ubuntu-drivers-common (1:0.9.7.10) from oracular-proposed fixes the bug 1. Launch AWS instance g5.xlarge (1x Nvidia Ampere A10G GPU) running 24.10. 2. Enable oracular-proposed repository and install ubuntu-drivers-common. 3. Add CKT PPA "ppa:canonical-kernel-team/ppa" with new nvidia drivers that do not have LRM created (true at the time of testing) 4. Run "ubuntu-drivers list --gpgpu" 5. Run "ubuntu-drivers list --gpgpu --include-dkms" 4. Observe correct installation of packages. The list with of packages shows extra entries:
No DKMS included: nvidia-driver-535-server, (kernel modules provided by linux-modules-nvidia-535-server-generic) nvidia-driver-535-server-open, (kernel modules provided by linux-modules-nvidia-535-server-open-generic) with DKMS included: nvidia-driver-570-server-open, (kernel modules provided by nvidia-dkms-570-server-open) nvidia-driver-535-server, (kernel modules provided by linux-modules-nvidia-535-server-generic) nvidia-driver-570-server, (kernel modules provided by nvidia-dkms-570-server) nvidia-driver-535-server-open, (kernel modules provided by linux-modules-nvidia-535-server-open-generic) nvidia-driver-565-open, (kernel modules provided by nvidia-dkms-565-open) nvidia-driver-565, (kernel modules provided by nvidia-dkms-565) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-drivers-common in Ubuntu. https://bugs.launchpad.net/bugs/2090924 Title: introduce --include-dkms optional flag Status in ubuntu-drivers-common package in Ubuntu: Fix Released Status in ubuntu-drivers-common source package in Jammy: New Status in ubuntu-drivers-common source package in Noble: New Status in ubuntu-drivers-common source package in Oracular: Fix Committed Status in ubuntu-drivers-common source package in Plucky: Fix Released Bug description: [ Impact ] listing available drivers shows nvidia drivers that match the current hardware installed, but it contains both drivers that are LRM prepared and the ones that are DKMS only. This can happen in a time window between releasing new drivers and respining LRM modules with these drivers. A user can therefore select a driver that is DKMS only, which will break secure boot, as signed drivers are provided in LRM package. A fix is to introduce a flag '--include-dkms' that when not enabled will make u-d-c not show nvidia drivers that have no LRM [ Steps to reproduce ] 1. Add a PPA with nvidia-drivers that are not yet LRM prepared, in my case 2. Call 'ubuntu-drivers list' 3. observe the list of packages that is installed a typical list would llook like this: nvidia-driver-560-open, (kernel modules provided by nvidia-dkms-560-open) nvidia-driver-550, (kernel modules provided by linux-modules-nvidia-550-aws) nvidia-driver-535, (kernel modules provided by linux-modules-nvidia-535-aws) nvidia-driver-470, (kernel modules provided by linux-modules-nvidia-470-aws) First entry shows 'kernel modules provided by nvidia-dkms-560-open', while all the others have: 'kernel modules provided by linux-modules- nvidia-470-aws'. when a user chooses to install 560-open, by hand by providing the version or by using '--recommended', his system will have a broken Secure Boot as nvidia drivers are not signed. [ Test plan ] 1. simulate the issue by adding a PPa with a driver line that is not yet LRM prepare, in my case it's https://launchpad.net/~kuba-t-pawlak/+archive/ubuntu/nvidia-560 2. Call 'ubuntu-drivers list' with and without '--include-dkms' [ Expected result ] without '--include-dkms' the list of available drivers should not contain any entry that has (kernel modules provided by nvidia-dkms-YYY-ZZZ) in it, only the ones with (kernel modules provided by linux-modules-nvidia-XXX-YYY) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-drivers-common/+bug/2090924/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : [email protected] Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
