Bug#863843: bugs.debian.org: Encrypted partition not accessible after resume
On Thu 01-Jun-2017 at 00:15:29 +0200, Ben Hutchingswrote: > Control: tag -1 moreinfo > > On Wed, 31 May 2017 21:34:59 +0200 Garjola Dindi > wrote: > [...] >> For several weeks now I have been having issues after resume (both > from RAM or from disk): my /home seems not to be accessible (at least > for writing). This does not happen every time, but more something like > once every 10 or 20 resume cycles. > [...] > > Please send the messages that appear in the kernel log when you resume. > (Run 'dmesg' as root to show the kernel log.) > > Ben. Hi, The problem appeared again. I ran dmesg and piped the output to a file (in one of the non encrypted partitions) just after the problematic resume, but after reboot (to be able to send this message), the file was gone. Below is the output of dmesg after a fresh reboot and one successful suspend/resume cycle. I dont't know if is is useful, since the problem has not happened since the reboot. Thanks. [0.00] Linux version 4.9.0-3-amd64 (debian-kernel@lists.debian.org) (gcc version 6.3.0 20170425 (Debian 6.3.0-16) ) #1 SMP Debian 4.9.25-1 (2017-05-02) [0.00] Command line: BOOT_IMAGE=/vmlinuz-4.9.0-3-amd64 root=UUID=98ae6177-1de0-4af2-b905-687df457f1ca ro quiet resume=/dev/mapper/pc--117--162--vg-swap_1 [0.00] x86/fpu: Supporting XSAVE feature 0x001: 'x87 floating point registers' [0.00] x86/fpu: Supporting XSAVE feature 0x002: 'SSE registers' [0.00] x86/fpu: Supporting XSAVE feature 0x004: 'AVX registers' [0.00] x86/fpu: Supporting XSAVE feature 0x008: 'MPX bounds registers' [0.00] x86/fpu: Supporting XSAVE feature 0x010: 'MPX CSR' [0.00] x86/fpu: xstate_offset[2]: 576, xstate_sizes[2]: 256 [0.00] x86/fpu: xstate_offset[3]: 832, xstate_sizes[3]: 64 [0.00] x86/fpu: xstate_offset[4]: 896, xstate_sizes[4]: 64 [0.00] x86/fpu: Enabled xstate features 0x1f, context size is 960 bytes, using 'compacted' format. [0.00] x86/fpu: Using 'eager' FPU context switches. [0.00] e820: BIOS-provided physical RAM map: [0.00] BIOS-e820: [mem 0x-0x0009dbff] usable [0.00] BIOS-e820: [mem 0x0009dc00-0x0009] reserved [0.00] BIOS-e820: [mem 0x000e-0x000f] reserved [0.00] BIOS-e820: [mem 0x0010-0xc70fafff] usable [0.00] BIOS-e820: [mem 0xc70fb000-0xc7c7efff] reserved [0.00] BIOS-e820: [mem 0xc7c7f000-0xc7e7efff] ACPI NVS [0.00] BIOS-e820: [mem 0xc7e7f000-0xc7efefff] ACPI data [0.00] BIOS-e820: [mem 0xc7eff000-0xc7ef] usable [0.00] BIOS-e820: [mem 0xc7f0-0xcc7f] reserved [0.00] BIOS-e820: [mem 0xf800-0xfbff] reserved [0.00] BIOS-e820: [mem 0xfd00-0xfe7f] reserved [0.00] BIOS-e820: [mem 0xfec0-0xfec00fff] reserved [0.00] BIOS-e820: [mem 0xfed0-0xfed00fff] reserved [0.00] BIOS-e820: [mem 0xfed1-0xfed19fff] reserved [0.00] BIOS-e820: [mem 0xfed84000-0xfed84fff] reserved [0.00] BIOS-e820: [mem 0xfedf-0xfee00fff] reserved [0.00] BIOS-e820: [mem 0xff70-0x] reserved [0.00] BIOS-e820: [mem 0x0001-0x0008317f] usable [0.00] NX (Execute Disable) protection: active [0.00] SMBIOS 2.7 present. [0.00] DMI: HP HP EliteBook 840 G3/8079, BIOS N75 Ver. 01.13 11/01/2016 [0.00] e820: update [mem 0x-0x0fff] usable ==> reserved [0.00] e820: remove [mem 0x000a-0x000f] usable [0.00] e820: last_pfn = 0x831800 max_arch_pfn = 0x4 [0.00] MTRR default type: write-back [0.00] MTRR fixed ranges enabled: [0.00] 0-9 write-back [0.00] A-B uncachable [0.00] C-F write-protect [0.00] MTRR variable ranges enabled: [0.00] 0 base 00E000 mask 7FE000 uncachable [0.00] 1 base 00D000 mask 7FF000 uncachable [0.00] 2 base 00CC00 mask 7FFC00 uncachable [0.00] 3 base 00CA00 mask 7FFE00 uncachable [0.00] 4 disabled [0.00] 5 disabled [0.00] 6 disabled [0.00] 7 disabled [0.00] 8 disabled [0.00] 9 disabled [0.00] x86/PAT: Configuration [0-7]: WB WC UC- UC WB WC UC- WT [0.00] e820: last_pfn = 0xc7f00 max_arch_pfn = 0x4 [0.00] Base memory trampoline at [884280097000] 97000 size 24576 [0.00] Using GB pages for direct mapping [0.00] BRK [0x6c7b2e000, 0x6c7b2efff] PGTABLE [0.00] BRK [0x6c7b2f000, 0x6c7b2] PGTABLE [0.00]
Bug#863843: bugs.debian.org: Encrypted partition not accessible after resume
On Thu, 2017-06-01 at 23:36 +0200, garj...@garjola.net wrote: > On Thu 01-Jun-2017 at 00:15:29 +0200, Ben Hutchings.uk> wrote: > > Control: tag -1 moreinfo > > > > On Wed, 31 May 2017 21:34:59 +0200 Garjola Dindi > > wrote: > > [...] > > > For several weeks now I have been having issues after resume (both > > > > from RAM or from disk): my /home seems not to be accessible (at least > > for writing). This does not happen every time, but more something like > > once every 10 or 20 resume cycles. > > [...] > > > > Please send the messages that appear in the kernel log when you resume. > > (Run 'dmesg' as root to show the kernel log.) > > > > Ben. > > Hi, > > The problem appeared again. I ran dmesg and piped the output to a file > (in one of the non encrypted partitions) just after the problematic > resume, but after reboot (to be able to send this message), the file was > gone. > > Below is the output of dmesg after a fresh reboot and one successful > suspend/resume cycle. I dont't know if is is useful, since the problem > has not happened since the reboot. [...] I really need to see what happens in the failing case. Ben. -- Ben Hutchings The most exhausting thing in life is being insincere. - Anne Morrow Lindberg signature.asc Description: This is a digitally signed message part
Bug#863914:
Upstream patch submission: https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1411004.html
Processed: your mail
Processing commands for cont...@bugs.debian.org: > found 863909 4.9.25-1 Bug #863909 [linux-libc-dev] linux/a.out.h: should use #ifdef __linux__ not #ifdef linux, etc Marked as found in versions linux/4.9.25-1. > End of message, stopping processing here. Please contact me if you need assistance. -- 863909: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863909 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#863914: linux-libc-dev: Install separate from /usr/include
Package: linux-libc-dev Version: 4.11-1~exp2 Severity: wishlist Certain low-level programs and libraries, notably glibc, would like to be able to make sure that they do *not* use any system headers during their build, other than the kernel's headers and the ones provided by the compiler (stddef.h, stdarg.h etc) It would be much easier to arrange this if the kernel's headers were installed in a location separate from /usr/include and then symlinked into /usr/include. (It would be fine to symlink just the directories.) -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (501, 'unstable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing'), (101, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- no debconf information
Bug#863909: linux/a.out.h: should use #ifdef __linux__ not #ifdef linux, etc
Package: linux-libc-dev Version: 4.11-1~exp2 Severity: normal File: /usr/include/linux/a.out.h Tags: upstream, patch linux/a.out.h contains a number of uses of "deprecated system-specific predefined macros" that will not be defined when the compiler is used in a strict conformance mode, see https://gcc.gnu.org/onlinedocs/gcc-6.3.0/cpp/System-specific-Predefined-Macros.html for details. This would only be a minor problem, except that it causes the GCC build process to copy the header, "fix" it, and install the "fixed" copy in a private directory that is searched before /usr/include. It is desirable for GCC not to do this to any headers, because it means updates to the original are silently ignored until the GCC package is itself updated. Please apply the attached patch. It would be best if it were installed to all actively maintained Debian kernels. I will submit it upstream. zw -- System Information: Debian Release: 9.0 APT prefers unstable APT policy: (501, 'unstable'), (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing'), (101, 'experimental'), (1, 'experimental-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- no debconf information --- a/linux/a.out.h 2017-06-01 16:33:49.558497923 -0400 +++ b/linux/a.out.h 2017-06-01 16:35:42.559478580 -0400 @@ -115,21 +115,21 @@ /* Address of data segment in memory after it is loaded. Note that it is up to you to define SEGMENT_SIZE on machines not listed here. */ -#if defined(vax) || defined(hp300) || defined(pyr) +#if defined(__vax__) || defined(__hp300__) || defined(__pyr__) #define SEGMENT_SIZE page_size #endif -#ifdef sony +#ifdef __sony__ #defineSEGMENT_SIZE0x2000 #endif /* Sony. */ -#ifdef is68k +#ifdef __is68k__ #define SEGMENT_SIZE 0x2 #endif -#if defined(m68k) && defined(PORTAR) +#if defined(__m68k__) && defined(__PORTAR__) #define PAGE_SIZE 0x400 #define SEGMENT_SIZE PAGE_SIZE #endif -#ifdef linux +#ifdef __linux__ #include #if defined(__i386__) || defined(__mc68000__) #define SEGMENT_SIZE 1024 @@ -256,7 +256,7 @@ unsigned int r_extern:1; /* Four bits that aren't used, but when writing an object file it is desirable to clear them. */ -#ifdef NS32K +#ifdef __NS32K__ unsigned r_bsr:1; unsigned r_disp:1; unsigned r_pad:2;
Bug#863907: Fix cross compilation build-dependencies for 4.9.x
Package: src:linux Version: 4.9.25-1 Severity: normal Please consider cherry-picking the following commit from the master branch to fix cross-compilation: commit 84e53d21c3676c8165e959687e3b9417e242400c Author: Ben HutchingsDate: Thu Feb 2 02:35:55 2017 + debian/control: Fix compiler build-dependencies for cross-building gcc cross-compilers *do* now have Multi-Arch: foreign, so we have to take the :native qualfiication off again. This appears relevent for sid and stretch's 4.9.x kernels, and it worked for me. Only conflict was in debian/changelog. Thanks! live well, vagrant signature.asc Description: PGP signature
Processed: tagging 863344
Processing commands for cont...@bugs.debian.org: > tags 863344 + pending Bug #863344 [src:linux] linux-image-4.9.0-3-arm64: qOAarm64 kernel missing some DRM modules Bug #863798 [src:linux] linux-image-4.9.0-3-arm64: Enable CONFIG_DRM_RADEON=m in the arm64 kernel config Added tag(s) pending. Added tag(s) pending. > thanks Stopping processing here. Please contact me if you need assistance. -- 863344: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863344 863798: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863798 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#862400: several bios updates exist since 2007
We have same problem with same hardware - HP DL380 G5. Server can't boot with 4.9 kernel from testing. It boots and is stable with 4.8 and older kernels. I think we have updated to the newest possible bios, firmware for raid card, hdd's etc. Sigunas On Fri, 19 May 2017 13:58:31 +0200 Arturo Borrero Gonzalez < art...@debian.org> wrote: > On Mon, 15 May 2017 13:56:24 +0200 Arturo Borrero Gonzalez >wrote: > > (please keep me in CC) > > > > On Sat, 13 May 2017 06:16:44 +0200 franckr wrote: > > > Hi Arturo, > > > > > > I cannot help for kernel, however, and you probably already know it: > > > Several bios updates became available since 10/04/2007 version. > > > Did you consider them ? (ie checking release logs) > > > Will you try ? > > > > > > > Sure, we are in the way of updating the BIOS. > > > > But the question remains, is this some kind of kernel regression? > > > > We managed to upgrade the BIOS (not the last one, though). > > Still no luck, kernel 4.9 doesn't boot while 4.7 does. > >
Processed: [bts-link] source package linux
Processing commands for cont...@bugs.debian.org: > # > # bts-link upstream status pull for source package linux > # see http://lists.debian.org/debian-devel-announce/2006/05/msg1.html > # > user bts-link-upstr...@lists.alioth.debian.org Setting user to bts-link-upstr...@lists.alioth.debian.org (was bts-link-de...@lists.alioth.debian.org). > # remote status report for #863257 (http://bugs.debian.org/863257) > # Bug title: internal display not turned off despite lid closed and docked > # * http://bugzilla.kernel.org/show_bug.cgi?id=195455 > # * remote status changed: (?) -> RESOLVED > # * remote resolution changed: (?) -> CODE-FIX > # * closed upstream > tags 863257 + fixed-upstream Bug #863257 [linux-image-4.9.0-3-amd64] internal display not turned off despite lid closed and docked Added tag(s) fixed-upstream. > usertags 863257 + status-RESOLVED resolution-CODE-FIX There were no usertags set. Usertags are now: resolution-CODE-FIX status-RESOLVED. > thanks Stopping processing here. Please contact me if you need assistance. -- 863257: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863257 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
and conflict needs to be resolved for backports?
Hi folks, wrt #822396: Using the 4.9.25 backports linux-libc-dev for Jessie I still get the conflict between linux/if.h and net/if.h, e.g. on building strongswan 5.5.3 (see below). Workaround is to avoid the backports package, but I wonder if it would be possible to fix this? How comes that the fix for #822396 doesn't work for Jessie? Regards Harri -- : : make[6]: Entering directory '/build/strongswan-5.5.3/src/libcharon/plugins/socket_default' /bin/bash ../../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/include -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c -o socket_default_socket.lo socket_default_socket.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/include -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c socket_default_socket.c -fPIC -DPIC -o .libs/socket_default_socket.o /bin/bash ../../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/include -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c -o socket_default_plugin.lo socket_default_plugin.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/include -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c socket_default_plugin.c -fPIC -DPIC -o .libs/socket_default_plugin.o /bin/bash ../../../../libtool --tag=CC --mode=link gcc -rdynamic -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -module -avoid-version -fPIE -pie -Wl,-z,relro -Wl,-z,now -Wl,--as-needed -Wl,-O1 -o libstrongswan-socket-default.la -rpath /usr/lib/ipsec/plugins socket_default_socket.lo socket_default_plugin.lo libtool: link: gcc -shared -fPIC -DPIC .libs/socket_default_socket.o .libs/socket_default_plugin.o-O2 -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--as-needed -Wl,-O1 -Wl,-soname -Wl,libstrongswan-socket-default.so -o .libs/libstrongswan-socket-default.so libtool: link: ( cd ".libs" && rm -f "libstrongswan-socket-default.la" && ln -s "../libstrongswan-socket-default.la" "libstrongswan-socket-default.la" ) make[6]: Leaving directory '/build/strongswan-5.5.3/src/libcharon/plugins/socket_default' Making all in plugins/connmark make[6]: Entering directory '/build/strongswan-5.5.3/src/libcharon/plugins/connmark' /bin/bash ../../../../libtool --tag=CC --mode=compile gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fPIE -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c -o connmark_listener.lo connmark_listener.c libtool: compile: gcc -DHAVE_CONFIG_H -I. -I../../../.. -I../../../../src/libstrongswan -I../../../../src/libcharon -D_FORTIFY_SOURCE=2 -rdynamic -g -O2 -fstack-protector-strong -Wformat -Werror=format-security -include /build/strongswan-5.5.3/config.h -c connmark_listener.c -fPIC -DPIC -o .libs/connmark_listener.o In file included from /usr/include/libiptc/ipt_kernel_headers.h:14:0, from /usr/include/libiptc/libiptc.h:6, from connmark_listener.c:24: /usr/include/linux/if.h:79:2: error: redeclaration of enumerator 'IFF_UP' IFF_UP= 1<<0, /* sysfs */ ^ /usr/include/net/if.h:44:5: note: previous definition of 'IFF_UP' was here IFF_UP = 0x1, /* Interface is up. */ ^ /usr/include/linux/if.h:80:2: error: redeclaration of enumerator 'IFF_BROADCAST' IFF_BROADCAST = 1<<1, /* __volatile__ */ ^ /usr/include/net/if.h:46:5: note: previous definition of 'IFF_BROADCAST' was here IFF_BROADCAST = 0x2, /* Broadcast address valid. */ ^ /usr/include/linux/if.h:81:2: error: redeclaration of enumerator 'IFF_DEBUG' IFF_DEBUG = 1<<2, /* sysfs */ ^ /usr/include/net/if.h:48:5: note: previous definition of 'IFF_DEBUG' was here IFF_DEBUG = 0x4, /* Turn on debugging. */ ^ /usr/include/linux/if.h:82:2: error: redeclaration of enumerator 'IFF_LOOPBACK' IFF_LOOPBACK = 1<<3, /* __volatile__ */ ^ /usr/include/net/if.h:50:5: note: previous definition of 'IFF_LOOPBACK' was here IFF_LOOPBACK = 0x8, /* Is a loopback net. */ ^ /usr/include/linux/if.h:83:2: error: redeclaration of enumerator 'IFF_POINTOPOINT' IFF_POINTOPOINT
Bug#863550: linux: NFSv4 callback processes fills process table
Hi Additional information, the commits 9e0d87680d689f1758185851c3da6eafb16e71e1 and ed6473ddc704a2005b9900ca08e236ebb2d8540a upstream are associated to for CVE-2017-9059. Regards, Salvatore