Bug#863843: bugs.debian.org: Encrypted partition not accessible after resume

2017-06-01 Thread garjola 
On Thu 01-Jun-2017 at 00:15:29 +0200, Ben Hutchings  
wrote: 
> Control: tag -1 moreinfo
>
> On Wed, 31 May 2017 21:34:59 +0200 Garjola Dindi 
> wrote:
> [...]
>> For several weeks now I have been having issues after resume (both
> from RAM or from disk): my /home seems not to be accessible (at least
> for writing). This does not happen every time, but more something like
> once every 10 or 20 resume cycles.
> [...]
>
> Please send the messages that appear in the kernel log when you resume.
> (Run 'dmesg' as root to show the kernel log.)
>
> Ben.

Hi,

The problem appeared again. I ran dmesg and piped the output to a file
(in one of the non encrypted partitions) just after the problematic
resume, but after reboot (to be able to send this message), the file was
gone.

Below is the output of dmesg after a fresh reboot and one successful
suspend/resume cycle. I dont't know if is is useful, since the problem
has not happened since the reboot.

Thanks.


[0.00] Linux version 4.9.0-3-amd64 (debian-kernel@lists.debian.org) 
(gcc version 6.3.0 20170425 (Debian 6.3.0-16) ) #1 SMP Debian 4.9.25-1 
(2017-05-02)
[0.00] Command line: BOOT_IMAGE=/vmlinuz-4.9.0-3-amd64 
root=UUID=98ae6177-1de0-4af2-b905-687df457f1ca ro quiet 
resume=/dev/mapper/pc--117--162--vg-swap_1
[0.00] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point 
registers'
[0.00] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers'
[0.00] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers'
[0.00] x86/fpu: Supporting XSAVE feature 0x008: 'MPX bounds registers'
[0.00] x86/fpu: Supporting XSAVE feature 0x010: 'MPX CSR'
[0.00] x86/fpu: xstate_offset[2]:  576, xstate_sizes[2]:  256
[0.00] x86/fpu: xstate_offset[3]:  832, xstate_sizes[3]:   64
[0.00] x86/fpu: xstate_offset[4]:  896, xstate_sizes[4]:   64
[0.00] x86/fpu: Enabled xstate features 0x1f, context size is 960 
bytes, using 'compacted' format.
[0.00] x86/fpu: Using 'eager' FPU context switches.
[0.00] e820: BIOS-provided physical RAM map:
[0.00] BIOS-e820: [mem 0x-0x0009dbff] usable
[0.00] BIOS-e820: [mem 0x0009dc00-0x0009] reserved
[0.00] BIOS-e820: [mem 0x000e-0x000f] reserved
[0.00] BIOS-e820: [mem 0x0010-0xc70fafff] usable
[0.00] BIOS-e820: [mem 0xc70fb000-0xc7c7efff] reserved
[0.00] BIOS-e820: [mem 0xc7c7f000-0xc7e7efff] ACPI NVS
[0.00] BIOS-e820: [mem 0xc7e7f000-0xc7efefff] ACPI data
[0.00] BIOS-e820: [mem 0xc7eff000-0xc7ef] usable
[0.00] BIOS-e820: [mem 0xc7f0-0xcc7f] reserved
[0.00] BIOS-e820: [mem 0xf800-0xfbff] reserved
[0.00] BIOS-e820: [mem 0xfd00-0xfe7f] reserved
[0.00] BIOS-e820: [mem 0xfec0-0xfec00fff] reserved
[0.00] BIOS-e820: [mem 0xfed0-0xfed00fff] reserved
[0.00] BIOS-e820: [mem 0xfed1-0xfed19fff] reserved
[0.00] BIOS-e820: [mem 0xfed84000-0xfed84fff] reserved
[0.00] BIOS-e820: [mem 0xfedf-0xfee00fff] reserved
[0.00] BIOS-e820: [mem 0xff70-0x] reserved
[0.00] BIOS-e820: [mem 0x0001-0x0008317f] usable
[0.00] NX (Execute Disable) protection: active
[0.00] SMBIOS 2.7 present.
[0.00] DMI: HP HP EliteBook 840 G3/8079, BIOS N75 Ver. 01.13 11/01/2016
[0.00] e820: update [mem 0x-0x0fff] usable ==> reserved
[0.00] e820: remove [mem 0x000a-0x000f] usable
[0.00] e820: last_pfn = 0x831800 max_arch_pfn = 0x4
[0.00] MTRR default type: write-back
[0.00] MTRR fixed ranges enabled:
[0.00]   0-9 write-back
[0.00]   A-B uncachable
[0.00]   C-F write-protect
[0.00] MTRR variable ranges enabled:
[0.00]   0 base 00E000 mask 7FE000 uncachable
[0.00]   1 base 00D000 mask 7FF000 uncachable
[0.00]   2 base 00CC00 mask 7FFC00 uncachable
[0.00]   3 base 00CA00 mask 7FFE00 uncachable
[0.00]   4 disabled
[0.00]   5 disabled
[0.00]   6 disabled
[0.00]   7 disabled
[0.00]   8 disabled
[0.00]   9 disabled
[0.00] x86/PAT: Configuration [0-7]: WB  WC  UC- UC  WB  WC  UC- WT  
[0.00] e820: last_pfn = 0xc7f00 max_arch_pfn = 0x4
[0.00] Base memory trampoline at [884280097000] 97000 size 24576
[0.00] Using GB pages for direct mapping
[0.00] BRK [0x6c7b2e000, 0x6c7b2efff] PGTABLE
[0.00] BRK [0x6c7b2f000, 0x6c7b2] PGTABLE
[0.00]

Bug#863843: bugs.debian.org: Encrypted partition not accessible after resume

2017-06-01 Thread Ben Hutchings 
On Thu, 2017-06-01 at 23:36 +0200, garj...@garjola.net wrote:
> On Thu 01-Jun-2017 at 00:15:29 +0200, Ben Hutchings  .uk> wrote: 
> > Control: tag -1 moreinfo
> > 
> > On Wed, 31 May 2017 21:34:59 +0200 Garjola Dindi 
> > wrote:
> > [...]
> > > For several weeks now I have been having issues after resume (both
> > 
> > from RAM or from disk): my /home seems not to be accessible (at least
> > for writing). This does not happen every time, but more something like
> > once every 10 or 20 resume cycles.
> > [...]
> > 
> > Please send the messages that appear in the kernel log when you resume.
> > (Run 'dmesg' as root to show the kernel log.)
> > 
> > Ben.
> 
> Hi,
> 
> The problem appeared again. I ran dmesg and piped the output to a file
> (in one of the non encrypted partitions) just after the problematic
> resume, but after reboot (to be able to send this message), the file was
> gone.
> 
> Below is the output of dmesg after a fresh reboot and one successful
> suspend/resume cycle. I dont't know if is is useful, since the problem
> has not happened since the reboot.
[...]

I really need to see what happens in the failing case.

Ben.

-- 
Ben Hutchings
The most exhausting thing in life is being insincere. - Anne Morrow
Lindberg



signature.asc
Description: This is a digitally signed message part

Bug#863914:

2017-06-01 Thread Zack Weinberg 
Upstream patch submission:
https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1411004.html

Processed: your mail

2017-06-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> found 863909 4.9.25-1
Bug #863909 [linux-libc-dev] linux/a.out.h: should use #ifdef __linux__ not 
#ifdef linux, etc
Marked as found in versions linux/4.9.25-1.
>
End of message, stopping processing here.

Please contact me if you need assistance.
-- 
863909: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863909
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#863914: linux-libc-dev: Install separate from /usr/include

2017-06-01 Thread Zack Weinberg 
Package: linux-libc-dev
Version: 4.11-1~exp2
Severity: wishlist

Certain low-level programs and libraries, notably glibc, would like to
be able to make sure that they do *not* use any system headers during
their build, other than the kernel's headers and the ones provided by
the compiler (stddef.h, stdarg.h etc)  It would be much easier to arrange
this if the kernel's headers were installed in a location separate from
/usr/include and then symlinked into /usr/include.  (It would be fine to
symlink just the directories.)


-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (501, 'unstable'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'testing'), (101, 'experimental'), (1, 
'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information

Bug#863909: linux/a.out.h: should use #ifdef __linux__ not #ifdef linux, etc

2017-06-01 Thread Zack Weinberg 
Package: linux-libc-dev
Version: 4.11-1~exp2
Severity: normal
File: /usr/include/linux/a.out.h
Tags: upstream, patch

linux/a.out.h contains a number of uses of "deprecated
system-specific predefined macros" that will not be defined
when the compiler is used in a strict conformance mode, see
https://gcc.gnu.org/onlinedocs/gcc-6.3.0/cpp/System-specific-Predefined-Macros.html
for details.

This would only be a minor problem, except that it causes the GCC build
process to copy the header, "fix" it, and install the "fixed" copy in a
private directory that is searched before /usr/include.  It is desirable
for GCC not to do this to any headers, because it means updates to the
original are silently ignored until the GCC package is itself updated.

Please apply the attached patch.  It would be best if it were installed
to all actively maintained Debian kernels.  I will submit it upstream.

zw

-- System Information:
Debian Release: 9.0
  APT prefers unstable
  APT policy: (501, 'unstable'), (500, 'unstable-debug'), (500, 
'testing-debug'), (500, 'testing'), (101, 'experimental'), (1, 
'experimental-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), 
LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- no debconf information
--- a/linux/a.out.h 2017-06-01 16:33:49.558497923 -0400
+++ b/linux/a.out.h 2017-06-01 16:35:42.559478580 -0400
@@ -115,21 +115,21 @@
 /* Address of data segment in memory after it is loaded.
Note that it is up to you to define SEGMENT_SIZE
on machines not listed here.  */
-#if defined(vax) || defined(hp300) || defined(pyr)
+#if defined(__vax__) || defined(__hp300__) || defined(__pyr__)
 #define SEGMENT_SIZE page_size
 #endif
-#ifdef sony
+#ifdef __sony__
 #defineSEGMENT_SIZE0x2000
 #endif /* Sony.  */
-#ifdef is68k
+#ifdef __is68k__
 #define SEGMENT_SIZE 0x2
 #endif
-#if defined(m68k) && defined(PORTAR)
+#if defined(__m68k__) && defined(__PORTAR__)
 #define PAGE_SIZE 0x400
 #define SEGMENT_SIZE PAGE_SIZE
 #endif
 
-#ifdef linux
+#ifdef __linux__
 #include 
 #if defined(__i386__) || defined(__mc68000__)
 #define SEGMENT_SIZE   1024
@@ -256,7 +256,7 @@
   unsigned int r_extern:1;
   /* Four bits that aren't used, but when writing an object file
  it is desirable to clear them.  */
-#ifdef NS32K
+#ifdef __NS32K__
   unsigned r_bsr:1;
   unsigned r_disp:1;
   unsigned r_pad:2;

Bug#863907: Fix cross compilation build-dependencies for 4.9.x

2017-06-01 Thread Vagrant Cascadian 
Package: src:linux
Version: 4.9.25-1
Severity: normal

Please consider cherry-picking the following commit from the master
branch to fix cross-compilation:

commit 84e53d21c3676c8165e959687e3b9417e242400c
Author: Ben Hutchings 
Date:   Thu Feb 2 02:35:55 2017 +

debian/control: Fix compiler build-dependencies for cross-building

gcc cross-compilers *do* now have Multi-Arch: foreign, so we have
to take the :native qualfiication off again.


This appears relevent for sid and stretch's 4.9.x kernels, and it worked
for me. Only conflict was in debian/changelog.

Thanks!


live well,
  vagrant


signature.asc
Description: PGP signature

Processed: tagging 863344

2017-06-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> tags 863344 + pending
Bug #863344 [src:linux] linux-image-4.9.0-3-arm64: qOAarm64 kernel missing some 
DRM modules
Bug #863798 [src:linux] linux-image-4.9.0-3-arm64: Enable CONFIG_DRM_RADEON=m 
in the arm64 kernel config
Added tag(s) pending.
Added tag(s) pending.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863344: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863344
863798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863798
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#862400: several bios updates exist since 2007

2017-06-01 Thread Sigun Negun 
We have same problem with same hardware - HP DL380 G5. Server can't boot
with 4.9 kernel from testing. It boots and is stable with 4.8 and older
kernels.
I think we have updated to the newest possible bios, firmware for raid
card, hdd's etc.

Sigunas


On Fri, 19 May 2017 13:58:31 +0200 Arturo Borrero Gonzalez <
art...@debian.org> wrote:
> On Mon, 15 May 2017 13:56:24 +0200 Arturo Borrero Gonzalez
>  wrote:
> > (please keep me in CC)
> >
> > On Sat, 13 May 2017 06:16:44 +0200 franckr  wrote:
> > > Hi Arturo,
> > >
> > > I cannot help for kernel, however, and you probably already know it:
> > > Several bios updates became available since 10/04/2007 version.
> > > Did you consider them ? (ie checking release logs)
> > > Will you try ?
> > >
> >
> > Sure, we are in the way of updating the BIOS.
> >
> > But the question remains, is this some kind of kernel regression?
> >
>
> We managed to upgrade the BIOS (not the last one, though).
>
> Still no luck, kernel 4.9 doesn't boot while 4.7 does.
>
>

Processed: [bts-link] source package linux

2017-06-01 Thread Debian Bug Tracking System 
Processing commands for cont...@bugs.debian.org:

> #
> # bts-link upstream status pull for source package linux
> # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html
> #
> user bts-link-upstr...@lists.alioth.debian.org
Setting user to bts-link-upstr...@lists.alioth.debian.org (was 
bts-link-de...@lists.alioth.debian.org).
> # remote status report for #863257 (http://bugs.debian.org/863257)
> # Bug title: internal display not turned off despite lid closed and docked
> #  * http://bugzilla.kernel.org/show_bug.cgi?id=195455
> #  * remote status changed: (?) -> RESOLVED
> #  * remote resolution changed: (?) -> CODE-FIX
> #  * closed upstream
> tags 863257 + fixed-upstream
Bug #863257 [linux-image-4.9.0-3-amd64] internal display not turned off despite 
lid closed and docked
Added tag(s) fixed-upstream.
> usertags 863257 + status-RESOLVED resolution-CODE-FIX
There were no usertags set.
Usertags are now: resolution-CODE-FIX status-RESOLVED.
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
863257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863257
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

and conflict needs to be resolved for backports?

2017-06-01 Thread Harald Dunkel 
Hi folks,

wrt #822396:

Using the 4.9.25 backports linux-libc-dev for Jessie I still get
the conflict between linux/if.h and net/if.h, e.g. on building
strongswan 5.5.3 (see below).

Workaround is to avoid the backports package, but I wonder if it would
be possible to fix this? How comes that the fix for #822396 doesn't
work for Jessie?


Regards
Harri
--
:
:
make[6]: Entering directory 
'/build/strongswan-5.5.3/src/libcharon/plugins/socket_default'
/bin/bash ../../../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H 
-I. -I../../../..  -I../../../../src/include -I../../../../src/libstrongswan 
-I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security -include 
/build/strongswan-5.5.3/config.h -c -o socket_default_socket.lo 
socket_default_socket.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../../../.. 
-I../../../../src/include -I../../../../src/libstrongswan 
-I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 
-fstack-protector-strong -Wformat -Werror=format-security -include 
/build/strongswan-5.5.3/config.h -c socket_default_socket.c  -fPIC -DPIC -o 
.libs/socket_default_socket.o
/bin/bash ../../../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H 
-I. -I../../../..  -I../../../../src/include -I../../../../src/libstrongswan 
-I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fPIE 
-fstack-protector-strong -Wformat -Werror=format-security -include 
/build/strongswan-5.5.3/config.h -c -o socket_default_plugin.lo 
socket_default_plugin.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../../../.. 
-I../../../../src/include -I../../../../src/libstrongswan 
-I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 
-fstack-protector-strong -Wformat -Werror=format-security -include 
/build/strongswan-5.5.3/config.h -c socket_default_plugin.c  -fPIC -DPIC -o 
.libs/socket_default_plugin.o
/bin/bash ../../../../libtool  --tag=CC   --mode=link gcc -rdynamic -g -O2 
-fPIE -fstack-protector-strong -Wformat -Werror=format-security -include 
/build/strongswan-5.5.3/config.h -module -avoid-version -fPIE -pie -Wl,-z,relro 
-Wl,-z,now -Wl,--as-needed -Wl,-O1 -o libstrongswan-socket-default.la -rpath 
/usr/lib/ipsec/plugins socket_default_socket.lo socket_default_plugin.lo
libtool: link: gcc -shared  -fPIC -DPIC  .libs/socket_default_socket.o 
.libs/socket_default_plugin.o-O2 -Wl,-z -Wl,relro -Wl,-z -Wl,now 
-Wl,--as-needed -Wl,-O1   -Wl,-soname -Wl,libstrongswan-socket-default.so -o 
.libs/libstrongswan-socket-default.so
libtool: link: ( cd ".libs" && rm -f "libstrongswan-socket-default.la" && ln -s 
"../libstrongswan-socket-default.la" "libstrongswan-socket-default.la" )
make[6]: Leaving directory 
'/build/strongswan-5.5.3/src/libcharon/plugins/socket_default'
Making all in plugins/connmark
make[6]: Entering directory 
'/build/strongswan-5.5.3/src/libcharon/plugins/connmark'
/bin/bash ../../../../libtool  --tag=CC   --mode=compile gcc -DHAVE_CONFIG_H 
-I. -I../../../..  -I../../../../src/libstrongswan -I../../../../src/libcharon 
-D_FORTIFY_SOURCE=2 -rdynamic  -g -O2 -fPIE -fstack-protector-strong -Wformat 
-Werror=format-security -include /build/strongswan-5.5.3/config.h -c -o 
connmark_listener.lo connmark_listener.c
libtool: compile:  gcc -DHAVE_CONFIG_H -I. -I../../../.. 
-I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 
-rdynamic -g -O2 -fstack-protector-strong -Wformat -Werror=format-security 
-include /build/strongswan-5.5.3/config.h -c connmark_listener.c  -fPIC -DPIC 
-o .libs/connmark_listener.o
In file included from /usr/include/libiptc/ipt_kernel_headers.h:14:0,
 from /usr/include/libiptc/libiptc.h:6,
 from connmark_listener.c:24:
/usr/include/linux/if.h:79:2: error: redeclaration of enumerator 'IFF_UP'
  IFF_UP= 1<<0,  /* sysfs */
  ^
/usr/include/net/if.h:44:5: note: previous definition of 'IFF_UP' was here
 IFF_UP = 0x1,  /* Interface is up.  */
 ^
/usr/include/linux/if.h:80:2: error: redeclaration of enumerator 'IFF_BROADCAST'
  IFF_BROADCAST   = 1<<1,  /* __volatile__ */
  ^
/usr/include/net/if.h:46:5: note: previous definition of 'IFF_BROADCAST' was 
here
 IFF_BROADCAST = 0x2, /* Broadcast address valid.  */
 ^
/usr/include/linux/if.h:81:2: error: redeclaration of enumerator 'IFF_DEBUG'
  IFF_DEBUG   = 1<<2,  /* sysfs */
  ^
/usr/include/net/if.h:48:5: note: previous definition of 'IFF_DEBUG' was here
 IFF_DEBUG = 0x4,  /* Turn on debugging.  */
 ^
/usr/include/linux/if.h:82:2: error: redeclaration of enumerator 'IFF_LOOPBACK'
  IFF_LOOPBACK   = 1<<3,  /* __volatile__ */
  ^
/usr/include/net/if.h:50:5: note: previous definition of 'IFF_LOOPBACK' was here
 IFF_LOOPBACK = 0x8,  /* Is a loopback net.  */
 ^
/usr/include/linux/if.h:83:2: error: redeclaration of enumerator 
'IFF_POINTOPOINT'
  IFF_POINTOPOINT

Bug#863550: linux: NFSv4 callback processes fills process table

2017-06-01 Thread Salvatore Bonaccorso 
Hi

Additional information, the commits
9e0d87680d689f1758185851c3da6eafb16e71e1 and
ed6473ddc704a2005b9900ca08e236ebb2d8540a upstream are associated to
for CVE-2017-9059.

Regards,
Salvatore