[Bug 1962286] Re: sshuttle merged to 1.1.0-1ubuntu1 fails autopkgtests
** Summary changed: - [FFE] sshuttle merged to 1.1.0-1ubuntu1 fails autopkgtests + sshuttle merged to 1.1.0-1ubuntu1 fails autopkgtests -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962286 Title: sshuttle merged to 1.1.0-1ubuntu1 fails autopkgtests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/sshuttle/+bug/1962286/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Changed in: s390-tools-signed (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Changed in: s390-tools-signed (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961850] Re: [UBUNTU 20.04] s390/pci: move pseudo-MMIO to prevent MIO overlap
Commit "s390/pci: move pseudo-MMIO to prevent MIO overlap" landed in impish with hash 35705e7746d4 and is included in impish's kernel 'Ubuntu-5.13.0-36.41' and later. Latest kernel in impish-updates is linux-generic | 5.13.0.40.49 | impish-updates hence this incl. the needed commit. With that I'm updating the affects impish entry to Fix Released, and with that I can close the ticket (means the project entry) with Fix Released, too. ** Changed in: linux (Ubuntu Impish) Status: Fix Committed => Fix Released ** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961850 Title: [UBUNTU 20.04] s390/pci: move pseudo-MMIO to prevent MIO overlap To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1961850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962578] Re: [UBUNTU 20.04] Fix SIGP processing on KVM/s390
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962578 Title: [UBUNTU 20.04] Fix SIGP processing on KVM/s390 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962578/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962831] Re: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962831 Title: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962831/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
Just for the records, even if the bug description mentions "18.04 with HWE kernel 5.4", this is about and happens with the stock focal 5.4 kernel (the dump that was shared is also a focal 5.4). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
uploaded new debdiff of the s390-tools-signed package for focal that incl. the needed d/c update ** Patch added: "debdiff_s390-tools-signed_2.12.0-0ubuntu3.4_to_2.12.0-0ubuntu3.5" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5580382/+files/debdiff_s390-tools-signed_2.12.0-0ubuntu3.4_to_2.12.0-0ubuntu3.5.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
uploaded new debdiff of the s390-tools-signed package for impish that incl. the needed d/c update ** Patch added: "debdiff_s390-tools-signed_2.17.0-0ubuntu2_to_2.17.0-0ubuntu2.1" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5580381/+files/debdiff_s390-tools-signed_2.17.0-0ubuntu2_to_2.17.0-0ubuntu2.1.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
uploaded new debdiff of the s390-tools-signed package for jammy that incl. the needed d/c update ** Patch removed: "s390-tools-signed debdiff for LP#1968259 and LP#1968260" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5578285/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_patch_jammy.patch ** Patch removed: "s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5579394/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_sru_impish.patch ** Patch removed: "s390-tools-signed debdiff for LP#1968260 / focal" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5579798/+files/debdiff_lp1968260_s390-tools-signed_sru_focal.patch ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419283 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools/+git/s390-tools/+merge/419270 ** Patch added: "debdiff_s390-tools-signed_2.20-0ubuntu1_to_2.20-0ubuntu2" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5580380/+files/debdiff_s390-tools-signed_2.20-0ubuntu1_to_2.20-0ubuntu2.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
uploaded new debdiff of the s390-tools-signed package for impish that incl. the needed d/c update ** Patch added: "debdiff_s390-tools-signed_2.17.0-0ubuntu2_to_2.17.0-0ubuntu2.1" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5580379/+files/debdiff_s390-tools-signed_2.17.0-0ubuntu2_to_2.17.0-0ubuntu2.1.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
uploaded new debdiff of the s390-tools-signed package for jammy that incl. the needed d/c update ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419218 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools/+git/s390-tools/+merge/419200 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419135 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools/+git/s390-tools/+merge/419052 ** Patch removed: "s390-tools-signed debdiff for LP#1968259 and LP#1968260 / jammy" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5578284/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_patch_jammy.patch ** Patch removed: "s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5579393/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_sru_impish.patch ** Patch added: "debdiff_s390-tools-signed_2.20-0ubuntu1_to_2.20-0ubuntu2" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5580378/+files/debdiff_s390-tools-signed_2.20-0ubuntu1_to_2.20-0ubuntu2.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419218 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools/+git/s390-tools/+merge/419200 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419135 ** Merge proposal unlinked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools/+git/s390-tools/+merge/419052 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Changed in: ubuntu-z-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools-signed debdiff for LP#1968260 / focal ** Merge proposal linked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419283 ** Patch added: "s390-tools-signed debdiff for LP#1968260 / focal" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968260/+attachment/5579798/+files/debdiff_lp1968260_s390-tools-signed_sru_focal.patch ** Changed in: s390-tools (Ubuntu Focal) Status: New => In Progress ** Changed in: s390-tools-signed (Ubuntu Focal) Status: New => In Progress ** Changed in: ubuntu-z-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
Removing focal as affected Ubuntu release
since focal's latest s390-tools version 2.12.0-0ubuntu3.4 (in focal-updates)
does not ship /usr/share/s390-tools/genprotimg/check_hostkeydoc.
** No longer affects: s390-tools (Ubuntu Focal)
** No longer affects: s390-tools-signed (Ubuntu Focal)
** Summary changed:
- [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too
strictly (s390-tools)
+ [UBUNTU 21.10 / 22.04] check_hostkeydoc is checking the certificate issuer
too strictly (s390-tools)
** Description changed:
SRU Justification:
==
[Impact]
- * The s390-tools script check_hostkeydoc can be used to perform the
-verification of the chain of trust for Secure Execution host key documents.
+ * The s390-tools script check_hostkeydoc can be used to perform the
+ verification of the chain of trust for Secure Execution host key documents.
- * The certificate verification is however too strict and doesn't match the
-checking performed by the genprotimg tool.
+ * The certificate verification is however too strict and doesn't match the
+ checking performed by the genprotimg tool.
- * Affected is the OU field in the issuer DN of the host key document.
-As a consequence, verification failures will occur for host key documents
-issued for newer hardware generations like IBM z16.
+ * Affected is the OU field in the issuer DN of the host key document.
+ As a consequence, verification failures will occur for host key documents
+ issued for newer hardware generations like IBM z16.
- * While the original default issuer's organizationalUnitName (OU)
- was defined as "IBM Z Host Key Signing Service", any OU ending
- with "Key Signing Service" is considered legal by this fix/commit.
+ * While the original default issuer's organizationalUnitName (OU)
+ was defined as "IBM Z Host Key Signing Service", any OU ending
+ with "Key Signing Service" is considered legal by this fix/commit.
- * So the default issuer check got relaxed by stripping off characters
- preceding "Key Signing Service".
+ * So the default issuer check got relaxed by stripping off characters
+ preceding "Key Signing Service".
[Fix]
- * 673ff37 673ff375d939d3cde674f8f99a62d456f8b1673d
+ * 673ff37 673ff375d939d3cde674f8f99a62d456f8b1673d
("genprotimg/check_hostkeydoc: relax default issuer check")
[Test Plan]
- * The usage of secure execution is nicely documented at the
-'Introducing IBM Secure Execution for Linux' docs.
-
https://www.ibm.com/docs/en/linux-on-systems?topic=virtualization-introducing-secure-execution-linux
-Relevant for this fix is paragraph 'Verifying the host key document'
-
https://www.ibm.com/docs/en/linux-on-systems?topic=tasks-verify-host-key-document
+ * The usage of secure execution is nicely documented at the
+ 'Introducing IBM Secure Execution for Linux' docs.
+
https://www.ibm.com/docs/en/linux-on-systems?topic=virtualization-introducing-secure-execution-linux
+ Relevant for this fix is paragraph 'Verifying the host key document'
+
https://www.ibm.com/docs/en/linux-on-systems?topic=tasks-verify-host-key-document
- * Especially notice the 'About this task' section that references the
-check_hostkeydoc script to perform the verification steps.
+ * Especially notice the 'About this task' section that references the
+ check_hostkeydoc script to perform the verification steps.
- + Due to the fact that Secure Execution requires z15 as a minimal
-hardware level, the testing is done by IBM.
+ + Due to the fact that Secure Execution requires z15 as a minimal
+ hardware level, the testing is done by IBM.
[Where problems could occur]
- * Problem can occur in the check_hostkeydoc helper script only.
+ * Problem can occur in the check_hostkeydoc helper script only.
- * The script cane become broken at all and may refuse to properly verify
-even valid signed keys.
+ * The script cane become broken at all and may refuse to properly verify
+ even valid signed keys.
- * The sed statement in the script might be wrong and cut out a wrong
-organizationalUnitName.
+ * The sed statement in the script might be wrong and cut out a wrong
+ organizationalUnitName.
- * And since this is a helper script and the verification can also be done
-without this script, the risk is not too high.
+ * And since this is a helper script and the verification can also be done
+ without this script, the risk is not too high.
- * A verification can be done based with check_hostkeydoc and with the manual
-steps (with a valid and invalid signed key) to validate equal results.
+ * A verification can be done based with check_hostkeydoc and with the manual
+ steps (with a valid and invalid signed key) to validate equal results.
- * The modification are relatively straight-formward:
-
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools debdiff for LP#1968260 / focal ** Patch added: "s390-tools debdiff for LP#1968260 / focal" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968260/+attachment/5579755/+files/debdiff_lp1968260_s390-tools_sru_focal.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish ** Patch added: "s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5579393/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_sru_impish.patch ** Changed in: s390-tools-signed (Ubuntu Impish) Status: New => In Progress ** Changed in: s390-tools (Ubuntu Impish) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish ** Patch added: "s390-tools-signed debdiff for LP#1968259 and LP#1968259 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968260/+attachment/5579394/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_sru_impish.patch ** Changed in: s390-tools-signed (Ubuntu Impish) Status: New => In Progress ** Changed in: s390-tools (Ubuntu Impish) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Merge proposal linked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419218 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Merge proposal linked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419218 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
s390-tools debdiff for LP#1968259 and LP#1968260 / impish ** Patch added: "s390-tools debdiff for LP#1968259 and LP#1968260 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools/+bug/1968259/+attachment/5579318/+files/debdiff_lp1968259+lp1968260_s390-tools_sru_impish.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools debdiff for LP#1968259 and LP#1968260 / impish ** Patch added: "s390-tools debdiff for LP#1968259 and LP#1968260 / impish" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968260/+attachment/5579319/+files/debdiff_lp1968259+lp1968260_s390-tools_sru_impish.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Description changed:
+ SRU Justification:
+ ==
+
+ [Impact]
+
+ * DigiCert is the CA issuing the signing certificate for Secure Execution
+host key documents. This certificate is used for the verification of the
+host key document validity.
+
+ * Recently, DigiCert has changed the root CA certificate used for issuance
+of the signing certificates.
+
+ * As genprotimg is checking the CA serial, the verification of the chain of
+trust will fail.
+
+ * As a workaround, it is possible to disable certificate verification,
+but this is of course not recommended, because it makes it easier to
+provide a fake host key document.
+
+ * Since the previously issued host key documents are expiring in April 2022,
+it is necessary to fix genprotimg to accept the newly issued host key
+documents.
+
+ * The situation is now addressed by removing the DigiCert root CA
+ pinning.
+
+ * The root CA used for the chain of trust can change in the future,
+therefore it makes sense to remove this check.
+
+ * If someone wants to enforce the usage of a specific root CA, it can be
+selected by the genprotimg command line option `--root-ca $CA`.
+
+ * Make it transparent to the user which root CA is actually being used by
+printing the subject name of the root CA to stdout in verbose mode.
+
+ [Fix]
+
+ * 78b0533 78b053326c504c0535b5ec1c244ad7bb5a1df29d ("genprotimg: remove
+ DigiCert root CA pinning")
+
+ [Test Plan]
+
+ * The usage of secure execution is nicely documented at the
+'Introducing IBM Secure Execution for Linux' docs.
+
https://www.ibm.com/docs/en/linux-on-systems?topic=virtualization-introducing-secure-execution-linux
+Relevant for this fix is paragraph 'Verifying the host key document'
+
https://www.ibm.com/docs/en/linux-on-systems?topic=tasks-verify-host-key-document
+
+ * Especially notice the 'About this task' section that references the
+check_hostkeydoc script to perform the verification steps.
+
+ + Due to the fact that Secure Execution requires z15 as a minimal
+hardware level, the testing is done by IBM.
+
+ * (Test can be done in combination with LP#1968259.)
+
+ [Where problems could occur]
+
+ * The removal of the DigiCert root CA pinning can - if not carefully done)
+lead to wrong - in worst case false positive checks by genprotimg.
+
+ * The main code changes decouple the checks from DigiCert root (ca_skid)
+and to allow more general X509 certificates.
+If not done thoroughly (pv_crypto_def.h, pv_args.c, pv_image.c,
+crypto..h and crypto.c), issues will be caused while checking
+certificates. Maybe not only new ones, but also old ones.
+
+ * Overall this is an s390x topic only, and even there only relevant for
+Secure Execution (KVM) TEE environments.
+
+ [Other Info]
+
+ * Even if the LP bug title references focal only, this fix is also needed
+for all newer Ubuntu releases - here: impish and jammy.
+ __
+
== Comment: #0 - Viktor Mihajlovski - 2022-04-07
08:55:11 ==
DigiCert is the CA issuing the signing certificate for Secure Execution host
key documents. This certificate is used for the verification of the host key
document validity. Recently, DigiCert has changed the root CA certificate used
for issuance of the signing certificates.
As genprotimg is checking the CA serial, the verification of the chain of
trust will fail. As a workaround, it is possible to disable certificate
verification, but this is not recommended because it makes it easier to provide
a fake host key document.
Since the previously issued host key documents are expiring in April 2022, it
is necessary to fix genprotimg to accept the newly issued host key documents.
-
+
Contact Information = Viktor Mihajlovski
== Comment: #2 - Viktor Mihajlovski - 2022-04-07
08:57:47 ==
Fixed by:
https://github.com/ibm-s390-linux/s390-tools
commit 78b053326c504c0535b5ec1c244ad7bb5a1df29d
Author: Marc Hartmayer
Date: Thu Mar 31 14:00:31 2022 +
- genprotimg: remove DigiCert root CA pinning
+ genprotimg: remove DigiCert root CA pinning
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968260
Title:
[UBUNTU 20.04] genprotimg fails to process z15 host key documents
after April 2022 (s390-tools)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Description changed:
+ SRU Justification:
+ ==
+
+ [Impact]
+
+ * The s390-tools script check_hostkeydoc can be used to perform the
+verification of the chain of trust for Secure Execution host key documents.
+
+ * The certificate verification is however too strict and doesn't match the
+checking performed by the genprotimg tool.
+
+ * Affected is the OU field in the issuer DN of the host key document.
+As a consequence, verification failures will occur for host key documents
+issued for newer hardware generations like IBM z16.
+
+ * While the original default issuer's organizationalUnitName (OU)
+ was defined as "IBM Z Host Key Signing Service", any OU ending
+ with "Key Signing Service" is considered legal by this fix/commit.
+
+ * So the default issuer check got relaxed by stripping off characters
+ preceding "Key Signing Service".
+
+ [Fix]
+
+ * 673ff37 673ff375d939d3cde674f8f99a62d456f8b1673d
+ ("genprotimg/check_hostkeydoc: relax default issuer check")
+
+ [Test Plan]
+
+ * The usage of secure execution is nicely documented at the
+'Introducing IBM Secure Execution for Linux' docs.
+
https://www.ibm.com/docs/en/linux-on-systems?topic=virtualization-introducing-secure-execution-linux
+Relevant for this fix is paragraph 'Verifying the host key document'
+
https://www.ibm.com/docs/en/linux-on-systems?topic=tasks-verify-host-key-document
+
+ * Especially notice the 'About this task' section that references the
+check_hostkeydoc script to perform the verification steps.
+
+ + Due to the fact that Secure Execution requires z15 as a minimal
+hardware level, the testing is done by IBM.
+
+ [Where problems could occur]
+
+ * Problem can occur in the check_hostkeydoc helper script only.
+
+ * The script cane become broken at all and may refuse to properly verify
+even valid signed keys.
+
+ * The sed statement in the script might be wrong and cut out a wrong
+organizationalUnitName.
+
+ * And since this is a helper script and the verification can also be done
+without this script, the risk is not too high.
+
+ * A verification can be done based with check_hostkeydoc and with the manual
+steps (with a valid and invalid signed key) to validate equal results.
+
+ * The modification are relatively straight-formward:
+
https://github.com/ibm-s390-linux/s390-tools/commit/673ff375d939d3cde674f8f99a62d456f8b1673d
+
+ * And overall this is an s390x topic only, and even there only relevant for
+Secure Execution (KVM) TEE environments only.
+
+ [Other Info]
+
+ * Even if the LP bug title references focal only, this fix is also needed
+for all newer Ubuntu releases - here: impish and jammy.
+
+ __
+
== Comment: #0 - Viktor Mihajlovski - 2022-04-07
09:16:49 ==
The s390-tools script check_hostkeydoc can be used to perform the
verification of the chain of trust for Secure Execution host key documents.
The certificate verification is however too strict and doesn't match the
checking performed by genprotimg.
Affected is the OU field in the issuer DN of the host key document. As a
consequence, verification failures will occur for host key documents issued for
newer hardware generations like IBM z16.
== Comment: #1 - Viktor Mihajlovski - 2022-04-07
09:18:08 ==
Fixed by:
https://github.com/ibm-s390-linux/s390-tools
commit 673ff375d939d3cde674f8f99a62d456f8b1673d
Author: Viktor Mihajlovski
Date: Tue Mar 15 12:55:02 2022 +0100
- genprotimg/check_hostkeydoc: relax default issuer check
+ genprotimg/check_hostkeydoc: relax default issuer check
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1968259
Title:
[UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too
strictly (s390-tools)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Tags removed: patch ** Tags added: jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Tags removed: patch ** Tags added: jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
s390-tools-signed debdiff for LP#1968259 and LP#1968260 / jammy ** Patch added: "s390-tools-signed debdiff for LP#1968259 and LP#1968260 / jammy" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968259/+attachment/5578284/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_patch_jammy.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools-signed debdiff for LP#1968259 and LP#1968260 ** Patch added: "s390-tools-signed debdiff for LP#1968259 and LP#1968260" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968260/+attachment/5578285/+files/debdiff_lp1968259+lp1968260_s390-tools-signed_patch_jammy.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Merge proposal linked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419135 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Merge proposal linked: https://code.launchpad.net/~fheimes/ubuntu/+source/s390-tools-signed/+git/s390-tools-signed/+merge/419135 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
s390-tools debdiff for LP#1968259 and LP#1968260 / jammy ** Patch added: "s390-tools debdiff for LP#1968259 and LP#1968260 / jammy" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968259/+attachment/5578279/+files/debdiff_lp1968259+lp1968260_s390-tools_patch_jammy.patch ** Changed in: s390-tools-signed (Ubuntu Jammy) Status: New => In Progress ** Changed in: s390-tools (Ubuntu Jammy) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
s390-tools debdiff for LP#1968259 and LP#1968260 / jammy ** Patch added: "s390-tools debdiff for LP#1968259 and LP#1968260 / jammy" https://bugs.launchpad.net/ubuntu/+source/s390-tools-signed/+bug/1968260/+attachment/5578280/+files/debdiff_lp1968259+lp1968260_s390-tools_patch_jammy.patch ** Changed in: s390-tools-signed (Ubuntu Jammy) Status: New => In Progress ** Changed in: s390-tools (Ubuntu Jammy) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
Well, I suggest to leave it open - sometimes SF cases may cause that a subsequent LP bug need to be opened on top... And it doesn't hurt to have and leave it for some time ... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960119] Re: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware - s390-tools part
** Also affects: s390-tools-signed (Ubuntu) Importance: Undecided Status: New ** Changed in: s390-tools-signed (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960119 Title: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware - s390-tools part To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960119/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Also affects: s390-tools-signed (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Also affects: s390-tools-signed (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960119] Re: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware - s390-tools part
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960119 Title: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware - s390-tools part To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960119/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
Hi - np. I can change that here in Launchpad at least (and already marked it as affecting all releases in service down to 20.04 - means 22.04, 21.10 ans 22.04). Thx ** Summary changed: - [UBUNTU 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) + [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Also affects: s390-tools (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Jammy) Importance: Undecided Assignee: Skipper Bug Screeners (skipper-screen-team) Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 20.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Also affects: s390-tools (Ubuntu Jammy) Importance: Undecided Assignee: Skipper Bug Screeners (skipper-screen-team) Status: New ** Also affects: s390-tools (Ubuntu Impish) Importance: Undecided Status: New ** Also affects: s390-tools (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968259] Re: [UBUNTU 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools)
** Package changed: linux (Ubuntu) => s390-tools (Ubuntu) ** Changed in: s390-tools (Ubuntu) Assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) => Skipper Bug Screeners (skipper-screen-team) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: ubuntu-z-systems Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968259 Title: [UBUNTU 22.04] check_hostkeydoc is checking the certificate issuer too strictly (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968259/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968260] Re: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools)
** Package changed: linux (Ubuntu) => s390-tools (Ubuntu) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: ubuntu-z-systems Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968260 Title: [UBUNTU 20.04] genprotimg fails to process z15 host key documents after April 2022 (s390-tools) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968260/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
Our GDPR compliant process is described here: https://support.canonical.com/ua/s/article/sending-files-sts It's essentially via uploading to (anon. ftp) files.support.canonical.com IBM shared logs and dumps via this approach already before, so it should be acceptable... I still suggest to open a salesforce ticket on top in this case to get it addressed to the right channel. And based on the information provided, we can only do some high-level checks and verification. I think a real analysis is only possible based on a dump -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
Tbh. if this happens on a production machine, than it's not the preferred way to get this addressed via a Launchpad bug (which is mainly for tracking development related bugs) and this should have been addressed as a Salesforce case. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959408] Re: [22.04 FEAT] BINUTILS: Support for new IBM Z Hardware
Since this LP bug is already closed as 'Fix Released', I'm afraid to say that we need a separate LP bug on this cherry-pick. 22.04 is already past beta, hence these (minor) changes need to be added post-GA as SRU, which should be possible, since this can be considered as new 'hardware enablement'. (And btw. binutils 2.3.8 made it into jammy: binutils | 2.38-3ubuntu1 | jammy ) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959408 Title: [22.04 FEAT] BINUTILS: Support for new IBM Z Hardware To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959408/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
Thanks for raising this. First of all I've noticed that the kernel in use is pretty outdated (package 'linux-meta-hwe-5.4 (5.4.0.90.101~18.04.80', changelog date 22 Oct 2021) and about half a year old - the current one is '5.4.0-107-generic' (package '5.4.0.107.121~18.04.92'). The delta between 5.4.0.107.121 and 5.4.0.90.101 are about 2000 commits and more than 20 are NFS related and also some about vfs. Hence I need to ask to update the system to the latest 'linux-image-generic-hwe-18.04' in 'bionic-updates' (5.4.0-107-generic) to be on the latest (and supported) level. (A test with '5.4.0.108.122~18.04.93' from 'bionic-proposed' would be ideal on top.) It also looks like a kernel dump was created, could you please share this dump (ideally from the current kernel) for further analysis (either via IBM Box or Canonical's anon. ftp 'http://archive.admin.canonical.com/')? ** Changed in: ubuntu-z-systems Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1968096] Re: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z
** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: ubuntu-z-systems Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1968096 Title: [UBUNTU 20.04] Null Pointer issue in nfs code running Ubuntu on IBM Z To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1968096/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959547] Re: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part)
Fantastic - many thx, Harald! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959547 Title: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959547/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967814] Re: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path.
** Changed in: ubuntu-z-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967814 Title: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967814/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959547] Re: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part)
Hi Harald, well, this is an Ubuntu 22.04 feature (like the Launchpad ticket title indicated), hence need to be used/tested on a Ubuntu 22.04 codename 'jammy' system. (You may upgrade your 20.04 / focal system directly to 22.04 / jammy using 'do-release-upgrade -d' - '-d' because jammy is still in development). Once on a 22.04 / jammy system, things are relatively straight forward - let me go into the details: First of all check what's available in the (jammy) archives, in case of this tickets, it's about the kernel (package called 'linux-generic'): $ rmadison --arch=s390x linux-generic | grep $(lsb_release -cs) linux-generic | 5.15.0.25.27 | jammy | s390x Well, this tells us that there is only one kernel available, and that one is in jammy(-release) and there is no kernel in jammy-proposed right now. Means the kernel is already rolled out and you don't need -proposed anymore. So you can go with the kernel that you get by default if running jammy/22.04. [ If there is another kernel in -proposed for testing, things look like in this mockup: linux-generic | 5.15.0.25.27 | jammy | s390x linux-generic | 5.15.0.26.30 | jammy-proposed | s390x ] ___ Anyway, just for the reason of completeness, here are the steps needed in case a kernel from -proposed should be installed and tested: 1) make sure your system is at the latest level: sudo apt -y -q update && sudo apt -y -q full-upgrade 2) activate '-proposed' with: sudo add-apt-repository -y "deb http://us.ports.ubuntu.com/ubuntu-ports/ $(lsb_release -sc)-proposed main universe" (and update the package index with 'sudo apt -y -q update' if not already triggered automatically) 3) now check for the available versions that can be installed: $ apt-cache policy linux-generic linux-generic: Installed: 5.15.0.25.27 Candidate: 5.15.0.26.30 Version table: ... And the version table shows you where the kernels are coming from (either main, proposed, updates, or security). [Btw. ignore the right-most digit, since it's just the build/meta digit. If there is a request to test 5.15.0-25.25, it usually points to the kernel source package, and the binary kernel is (in this case) 5.15.0.25.27. So it's save to ignore '27'.] 4) update the kernel by either 'installing' the latest one that is available, like: sudo apt install linux-generic or explicitly install a specific version, like: sudo apt install linux-generic=5.15.0.26.30 5) don't forget to reboot afterwards to activate the newly installed kernel. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959547 Title: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959547/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960187] Re: [22.04 FEAT] [KRN2013] Support for new IBM Z Hardware in kernel
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960187 Title: [22.04 FEAT] [KRN2013] Support for new IBM Z Hardware in kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960187/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959575] Re: [22.04] zcrypt DD: Toleration for new IBM Z Crypto Hardware
** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959575 Title: [22.04] zcrypt DD: Toleration for new IBM Z Crypto Hardware To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929035] Re: [22.04 FEAT] SMC-R v2 Support
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929035 Title: [22.04 FEAT] SMC-R v2 Support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1929035/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929060] Re: [22.04 FEAT] smc: Add User-defined EID (Enterprise ID) Support - kernel
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929060 Title: [22.04 FEAT] smc: Add User-defined EID (Enterprise ID) Support - kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1929060/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959532] Re: [22.04 FEAT] Transparent PCI device recovery
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959532 Title: [22.04 FEAT] Transparent PCI device recovery To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959532/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959547] Re: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part)
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959547 Title: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959547/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1963901] Re: [22.04 FEAT] [VS2103] Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963901 Title: [22.04 FEAT] [VS2103] Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1963901/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929035] Re: [22.04 FEAT] SMC-R v2 Support
This feature was request for 22.04, hence the hwe kernel is more a fall out. Hence updating tag to unblock the process. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929035 Title: [22.04 FEAT] SMC-R v2 Support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1929035/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929060] Re: [22.04 FEAT] smc: Add User-defined EID (Enterprise ID) Support - kernel
This feature was request for 22.04, hence the hwe kernel is more a fall out. Hence updating tag to unblock the process. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929060 Title: [22.04 FEAT] smc: Add User-defined EID (Enterprise ID) Support - kernel To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1929060/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959532] Re: [22.04 FEAT] Transparent PCI device recovery
This feature was request for 22.04, hence the hwe kernel is more a fall out. Hence updating tag to unblock the process. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959532 Title: [22.04 FEAT] Transparent PCI device recovery To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959532/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959547] Re: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part)
This feature was request for 22.04, hence the hwe kernel is more a fall out. Hence updating tag to unblock the process. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959547 Title: [22.04 FEAT] zcrypt DD: Exploitation Support of new IBM Z Crypto Hardware (kernel part) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959547/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1963901] Re: [22.04 FEAT] [VS2103] Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211
This request targets mainly towards 22.04, hence the hwe kernel is more a fall out. Hence updating tag to unblock the process. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1963901 Title: [22.04 FEAT] [VS2103] Set KVM_CAP_S390_MEM_OP_EXTENSION capability to 211 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1963901/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967814] Re: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path.
** Also affects: qemu (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967814 Title: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967814/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967814] Re: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path.
Changing the affected package from "linux (Ubuntu)" (kernel) to "qemu (Ubuntu)" as affected package, since the attached patch set is for qemu. ** Package changed: linux (Ubuntu) => qemu (Ubuntu) ** Also affects: qemu Importance: Undecided Status: New ** No longer affects: qemu ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: qemu (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Canonical Server Team (canonical-server) ** Changed in: ubuntu-z-systems Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967814 Title: Ubuntu 20.04.3 - ilzlnx3g1 - virtio-scsi devs on KVM guest having miscompares on disktests when there is a failed path. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967814/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Changed in: openssl-ibmca (Ubuntu) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
Many thx sil2100 and schopin - much appreciated! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Description changed:
- Dear Ubuntu Reelase Team, please consider the acceptance this feature
+ Dear Ubuntu Release Team, please consider the acceptance this feature
freeze exception about a new openssl-ibmca-2.2.3-0ubuntu1 package for
jammy, because:
Rationale for the exception:
- a severe issue is fixed (sshd core dump while using hw crypto)
e91e179 ("PKEY: Fix usage of ECX keys")
- another potential segmentation fault is fixed by:
6563dd2 ("use correct libica for ibmca_mechaList_test")
- and since these are the only two fixes between 2.2.2 and 2.2.3:
93a12d3 (tag: v2.2.3) Update to version 2.2.3
6563dd2 use correct libica for ibmca_mechaList_test
e91e179 PKEY: Fix usage of ECX keys
fae4490 (tag: v2.2.2) Update to version 2.2.2
the version 2.2.3 is a bug-fix only release,
and could be acceptable for a FFe
(according to https://wiki.ubuntu.com/FreezeExceptionProcess)
- but to get the new version build (esp. with e91e179) a backport of
e59cce5 ("Fix compilation for OpenSSL 3.0")
was needed on top.
- To me it wouldn't make sense to add the 3 commits above to v2.2.2,
since it would end up in a package version that's a super-set
of upstream 2.2.3 anyway )but named 2.2.2-0ubuntu1,
- hence asking for the FFe.
+ hence asking for the FFe.
- The package now also ships a sample config
(as well as the script to generate it,
in case one wants/needs to re-generate it).
upstream ChangeLog diff:
$ diff -u openssl-ibmca-2.2.2/ChangeLog openssl-ibmca-2.2.3/ChangeLog
--- openssl-ibmca-2.2.2/ChangeLog 2022-01-27 17:23:55.0 +0100
+++ openssl-ibmca-2.2.3/ChangeLog 2022-03-31 10:32:20.935374435 +0200
@@ -1,3 +1,6 @@
+* openssl-ibmca 2.2.3
+- Fix PKEY segfault with OpenSSL 3.0
+
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
News:
-
There is no upstream NEWS file (or suchlike - the README.md is unchanged).
build log:
--
https://launchpadlibrarian.net/594086046/buildlog_ubuntu-jammy-s390x.openssl-ibmca_2.2.3-0ubuntu1_BUILDING.txt.gz
Install log:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt
Package upgrade log:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+attachment/5575247/+files/package_upgrade_test.txt
Testing:
The previous link also includes the testing and verification that I did,
hence I can confirm that the reported problem is solved.
On top a testsuite is executed when the package is build.
Local build:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 28
# SKIP: 6
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
PPA:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 26
# SKIP: 8
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
(Two more tests are (auto-)skipped when running a PPA build, because the
builder does not have access to the s390x crypto hardware.
(The other skipped tests are skipped by upstream, since they are known to
cause issues on openssl 3 systems).
description of proposed changes:
"PKEY: Fix usage of ECX keys" - the usage of ECX keys was fixed by using
proper missing set/get methods for opaque types.
New file src/openssl-compat.h introduced that holds the specific ossl_ecx*
function.
All this only effects ED25519, ED448, X25519 and X448 using s390x hardware
crypto.
"use correct libica for ibmca_mechaList_test" - the Makefile for
ibmca_mechaList_test is now generated during the configure run, to make
sure it links with the same libica variant as used by the ibmca.so
module.
"Fix compilation for OpenSSL 3.0" - the API used in the above commit is
not public (and introduces a line "include " that cannot
be resolved all the time - only compile if the OpenSSL 3.0 source tree
is present). Hence the defines to be used are now copied over, which
makes the engine compile even without OpenSSL 3.0 source tree.
In addition a sample config that allows to be simply copied over is
added to the package, as well as the script that generates it. That is
done for convenience reasons and reduces the configuration time to just
seconds.
The openssl-ibmca package is a universe package that is available for
s390x
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Description changed:
Dear Ubuntu Reelase Team, please consider the acceptance this feature
freeze exception about a new openssl-ibmca-2.2.3-0ubuntu1 package for
jammy, because:
Rationale for the exception:
- a severe issue is fixed (sshd core dump while using hw crypto)
+ e91e179 ("PKEY: Fix usage of ECX keys")
+
+ - another potential segmentation fault is fixed by:
6563dd2 ("use correct libica for ibmca_mechaList_test")
-
- - another segmentation fault is fixed by:
- e91e179 ("PKEY: Fix usage of ECX keys")
- and since these are the only two fixes between 2.2.2 and 2.2.3:
93a12d3 (tag: v2.2.3) Update to version 2.2.3
6563dd2 use correct libica for ibmca_mechaList_test
e91e179 PKEY: Fix usage of ECX keys
fae4490 (tag: v2.2.2) Update to version 2.2.2
the version 2.2.3 is a bug-fix only release,
and could be acceptable for a FFe
(according to https://wiki.ubuntu.com/FreezeExceptionProcess)
- - But to get the new version compiled (esp. with e91e179) a backport of
+ - but to get the new version build (esp. with e91e179) a backport of
e59cce5 ("Fix compilation for OpenSSL 3.0")
was needed on top.
- To me it wouldn't make sense to add the 3 commits above to v2.2.2,
- since it would then be a package version that's a super-set
- of upstream 2.2.3 anyway, hence asking for the FFe.
+ since it would end up in a package version that's a super-set
+ of upstream 2.2.3 anyway )but named 2.2.2-0ubuntu1,
+ hence asking for the FFe.
- - The package now ships a sample config
+ - The package now also ships a sample config
(as well as the script to generate it,
in case one wants/needs to re-generate it).
upstream ChangeLog diff:
$ diff -u openssl-ibmca-2.2.2/ChangeLog openssl-ibmca-2.2.3/ChangeLog
--- openssl-ibmca-2.2.2/ChangeLog 2022-01-27 17:23:55.0 +0100
+++ openssl-ibmca-2.2.3/ChangeLog 2022-03-31 10:32:20.935374435 +0200
@@ -1,3 +1,6 @@
+* openssl-ibmca 2.2.3
+- Fix PKEY segfault with OpenSSL 3.0
+
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
News:
-
There is no upstream NEWS file (or suchlike - the README.md is unchanged).
build log:
--
https://launchpadlibrarian.net/594086046/buildlog_ubuntu-jammy-s390x.openssl-ibmca_2.2.3-0ubuntu1_BUILDING.txt.gz
Install log:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt
Package upgrade log:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+attachment/5575247/+files/package_upgrade_test.txt
Testing:
The previous link also includes the testing and verification that I did,
hence I can confirm that the reported problem is solved.
On top a testsuite is executed when the package is build.
Local build:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 28
# SKIP: 6
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
PPA:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 26
# SKIP: 8
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
(Two more tests are (auto-)skipped when running a PPA build, because the
builder does not have access to the s390x crypto hardware.
(The other skipped tests are skipped by upstream, since they are known to
cause issues on openssl 3 systems).
description of proposed changes:
"PKEY: Fix usage of ECX keys" - the usage of ECX keys was fixed by using
proper missing set/get methods for opaque types.
New file src/openssl-compat.h introduced that holds the specific ossl_ecx*
function.
All this only effects ED25519, ED448, X25519 and X448 using s390x hardware
crypto.
"use correct libica for ibmca_mechaList_test" - the Makefile for
ibmca_mechaList_test is now generated during the configure run, to make
sure it links with the same libica variant as used by the ibmca.so
module.
"Fix compilation for OpenSSL 3.0" - the API used in the above commit is
not public (and introduces a line "include " that cannot
be resolved all the time - only compile if the OpenSSL 3.0 source tree
is present). Hence the defines to be used are now copied over, which
makes the engine compile even without OpenSSL 3.0 source tree.
In addition a sample config that allows to be simply copied over is
added to the
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
package upgrade test
** Attachment added: "package upgrade test"
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+attachment/5575247/+files/package_upgrade_test.txt
** Description changed:
Dear Ubuntu Reelase Team, please consider the acceptance this feature
freeze exception about a new openssl-ibmca-2.2.3-0ubuntu1 package for
jammy, because:
Rationale for the exception:
- a severe issue is fixed (sshd core dump while using hw crypto)
6563dd2 ("use correct libica for ibmca_mechaList_test")
- another segmentation fault is fixed by:
e91e179 ("PKEY: Fix usage of ECX keys")
- and since these are the only two fixes between 2.2.2 and 2.2.3:
93a12d3 (tag: v2.2.3) Update to version 2.2.3
6563dd2 use correct libica for ibmca_mechaList_test
e91e179 PKEY: Fix usage of ECX keys
fae4490 (tag: v2.2.2) Update to version 2.2.2
the version 2.2.3 is a bug-fix only release,
and could be acceptable for a FFe
(according to https://wiki.ubuntu.com/FreezeExceptionProcess)
- But to get the new version compiled (esp. with e91e179) a backport of
e59cce5 ("Fix compilation for OpenSSL 3.0")
was needed on top.
- To me it wouldn't make sense to add the 3 commits above to v2.2.2,
since it would then be a package version that's a super-set
of upstream 2.2.3 anyway, hence asking for the FFe.
- The package now ships a sample config
(as well as the script to generate it,
in case one wants/needs to re-generate it).
upstream ChangeLog diff:
$ diff -u openssl-ibmca-2.2.2/ChangeLog openssl-ibmca-2.2.3/ChangeLog
--- openssl-ibmca-2.2.2/ChangeLog 2022-01-27 17:23:55.0 +0100
+++ openssl-ibmca-2.2.3/ChangeLog 2022-03-31 10:32:20.935374435 +0200
@@ -1,3 +1,6 @@
+* openssl-ibmca 2.2.3
+- Fix PKEY segfault with OpenSSL 3.0
+
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
News:
-
There is no upstream NEWS file (or suchlike - the README.md is unchanged).
build log:
--
https://launchpadlibrarian.net/594086046/buildlog_ubuntu-jammy-s390x.openssl-ibmca_2.2.3-0ubuntu1_BUILDING.txt.gz
Install log:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt
+
+ Package upgrade log:
+
+
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+attachment/5575247/+files/package_upgrade_test.txt
Testing:
The previous link also includes the testing and verification that I did,
hence I can confirm that the reported problem is solved.
On top a testsuite is executed when the package is build.
Local build:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 28
# SKIP: 6
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
PPA:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 26
# SKIP: 8
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
(Two more tests are (auto-)skipped when running a PPA build, because the
builder does not have access to the s390x crypto hardware.
(The other skipped tests are skipped by upstream, since they are known to
cause issues on openssl 3 systems).
description of proposed changes:
"PKEY: Fix usage of ECX keys" - the usage of ECX keys was fixed by using
proper missing set/get methods for opaque types.
New file src/openssl-compat.h introduced that holds the specific ossl_ecx*
function.
All this only effects ED25519, ED448, X25519 and X448 using s390x hardware
crypto.
"use correct libica for ibmca_mechaList_test" - the Makefile for
ibmca_mechaList_test is now generated during the configure run, to make
sure it links with the same libica variant as used by the ibmca.so
module.
"Fix compilation for OpenSSL 3.0" - the API used in the above commit is
not public (and introduces a line "include " that cannot
be resolved all the time - only compile if the OpenSSL 3.0 source tree
is present). Hence the defines to be used are now copied over, which
makes the engine compile even without OpenSSL 3.0 source tree.
In addition a sample config that allows to be simply copied over is
added to the package, as well as the script that generates it. That is
done for convenience reasons and reduces the configuration time to just
seconds.
The openssl-ibmca package is a universe package
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Description changed:
- Please consider to accept the integration of this new openssl-
- ibmca-2.2.3-0ubuntu1 package for jammy under the 'Freeze Exception
- Process', because:
+ Dear Ubuntu Reelase Team, please consider the acceptance this feature
+ freeze exception about a new openssl-ibmca-2.2.3-0ubuntu1 package for
+ jammy, because:
+ Rationale for the exception:
+
- a severe issue is fixed (sshd core dump while using hw crypto)
6563dd2 ("use correct libica for ibmca_mechaList_test")
- another segmentation fault is fixed by:
e91e179 ("PKEY: Fix usage of ECX keys")
- and since these are the only two fixes between 2.2.2 and 2.2.3:
93a12d3 (tag: v2.2.3) Update to version 2.2.3
6563dd2 use correct libica for ibmca_mechaList_test
e91e179 PKEY: Fix usage of ECX keys
fae4490 (tag: v2.2.2) Update to version 2.2.2
the version 2.2.3 is a bug-fix only release,
and could be acceptable for a FFe
(according to https://wiki.ubuntu.com/FreezeExceptionProcess)
- But to get the new version compiled (esp. with e91e179) a backport of
e59cce5 ("Fix compilation for OpenSSL 3.0")
was needed on top.
- To me it wouldn't make sense to add the 3 commits above to v2.2.2,
- since it would then be a package version that's a super-set
- of upstream 2.2.3 anyway, hence asking for the FFe.
+ since it would then be a package version that's a super-set
+ of upstream 2.2.3 anyway, hence asking for the FFe.
- The package now ships a sample config
(as well as the script to generate it,
in case one wants/needs to re-generate it).
- Here is the diff of the upstream ChangeLog:
+ upstream ChangeLog diff:
+
$ diff -u openssl-ibmca-2.2.2/ChangeLog openssl-ibmca-2.2.3/ChangeLog
--- openssl-ibmca-2.2.2/ChangeLog 2022-01-27 17:23:55.0 +0100
+++ openssl-ibmca-2.2.3/ChangeLog 2022-03-31 10:32:20.935374435 +0200
@@ -1,3 +1,6 @@
+* openssl-ibmca 2.2.3
+- Fix PKEY segfault with OpenSSL 3.0
+
* openssl-ibmca 2.2.2
- Fix tests with OpenSSL 3.0
- Build against libica 4.0
- There is no upstream NEWS file (or suchlike - the README.md is
- unchanged).
+ News:
+ -
+ There is no upstream NEWS file (or suchlike - the README.md is unchanged).
- The buildlog:
+ build log:
+ --
https://launchpadlibrarian.net/594086046/buildlog_ubuntu-jammy-s390x.openssl-ibmca_2.2.3-0ubuntu1_BUILDING.txt.gz
- The installlog:
+ Install log:
+
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt
+ Testing:
+
The previous link also includes the testing and verification that I did,
hence I can confirm that the reported problem is solved.
On top a testsuite is executed when the package is build.
Local build:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 28
# SKIP: 6
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
PPA:
Testsuite summary for openssl-ibmca 2.2.3
# TOTAL: 34
# PASS: 26
# SKIP: 8
# XFAIL: 0
# FAIL: 0
# XPASS: 0
# ERROR: 0
(Two more tests are (auto-)skipped when running a PPA build, because the
builder does not have access to the s390x crypto hardware.
(The other skipped tests are skipped by upstream, since they are known to
cause issues on openssl 3 systems).
+
+ description of proposed changes:
+
+
+ "PKEY: Fix usage of ECX keys" - the usage of ECX keys was fixed by using
proper missing set/get methods for opaque types.
+ New file src/openssl-compat.h introduced that holds the specific ossl_ecx*
function.
+ All this only effects ED25519, ED448, X25519 and X448 using s390x hardware
crypto.
+
+ "use correct libica for ibmca_mechaList_test" - the Makefile for
+ ibmca_mechaList_test is now generated during the configure run, to make
+ sure it links with the same libica variant as used by the ibmca.so
+ module.
+
+ "Fix compilation for OpenSSL 3.0" - the API used in the above commit is
+ not public (and introduces a line "include " that cannot
+ be resolved all the time - only compile if the OpenSSL 3.0 source tree
+ is present). Hence the defines to be used are now copied over, which
+ makes the engine compile even without OpenSSL 3.0 source tree.
+
+ In addition a sample config that allows to be simply copied over is
+ added to the package, as well as the script that generates it. That is
+ done for convenience reasons and reduces
[Bug 1967141] Re: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Description changed:
+ Please consider to accept the integration of this new openssl-
+ ibmca-2.2.3-0ubuntu1 package for jammy under the 'Freeze Exception
+ Process', because:
+
+ - a severe issue is fixed (sshd core dump while using hw crypto)
+ 6563dd2 ("use correct libica for ibmca_mechaList_test")
+
+ - another segmentation fault is fixed by:
+ e91e179 ("PKEY: Fix usage of ECX keys")
+
+ - and since these are the only two fixes between 2.2.2 and 2.2.3:
+ 93a12d3 (tag: v2.2.3) Update to version 2.2.3
+ 6563dd2 use correct libica for ibmca_mechaList_test
+ e91e179 PKEY: Fix usage of ECX keys
+ fae4490 (tag: v2.2.2) Update to version 2.2.2
+ the version 2.2.3 is a bug-fix only release,
+ and could be acceptable for a FFe
+ (according to https://wiki.ubuntu.com/FreezeExceptionProcess)
+
+ - But to get the new version compiled (esp. with e91e179) a backport of
+ e59cce5 ("Fix compilation for OpenSSL 3.0")
+ was needed on top.
+
+ - The package now ships a sample config
+ (as well as the script to generate it,
+in case one wants/needs to re-generate it).
+
+ Here is the diff of the upstream ChangeLog:
+ $ diff -u openssl-ibmca-2.2.2/ChangeLog openssl-ibmca-2.2.3/ChangeLog
+ --- openssl-ibmca-2.2.2/ChangeLog 2022-01-27 17:23:55.0 +0100
+ +++ openssl-ibmca-2.2.3/ChangeLog 2022-03-31 10:32:20.935374435 +0200
+ @@ -1,3 +1,6 @@
+ +* openssl-ibmca 2.2.3
+ +- Fix PKEY segfault with OpenSSL 3.0
+ +
+ * openssl-ibmca 2.2.2
+ - Fix tests with OpenSSL 3.0
+ - Build against libica 4.0
+
+ There is no upstream NEWS file (or suchlike - the README.md is
+ unchanged).
+
+ The buildlog:
+
https://launchpadlibrarian.net/594086046/buildlog_ubuntu-jammy-s390x.openssl-ibmca_2.2.3-0ubuntu1_BUILDING.txt.gz
+
+ The installlog:
+
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt
+
+ The previous link also includes the testing and verification that I did,
+ hence I can confirm that the reported problem is solved.
+ On top a testsuite is executed when the package is build.
+ Local build:
+
+ Testsuite summary for openssl-ibmca 2.2.3
+
+ # TOTAL: 34
+ # PASS: 28
+ # SKIP: 6
+ # XFAIL: 0
+ # FAIL: 0
+ # XPASS: 0
+ # ERROR: 0
+
+ PPA:
+
+ Testsuite summary for openssl-ibmca 2.2.3
+
+ # TOTAL: 34
+ # PASS: 26
+ # SKIP: 8
+ # XFAIL: 0
+ # FAIL: 0
+ # XPASS: 0
+ # ERROR: 0
+
+ (Two more tests are (auto-)skipped when running a PPA build, because the
builder does not have access to the s390x crypto hardware.
+ (The other skipped tests are skipped by upstream, since they are known to
cause issues on openssl 3 systems).
+
+ _
+
+
---Problem Description---
Summary
===
New IBM HW with Crypto Accelerator cards attached
- Kernel level: 5.14
+ Kernel level: 5.14
Core dump when configuring the ibmca engine with libica = libica.so.4 in the
openssl.cnf file in the engine section.
The problem only occurs with OpenSSL 3.0 and is immediately reproducible.
-
Details
===
HINT: To be able to receive core dump files at all it is needed to change the
/etc/systemd/system.conf file entry DefaultLimitCORE=0:infinity to read
- DefaultLimitCORE=infinity:infinity
+ DefaultLimitCORE=infinity:infinity
On a system with ibmca engine configured system wide, when trying to use
the libica.so.4 to support the ibmca engine the sshd daemon dumps core
upon the first login attempt.
# openssl engine -c
(dynamic) Dynamic engine loading support
(ibmca) Ibmca hardware engine support
- [RSA, DSA, DH]
-
+ [RSA, DSA, DH]
Debug Data
==
core dump file in the attachments.
-
- Contact Information = christian.r...@de.ibm.com
-
+
+ Contact Information = christian.r...@de.ibm.com
+
---uname output---
Linux system 5.14.
-
+
---Debugger---
A debugger is not configured
-
+
---Steps to Reproduce---
1.) Edit /etc/systemd/system.conf file to allow core dumps:
- Change the line DefaultLimitCORE=0:infinity
- to read DefaultLimitCORE=infinity:infinity
+ Change the line DefaultLimitCORE=0:infinity
+ to read DefaultLimitCORE=infinity:infinity
2.) run: systemctl daemon-reload
- systemctl restart systemd-coredump.socket
+ systemctl restart systemd-coredump.socket
3.) Run the /usr/share/doc/openssl-ibmca/ibmca-engine-opensslconfig perl
script
4.) Edit the /etc/pki/tls file near the end to contain the line
- to back the ibmca engine by the
[Bug 1967141] Re: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
Install-log and functional verification of the new package. ** Attachment added: "install-log_and_virification.txt" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575230/+files/install-log_and_virification.txt ** Summary changed: - [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) + [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [FFe] [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
diff between openssl-ibmca_2.2.2-0ubuntu1 and openssl-ibmca_2.2.3-0ubuntu1 debdiff_openssl-ibmca_from_2.2.2-0ubuntu1_to_2.2.3-0ubuntu1.diff ** Patch added: "debdiff_openssl-ibmca_from_2.2.2-0ubuntu1_to_2.2.3-0ubuntu1.diff" https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1967141/+attachment/5575218/+files/debdiff_openssl-ibmca_from_2.2.2-0ubuntu1_to_2.2.3-0ubuntu1.diff ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: linux (Ubuntu) Importance: Undecided => High ** Changed in: ubuntu-z-systems Importance: Undecided => High ** Changed in: linux (Ubuntu) Status: New => In Progress ** Changed in: ubuntu-z-systems Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
I've noticed that v2.2.3 is obviously a bugfix-only release: ... 93a12d3 (tag: v2.2.3) Update to version 2.2.3 6563dd2 use correct libica for ibmca_mechaList_test e91e179 PKEY: Fix usage of ECX keys fae4490 (tag: v2.2.2) Update to version 2.2.2 ... and according to the FFe definition, bugfix-only updates might be acceptable, so I will follow that route. I've created such a package: openssl-ibmca (2.2.3-0ubuntu1) jammy; urgency=medium * New upstream release. LP: #1967141 * The difference between 2.2.2 and 2.2.3 includes just these two fixes: - "PKEY: Fix usage of ECX keys" - "use correct libica for ibmca_mechaList_test" Rather than adding these as quilt patches, raising the package to the bugfix-only version that incl. them is preferable. * For "PKEY: Fix usage of ECX keys" a backport of "Fix compilation for OpenSSL 3.0" was needed: d/p/e59cce5-Fix-compilation-for-OpenSSL-3.0.patch * For convenience reasons a generated sample config is now included in the package, but also the optional configuration generator Perl script 'ibmca-engine-opensslconfig'. It built fine locally (on s390x - it's an s390x-only package). In addition I've did a PPA build of this package which is available here: https://launchpad.net/~fheimes/+archive/ubuntu/lp1967141 The build includes a run of the test suite: local build: Testsuite summary for openssl-ibmca 2.2.3 # TOTAL: 34 # PASS: 28 # SKIP: 6 # XFAIL: 0 # FAIL: 0 # XPASS: 0 # ERROR: 0 PPA: Testsuite summary for openssl-ibmca 2.2.3 # TOTAL: 34 # PASS: 26 # SKIP: 8 # XFAIL: 0 # FAIL: 0 # XPASS: 0 # ERROR: 0 (Two more tests are (auto-)skipped, because the builder does not have access to the s390x crypto hardware. (The other skipped tests are skipped by upstream, since they are known to cause issues on openssl 3 systems). On top I installed, tested ad verified the package on an s390x system: $ uname -a Linux s1lp15 5.15.0-23-generic #23-Ubuntu SMP Fri Mar 11 14:53:58 UTC 2022 s390x s390x s390x GNU/Linux $ apt-cache policy openssl-ibmca openssl-ibmca: Installed: 2.2.3-0ubuntu1 Candidate: 2.2.3-0ubuntu1 Version table: *** 2.2.3-0ubuntu1 100 100 /var/lib/dpkg/status 2.2.2-0ubuntu1 500 500 http://ports.ubuntu.com/ubuntu-ports jammy/universe s390x Packages And I can confirm that sshd does NOT core dump. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967141] Re: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca)
** Also affects: ubuntu-z-systems Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967141 Title: [UBUNTU 22.04] ibmca engine with libica = libica.so.4 - sshd dumps core (openssl-ibmca) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1967141/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1946463] Re: Ubuntu 20.04.3 default crashkernel size insufficient for kdump
*** This bug is a duplicate of bug 1877533 *** https://bugs.launchpad.net/bugs/1877533 This is now fixed in jammy and onward ... (LP#1877533) ** Changed in: linux (Ubuntu) Status: New => Fix Released ** Changed in: linux (Ubuntu) Assignee: Canonical Kernel Team (canonical-kernel-team) => (unassigned) ** Changed in: ubuntu-z-systems Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1946463 Title: Ubuntu 20.04.3 default crashkernel size insufficient for kdump To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1946463/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1877533] Re: [20.10 FEAT] Increase the crashkernel setting if the root volume is luks2-encrypted
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released ** Changed in: makedumpfile (Ubuntu Focal) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1877533 Title: [20.10 FEAT] Increase the crashkernel setting if the root volume is luks2-encrypted To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1877533/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962578] Re: [UBUNTU 20.04] Fix SIGP processing on KVM/s390
This bug was opened for focal and impish, bionic was not really requested and is not marked as affected, so I'm setting the verification-done-bionic tag to unblock further SRU processing. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962578 Title: [UBUNTU 20.04] Fix SIGP processing on KVM/s390 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962578/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962831] Re: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction
This bug was opened for focal, bionic was not really requested and is not marked as affected, so I'm setting the verification-done-bionic tag to unblock further SRU processing. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962831 Title: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962831/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962578] Re: [UBUNTU 20.04] Fix SIGP processing on KVM/s390
Thank you Eric for the verifications! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962578 Title: [UBUNTU 20.04] Fix SIGP processing on KVM/s390 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962578/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1965766] Re: zfcpdump-kernel update to v5.15
I can confirm that the zfcpdump-kernel package in version 5.15-0ubuntu1 located in jammy-proposed works fine on s390x. I've dumped using an LPAR loading the previously prepared LUN that incl. the dumper. A proper dump was written, that can be read, opened and analyzed. $ apt-cache policy zfcpdump-kernel zfcpdump-kernel: Installed: 5.15-0ubuntu1 Candidate: 5.15-0ubuntu1 Version table: *** 5.15-0ubuntu1 500 500 http://us.ports.ubuntu.com/ubuntu-ports jammy-proposed/universe s390x Packages 100 /var/lib/dpkg/status 5.4-0ubuntu2 500 500 http://ports.ubuntu.com/ubuntu-ports jammy/universe s390x Packages $ sudo zgetdump -i /dev/mapper/mpatha-part1 General dump info: Dump format: elf Version: 1 UTS node name..: zbox UTS kernel release.: 5.15.0-23-generic UTS kernel version.: #23-Ubuntu SMP Fri Mar 11 14:53:58 UTC 2022 System arch: s390x (64 bit) CPU count (online).: 8 Dump memory range..: 32768 MB Memory map: - 0007 (32768 MB) (more details see attachment) ** Attachment added: "zfcp-dump-test.txt" https://bugs.launchpad.net/ubuntu/+source/zfcpdump-kernel/+bug/1965766/+attachment/5571955/+files/zfcp-dump-test.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965766 Title: zfcpdump-kernel update to v5.15 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zfcpdump-kernel/+bug/1965766/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1954676] Re: jammy 5.15 kernel soft lockup when zfs.ko is loaded on s390x w/ gcc >= 11.2.0-10ubuntu1 / gcc-11 PLT regression on s390x
Upadting the 'affects jammy' kernel entry as well. Since commit 'f3b7e73b2c6619884351a3a0a7468642f852b8a2' is included in jammy's 5.15 since Ubuntu-5.15.0-20.20, I'm updating the status to Fix released and with this the projects entry, too. ** Changed in: linux (Ubuntu Jammy) Status: Fix Committed => Fix Released ** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954676 Title: jammy 5.15 kernel soft lockup when zfs.ko is loaded on s390x w/ gcc >= 11.2.0-10ubuntu1 / gcc-11 PLT regression on s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1954676/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960875] Re: [UBUNTU 21.10] s390/cio: verify the driver availability for path_event call
Meanwhile this also landed in jammy: linux-generic | 5.15.0.23.25 | jammy hence updating the "affects jammy" entry to Fix Released, and with that the project entry becomes Fix Released, too. ** Changed in: linux (Ubuntu Jammy) Status: In Progress => Fix Released ** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960875 Title: [UBUNTU 21.10] s390/cio: verify the driver availability for path_event call To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960875/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959529] Re: Hipersocket page allocation failure on Ubuntu 20.04 based SSC environments
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959529 Title: Hipersocket page allocation failure on Ubuntu 20.04 based SSC environments To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959529/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960182] Re: [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960182 Title: [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960182/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1933176] Re: [22.04 FEAT] KVM: Enable storage key checking for intercepted instructions handled by KVM
*** This bug is a duplicate of bug 1933179 *** https://bugs.launchpad.net/bugs/1933179 ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1933176 Title: [22.04 FEAT] KVM: Enable storage key checking for intercepted instructions handled by KVM To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1933176/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959462] Re: [22.04 FEAT] Upgrade glibc to latest version
*** This bug is a duplicate of bug 1959429 *** https://bugs.launchpad.net/bugs/1959429 ** This bug has been marked a duplicate of bug 1959429 [22.04 FEAT] Upgrade glibc to latest version -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959462 Title: [22.04 FEAT] Upgrade glibc to latest version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959462/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961427] Re: zlib: compressBound() returns an incorrect result on z15
** Changed in: zlib (Ubuntu Jammy) Status: In Progress => Incomplete ** Changed in: ubuntu-z-systems Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961427 Title: zlib: compressBound() returns an incorrect result on z15 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1961427/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962831] Re: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction
This is Fix Released for jammy, since addressed at LP#1933179. ** Changed in: linux (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962831 Title: [UBUNTU 20.04] KVM: Enable storage key checking for intercepted instruction To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1962831/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960117] Re: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware
*** This bug is a duplicate of bug 1960182 *** https://bugs.launchpad.net/bugs/1960182 ** Changed in: linux (Ubuntu) Status: In Progress => Fix Released ** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960117 Title: [22.04 FEAT] Add new CPU-MF Counters for new IBM Z Hardware To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960117/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1853152] Re: [22.04 FEAT] In-kernel crypto: SIMD implementation of chacha20
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1853152 Title: [22.04 FEAT] In-kernel crypto: SIMD implementation of chacha20 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1853152/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1933179] Re: [22.04 FEAT] KVM: Enable storage key checking for intercepted instruction handled by userspace
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1933179 Title: [22.04 FEAT] KVM: Enable storage key checking for intercepted instruction handled by userspace To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1933179/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959735] Re: [22.04 FEAT] KVM: Improve SIGP architectural compliance
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959735 Title: [22.04 FEAT] KVM: Improve SIGP architectural compliance To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959735/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959890] Re: [22.04 FEAT] Deactivitate CONFIG_QETH_OSX kernel config option
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959890 Title: [22.04 FEAT] Deactivitate CONFIG_QETH_OSX kernel config option To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959890/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1959977] Re: [22.04 FEAT] KVM: Enable GISA support for Secure Execution guests
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1959977 Title: [22.04 FEAT] KVM: Enable GISA support for Secure Execution guests To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1959977/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960182] Re: [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7
** Changed in: ubuntu-z-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960182 Title: [UBUNTU 20.04] kernel: Add support for CPU-MF counter second version 7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960182/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960580] Re: [22.04 FEAT] [KRN1918] Long kernel command line on s390x
** Changed in: ubuntu-z-systems Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960580 Title: [22.04 FEAT] [KRN1918] Long kernel command line on s390x To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1960580/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929035] Re: [22.04 FEAT] SMC-R v2 Support
Pull request submitted to kernel team's mailing list: https://lists.ubuntu.com/archives/kernel-team/2022-March/thread.html#128771 changing status to 'In Progress'. ** Information type changed from Private to Public ** Changed in: linux (Ubuntu) Status: Incomplete => In Progress ** Changed in: ubuntu-z-systems Status: Incomplete => In Progress ** Changed in: linux (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Canonical Kernel Team (canonical-kernel-team) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929035 Title: [22.04 FEAT] SMC-R v2 Support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1929035/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
