Bug #1767133 “linux-image-4.15.0-20-generic install after upgrad...” : Bugs : linux package : Ubuntu

Thadeu Lima de Souza Cascardo (cascardo) on 2018-04-26

Changed in linux (Ubuntu Xenial):
status:	New → Invalid
Changed in linux (Ubuntu Bionic):
status:	New → Confirmed
status:	Confirmed → In Progress
assignee:	nobody → Thadeu Lima de Souza Cascardo (cascardo)
Changed in linux-hwe-edge (Ubuntu Bionic):
status:	New → Invalid
Changed in linux-hwe-edge (Ubuntu Xenial):
status:	New → Confirmed

Thadeu Lima de Souza Cascardo (cascardo) on 2018-04-26

description:

updated

Revision history for this message

volker kempter (v-kempter) wrote on 2018-04-27:

#1

kernel 4.15.0-20, backported to 16.04:

install is okay, BUT no boot (kernel panic); afterwards, the kernel is uninstallable!

The same behaviour is found with kernel 4.19.0-19 for bionic.

Had to remove the .postinit, .postrm, etc. files in /var/lib/dpkg/info/ in order to be able to use the apt commands....

The same behaviour is found with kernel 4.19.0-19 for bionic.

Revision history for this message

Artem V L (artvl) wrote on 2018-04-27:

#2

The same issue happens starting with the kernel 4.14.36 (also exists with the 4.14.37) on Ubuntu 16.04 x64, note that 4.14.35 installed fine.

Thadeu Lima de Souza Cascardo (cascardo) on 2018-04-30

Changed in linux (Ubuntu Bionic):
status:	In Progress → Fix Committed

Revision history for this message

Brad Figg (brad-figg) wrote on 2018-05-02:

#3

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-bionic

Revision history for this message

volker kempter (v-kempter) wrote on 2018-05-02:

#4

ad #3:

earlier today, I have tested the kernel 4.15.0-21 under lubuntu-16.04, taken from ppa:canonical-kernel-team/ppa.

So far, 3 consecutive boots without problems.

I will report back after I have de - installed this kernel again, and have replaced it by what I find in xenial-proposed.

Revision history for this message

volker kempter (v-kempter) wrote on 2018-05-03:

#5

ad #3 (continued):

attempt to de - install kernel 4.15.0-21: not possible to de - install the image 4.15.0-21!
Removed the .postrm and .generic.list files, related to this kernel, in /var/lib/dpkg/info/ in order to be able to get "apt" working.

Found 4.15.0-20~16.04 (version april 25) in /xenial-proposed -> installed it -> wifi works -> three consecutive boots were successful -> other than 4.15.0-21, kernel 4.15.0-20~16.04 could be de -installed without any problems.

Revision history for this message

Thadeu Lima de Souza Cascardo (cascardo) wrote on 2018-05-03:

#6

Hi, volker.

Your report about not being able to deinstall kernel 4.15.0-21 is not that much useful without logs. Can you install it and then try to deinstall it again, and attach the console output that shows that it fails?

Thanks.
Cascardo.

Revision history for this message

volker kempter (v-kempter) wrote on 2018-05-03:

#7

kernel 4.15.0-21:

hi cascardo,
previously, I attempted to remove the kernel via synaptic. And linux-image-4.15.0-21 could not be removed.

This time I did
apt-get remove --purge.

I get (translation from german)

rmdir: /lib/modules/4.15.0-21-generic could not be removed: not empty,
and
dpkg: during removal of linux-modules-4.15.0-21-generic, the directory /lib/modules/4.15.0-21 is not empty. Thus, will not be removed.

However, this time the kernel is indeed removed completely (all 5 .deb files).

In fact, /lib/modules/4.15.0-21-generic contains stuff related to virtualbox only, such as vboxdrv.ko (3 more .ko files). Maybe, these are remnants from the previous incomplete removal of the kernel?

volker

Revision history for this message

Dell-Ubuntu (toto740) wrote on 2018-05-08: [Bug 1767133] Re: linux-image-4.15.0-20-generic 2 new bugs

#8

Hello !

Sorry for my bad level in english.

*Linux mint 18.3*

https://forums.linuxmint.com/viewtopic.php?f=63&t=269037&p=1466925#p1466925

1- that cuts graphic acceleration
2- bug that cuts the network function (Rj45 and Wifi turned off)

friendly,

Toto.

Revision history for this message

Clement Lefebvre (clementlefebvre) wrote on 2018-05-08:

#9

The kernel postinst script uses linux-update-symlinks, this is only available in linux-base starting from version 4.1.

Installation/upgrade of this kernel package will therefore fail if the installed version of linux-base is smaller than 4.1 (Xenial shipped with 4.0).

Revision history for this message

Olivier Louvignes (olouvignes) wrote on 2018-05-09:

#10

Can confirm this breaks unattended upgrades of 16.04 devices with hwe installed:

# dpkg-reconfigure linux-image-4.15.0-20-generic
/usr/sbin/dpkg-reconfigure: linux-image-4.15.0-20-generic is broken or not fully installed

However I don't know how it can happen but the grub is modified, and it won't ever reboot.

root@player-3fd4:~# cat /boot/grub/grub.cfg | grep 4.15.0-20-generic | wc -l
10

We have lost hundreds of devices today after reboot with no seemingly possible remote intervention. This is going to be a nightmare for a lot of people...

Kleber Sacilotto de Souza (kleber-souza) on 2018-05-15

Changed in linux-hwe-edge (Ubuntu Xenial):
status:	Confirmed → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-05-21:

#11

This bug was fixed in the package linux - 4.15.0-22.24

---------------
linux (4.15.0-22.24) bionic; urgency=medium

  * CVE-2018-3639 (powerpc)
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - stf-barrier: set eieio instruction bit 6 for future optimisations

  * CVE-2018-3639 (x86)
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

linux (4.15.0-21.22) bionic; urgency=medium

* linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)

  * initramfs-tools exception during pm.DoInstall with do-release-upgrade from
    16.04 to 18.04 (LP: #1766727)
    - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)

  * linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools

  * linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
    (LP: #1766629)
    - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

-- Stefan Bader <email address hidden> Tue, 15 May 2018 07:41:28 +0200

This bug was fixed in the package linux - 4.15.0-22.24

---------------
linux (4.15.0-22.24) bionic; urgency=medium

* CVE-2018-3639 (powerpc)
    - powerpc/64s: Add support for a store forwarding barrier at kernel entry/exit
    - stf-barrier: set eieio instruction bit 6 for future optimisations

* CVE-2018-3639 (x86)
    - x86/nospec: Simplify alternative_msr_write()
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static

* LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

linux (4.15.0-21.22) bionic; urgency=medium

* linux: 4.15.0-21.22 -proposed tracker (LP: #1767397)

* initramfs-tools exception during pm.DoInstall with  do-release-upgrade from
    16.04 to 18.04  (LP: #1766727)
    - Add linux-image-* Breaks on s390-tools (<< 2.3.0-0ubuntu3)

* linux-image-4.15.0-20-generic install after upgrade from xenial breaks
    (LP: #1767133)
    - Packaging: Depends on linux-base that provides the necessary tools

* linux-image packages need to Breaks flash-kernel << 3.90ubuntu2
    (LP: #1766629)
    - linux-image-* breaks on flash-kernel (<< 3.90ubuntu2)

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 15 May 2018 07:41:28 +0200

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-05-22:

#12

This bug was fixed in the package linux-hwe-edge - 4.15.0-22.24~16.04.1

---------------
linux-hwe-edge (4.15.0-22.24~16.04.1) xenial; urgency=medium