Hi! I installed the linus kernel on my Acer x86-64 laptop (see http://www.shlomifish.org/meta/FAQ/#computers-specs ):

* lightdm works fine.
* Xfce works fine.
* Firefox works.
* ssh works.
* Samba works.
* X-over-ssh works fine.
* Hexchat is working.
* Pidgin is working.
* Konqueror works.
* VLC can play video+audio.
* gears is working
* extreme tux racer is working.
*  shlomif@lap:~$ uname -a
Linux localhost 4.4.9-1.mga5 #1 SMP Tue May 3 21:59:57 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

* dkms-virtualbox built fine.

CC: (none) => shlomif

Adding feedback marker. Issues discovered in bug 10831.

Whiteboard: (none) => feedback

Typo: bug 18031.

Assigning Thomas til it's ready

CC: (none) => qa-bugs
Assignee: qa-bugs => tmb

Good for testing...

SRPMS:
kernel-linus-4.4.11-1.mga5.src.rpm

i586:
kernel-linus-4.4.11-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-4.4.11-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-latest-4.4.11-1.mga5.i586.rpm
kernel-linus-doc-4.4.11-1.mga5.noarch.rpm
kernel-linus-latest-4.4.11-1.mga5.i586.rpm
kernel-linus-source-4.4.11-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.11-1.mga5.noarch.rpm

x86_64:
kernel-linus-4.4.11-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-4.4.11-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-latest-4.4.11-1.mga5.x86_64.rpm
kernel-linus-doc-4.4.11-1.mga5.noarch.rpm
kernel-linus-latest-4.4.11-1.mga5.x86_64.rpm
kernel-linus-source-4.4.11-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.11-1.mga5.noarch.rpm

Assignee: tmb => qa-bugs
Summary: Update request: kernel-linus-4.4.9-1.mga5 => Update request: kernel-linus-4.4.11-1.mga5
Source RPM: kernel-linus-4.4.9-1.mga5.src.rpm => kernel-linus-4.4.11-1.mga5.src.rpm
Whiteboard: feedback => (none)

x86_64 with nvidia GeForce GTX970

Well, that was weird.  The installation did not go as smoothly as usual.  Things needed to be removed before others would install and dracut was replaced.

At boot the system failed to run the nvidia driver and looked like it was trying to use nouveau.  That failed on a flat panel problem.  Used drakx11 to reinstall the nvidia driver and rebooted.  It failed again so I decided to revert to the older kernel 4.1.15.  That failed on nvidia and tried to use nouveau.  Back to drakx11 and a reboot.  At this point the linus kernel had disappeared from the grub2 menu but the desktop came up OK for 4.1.15.

This was the installation list after cherry-picking:
- dracut-038-21.mga5.x86_64
- kernel-desktop-4.4.11-1.mga5-1-1.mga5.x86_64
- kernel-desktop-devel-4.4.11-1.mga5-1-1.mga5.x86_64
- kernel-desktop-devel-latest-4.4.11-1.mga5.x86_64
- kernel-desktop-latest-4.4.11-1.mga5.x86_64
- kernel-userspace-headers-4.4.11-1.mga5.x86_64
 
It needs to be done again to gather any relevant diagnostics.

CC: (none) => tarazed25

The newer kernel needs the newer nvidia module Len. The rpms you've given relate to the standard kernel rather than this one btw.

You are right.  How did I not notice that?  So I had better specify linus rather than use MageiaUpdate and also install the later nvidia.  Did not realise that it was not up to date.

Thanks Claire.  :(

Installed nvidia340.96-1
Rebooted to kernel desktop 4.1.15
Installed linus kernel this time and rebooted
This failed - no X display but it was the linus kernel
Esc
nvidia340.96-1 already installed on this kernel
nvidia-current 352.79-3 already installed on this kernel
xtables-addons 2.10-1 already installed on this kernel
Checking for new hardware
......
Started Display Manager (not)
......
started hostname service
xt_addrtype ipv6 does not support BROADCAST matching

At this point, X should have been running - no error messages but I am puzzled by the two nvidia modules

Rebooted and chose the previous kernel; same messages and X failure
Rebooted to an even earlier kernel and failed again.

No solution now but to reinstall.

Did you remember ldetect-lst?

You can run drakx11 from a tty login btw.

That could be it.  I did forget ldetect-lst.  Yes, I often do run drakx11 in a console.  Anyway the reinstall is complete.  Shall try the linus kernel again later.  Thanks.

First some checks based on Claire's bug 18527 #c1:

ldetect-lst-0.1.346.4-1.mga5.x86_64 installed

nvidia driver 346.96

# rpm -qa *kernel*
kernel-firmware-20160409-1.mga5
kernel-desktop-devel-latest-4.1.15-2.mga5
nvidia-current-kernel-desktop-latest-346.96-5.mga5.nonfree
kernel-desktop-3.19.8-3.mga5-1-1.mga5
kernel-desktop-4.1.15-2.mga5-1-1.mga5
nvidia-current-kernel-3.19.8-desktop-3.mga5-346.82-1.mga5.nonfree
kernel-desktop-latest-4.1.15-2.mga5
kernel-desktop-devel-3.19.8-3.mga5-1-1.mga5
kernel-desktop-devel-4.1.15-2.mga5-1-1.mga5
kernel-firmware-nonfree-20160516-1.mga5.nonfree
nvidia-current-kernel-4.1.15-desktop-2.mga5-346.96-5.mga5.nonfree
kernel-userspace-headers-4.1.15-2.mga5

# rpm -qa *nvidia*
nvidia-current-kernel-desktop-latest-346.96-5.mga5.nonfree
nvidia-current-kernel-3.19.8-desktop-3.mga5-346.82-1.mga5.nonfree
dkms-nvidia-current-346.96-1.mga5.nonfree
x11-driver-video-nvidia-current-346.96-1.mga5.nonfree
nvidia-current-kernel-4.1.15-desktop-2.mga5-346.96-5.mga5.nonfree
nvidia-current-doc-html-346.96-1.mga5.nonfree

# urpmq --media Testing --requires nvidia340-kernel-desktop-latest
dkms-nvidia340[>= 340.96-1.mga5.nonfree]
kernel-desktop-devel-latest

# dkms status -m nvidia340
returns nothing

Is it safe to go ahead with the linus kernel install?

The installation of the linus kernel broke something.  The system ended up in a mess again with no X display.  Trying to revert to the standard kernel failed on X as well so the os needs to be reinstalled yet again.

As far as nvidia is concerned it looks like the binary for the linus kernel is not being built and for the stock kernel there is a mismatch of some kind  because the binary is not being rebuilt to match the driver version or something.

dkms status -m nvidia340 returns nothing but
# dkms status
lists entries against nvidia-current:
352.79-3, kernel 4.4.11-1 installed
352.79-3, kernel 4.1.15-desktop-2 installed
346.96-1, kernel 4.1.15-desktop-2 installed-binary from 4.1.15-desktop-2

# rpm -qa *nvidia*
nvidia-current-kernel-desktop-latest-346.96-5
dkms-nvidia-current-352.79-3
x11-driver-video-nvidia-current-346.96-1
nvidia-current-kernel-4.1.15-desktop-2.mga5-346.96-5

After the last os install the only changes were:
install pending updates
remove orphan packages
install later version of ldetect-lst
install linus kernel

Various things were pulled in and dkms fired up during the kernel install.
Is there some other step that has been missed out?

Was kernel-linus-devel-latest installed?

Nm, dkms shows it has compiled for 4.4.11-1 which is the linus kernel.

tmb?

got it Len. You haven't installed the updated x11-driver-video-nvidia-current to match the updated nvidia-current driver.

It's tricky to handle all these all at once. Take care when selecting the packages.

It looks as though your card is one of those that will no longer be supported by nvidia-current but which may work with nvidia340. tmb wrote about this somewhere, but I can't find the link. I don't recall if he expected the switch to be seemless.

CC: (none) => jkerr82508

@Claire #c14 : not sure but don't think so.

@Claire #c16 : thanks - shall try that

@James
The GTX970 was OK with nvidia 352.79 and the current kernel.  I may still have the email containing the comment from tmb.

kernel-linus-devel-latest was installed in fact.  Installing the current x11-driver did the trick.  The 4.4.11-1 kernel is now running the desktop in tandem with nvidia 352.79.  Looks OK on the surface - shall let it run for a while.  Thanks Claire for the pointers; need to make a list of what is needed in these cases.  

Shall look for Thomas's warning about high end video card support.

Last round:

SRPMS:
kernel-linus-4.4.13-1.mga5.src.rpm

i586:
kernel-linus-4.4.13-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-4.4.13-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-latest-4.4.13-1.mga5.i586.rpm
kernel-linus-doc-4.4.13-1.mga5.noarch.rpm
kernel-linus-latest-4.4.13-1.mga5.i586.rpm
kernel-linus-source-4.4.13-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.11-1.mga5.noarch.rpm

x86_64:
kernel-linus-4.4.13-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-4.4.13-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-latest-4.4.13-1.mga5.x86_64.rpm
kernel-linus-doc-4.4.13-1.mga5.noarch.rpm
kernel-linus-latest-4.4.13-1.mga5.x86_64.rpm
kernel-linus-source-4.4.13-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.13-1.mga5.noarch.rpm

Depends on: 18031 => 18688
Summary: Update request: kernel-linus-4.4.11-1.mga5 => Update request: kernel-linus-4.4.13-1.mga5
Source RPM: kernel-linus-4.4.11-1.mga5.src.rpm => kernel-linus-4.4.13-1.mga5.src.rpm

Advisory:

  This kernel-linus update provides an upgrade to the upstream 4.4 longterm
  kernel series, currently based on 4.4.13 and resolves atleast the following
  security issues:

  The Linux kernel before 4.4.1 allows local users to bypass file-descriptor
  limits and cause a denial of service (memory consumption) by sending each
  descriptor over a UNIX socket before closing it, related to 
  net/unix/af_unix.c and net/unix/garbage.c (CVE-2013-4312).

  drivers/usb/serial/whiteheat.c in the Linux kernel before 4.2.4 allows
  physically proximate attackers to cause a denial of service (NULL pointer
  dereference and OOPS) or possibly have unspecified other impact via a
  crafted USB device (CVE-2015-5257).

  The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through
  4.6.x, allows guest OS users to cause a denial of service (host OS panic or
  hang) by triggering many #AC (aka Alignment Check) exceptions, related to
  svm.c and vmx.c (CVE-2015-5307).

  An out-of-bounds memory read was found, affecting kernels from 4.3-rc1
  onwards. This vulnerability was caused by incorrect X.509 time validation
  in x509_decode_time() function in x509_cert_parser.c (CVE-2015-5327).

  The __rds_conn_create function in net/rds/connection.c in the Linux kernel
  through 4.2.3 allows local users to cause a denial of service (NULL pointer
  dereference and system crash) or possibly have unspecified other impact by
  using a socket that was not properly bound (CVE-2015-6937).

  The keyctl_read_key function in security/keys/keyctl.c in the Linux kernel
  before 4.3.4 does not properly use a semaphore, which allows local users
  to cause a denial of service (NULL pointer dereference and system crash)
  or possibly have unspecified other impact via a crafted application that
  leverages a race condition between keyctl_revoke and keyctl_read calls
  (CVE-2015-7550).

  The slhc_init function in drivers/net/slip/slhc.c in the Linux kernel
  through 4.2.3 does not ensure that certain slot numbers are valid, which
  allows local users to cause a denial of service (NULL pointer dereference
  and system crash) via a crafted PPPIOCSMAXCID ioctl call (CVE-2015-7799).

  The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through
  4.6.x, allows guest OS users to cause a denial of service (host OS panic
  or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c
  (CVE-2015-8104).

  The networking implementation in the Linux kernel through 4.3.3, as used
  in Android and other products, does not validate protocol identifiers for
  certain protocol families, which allows local users to cause a denial of
  service (NULL function pointer dereference and system crash) or possibly
  gain privileges by leveraging CLONE_NEWUSER support to execute a crafted
  SOCK_RAW application (CVE-2015-8543).

  The join_session_keyring function in security/keys/process_keys.c in the
  Linux kernel before 4.4.1 mishandles object references in a certain error
  case, which allows local users to gain privileges or cause a denial of
  service (integer overflow and use-after-free) via crafted keyctl commands
  (CVE-2016-0728).

  The evm_verify_hmac function in security/integrity/evm/evm_main.c in the
  Linux kernel before 4.5 does not properly copy data, which makes it easier
  for local users to forge MAC values via a timing side-channel attack
  (CVE-2016-2085).

  The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the
  Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which
  allows remote attackers to obtain sensitive information from kernel memory
  by reading packet data (CVE-2016-2117).

  The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the
  Linux kernel before 4.5.1 allows physically proximate attackers to cause a
  denial of service (NULL pointer dereference and system crash) via a crafted
  USB device without two interrupt-in endpoint descriptors (CVE-2016-3136).

  drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows
  physically proximate attackers to cause a denial of service (NULL pointer
  dereference and system crash) via a USB device without both an interrupt-in
  and an interrupt-out endpoint descriptor, related to the
  cypress_generic_port_probe and cypress_open functions (CVE-2016-3137).

  Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) with
  variable Memory Type Range Registers(MTRR) support is vulnerable to an
  out-of-bounds r/w access issue. It could occur while accessing processors
  MTRRs via ioctl(2) calls. A privileged user inside guest could use this
  flaw to manipulate host kernels memory bytes leading to information
  disclosure OR potentially crashing the kernel resulting in DoS
  (CVE-2016-3713).

  Xen and the Linux kernel through 4.5.x do not properly suppress hugetlbfs
  support in x86 PV guests, which allows local PV guest users to cause a
  denial of service (guest OS crash) by attempting to access a hugetlbfs
  mapped area (CVE-2016-3961).

  This update also provides better support for various newer hardware.

  For other changes in this update, see the referenced changelogs.

References:
  http://kernelnewbies.org/Linux_4.2
  http://kernelnewbies.org/Linux_4.3
  http://kernelnewbies.org/Linux_4.4
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.3
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.4
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.5
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.6
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.7
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.8
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.9
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.10
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.11
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.12
  https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.13

CVE list:
CVE-2013-4312 
CVE-2015-5257
CVE-2015-5307
CVE-2015-5327
CVE-2015-6937
CVE-2015-7550
CVE-2015-7799
CVE-2015-8104
CVE-2015-8543 
CVE-2016-0728
CVE-2016-2085
CVE-2016-2117
CVE-2016-2143
CVE-2016-3136
CVE-2016-3137
CVE-2016-3713
CVE-2016-3961

Advisory update/removal: I patched CVE-2016-0728 was already in MGASA-2016-0031

shlomif@lap:~$ uname -a
Linux lap.shlomifish.org 4.4.13-1.mga5 #1 SMP Fri Jun 10 22:10:56 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Everything seems to be working fine on my x86-64 v5 Acer Aspire laptop - live hardware.

advisory added

Whiteboard: (none) => advisory

Adding 64bit ok from Shlomi's tests. 

This *should* be ok as it's the upstream kernel from which ours are built. Will wait for one more test to validate.

Whiteboard: advisory => advisory mga5-64-ok

Testing on mga5-32

Installed cleanly. Booted to KDE desktop and applications appear to be working normally.

OK for mga5-32


This update is now validated and can be pushed to updates

Keywords: (none) => validated_update
Whiteboard: advisory mga5-64-ok => advisory mga5-64-ok mga5-32-ok
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0232.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED