Public bug reported:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
The cloud kernels known to have bluetooth enabled include:
* [B/D/E] linux-aws (arm64 only)
* [X/B/D/E] linux-gcp
* [B] linux-gke-4.15
* [B] linux-gke-5.0
* [X/B/D/E] linux-oracle
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
$ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
** Affects: linux-aws (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-gcp (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-gcp (Ubuntu Xenial)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Xenial)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Xenial)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Bionic)
Importance: Undecided
Status: Triaged
** Affects: linux-gcp (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-gke-5.0 (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-oracle (Ubuntu Bionic)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Disco)
Importance: Undecided
Status: Triaged
** Affects: linux-gcp (Ubuntu Disco)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Disco)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Disco)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Disco)
Importance: High
Status: Triaged
** Affects: linux-aws (Ubuntu Eoan)
Importance: High
Status: Triaged
** Affects: linux-gcp (Ubuntu Eoan)
Importance: High
Status: Triaged
** Affects: linux-gke-4.15 (Ubuntu Eoan)
Importance: Undecided
Status: Invalid
** Affects: linux-gke-5.0 (Ubuntu Eoan)
Importance: Undecided
Status: Invalid
** Affects: linux-oracle (Ubuntu Eoan)
Importance: High
Status: Triaged
** Also affects: linux-aws (Ubuntu Bionic)
Importance: Undecided
Status: New
** Also affects: linux-aws (Ubuntu Eoan)
Importance: High
Status: Triaged
** Also affects: linux-aws (Ubuntu Disco)
Importance: Undecided
Status: New
** Changed in: linux-aws (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-aws (Ubuntu Bionic)
Status: New => Triaged
** Description changed:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
+ The cloud kernels known to have bluetooth enabled include:
+
+ * [B/D/E] linux-aws (arm64 only)
+
+
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
- $ grep CONFIG_BT=[my] /boot/config-$(uname -r)
+ $ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
** Also affects: linux-gcp (Ubuntu)
Importance: Undecided
Status: New
** Also affects: linux-aws (Ubuntu Xenial)
Importance: Undecided
Status: New
** Also affects: linux-gcp (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux-aws (Ubuntu Xenial)
Status: New => Invalid
** Also affects: linux-gke-4.15 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: linux-gke-5.0 (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gke-4.15 (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Disco)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Eoan)
Status: New => Invalid
** Also affects: linux-oracle (Ubuntu)
Importance: Undecided
Status: New
** Changed in: linux-gke-5.0 (Ubuntu Xenial)
Status: New => Invalid
** Changed in: linux-gke-5.0 (Ubuntu Disco)
Status: New => Invalid
** Changed in: linux-gke-5.0 (Ubuntu Eoan)
Status: New => Invalid
** Changed in: linux-gke-4.15 (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gke-5.0 (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gke-5.0 (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gke-4.15 (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Xenial)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Disco)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-gcp (Ubuntu Eoan)
Importance: Undecided => High
** Changed in: linux-gcp (Ubuntu Eoan)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Xenial)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Xenial)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Bionic)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Disco)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Disco)
Status: New => Triaged
** Changed in: linux-oracle (Ubuntu Eoan)
Importance: Undecided => High
** Changed in: linux-oracle (Ubuntu Eoan)
Status: New => Triaged
** Description changed:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about in
the cloud kernels and also has the nice side effect of minimizing build
times and kernel sizes.
The cloud kernels known to have bluetooth enabled include:
* [B/D/E] linux-aws (arm64 only)
-
+ * [X/B/D/E] linux-gcp
+ * [B] linux-gke-4.15
+ * [B] linux-gke-5.0
+ * [X/B/D/E] linux-oracle
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
$ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-aws in Ubuntu.
https://bugs.launchpad.net/bugs/1840488
Title:
Disable Bluetooth in cloud kernels
Status in linux-aws package in Ubuntu:
Triaged
Status in linux-gcp package in Ubuntu:
Triaged
Status in linux-gke-4.15 package in Ubuntu:
Invalid
Status in linux-gke-5.0 package in Ubuntu:
Invalid
Status in linux-oracle package in Ubuntu:
Triaged
Status in linux-aws source package in Xenial:
Invalid
Status in linux-gcp source package in Xenial:
Triaged
Status in linux-gke-4.15 source package in Xenial:
Invalid
Status in linux-gke-5.0 source package in Xenial:
Invalid
Status in linux-oracle source package in Xenial:
Triaged
Status in linux-aws source package in Bionic:
Triaged
Status in linux-gcp source package in Bionic:
Triaged
Status in linux-gke-4.15 source package in Bionic:
Triaged
Status in linux-gke-5.0 source package in Bionic:
Triaged
Status in linux-oracle source package in Bionic:
Triaged
Status in linux-aws source package in Disco:
Triaged
Status in linux-gcp source package in Disco:
Triaged
Status in linux-gke-4.15 source package in Disco:
Invalid
Status in linux-gke-5.0 source package in Disco:
Invalid
Status in linux-oracle source package in Disco:
Triaged
Status in linux-aws source package in Eoan:
Triaged
Status in linux-gcp source package in Eoan:
Triaged
Status in linux-gke-4.15 source package in Eoan:
Invalid
Status in linux-gke-5.0 source package in Eoan:
Invalid
Status in linux-oracle source package in Eoan:
Triaged
Bug description:
[Impact]
Some cloud-focused kernels have CONFIG_BT enabled but cloud instances
shouldn't need bluetooth support. Disabling the bluetooth subsystem
reduces the amount of security-sensitive code we have to worry about
in the cloud kernels and also has the nice side effect of minimizing
build times and kernel sizes.
The cloud kernels known to have bluetooth enabled include:
* [B/D/E] linux-aws (arm64 only)
* [X/B/D/E] linux-gcp
* [B] linux-gke-4.15
* [B] linux-gke-5.0
* [X/B/D/E] linux-oracle
[Test Case]
1. Install patched kernel and reboot into it
2. Ensure that the following command does NOT display any output:
$ grep CONFIG_BT=[my] /boot/config-$(uname -r)
[Regression Potential]
There could be an unexpected dependence on bluetooth within one of the
clouds but I think it is highly unlikely.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-aws/+bug/1840488/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
