EFI: Fails when BootCurrent entry does not exist

Looking back at your patch:

Index: curtin-20.1-29-g81144052/curtin/util.py
===================================================================
--- curtin-20.1-29-g81144052.orig/curtin/util.py
+++ curtin-20.1-29-g81144052/curtin/util.py
@@ -886,6 +886,7 @@ def get_efibootmgr(target=None):
     """
     with ChrootableTarget(target=target) as in_chroot:
         stdout, _ = in_chroot.subp(['efibootmgr', '-v'], capture=True)
+ LOG.info("DANNF:\n%s", stdout)
         output = parse_efibootmgr(stdout)
         return output

And the logs:

Running command ['unshare', '--fork', '--pid', '--', 'chroot', '/tmp/tmp6ha4_iz2/target', 'efibootmgr', '-v'] with allowed return codes [0] (capture=True)
DANNF:
BootCurrent: 0003
Timeout: 10 seconds
BootOrder: 0003,0004,0005,0006,0001

The firmware appears to have no entries at all; but somehow has a BootCurrent and a BootOrder pointing to entries that don't exist. This certainly has to be a firmware bug no?

I'm also assuming a firmware bug here, but I need to consult the specification. If it is a clear firmware bug then I think plan A should certainly be to pressure the vendor to release a fix.

Either way, I think we're likely to run into users suffering from this issue for a while. I tend to see issues like this appear on one platform only to reappear on other platforms in the future. And even if there is a firmware solution, we can't expect users to always be running the latest and greatest firmware. I'd therefore propose that we try to detect the issue and warn users of the problem - maybe even linking to this bug.

@Dann

OK. That sounds reasonable. For this issue, curtin can (and I think it makes sense) ignore a BootCurrent value if there is no corresponding entry; warn in the logs that it's missing, check your firmware, etc... and proceed if it can.

@dann @ryan

RE: I'm also assuming a firmware bug here, but I need to consult the specification. If it is a clear firmware bug then I think plan A should certainly be to pressure the vendor to release a fix.

Is there a way we can verify that the firmware is the true issue? I have Dell R420's running the latest firmware and can assist with testing if you'd like. If this can't be fixed I'll be forced to completely move away from MAAS and find another solution for bare metal provisioning :(

I posted my issues in Discourse: https://discourse.maas.io/t/maas-is-changing-my-boot-order/3491

@dann @ryan

FYI - I refreshed to Snap 2.9.0~beta6-9039-g.5a2ba747e and it looks like my boot order woes are fixed now.

@nb This issue is *slightly* different than the other bug related to missing BootCurrent value.

The previous bug which is fixed in curtin happens when the BootCurrent value is not present in the efibootmgr output.

This bug has a BootCurrent value, like 0003, however, the Entries provided by efibootmgr do not have one for 0003.

Here's the raw output from efibootmgr -v:

BootCurrent: 0003
Timeout: 10 seconds
BootOrder: 0003,0004,0005,0006,0001

This system has no boot entries; this is a firmware bug.

From the log file, after curtin adds an entry for Ubuntu we can see the boot entries look like this:

{
  "current": "0003",
  "timeout": "10 seconds",
  "order": [
    "0000"
  ],
  "entries": {
    "0000": {
      "name": "ubuntu",
      "path": "HD(1,GPT,0937ffdf-628c-4161-8b2f-5920235669c6,0x800,0x100000)/File(\\EFI\\ubuntu\\shimx64.efi)"
    }
  }
}

Current pointed entry '0003', however, the list of entries only contains '0000' (what curtin just installed). Then when curtin attempts to place the newly installed entry at the beginning of the BootOrder list, it fails when we run this command:

efibootmgr -o 0003,0000
Invalid BootOrder order entry value0003
                                     ^
efibootmgr: entry 0003 does not exist

The fix for this in curtin is to verify that BootCurrent points to an existing entry; if not, then we ignore the BootCurrent value.

@Dann

For this firmware bug where we have missing entries; Have you ever booted this up and had efibootmgr show all of the entries?

Looking at this output here:

BootCurrent: 0003
Timeout: 10 seconds
BootOrder: 0000,0003,0004,0005,0006,0001
Boot0000* ubuntu HD(1,GPT,0937ffdf-628c-4161-8b2f-5920235669c6,0x800,0x100000)/File(\EFI\ubuntu\shimx64.efi)

With my suggested change to ignore BootCurrent since it does not have a matching entry; curtin can at best put the new entry 0000 first in order (note this is already done by grub-install).

This does mean that the node will be lost from maas control since it is no longer PXE booting...
Is that acceptable?

I tried to prove whether or not this is a firmware issue or, perhaps, a bug in efibootmgr or curtin's calling of it. I deployed an affected system w/ MAAS w/ init=/bin/bash on the cmdline, and was surprised to see that efibootmgr showed the full expected set of Boot variables. However, if I ssh'd in while MAAS was deploying, efibootmgr was missing some. Turns out this depends on which virtual file system efibootmgr is using.

efivarfs is commonly mounted under /sys/firmware/efi/efivars, and is what efibootmgr prefers:

$ ls /sys/firmware/efi/efivars | grep ^Boot
ls: reading directory '/sys/firmware/efi/efivars': Input/output error
Boot mode select-7683c190-9523-4402-81ff-a11e93dc389c
Boot0000-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootCurrent-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOptionSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c

If /sys/firmware/efi/efivars is not there, efibootmgr appears to fallback to /sys/firmware/efi/vars which the kernel always exposes:

$ ls /sys/firmware/efi/vars | grep ^Boot
Boot mode select-7683c190-9523-4402-81ff-a11e93dc389c
Boot0000-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0001-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0003-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0004-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0005-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0006-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootCurrent-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOptionSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c

With init=/bin/bash, efivarfs is not yet mounted, which is why I see the full set at that point.

So why are these variables not visible in efivarfs? And does the "Input/output error" ls reports have something to do with it?

strace shows that the -EIO is coming from a getdents64() call:

openat(AT_FDCWD, "/sys/firmware/efi/efivars/", O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_DIRECTORY) = 3
fstat(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
getdents64(3, /* 65 entries */, 32768) = 4800
getdents64(3, 0x5625e2d36510, 32768) = -1 EIO (Input/output error)

I built a 5.10-rc1+ kernel to see if this is maybe a kernel but that was already fixed upstream.
Turns out, the issue goes away there:

$ ls /sys/firmware/efi/efivars | grep ^Boot
Boot mode select-7683c190-9523-4402-81ff-a11e93dc389c
Boot0000-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0001-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0003-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0004-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0005-8be4df61-93ca-11d2-aa0d-00e098032b8c
Boot0006-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootCurrent-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOptionSupport-8be4df61-93ca-11d2-aa0d-00e098032b8c
BootOrder-8be4df61-93ca-11d2-aa0d-00e098032b8c

I'm now trying to determine what changed in the kernel.

Ah:

commit 336af6a4686d885a067ecea8c3c3dd129ba4fc75 (refs/bisect/bad)
Author: Michael Schaller <email address hidden>
Date: Fri Sep 25 09:45:02 2020 +0200

    efivarfs: Replace invalid slashes with exclamation marks in dentries.

    Without this patch efivarfs_alloc_dentry creates dentries with slashes in
    their name if the respective EFI variable has slashes in its name. This in
    turn causes EIO on getdents64, which prevents a complete directory listing
    of /sys/firmware/efi/efivars/.

    This patch replaces the invalid shlashes with exclamation marks like
    kobject_set_name_vargs does for /sys/firmware/efi/vars/ to have consistently
    named dentries under /sys/firmware/efi/vars/ and /sys/firmware/efi/efivars/.

    Signed-off-by: Michael Schaller <email address hidden>
    Link: https://<email address hidden>
    Signed-off-by: Ard Biesheuvel <email address hidden>

With the above patch applied, we can see the culprit directories:

$ sudo find /sys/firmware/efi/vars/ -type d | grep \!
/sys/firmware/efi/vars/Pwr!Perf Profiles-7683c190-9523-4402-81ff-a11e93dc389c
/sys/firmware/efi/vars/Intel(R) VT for Directed I!O (VT-d)-7683c190-9523-4402-81ff-a11e93dc389c

Patch backport to stable:
  https://www.spinics.net/lists/stable/msg423555.html

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-groovy' to 'verification-done-groovy'. If the problem still exists, change the tag 'verification-needed-groovy' to 'verification-failed-groovy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

= focal verification =
ubuntu@ubuntu:~$ cat /proc/version
Linux version 5.4.0-55-generic (buildd@lcy01-amd64-013) (gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04)) #61-Ubuntu SMP Mon Nov 9 20:49:56 UTC 2020
ubuntu@ubuntu:~$ ls /sys/firmware/efi/efivars/ | grep FOO
FOO!BAR-8ed72b3f-ad26-4d5c-aa36-38689635cac3

= groovy verification =
ubuntu@ubuntu:~$ cat /proc/version
Linux version 5.8.0-30-generic (buildd@lgw01-amd64-009) (gcc (Ubuntu 10.2.0-13ubuntu1) 10.2.0, GNU ld (GNU Binutils for Ubuntu) 2.35.1) #32-Ubuntu SMP Mon Nov 9 21:03:15 UTC 2020
ubuntu@ubuntu:~$ ls /sys/firmware/efi/efivars | grep FOO
FOO!BAR-8ed72b3f-ad26-4d5c-aa36-38689635cac3

= bionic verification =
ubuntu@ubuntu:~$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.15.0-125-generic root=UUID=9e45081a-7e2b-4294-8b2f-4ccb8139ed67 ro console=tty1 console=ttyS0
ubuntu@ubuntu:~$ ls /sys/firmware/efi/efivars/ | grep FOO
FOO!BAR-8ed72b3f-ad26-4d5c-aa36-38689635cac3

= xenial verification -
ubuntu@ubuntu:~$ cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-4.4.0-195-generic root=UUID=6f35ed47-31af-4f66-b33f-5863971f8df0 ro console=tty1 console=ttyS0
ubuntu@ubuntu:~$ ls /sys/firmware/efi/efivars/ | grep FOO
FOO!BAR-8ed72b3f-ad26-4d5c-aa36-38689635cac3

This bug was fixed in the package linux - 5.4.0-56.62

---------------
linux (5.4.0-56.62) focal; urgency=medium

  * focal/linux: 5.4.0-56.62 -proposed tracker (LP: #1905300)

  * CVE-2020-4788
    - selftests/powerpc: rfi_flush: disable entry flush if present
    - powerpc/64s: flush L1D on kernel entry
    - powerpc/64s: flush L1D after user accesses
    - selftests/powerpc: entry flush test

linux (5.4.0-55.61) focal; urgency=medium

  * focal/linux: 5.4.0-55.61 -proposed tracker (LP: #1903175)

  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: fix discard limits for raid1 and raid10
    - dm raid: remove unnecessary discard limits for raid10

  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: drop unnecessary offset_in_page in extent buffer helpers
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks

  * Ethernet no link lights after reboot (Intel i225-v 2.5G) (LP: #1902578)
    - igc: Add PHY power management control

  * Undetected Data corruption in MPI workloads that use VSX for reductions on
    POWER9 DD2.1 systems (LP: #1902694)
    - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation
    - selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load
      workaround

  * [20.04 FEAT] Support/enhancement of NVMe IPL (LP: #1902179)
    - s390: nvme ipl
    - s390: nvme reipl
    - s390/ipl: support NVMe IPL kernel parameters

  * uvcvideo: add mapping for HEVC payloads (LP: #1895803)
    - media: uvcvideo: Add mapping for HEVC payloads

  * Focal update: v5.4.73 upstream stable release (LP: #1902115)
    - ibmveth: Switch order of ibmveth_helper calls.
    - ibmveth: Identify ingress large send packets.
    - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route
    - mlx4: handle non-napi callers to napi_poll
    - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable()
    - net: fec: Fix PHY init after phy_reset_after_clk_enable()
    - net: fix pos incrementment in ipv6_route_seq_next
    - net/smc: fix valid DMBE buffer sizes
    - net...

This bug was fixed in the package linux - 4.4.0-197.229

---------------
linux (4.4.0-197.229) xenial; urgency=medium

  * xenial/linux: 4.4.0-197.229 -proposed tracker (LP: #1905489)

  * sha1_ce and sha2_ce modules no longer load on arm64 (LP: #1905336)
    - SAUCE: Revert "crypto: arm64/sha - avoid non-standard inline asm tricks"

  * Fails to build on powerpc (LP: #1905475)
    - powerpc/uaccess-flush: fix corenet64_smp_defconfig build
    - SAUCE: powerpc/uaccess: only include kup-radix.h on PPC_BOOK3S_64

linux (4.4.0-196.228) xenial; urgency=medium

  * xenial/linux: 4.4.0-196.228 -proposed tracker (LP: #1905309)

  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

linux (4.4.0-195.227) xenial; urgency=medium

  * xenial/linux: 4.4.0-195.227 -proposed tracker (LP: #1903107)

  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * CVE-2020-25645
    - geneve: add transport ports in route lookup for geneve

  * Xenial update: v4.4.241 upstream stable release (LP: #1902097)
    - ibmveth: Identify ingress large send packets.
    - tipc: fix the skb_unshare() in tipc_buf_append()
    - net/ipv4: always honour route mtu during forwarding
    - r8169: fix data corruption issue on RTL8402
    - ALSA: bebob: potential info leak in hwdep_read()
    - mm/kasan: print name of mem[set,cpy,move]() caller in report
    - mm/kasan: add API to check memory regions
    - compiler.h, kasan: Avoid duplicating __read_once_size_nocheck()
    - compiler.h: Add read_word_at_a_time() function.
    - lib/strscpy: Shut up KASAN false-positives in strscpy()
    - x86/mm/ptdump: Fix soft lockup in page table walker
    - net: hdlc: In hdlc_rcv, check to make sure dev is an HDLC device
    - net: hdlc_raw_eth: Clear the IFF_TX_SKB_SHARING flag after calling
      ether_setup
    - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in
      nfc_genl_fw_download()
    - tcp: fix to update snd_wl1 in bulk receiver fast path
    - icmp: randomize the global rate limiter
    - cifs: remove bogus debug code
    - ima: Don't ignore errors from crypto_shash_update()
    - EDAC/i5100: Fix error handling order in i5100_init_one()
    - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call
    - media: Revert "media: exynos4-is: Add missed check for
      pinctrl_lookup_state()"
 ...

This bug was fixed in the package linux - 5.8.0-31.33

---------------
linux (5.8.0-31.33) groovy; urgency=medium

  * groovy/linux: 5.8.0-31.33 -proposed tracker (LP: #1905299)

  * Groovy 5.8 kernel hangs on boot on CPUs with eLLC (LP: #1903397)
    - drm/i915: Mark ininitial fb obj as WT on eLLC machines to avoid rcu lockup
      during fbdev init

  * CVE-2020-4788
    - selftests/powerpc: rfi_flush: disable entry flush if present
    - powerpc/64s: flush L1D on kernel entry
    - powerpc/64s: flush L1D after user accesses
    - selftests/powerpc: entry flush test

linux (5.8.0-30.32) groovy; urgency=medium

  * groovy/linux: 5.8.0-30.32 -proposed tracker (LP: #1903194)

  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout
    - dm raid: fix discard limits for raid1 and raid10
    - dm raid: remove unnecessary discard limits for raid10

  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks

  * Tiger Lake PMC core driver fixes (LP: #1899883)
    - platform/x86: intel_pmc_core: update TGL's LPM0 reg bit map name
    - platform/x86: intel_pmc_core: fix bound check in pmc_core_mphy_pg_show()
    - platform/x86: pmc_core: Use descriptive names for LPM registers
    - platform/x86: intel_pmc_core: Fix TigerLake power gating status map
    - platform/x86: intel_pmc_core: Fix the slp_s0 counter displayed value

  * drm/i915/dp_mst - System would hang during the boot up. (LP: #1902469)
    - Revert "UBUNTU: SAUCE: drm/i915/display: Fix null deref in
      intel_psr_atomic_check()"
    - drm/i915: Fix encoder lookup during PSR atomic check

  * Undetected Data corruption in MPI workloads that use VSX for reductions on
    POWER9 DD2.1 systems (LP: #1902694)
    - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation
    - selftests/powerpc: Make alignment handler test P9N DD2.1 vector CI load
      workaround

  * [20.04 FEAT] Support/enhancement of NVMe IPL (LP: #1902179)
    - s390/ipl: support NVMe IPL kernel parameters

  * uvcvideo: add mapping for HEVC payloads (LP: #1895803)
    - media: uvcvideo: Add mapping for HEVC payloads

  * risc-v 5.8 ...

This bug was fixed in the package linux - 4.15.0-126.129

---------------
linux (4.15.0-126.129) bionic; urgency=medium

  * bionic/linux: 4.15.0-126.129 -proposed tracker (LP: #1905305)

  * CVE-2020-4788
    - SAUCE: powerpc/64s: Define MASKABLE_RELON_EXCEPTION_PSERIES_OOL
    - SAUCE: powerpc/64s: move some exception handlers out of line
    - powerpc/64s: flush L1D on kernel entry
    - SAUCE: powerpc: Add a framework for user access tracking
    - powerpc: Implement user_access_begin and friends
    - powerpc: Fix __clear_user() with KUAP enabled
    - powerpc/uaccess: Evaluate macro arguments once, before user access is
      allowed
    - powerpc/64s: flush L1D after user accesses

linux (4.15.0-125.128) bionic; urgency=medium

  * bionic/linux: 4.15.0-125.128 -proposed tracker (LP: #1903137)

  * Update kernel packaging to support forward porting kernels (LP: #1902957)
    - [Debian] Update for leader included in BACKPORT_SUFFIX

  * Avoid double newline when running insertchanges (LP: #1903293)
    - [Packaging] insertchanges: avoid double newline

  * EFI: Fails when BootCurrent entry does not exist (LP: #1899993)
    - efivarfs: Replace invalid slashes with exclamation marks in dentries.

  * CVE-2020-14351
    - perf/core: Fix race in the perf_mmap_close() function

  * raid10: Block discard is very slow, causing severe delays for mkfs and
    fstrim operations (LP: #1896578)
    - md: add md_submit_discard_bio() for submitting discard bio
    - md/raid10: extend r10bio devs to raid disks
    - md/raid10: pull codes that wait for blocked dev into one function
    - md/raid10: improve raid10 discard request
    - md/raid10: improve discard request for far layout

  * Bionic: btrfs: kernel BUG at /build/linux-
    eTBZpZ/linux-4.15.0/fs/btrfs/ctree.c:3233! (LP: #1902254)
    - btrfs: use offset_in_page instead of open-coding it
    - btrfs: use BUG() instead of BUG_ON(1)
    - btrfs: drop unnecessary offset_in_page in extent buffer helpers
    - btrfs: extent_io: do extra check for extent buffer read write functions
    - btrfs: extent-tree: kill BUG_ON() in __btrfs_free_extent()
    - btrfs: extent-tree: kill the BUG_ON() in insert_inline_extent_backref()
    - btrfs: ctree: check key order before merging tree blocks

  * Bionic update: upstream stable patchset 2020-11-04 (LP: #1902943)
    - USB: gadget: f_ncm: Fix NDP16 datagram validation
    - gpio: tc35894: fix up tc35894 interrupt configuration
    - vsock/virtio: use RCU to avoid use-after-free on the_virtio_vsock
    - vsock/virtio: stop workers during the .remove()
    - vsock/virtio: add transport parameter to the
      virtio_transport_reset_no_sock()
    - net: virtio_vsock: Enhance connection semantics
    - Input: i8042 - add nopnp quirk for Acer Aspire 5 A515
    - ftrace: Move RCU is watching check after recursion check
    - drm/amdgpu: restore proper ref count in amdgpu_display_crtc_set_config
    - drivers/net/wan/hdlc_fr: Add needed_headroom for PVC devices
    - drm/sun4i: mixer: Extend regmap max_register
    - net: dec: de2104x: Increase receive ring size for Tulip
    - rndis_host: increase sleep time in the query-response loop
    - nvme-core: get/put ctrl ...

This bug was fixed in the package linux - 5.8.0-36.40+21.04.1

---------------
linux (5.8.0-36.40+21.04.1) hirsute; urgency=medium

  * Packaging resync (LP: #1786013)
    - update dkms package versions

  [ Ubuntu: 5.8.0-36.40 ]

  * debian/scripts/file-downloader does not handle positive failures correctly
    (LP: #1878897)
    - [Packaging] file-downloader not handling positive failures correctly

  [ Ubuntu: 5.8.0-35.39 ]

  * Packaging resync (LP: #1786013)
    - update dkms package versions
  * CVE-2021-1052 // CVE-2021-1053
    - [Packaging] NVIDIA -- Add the NVIDIA 460 driver

 -- Kleber Sacilotto de Souza <email address hidden> Thu, 07 Jan 2021 11:57:30 +0100