Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20
Control: reassign -1 src:linux Control: severity -1 normal Control: tags -1 moreinfo On Mon, Apr 22, 2024 at 09:12:59AM +0200, bouv...@buxtehude.debian.org wrote: > Something seems wrong in 6.1.0-20, but it is not immediately wrong: it waits > until some sort of trigger. After that, rebooting over and over is of no use. > I > cannot make any sense of it. Can you? I see: "Tainted: E", this means you are running unsigned kernel modules. However I don't see any sign of it in the list of kernel modules. Also the "O" taint, meaning out-of-tree build, did _not_ trigger. So, whatever this module is, it is pretty broken on it's own. Please identify the process messing with the kernel, remove it and come back. You can find it by searching for "unsigned" in the kernel log. To disallow such modules, enable secure boot or add "lockdown=integrity" to the kernel command line. Bastian -- Women are more easily and more deeply terrified ... generating more sheer horror than the male of the species. -- Spock, "Wolf in the Fold", stardate 3615.4
Processed: Re: Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20
Processing control commands: > reassign -1 src:linux Bug #1069642 [linux-image-6.1.0-20-amd64] linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20 Bug reassigned from package 'linux-image-6.1.0-20-amd64' to 'src:linux'. Ignoring request to alter found versions of bug #1069642 to the same values previously set Ignoring request to alter fixed versions of bug #1069642 to the same values previously set > severity -1 normal Bug #1069642 [src:linux] linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20 Severity set to 'normal' from 'grave' > tags -1 moreinfo Bug #1069642 [src:linux] linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20 Added tag(s) moreinfo. -- 1069642: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1069642 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20
FWIW, and following Jacob Rhoads' remark, we are also running CrowdStrike Falcon Sensor on all our machines, virtuals servers and laptops alike. That would explain why I don't have the same problem at home. -- Cédric Bouvier System Engineer, IRU Geneva +41-22-918 2927 (direct) https://www.iru.org
Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20
Seeing this same issue. In my case, it ended up being caused by Crowdstrike Falcon Sensor combined with this specific kernel. Reverting the kernel or upgrading Falcon (via Falcon upgrade policy) works around this issue, for now. I think I see that 6.1.87 has attempted to fix some BHI implementation issues that were originally introduced in 6.1.85. Perhaps certain kernel modules aren't ready for this syscall hardening?
Bug#1069642: linux-image-6.1.0-20-amd64: kernel panic after 2024-04-20
Same problem here, but with a different call trace. The RIP logline had one of `security_file_permission` and `security_netlink_send`, I don't remember which one.