This bug is awaiting verification that the linux- aws-5.15/5.15.0-1046.51~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux- aws-5.15' to 'verification-done-focal-linux-aws-5.15'. If the problem still exists, change the tag 'verification-needed-focal-linux-aws-5.15' to 'verification-failed-focal-linux-aws-5.15'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-focal-linux-aws-5.15-v2 verification-needed-focal-linux-aws-5.15 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2031093 Title: libgnutls report "trap invalid opcode" when trying to install packages over https Status in ubuntu-kernel-tests: New Status in gnutls28 package in Ubuntu: Confirmed Status in linux package in Ubuntu: Confirmed Status in gnutls28 source package in Focal: Confirmed Status in linux source package in Focal: Fix Released Status in gnutls28 source package in Jammy: Confirmed Status in linux source package in Jammy: Fix Released Status in gnutls28 source package in Lunar: Confirmed Status in linux source package in Lunar: Fix Released Bug description: [Impact] When booting linux with Gather Data Sampling mitigations without updated microcode on an affected CPU, AVX will be disabled. This will cause programs connecting to https using gnutls on Jammy to break, including apt and git. [Test case] git clone https://git.launchpad.net/~canonical-kernel-team/+git/autotest-client-tests Cloning into 'autotest-client-tests'... error: git-remote-https died of signal 4 dmesg: [ 806.072080] traps: git-remote-http[2561] trap invalid opcode ip:7fa2e7dac44a sp:7ffed6796480 error:0 in libgnutls.so.30.31.0[7fa2e7c85000+129000] Works fine with the mitigation disabled by default. [Potential regressions] Users booting on affected parts without microcode updates will be subject to Gather Data Sampling attacks (which can be done by local untrusted attackers), which may leak confidential data, including keys. ------------------------------------------------- When trying to install linux-libc-dev on Oracle BM.Standard2.52 (seems to be the only affected instance) with Jammy 5.15.0-81-generic, it will get interrupted with: E: Method https has died unexpectedly! E: Sub-process https received signal 4. $ sudo apt install linux-libc-dev Reading package lists... Done Building dependency tree... Done Reading state information... Done The following NEW packages will be installed: linux-libc-dev 0 upgraded, 1 newly installed, 0 to remove and 54 not upgraded. Need to get 1353 kB of archives. After this operation, 6943 kB of additional disk space will be used. E: Method https has died unexpectedly! E: Sub-process https received signal 4. From dmesg you will see: [ 1078.750067] traps: https[4572] trap invalid opcode ip:7f3c1e6316be sp:7ffea26b61c0 error:0 in libgnutls.so.30.31.0[7f3c1e50f000+129000] Also, git clone is not working as well. $ git clone --depth=1 https://git.launchpad.net/~canonical-kernel-team/+git/autotest-client-tests Cloning into 'autotest-client-tests'... error: git-remote-https died of signal 4 dmesg: [ 806.072080] traps: git-remote-http[2561] trap invalid opcode ip:7fa2e7dac44a sp:7ffed6796480 error:0 in libgnutls.so.30.31.0[7fa2e7c85000+129000] libgnutls30 version:3.7.3-4ubuntu1.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2031093/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
