5.4.0-1104 fips kernel has been released to fips-updates:
apt policy linux-image-5.4.0-1104-fips
linux-image-5.4.0-1104-fips:
Installed: 5.4.0-1104.114
Candidate: 5.4.0-1104.114
Version table:
*** 5.4.0-1104.114 1001
1001 https://esm.ubuntu.com/fips-updates/ubuntu focal-updates/main
Verified on 5.4.0-1104 fips kernel on AMD EPYC 7262 machine and confirmed it
fixes the issue.
With 5.4.0-1104 fips kernel, it can boot successfully:
ubuntu@focal:~$ sudo dmesg | grep DRBG
[4.121726] random: random: DRBG (drbg_nopr_ctr_aes256) initialized!
ubuntu@focal:~$ uname -a
Linux focal
This bug is awaiting verification that the linux-fips/5.4.0-1104.114
kernel in -proposed solves the problem. Please test the kernel and
update this bug with the results. If the problem is solved, change the
tag 'verification-needed-focal-linux-fips' to 'verification-done-focal-
linux-fips'. If the
** Description changed:
BugLink: https://bugs.launchpad.net/bugs/2069715
[Impact]
Install Focal with FIPS enabled on AMD EPYC 7262 8-Core Processor, kernel
panic happens during boot:
[3.430477] ima: Allocated hash algorithm: sha1
[3.433358] ima: No architecture policies fo
** Summary changed:
- DRBG initialization failed on some AMD EPYC series CPU and lead to kernel
panic
+ DRBG initialization failed on some AMD EPYC series CPU and lead to kernel
panic (Focal FIPS)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribe