symptom:
+
+* There is an issue with the Secure Execution (SE) tooling,
+ especially the new IBM host-key subject locality,
+ that leads to the fact that on April 24 (z15) / March 29 (z16)
+ users will notice that the tooling for Secure execution will no
+ longer detect that the provided IBM signing key for that generation
+ is a valid IBM signing key.
+
+* The error message will contain "no IBM signing key found" or similar.
+ The respective tool will reject creating an encrypted request/image
+ as it could not verify the host-key for its validity.
+
+* This affects the genprotimg, pvattest, and pvsecret tools.
+ (Please notice that these tools got introduced over time with different
+ s390-tools versions that belong to different Ubuntu releases).
+
+ * Problem:
+
+* The new IBM signing keys no longer contain 'Poughkeepsie' as
+ 'subject locality' and 'Armonk' is used.
+
+* The SE tooling checks, beside other things, for the subject in the
+ IBM signing key.
+
+* If the subject is not the expected one, the certificate is not
+ recognized as a valid IBM signing key.
+ And without a valid IBM signing key, the host-key verification
+ cannot succeed and users cannot build trustable SE images and
+ attestation or add-secret requests.
+
+ * Solution:
+
+* Mitigations are available upstream.
+
+* The fixes allow Armonk as additional locality in the subject
+ and allow potential mismatches in the locality of revocation list
+ or host-key issuer subject that may still contain Poughkeepsie
+ instead of Armonk.
+
+ [ Test Plan ]
+
+ *
+
+ * The testing is required for all three affected tools:
+genprotimg, pvattest, and pvsecret
+
+ * Without the fixed code, but with the new IBM signing keys
+(that have 'Armonk' as 'subject locality'), users will get a msgs like:
+"no IBM signing key found"
+and the validation will fail.
+
+ * With the patches included, the validation will succeed.
+
+ [ Where problems could occur ]
+
+ * The tools genprotimg, pvattest, and pvsecret tools are affected.
+Since they got introduced over time with different s390-tools versions
+that belong to different Ubuntu releases, it's important to figure out the
+commits/patches that are required for each release.
+
+ * The refactoring commit f6c6f0cc712433221fb0588c754e0d09884453dd
+("rust/pv/test: Code + Certificate refactoring") is needed
+for noble and mantic, but needs several adjustments due to context changes.
+The code could be negatively affected and the build might even break.
+(A test build in PPA mitigates such issues.)
+
+ * As host host-key issuer subject now Poughkeepsie and Armonk is allowed.
+If the conditional statements are not properly coded, either Poughkeepsie
+or Armonk might be allowed, which would fails in case the opposite is used.
+(Testing if the IBM signing key is valid will mitigate this.)
+
+ * In worst case a broken detection of the host-key issuer subject may lead
+to positive validations, regardless of the subject content.
+(Testing if the IBM signing key is valid will mitigate this.)
+
+ * A test build for all affected Ubuntu releases (N, M, J and F) succeeded
+and is available via this PPA:
+https://launchpad.net/~fheimes/+archive/ubuntu/lp2059303
+
+ * These test packages will be pre-tested by IBM.
+
+ * This affected Secure Execution (SE) functionality only on s390x.
+No other tools that are part of the s390-tools packages are affected
+(or got modified in any way).
+
+ [ Other Info ]
+
+ * Secure Execution (SE) was introduced with in Ubuntu Server for s390x
+with 20.04 LTS, hence 20.04 LTS and higher is affected.
+
+ * And with that the s390-tools versions that are still in service:
+2.12.0-0ubuntu3.7 | focal-updates
+2.20.0-0ubuntu3.2 | jammy-updates
+2.29.0-0ubuntu2.1 | mantic-updates
+2.30.0-0ubuntu1 | noble-updates / 2.31.0-0ubuntu4 | noble-proposed
+
+ * The following commits / patches need to be applied to the following
+s390-tools versions:
+* f6c6f0cc712433221fb0588c754e0d09884453dd
+ ("rust/pv/test: Code + Certificate refactoring")
+ to noble, mantic
+* 1a3d0b74f7819f5e087e6ecbf3ec879a05a88bbc
+ ("rust/pv: Support `Armonk` in IBM signing key subject")
+ to noble, mantic
+* d14e7593cc6380911ca42b09e11c53477ae13d5c
+ ("genprotimg: support `Armonk` in IBM signing key subject")
+ to noble, mantic, jammy, focal
+* d7c95265cdb6217b0203efa5893c3a27838af63c
+ ("libpv: Support `Armonk` in IBM signing key subject")
+ to noble, mantic, jammy
+* 2b5e7b049123aff094c7de79ba57a5df09471b2e
+ ("pvattest: Fix root-ca parsing")
+ to noble, mantic, jammy
+ __
+
Description: SE-tooling: New IBM
[Bug 2060108] Re: greenlet 3.0.3 fails to build on ppc64el (and riscv64)
** Changed in: python-greenlet (Ubuntu) Assignee: (unassigned) => bugproxy (bugproxy) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060108 Title: greenlet 3.0.3 fails to build on ppc64el (and riscv64) To manage notifications about this bug go to: https://bugs.launchpad.net/greenlet/+bug/2060108/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060108] [NEW] greenlet 3.0.3 fails to build on ppc64el (and riscv64)
Public bug reported: greenlet 3.0.3 fails to build on riscv64 and ppc64el: complete build logs at https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu2 riscv64-linux-gnu-gcc -Wsign-compare -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -g -O2 -fno- omit-frame-pointer -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -fdebug-prefix-map=/<>=/usr/src/python- greenlet-3.0.3-0ubuntu2 -Wdate-time -D_FORTIFY_SOURCE=3 -fPIC -I/usr/include/python3.11 -c /<>/src/greenlet/greenlet.cpp -o build/temp.linux-riscv64-cpython-311/<>/src/greenlet/greenlet.o -Os So the reason is that recent Linux distros decided to build with -fno- omit-frame-pointer by default. Apparently both the riscv64 and the ppc64el implementations cannot cope with that. The issue can be reproduce by adding -fno-omit-frame-pointer to the build flags. https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu4 _ There is also this upstream github issue: https://github.com/python-greenlet/greenlet/issues/395 ** Affects: greenlet Importance: Unknown Status: Unknown ** Affects: ubuntu-power-systems Importance: Undecided Assignee: bugproxy (bugproxy) Status: Triaged ** Affects: python-greenlet (Ubuntu) Importance: Undecided Status: New ** Tags: ppc64el reverse-proxy-bugzilla ** Also affects: python-greenlet (Ubuntu) Importance: Undecided Status: New ** Description changed: greenlet 3.0.3 fails to build on riscv64 and ppc64el: complete build logs at https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu2 riscv64-linux-gnu-gcc -Wsign-compare -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -g -O2 -fno- omit-frame-pointer -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -fdebug-prefix-map=/<>=/usr/src/python- greenlet-3.0.3-0ubuntu2 -Wdate-time -D_FORTIFY_SOURCE=3 -fPIC -I/usr/include/python3.11 -c /<>/src/greenlet/greenlet.cpp -o build/temp.linux-riscv64-cpython-311/<>/src/greenlet/greenlet.o -Os So the reason is that recent Linux distros decided to build with -fno- omit-frame-pointer by default. Apparently both the riscv64 and the ppc64el implementations cannot cope with that. The issue can be reproduce by adding -fno-omit-frame-pointer to the build flags. + + https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu4 ** Tags added: reverse-proxy-bugzilla ** Description changed: greenlet 3.0.3 fails to build on riscv64 and ppc64el: complete build logs at https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu2 riscv64-linux-gnu-gcc -Wsign-compare -DNDEBUG -g -fwrapv -O2 -Wall -g -fstack-protector-strong -Wformat -Werror=format-security -g -O2 -fno- omit-frame-pointer -ffile-prefix-map=/<>=. -fstack-protector-strong -Wformat -Werror=format-security -fdebug-prefix-map=/<>=/usr/src/python- greenlet-3.0.3-0ubuntu2 -Wdate-time -D_FORTIFY_SOURCE=3 -fPIC -I/usr/include/python3.11 -c /<>/src/greenlet/greenlet.cpp -o build/temp.linux-riscv64-cpython-311/<>/src/greenlet/greenlet.o -Os So the reason is that recent Linux distros decided to build with -fno- omit-frame-pointer by default. Apparently both the riscv64 and the ppc64el implementations cannot cope with that. The issue can be reproduce by adding -fno-omit-frame-pointer to the build flags. https://launchpad.net/ubuntu/+source/python-greenlet/3.0.3-0ubuntu4 + _ + + There is also this upstream github issue: + https://github.com/python-greenlet/greenlet/issues/395 ** Bug watch added: github.com/python-greenlet/greenlet/issues #395 https://github.com/python-greenlet/greenlet/issues/395 ** Also affects: greenlet via https://github.com/python-greenlet/greenlet/issues/395 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060108 Title: greenlet 3.0.3 fails to build on ppc64el (and riscv64) To manage notifications about this bug go to: https://bugs.launchpad.net/greenlet/+bug/2060108/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Meanwhile I've navigated through the challenges in noble and have a successful PPA build here: launchpad.net/~fheimes/+archive/ubuntu/lp2059303 and the s390-tools and the s390-tools-signed debdiffs attached. ** Attachment added: "debdiffs.tgz" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/2059303/+attachment/5761332/+files/debdiffs.tgz ** Changed in: s390-tools (Ubuntu Noble) Assignee: (unassigned) => Frank Heimes (fheimes) ** Changed in: s390-tools-signed (Ubuntu Noble) Assignee: (unassigned) => Frank Heimes (fheimes) ** Changed in: s390-tools (Ubuntu Noble) Status: New => In Progress ** Changed in: s390-tools-signed (Ubuntu Noble) Status: New => In Progress ** Changed in: s390-tools-signed (Ubuntu Noble) Importance: Undecided => High ** Changed in: s390-tools (Ubuntu Noble) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060020] Re: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt-install
Oh sorry, I just noticed that the ppc64el ISO was NOT updated and is still from March 28th, means it still has the -11 kernel inside. We need to investigate why it wasn't updated - and why there is no daily from April 1st and 2nd ... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060020 Title: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt- install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2060020/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
Unsubscribed ubuntu-sponsors, since meanwhile a new LP bug came in (LP: #2059303), and I'm going to upload a new debdiff that covers both - LP: #2059303 and this, LP: #058944. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages (s390x)
This is not incl. in Ubuntu-6.8.0-20.20, but will be included in the next updated kernel. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages (s390x) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060020] Re: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt-install
Hello Kowshik, thanks for bringing this up. 2GB RAM is not a lot, but according to 22.04 it should be sufficient (for Ubuntu Server, Ubuntu Desktop already wants 4GB) - so I am not sure if the min. req. for RAM may have or will change with 24.04 - I'll check. Meanwhile, would you please re-try with the latest daily ISO image from today: https://cdimage.ubuntu.com/ubuntu-server/daily-live/current/noble-live-server-ppc64el.iso since it has an updated kernel included (and afaik an updated installer). If the problem still persists, would you please also attach the crash files (from /var/crash). And do I interpret it correctly that this only happens with virt-install using 1GB RAM, or also in other scenarios where the system has just 1GB RAM (like a 1GB LPAR, or using virsh instead of virt-install with a KVM guest definition of 1GB). I would like to understand if this is related to / or limited to virt-install or not. ** Package changed: libvirt (Ubuntu) => virtinst (Ubuntu) ** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Assignee: (unassigned) => Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) ** Changed in: virtinst (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => (unassigned) ** Changed in: ubuntu-power-systems Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060020 Title: [Ubuntu-24.04]: Unable to bring up a guest with 1GB RAM using virt- install To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2060020/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
Well, I already had a hard time to get the requested commits applied to
noble (which is on 2.31.0).
I figured out that:
1) commit f6c6f0cc712433221fb0588c754e0d09884453dd ("rust/pv/test: Code +
Certificate refactoring") is needed on top as pre-requisite, otherwise the
other patches do not apply.
2) the commit id for ("libpv: Support `Armonk` in IBM signing key subject") is
d7c95265cdb6217b0203efa5893c3a27838af63c (and not
5e1cb58a21ae0707d1993de3c8fc078c5cffed88 - this commit id does not exist in
upstream master)
3) the commit id for ("pvattest: Fix root-ca parsing") is
2b5e7b049123aff094c7de79ba57a5df09471b2e (and not
a54daf459e7504c0f42d3eb028100b7ab07894ff - again this commit id does not exist
in upstream master).
I'm really wondering if it wouldn't be best to have a new minor version
tagged upstream (like a 2.31.1) that includes everything needed, since I
can't patch binary files with quilt (rust/pv/tests/assets/cert/der.crl
and rust/pv/tests/assets/cert/der.crt), hence had to skip these hunks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2059303
Title:
[UBUNTU 20.04] SE-tooling: New IBM host-key subject locality
(s390-tools)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Also affects: s390-tools (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: s390-tools-signed (Ubuntu Mantic) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: s390-tools-signed (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Noble) Importance: Undecided Status: New ** Also affects: s390-tools-signed (Ubuntu Noble) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: s390-tools-signed (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059303] Re: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools)
** Package changed: linux (Ubuntu) => s390-tools (Ubuntu) ** Also affects: s390-tools-signed (Ubuntu) Importance: Undecided Status: New ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: s390-tools (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => (unassigned) ** Changed in: ubuntu-z-systems Importance: Undecided => Critical ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059303 Title: [UBUNTU 20.04] SE-tooling: New IBM host-key subject locality (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2059303/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055175] Re: [UBUNTU 23.10] s390x: clone clobbers r7
** Changed in: ubuntu-z-systems Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055175 Title: [UBUNTU 23.10] s390x: clone clobbers r7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2055175/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
Thanks for testing the '-20' kernel @kowshik.jois and thanks for the updates @arighi and @hariharan.ts. With that I'm closing this ticket (as Fix Released in 6.8.0-20). ** Changed in: linux (Ubuntu) Status: Confirmed => Fix Released ** Changed in: ubuntu-power-systems Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2016860] Re: Error/crash while trying to wipe disk during 23.04+ install
Great, thx for the update Dan! ** Changed in: ubuntu-z-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2016860 Title: Error/crash while trying to wipe disk during 23.04+ install To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2016860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2045250] Re: pam_lastlog doesn't handle localtime_r related errors properly
Included in pam | 1.5.3-5ubuntu3. ** Changed in: pam (Ubuntu) Status: Fix Committed => Fix Released ** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2045250 Title: pam_lastlog doesn't handle localtime_r related errors properly To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2045250/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2038583] Re: Turning COMPAT_32BIT_TIME off on s390x
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2038583 Title: Turning COMPAT_32BIT_TIME off on s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2038583/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051683] Re: [24.04 FEAT] [LDP2406] 64bit Only Distro - Remove 31/32bit Support Completely
*** This bug is a duplicate of bug 2038583 *** https://bugs.launchpad.net/bugs/2038583 ** Changed in: linux (Ubuntu) Status: Fix Committed => Fix Released ** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051683 Title: [24.04 FEAT] [LDP2406] 64bit Only Distro - Remove 31/32bit Support Completely To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051683/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055702] Re: installer crashes after importing my launchpad SSH key
** Changed in: ubuntu-power-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055702 Title: installer crashes after importing my launchpad SSH key To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2055702/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055003] Re: Qemu cmdline core dumped with more(8193 or more) cpus
** Changed in: ubuntu-power-systems Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055003 Title: Qemu cmdline core dumped with more(8193 or more) cpus To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2055003/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
Hi Kowshik, sorry, just noticed the machine data line in the log: "IBM,9080-HEX POWER10 (raw) 0x800200 0xf06 of:IBM,FW1060.00 (NH1060_013) hv:phyp" Well, there is no proposed "ISO" - "-proposed" is just a special (pre-release) area in the archive for packages, incl. kernel. So I just thought about updating to the -20 kernel post install, rebooting and checking if it still happens. Btw. does the IBM Power kernel team has an opinion about Andrea's comment #4: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2059237/comments/4 (Since there is a good chance that this is also in the upstream kernels). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2038583] Re: Turning COMPAT_32BIT_TIME off on s390x
Applied for 6.8.0-12.12, so included in -20 (that is atm still in -proposed). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2038583 Title: Turning COMPAT_32BIT_TIME off on s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2038583/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
** Tags added: noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
And another quick question: on which systems does that happen? P9 (bare-metal or PowerVM) or P10 (PowerVM) or KVM on Power? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
Hello Kowshik Jois, thanks for raising our attention on this. I apologize, but once a Launchpad ticket got closed (for example as Fix Released), like with LP#2055126, it is no longer actively monitored anymore (by our team), hence we missed your additional comments. (I just found your comments, after I explicitly opened it again ...) In addition I personally didn't recognized LP#2052767, since it wasn't opened via the Bugzilla-to-Launchpad bridge, hence wasn't marked as affecting the 'The Ubuntu-power-systems project', which is what we actively monitor. But anyway, each problem needs it's own Launchpad entry, so it was correct to open this one here. (I'll just mark LP#2052767 as a duplicate of this one, LP#2059237). ___ So it looks like this happens with a kernel 6.6 (info taken from LP#2052767: linux-6.6.0 - is this an upstream kernel build that you did by yourself? Since - afair - we never had a kernel 6.6 in noble/24.04, just a 6.7.) and with kernel 6.8.0-11 (from the bug description here) - that is the one we currently have in the daily IOSs. There is already an updated kernel available from our "-proposed" pocket. $ rmadison --arch=ppc64el --suite=noble,noble-proposed linux-generic linux-generic | 6.8.0-11.11+1 | noble | ppc64el linux-generic | 6.8.0-20.20+1 | noble-proposed | ppc64el <== Would you mind installing and trying the 6.8.0-20 from proposed, to see if that (very latest) kernel still shows this 'UBSAN: array-index-out-of-bounds' issue? ** Changed in: ubuntu-power-systems Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2052767] Re: "Index out of range" error observed while installing 24.04
*** This bug is a duplicate of bug 2059237 *** https://bugs.launchpad.net/bugs/2059237 ** This bug has been marked a duplicate of bug 2059237 [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2052767 Title: "Index out of range" error observed while installing 24.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2052767/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059237] Re: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot
** Also affects: ubuntu-power-systems Importance: Undecided Status: New ** Changed in: ubuntu-power-systems Assignee: (unassigned) => Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) ** Changed in: linux (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => (unassigned) ** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Changed in: ubuntu-power-systems Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059237 Title: [Ubuntu-24.04] "array-index-out-of-bounds" error is observed after every reboot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2059237/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2042853] Re: [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough
This LP bug was entirely s390x specific, hence not affecting any other platform. So setting verification again to done, to potentially unblock any further processes. ** Tags removed: verification-needed-jammy-linux-nvidia-6.5 ** Tags added: verification-done verification-done-jammy-linux-nvidia-6.5 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2042853 Title: [UBUNTU 23.04] Kernel config option missing for s390x PCI passthrough To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2042853/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048919] Re: [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice anymore
This LP bug was entirely s390x specific, hence not affecting any other platform. So setting verification again to done, to potentially unblock any further processes. ** Tags removed: verification-needed-jammy-linux-nvidia-6.5 ** Tags added: verification-done verification-done-jammy-linux-nvidia-6.5 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048919 Title: [UBUNTU 23.04] Regression: Ubuntu 23.04/23.10 do not include uvdevice anymore To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2048919/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056491] Re: not able to install noble on PowerVM LPARs `Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block`
Hi @kowshik.jois, the (daily) images still have the same kernel inside (the 6.8 -11): $ rmadison --arch=ppc64el --suite=noble,noble-proposed linux-generic linux-generic | 6.8.0-11.11+1 | noble | ppc64el linux-generic | 6.8.0-20.20+1 | noble-proposed | ppc64el But there is now a newer kernel (-20), but it is still in -proposed. It takes some time until it transitions to release, and again a bit until it arrives in the ISO. So right now we are waiting until we have the -20 in the ISO, to be able to do more testing ... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056491 Title: not able to install noble on PowerVM LPARs `Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056491/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
I've noticed that two no-change rebuilds (against libcurl4t64 and libssl3t64) were triggered, which obviously increased the version of the s390-tools. But at the same time s390-tools-signed version stayed the same, hence the s390-tools would have become uninstallable without a proper s390-tools-signed with the same version). With this fix I aligned the two package versions again (which is also the reason why the debdiff for s390-tools-signed is between 2.31.0-0ubuntu1 and 2.31.0-0ubuntu4, since there were no 0ubuntu2 nor 0ubuntu3.) ** Also affects: s390-tools-signed (Ubuntu) Importance: Undecided Status: New ** Changed in: s390-tools-signed (Ubuntu) Status: New => In Progress ** Changed in: s390-tools-signed (Ubuntu) Assignee: (unassigned) => Frank Heimes (fheimes) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
** Patch added: "debdiff_s390-tools-signed_noble_from_2.31.0-0ubuntu1_to_2.31.0-0ubuntu4.diff" https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+attachment/5759487/+files/debdiff_s390-tools-signed_noble_from_2.31.0-0ubuntu1_to_2.31.0-0ubuntu4.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
** Patch added: "debdiff_s390-tools_noble_from_2.31.0-0ubuntu3_to_2.31.0-0ubuntu4.diff" https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+attachment/5759486/+files/debdiff_s390-tools_noble_from_2.31.0-0ubuntu3_to_2.31.0-0ubuntu4.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
Kicked-off a PPA build of patched s390-tools version 2.31.0-0ubuntu4 here: https://launchpad.net/~fheimes/+archive/ubuntu/lp2058944 ** Changed in: ubuntu-z-systems Status: New => In Progress ** Changed in: s390-tools (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058944] Re: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell
** Package changed: linux (Ubuntu) => s390-tools (Ubuntu) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: s390-tools (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Frank Heimes (fheimes) ** Changed in: ubuntu-z-systems Importance: Undecided => High ** Changed in: ubuntu-z-systems Importance: High => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058944 Title: [UBUNTU 24.04] dbginfo.sh: updates required for /bin/dash shell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2058944/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2050019] Re: [24.04 FEAT] [SEC2353] zcrypt: extend error recovery to deal with device scans
I've submitted the PR to the kernel teams mailing list: https://lists.ubuntu.com/archives/kernel-team/2024-March/thread.html#149742 ** Changed in: linux (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Canonical Kernel Team (canonical-kernel-team) ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2050019 Title: [24.04 FEAT] [SEC2353] zcrypt: extend error recovery to deal with device scans To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2050019/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2016860] Re: Error/crash while trying to wipe disk during 23.04+ install
I did more tests, on LPAR, z/VM, with FCP/SCSI, DASD/ECKD and have not faced this issue a single time (or any udev related issues). So I would consider the installer "edge/lp-2016860" as fixed and working. (I used the noble daily from today March 15th as base.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2016860 Title: Error/crash while trying to wipe disk during 23.04+ install To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2016860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2016860] Re: Error/crash while trying to wipe disk during 23.04+ install
Hi Dan, things look very promising, since I installed using edge/lp-2016860 on this ECKD FBA guest, where the situation was worst, and the install succeeded ! (Trying now on more and different systems and disk types ...) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2016860 Title: Error/crash while trying to wipe disk during 23.04+ install To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2016860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages (s390x)
Got marked as APPLIED by kernel team (Paolo). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages (s390x) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056485] Re: Behaviour of socat in Ubuntu 20.04 unexpected
** Also affects: socat (Ubuntu Focal)
Importance: Undecided
Status: New
** Changed in: socat (Ubuntu Focal)
Status: New => In Progress
** Changed in: socat (Ubuntu)
Status: In Progress => Invalid
** Changed in: socat (Ubuntu Focal)
Importance: Undecided => High
** Changed in: socat (Ubuntu Focal)
Assignee: (unassigned) => Frank Heimes (fheimes)
** Changed in: socat (Ubuntu)
Assignee: Frank Heimes (fheimes) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056485
Title:
Behaviour of socat in Ubuntu 20.04 unexpected
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/2056485/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages (s390x)
Patches that are needed for noble/24.04 submitted to the kernel teams mailing list: https://lists.ubuntu.com/archives/kernel-team/2024-March/149667.html https://lists.ubuntu.com/archives/kernel-team/2024-March/thread.html#149667 ** Changed in: linux (Ubuntu) Importance: Undecided => High ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: ubuntu-z-systems Status: New => In Progress ** Also affects: linux (Ubuntu Noble) Importance: High Status: In Progress ** Changed in: linux (Ubuntu Noble) Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages (s390x) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages (s390x)
** Summary changed: - [24.04 FEAT] Memory hotplug vmem pages + [24.04 FEAT] Memory hotplug vmem pages (s390x) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages (s390x) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2016860] Re: Error/crash while trying to wipe disk during 23.04+ install
** Changed in: ubuntu-z-systems Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2016860 Title: Error/crash while trying to wipe disk during 23.04+ install To manage notifications about this bug go to: https://bugs.launchpad.net/subiquity/+bug/2016860/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051835] Re: [24.04 FEAT] Memory hotplug vmem pages
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051835 Title: [24.04 FEAT] Memory hotplug vmem pages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2051835/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048462] Re: [needs-packaging] dfx-mgr from Xilinx
Hello Talha, had a look and re-uploaded (just made the GPL-3 section a separate one). It's now in NEW. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048462 Title: [needs-packaging] dfx-mgr from Xilinx To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2048462/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1934887] Re: Enhance the initial, basic network configuration
** Tags removed: installer ** Tags added: installation -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1934887 Title: Enhance the initial, basic network configuration To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1934887/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
