Bug 22474 - Update request: kernel 4.4.114
Summary: Update request: kernel 4.4.114
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA5-64-OK, MGA5-32-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2018-01-27 20:02 CET by Thomas Backlund
Modified: 2018-02-05 20:13 CET (History)
8 users (show)

See Also:
Source RPM: kernel
CVE:
Status comment:


Attachments

Description Thomas Backlund 2018-01-27 20:02:37 CET
So, here comes a hopefully final kernel update for mga5.

It contains follow-up fixes for the kaiser/meltdown fixes in 4.4.111-1 and now also have the retpoline kernel side mitigations for Spectre v2 issues..


This kernel-server-4.4.113-1.mga5 is now already running on Mga infra without issues so far...

Advisory will follow...



SRPMS:
kernel-4.4.113-1.mga5.src.rpm
kernel-userspace-headers-4.4.113-1.mga5.src.rpm

kmod-vboxadditions-5.1.30-5.mga5.src.rpm
kmod-virtualbox-5.1.30-5.mga5.src.rpm
kmod-xtables-addons-2.10-55.mga5.src.rpm



i586:
cpupower-4.4.113-1.mga5.i586.rpm
cpupower-devel-4.4.113-1.mga5.i586.rpm
kernel-desktop-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-latest-4.4.113-1.mga5.i586.rpm
kernel-desktop586-latest-4.4.113-1.mga5.i586.rpm
kernel-desktop-devel-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-desktop-devel-latest-4.4.113-1.mga5.i586.rpm
kernel-desktop-latest-4.4.113-1.mga5.i586.rpm
kernel-doc-4.4.113-1.mga5.noarch.rpm
kernel-server-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-4.4.113-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-latest-4.4.113-1.mga5.i586.rpm
kernel-server-latest-4.4.113-1.mga5.i586.rpm
kernel-source-4.4.113-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.113-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.113-1.mga5.i586.rpm
perf-4.4.113-1.mga5.i586.rpm

vboxadditions-kernel-4.4.113-desktop-1.mga5-5.1.30-5.mga5.i586.rpm
vboxadditions-kernel-4.4.113-desktop586-1.mga5-5.1.30-5.mga5.i586.rpm
vboxadditions-kernel-4.4.113-server-1.mga5-5.1.30-5.mga5.i586.rpm
vboxadditions-kernel-desktop586-latest-5.1.30-5.mga5.i586.rpm
vboxadditions-kernel-desktop-latest-5.1.30-5.mga5.i586.rpm
vboxadditions-kernel-server-latest-5.1.30-5.mga5.i586.rpm

virtualbox-kernel-4.4.113-desktop-1.mga5-5.1.30-5.mga5.i586.rpm
virtualbox-kernel-4.4.113-desktop586-1.mga5-5.1.30-5.mga5.i586.rpm
virtualbox-kernel-4.4.113-server-1.mga5-5.1.30-5.mga5.i586.rpm
virtualbox-kernel-desktop586-latest-5.1.30-5.mga5.i586.rpm
virtualbox-kernel-desktop-latest-5.1.30-5.mga5.i586.rpm
virtualbox-kernel-server-latest-5.1.30-5.mga5.i586.rpm

xtables-addons-kernel-4.4.113-desktop-1.mga5-2.10-55.mga5.i586.rpm
xtables-addons-kernel-4.4.113-desktop586-1.mga5-2.10-55.mga5.i586.rpm
xtables-addons-kernel-4.4.113-server-1.mga5-2.10-55.mga5.i586.rpm
xtables-addons-kernel-desktop586-latest-2.10-55.mga5.i586.rpm
xtables-addons-kernel-desktop-latest-2.10-55.mga5.i586.rpm
xtables-addons-kernel-server-latest-2.10-55.mga5.i586.rpm



x86_64:
cpupower-4.4.113-1.mga5.x86_64.rpm
cpupower-devel-4.4.113-1.mga5.x86_64.rpm
kernel-desktop-4.4.113-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-4.4.113-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-latest-4.4.113-1.mga5.x86_64.rpm
kernel-desktop-latest-4.4.113-1.mga5.x86_64.rpm
kernel-doc-4.4.113-1.mga5.noarch.rpm
kernel-server-4.4.113-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-4.4.113-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-latest-4.4.113-1.mga5.x86_64.rpm
kernel-server-latest-4.4.113-1.mga5.x86_64.rpm
kernel-source-4.4.113-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.113-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.113-1.mga5.x86_64.rpm
perf-4.4.113-1.mga5.x86_64.rpm

vboxadditions-kernel-4.4.113-desktop-1.mga5-5.1.30-5.mga5.x86_64.rpm
vboxadditions-kernel-4.4.113-server-1.mga5-5.1.30-5.mga5.x86_64.rpm
vboxadditions-kernel-desktop-latest-5.1.30-5.mga5.x86_64.rpm
vboxadditions-kernel-server-latest-5.1.30-5.mga5.x86_64.rpm

virtualbox-kernel-4.4.113-desktop-1.mga5-5.1.30-5.mga5.x86_64.rpm
virtualbox-kernel-4.4.113-server-1.mga5-5.1.30-5.mga5.x86_64.rpm
virtualbox-kernel-desktop-latest-5.1.30-5.mga5.x86_64.rpm
virtualbox-kernel-server-latest-5.1.30-5.mga5.x86_64.rpm

xtables-addons-kernel-4.4.113-desktop-1.mga5-2.10-55.mga5.x86_64.rpm
xtables-addons-kernel-4.4.113-server-1.mga5-2.10-55.mga5.x86_64.rpm
xtables-addons-kernel-desktop-latest-2.10-55.mga5.x86_64.rpm
xtables-addons-kernel-server-latest-2.10-55.mga5.x86_64.rpm
Comment 1 Len Lawrence 2018-01-28 10:32:58 CET Comment hidden (obsolete)

CC: (none) => tarazed25

Comment 2 Len Lawrence 2018-01-28 12:55:38 CET Comment hidden (obsolete)
Comment 3 Len Lawrence 2018-01-28 19:29:29 CET Comment hidden (obsolete)
Comment 4 Lewis Smith 2018-01-29 11:15:41 CET Comment hidden (obsolete)

CC: (none) => lewyssmith

Comment 5 Herman Viaene 2018-01-29 11:27:24 CET Comment hidden (obsolete)

CC: (none) => herman.viaene

Comment 6 James Kerr 2018-01-29 14:19:51 CET Comment hidden (obsolete)

CC: (none) => jim

Comment 7 James Kerr 2018-01-29 14:20:49 CET Comment hidden (obsolete)
Comment 8 Thomas Backlund 2018-01-29 19:32:32 CET
Unfortunately there are some regressions / missing fixes here so new kernel is building..

Keywords: (none) => feedback

Comment 9 Marja Van Waes 2018-01-30 17:45:01 CET
(In reply to Thomas Backlund from comment #8)
> Unfortunately there are some regressions / missing fixes here so new kernel
> is building..

Obsoleting the previous comments, but keeping the description for now, even if the (S)RPMs list will be replaced

CC: (none) => marja11

Comment 10 Marja Van Waes 2018-01-30 18:11:04 CET Comment hidden (obsolete)
Comment 11 Herman Viaene 2018-01-31 16:17:04 CET Comment hidden (obsolete)
Comment 12 Marja Van Waes 2018-01-31 21:24:35 CET
(In reply to Herman Viaene from comment #11)

> @ Marja: MGA5 freezing at shutdown did not happen this time, but has
> happened umpteen times to me with MGA5. I've never been able to point at
> something that might trigger it. So I wouldn't care anymore for it now.

Thanks, Herman, I wasn't aware (but it did indeed happen again, later).
I'm obsoleting our comments, though, because we were too fast to test: this report still has the feedback Keyword and tmb expects to push a final build tonight.
Comment 13 Thomas Backlund 2018-02-01 07:17:11 CET

So final kernel update list for mga5:


SRPMS:
kernel-4.4.114-1.mga5.src.rpm
kernel-userspace-headers-4.4.114-1.mga5.src.rpm

kmod-vboxadditions-5.1.30-8.mga5.src.rpm
kmod-virtualbox-5.1.30-8.mga5.src.rpm
kmod-xtables-addons-2.10-58.mga5.src.rpm



i586:
cpupower-4.4.114-1.mga5.i586.rpm
cpupower-devel-4.4.114-1.mga5.i586.rpm
kernel-desktop-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-latest-4.4.114-1.mga5.i586.rpm
kernel-desktop586-latest-4.4.114-1.mga5.i586.rpm
kernel-desktop-devel-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-desktop-devel-latest-4.4.114-1.mga5.i586.rpm
kernel-desktop-latest-4.4.114-1.mga5.i586.rpm
kernel-doc-4.4.114-1.mga5.noarch.rpm
kernel-server-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-4.4.114-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-latest-4.4.114-1.mga5.i586.rpm
kernel-server-latest-4.4.114-1.mga5.i586.rpm
kernel-source-4.4.114-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.114-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.114-1.mga5.i586.rpm
perf-4.4.114-1.mga5.i586.rpm

vboxadditions-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.i586.rpm
vboxadditions-kernel-4.4.114-desktop586-1.mga5-5.1.30-8.mga5.i586.rpm
vboxadditions-kernel-4.4.114-server-1.mga5-5.1.30-8.mga5.i586.rpm
vboxadditions-kernel-desktop586-latest-5.1.30-8.mga5.i586.rpm
vboxadditions-kernel-desktop-latest-5.1.30-8.mga5.i586.rpm
vboxadditions-kernel-server-latest-5.1.30-8.mga5.i586.rpm

virtualbox-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.i586.rpm
virtualbox-kernel-4.4.114-desktop586-1.mga5-5.1.30-8.mga5.i586.rpm
virtualbox-kernel-4.4.114-server-1.mga5-5.1.30-8.mga5.i586.rpm
virtualbox-kernel-desktop586-latest-5.1.30-8.mga5.i586.rpm
virtualbox-kernel-desktop-latest-5.1.30-8.mga5.i586.rpm
virtualbox-kernel-server-latest-5.1.30-8.mga5.i586.rpm

xtables-addons-kernel-4.4.114-desktop-1.mga5-2.10-58.mga5.i586.rpm
xtables-addons-kernel-4.4.114-desktop586-1.mga5-2.10-58.mga5.i586.rpm
xtables-addons-kernel-4.4.114-server-1.mga5-2.10-58.mga5.i586.rpm
xtables-addons-kernel-desktop586-latest-2.10-58.mga5.i586.rpm
xtables-addons-kernel-desktop-latest-2.10-58.mga5.i586.rpm
xtables-addons-kernel-server-latest-2.10-58.mga5.i586.rpm



x86_64:
cpupower-4.4.114-1.mga5.x86_64.rpm
cpupower-devel-4.4.114-1.mga5.x86_64.rpm
kernel-desktop-4.4.114-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-4.4.114-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-latest-4.4.114-1.mga5.x86_64.rpm
kernel-desktop-latest-4.4.114-1.mga5.x86_64.rpm
kernel-doc-4.4.114-1.mga5.noarch.rpm
kernel-server-4.4.114-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-4.4.114-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-latest-4.4.114-1.mga5.x86_64.rpm
kernel-server-latest-4.4.114-1.mga5.x86_64.rpm
kernel-source-4.4.114-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.114-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.114-1.mga5.x86_64.rpm
perf-4.4.114-1.mga5.x86_64.rpm

vboxadditions-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.x86_64.rpm
vboxadditions-kernel-4.4.114-server-1.mga5-5.1.30-8.mga5.x86_64.rpm
vboxadditions-kernel-desktop-latest-5.1.30-8.mga5.x86_64.rpm
vboxadditions-kernel-server-latest-5.1.30-8.mga5.x86_64.rpm

virtualbox-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.x86_64.rpm
virtualbox-kernel-4.4.114-server-1.mga5-5.1.30-8.mga5.x86_64.rpm
virtualbox-kernel-desktop-latest-5.1.30-8.mga5.x86_64.rpm
virtualbox-kernel-server-latest-5.1.30-8.mga5.x86_64.rpm

xtables-addons-kernel-4.4.114-desktop-1.mga5-2.10-58.mga5.x86_64.rpm
xtables-addons-kernel-4.4.114-server-1.mga5-2.10-58.mga5.x86_64.rpm
xtables-addons-kernel-desktop-latest-2.10-58.mga5.x86_64.rpm
xtables-addons-kernel-server-latest-2.10-58.mga5.x86_64.rpm

Summary: Update request: kernel 4.4.113 => Update request: kernel 4.4.114

Thomas Backlund 2018-02-01 07:17:18 CET

Keywords: feedback => (none)

Comment 14 Herman Viaene 2018-02-01 17:02:12 CET
MGA5-32 on Dell Latitude D600 Xfce
No installation issues
Tried all usual operations (text, pdf, tif, jpg, pnm, avi, wav, newspaper on the web) all OK.
Looks like the nfs-client mounting problem at boot is here to stay in MGA5.
Can go as far as I am concerned.

Whiteboard: (none) => MGA5-32-OK

Comment 15 William Kenney 2018-02-01 18:31:52 CET
In a Vbox client, M5.1, KDE, 64bit

Testing: kernel-desktop-latest vboxadditions-kernel-desktop-latest cpupower

[root@localhost wilcal]# uname -a
Linux localhost 4.4.111-desktop-1.mga5 #1 SMP Wed Jan 10 21:54:51 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.111-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest
Package vboxadditions-kernel-desktop-latest-5.1.30-4.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi cpupower
Package cpupower-4.4.111-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

Installed kernel-desktop-latest vboxadditions-kernel-desktop-latest cpupower from updates testing

[root@localhost wilcal]# uname -a
Linux localhost 4.4.114-desktop-1.mga5 #1 SMP Wed Jan 31 19:24:17 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.114-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest
Package vboxadditions-kernel-desktop-latest-5.1.30-8.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi cpupower
Package cpupower-4.4.114-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

Comment 16 Marja Van Waes 2018-02-01 20:23:33 CET

[marja@Mga5_64bit ~]$ uname -a
Linux Mga5_64bit 4.4.114-desktop-1.mga5 #1 SMP Wed Jan 31 19:24:17 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[marja@Mga5_64bit ~]$ 

I've updated from 4.4.113-2.mga5 to:

  cpupower                       4.4.114      1.mga5        x86_64
  kernel-desktop-4.4.114-1.mga5  1            1.mga5        x86_64
  kernel-desktop-latest          4.4.114      1.mga5        x86_64
  kernel-userspace-headers       4.4.114      1.mga5        x86_64


on bare metal, an old ThinkPad SL510 https://wiki.mageia.org/en/User:Marja/QA/Hardware#Lenovo_ThinkPad_SL510 

I saw no errors when installing, rebooting went fine.

I've used this kernel for over half an hour now with KDE/KDM, reading mails, connecting with a remote irssi session in screen, surfing, playing a game, etc. and everything seems fine. Switching to a VT works fine, too.
Comment 17 William Kenney 2018-02-01 22:40:57 CET
On real hardware, M6, Plasma, 64-bit

initial install:
kernel-desktop-latest
virtualbox vboxadditions-kernel-desktop-latest dkms-virtualbox
virtualbox-guest-additions virtualbox-kernel-desktop-latest x11-driver-video-vboxvideo
kernel-desktop-devel-latest dkms-nvidia-current

[root@localhost wilcal]# uname -a
Linux localhost 4.4.111-desktop-1.mga5 #1 SMP Wed Jan 10 21:54:51 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.111-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi virtualbox
Package virtualbox-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest
Package vboxadditions-kernel-desktop-latest-5.1.30-4.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi dkms-virtualbox
Package dkms-virtualbox-5.1.30-1.mga5.noarch is already installed
[root@localhost wilcal]# urpmi virtualbox-guest-additions
Package virtualbox-guest-additions-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi virtualbox-kernel-desktop-latest
Package virtualbox-kernel-desktop-latest-5.1.30-4.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi x11-driver-video-vboxvideo
Package x11-driver-video-vboxvideo-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi kernel-desktop-devel-latest
Package kernel-desktop-devel-latest-4.4.111-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi dkms-nvidia-current
Package dkms-nvidia-current-384.111-1.mga5.nonfree.x86_64 is already installed
[wilcal@localhost ~]$ lspci -k
01:00.0 VGA compatible controller: NVIDIA Corporation GF108 [GeForce GT 440] (rev a1)
        Subsystem: Gigabyte Technology Co., Ltd Device 3518
        Kernel driver in use: nvidia
        Kernel modules: nvidiafb, nouveau, nvidia_drm, nvidia_current
        
Using:
Mageia-6-LiveDVD-Xfce-i586-DVD.iso Boots to a working desktop. 
Screen resolution is correct. Common apps work.

Install the above Live-DVD
Installs cleanly, boots to a working desktop. Add no other apps.

install or update from updates_testing:

kernel-desktop-latest
virtualbox vboxadditions-kernel-desktop-latest dkms-virtualbox
virtualbox-guest-additions virtualbox-kernel-desktop-latest x11-driver-video-vboxvideo
kernel-desktop-devel-latest dkms-nvidia-current

[root@localhost wilcal]# uname -a
Linux localhost 4.4.114-desktop-1.mga5 #1 SMP Wed Jan 31 19:24:17 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.114-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi virtualbox
Package virtualbox-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest
Package vboxadditions-kernel-desktop-latest-5.1.30-8.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi dkms-virtualbox
Package dkms-virtualbox-5.1.30-1.mga5.noarch is already installed
[root@localhost wilcal]# urpmi virtualbox-guest-additions
Package virtualbox-guest-additions-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi virtualbox-kernel-desktop-latest
Package virtualbox-kernel-desktop-latest-5.1.30-8.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi x11-driver-video-vboxvideo
Package x11-driver-video-vboxvideo-5.1.30-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi kernel-desktop-devel-latest
Package kernel-desktop-devel-latest-4.4.114-1.mga5.x86_64 is already installed
[root@localhost wilcal]# urpmi dkms-nvidia-current
Package dkms-nvidia-current-384.111-1.mga5.nonfree.x86_64 is already installed
[wilcal@localhost ~]$ lspci -k
01:00.0 VGA compatible controller: NVIDIA Corporation GF108 [GeForce GT 440] (rev a1)
        Subsystem: Gigabyte Technology Co., Ltd Device 3518
        Kernel driver in use: nvidia
        Kernel modules: nvidiafb, nouveau, nvidia_drm, nvidia_current
        
Mageia-6-LiveDVD-Xfce-i586-DVD.iso Boots to a working desktop. 
Screen resolution is correct. Common apps work.
Still works

New client:
Mageia-6-LiveDVD-Gnome-x86_64-DVD.iso Boots to a working desktop. 
Screen resolution is correct. Common apps work.

New client:
Mageia-6-x86_64-DVD.iso Installs then boots to a working desktop.
Updates correctly then reboots back without error.
Screen resolution is correct. Common apps work.

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Comment 18 David Walser 2018-02-02 19:24:15 CET
I noticed this on my Mageia 5 i586 server (built from a micro ATA barebones):

systemd-udevd[1192]: could not read from '/sys/module/acpi_cpufreq/initstate': No such device

I didn't see that before (4.4.111 was the previous boot).

Otherwise it seems to be working fine there.

Seems to be working fine on my parents Mageia 5 x86_64 desktop, nothing interesting stands out there.
Comment 19 David Walser 2018-02-02 20:01:02 CET
Booted to the new kernel (first reboot in 139 days) on my main workstation.

Seems to be working fine, but journalctl ended in this (not sure what it means).

kernel: INFO: task modprobe:711 blocked for more than 120 seconds.
kernel:       Tainted: G           O    4.4.114-desktop-1.mga5 #1
kernel: "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
kernel: modprobe        D ffff8800d8feb6e8     0   711     98 0x00000000
kernel:  ffff8800d8feb6e8 ffffffff81c15580 ffff8800d9a95400 ffff8800d8fec000
kernel:  ffff8800d9a95400 ffff880212213ec4 00000000ffffffff ffff880212213ec8
kernel:  ffff8800d8feb700 ffffffff81702df5 ffff880212213ec0 ffff8800d8feb710
kernel: Call Trace:
kernel:  [<ffffffff81702df5>] schedule+0x35/0x80
kernel:  [<ffffffff8170309e>] schedule_preempt_disabled+0xe/0x10
kernel:  [<ffffffff81704d03>] __mutex_lock_slowpath+0xb3/0x120
kernel:  [<ffffffff81704d8f>] mutex_lock+0x1f/0x30
kernel:  [<ffffffffc0796955>] snd_seq_do_ioctl+0xc5/0xf0 [snd_seq]
kernel:  [<ffffffffc07969ce>] snd_seq_kernel_client_ctl+0x4e/0x70 [snd_seq]
kernel:  [<ffffffffc05994c2>] receive_announce.part.2+0x62/0x90 [snd_seq_oss]
kernel:  [<ffffffffc0599530>] receive_announce+0x40/0x50 [snd_seq_oss]
kernel:  [<ffffffffc0797f35>] snd_seq_deliver_single_event.constprop.12+0x165/0x230 [snd_seq]
kernel:  [<ffffffffc0798156>] snd_seq_deliver_event+0x156/0x2b0 [snd_seq]
kernel:  [<ffffffffc07987d2>] snd_seq_kernel_client_dispatch+0x72/0xa0 [snd_seq]
kernel:  [<ffffffffc079c4c2>] snd_seq_system_broadcast+0x72/0x90 [snd_seq]
kernel:  [<ffffffffc07961c3>] snd_seq_ioctl_create_port+0xb3/0x1b0 [snd_seq]
kernel:  [<ffffffffc0796962>] snd_seq_do_ioctl+0xd2/0xf0 [snd_seq]
kernel:  [<ffffffffc07969ce>] snd_seq_kernel_client_ctl+0x4e/0x70 [snd_seq]
kernel:  [<ffffffffc0071132>] create_port+0x132/0x173 [snd_seq_dummy]
kernel:  [<ffffffffc0528010>] ? dummy_free+0x10/0x10 [snd_seq_dummy]
kernel:  [<ffffffffc0528000>] ? 0xffffffffc0528000
kernel:  [<ffffffffc0071173>] ? create_port+0x173/0x173 [snd_seq_dummy]
kernel:  [<ffffffffc00711cb>] alsa_seq_dummy_init+0x58/0xe8d [snd_seq_dummy]
kernel:  [<ffffffff81002143>] do_one_initcall+0xd3/0x200
kernel:  [<ffffffff811ba418>] ? kmem_cache_alloc_trace+0x38/0x150
kernel:  [<ffffffff811600c0>] do_init_module+0x60/0x1ce
kernel:  [<ffffffff810fd6be>] load_module+0x22de/0x2680
kernel:  [<ffffffff810f9740>] ? __symbol_put+0x60/0x60
kernel:  [<ffffffff810fdb8f>] SYSC_init_module+0x12f/0x170
kernel:  [<ffffffff810fdcae>] SyS_init_module+0xe/0x10
kernel:  [<ffffffff8170719f>] entry_SYSCALL_64_fastpath+0x1c/0x97
Comment 20 James Kerr 2018-02-03 15:04:13 CET
on mga5-64 KDE

packages installed cleanly:
- cpupower-4.4.114-1.mga5.x86_64
- kernel-desktop-4.4.114-1.mga5-1-1.mga5.x86_64
- kernel-desktop-latest-4.4.114-1.mga5.x86_64
- kernel-userspace-headers-4.4.114-1.mga5.x86_64
- virtualbox-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.x86_64
- virtualbox-kernel-desktop-latest-5.1.30-8.mga5.x86_64

System re-booted normally
$ uname -r
4.4.114-desktop-1.mga5

No regressions noted

virtualbox and client launched normally

OK for mga5-64 on this system:

PC-BIOS (legacy) boot
GPT partitions
Dell product: Precision Tower 3620
Mobo: Dell model: 09WH54 
Card: Intel HD Graphics 530
CPU: Quad core Intel Core i7-6700 (-HT-MCP-)
Comment 21 James Kerr 2018-02-03 15:07:00 CET
on mga5-32 KDE in a vbox VM

packages installed cleanly:
- cpupower-4.4.114-1.mga5.i586
- kernel-desktop-4.4.114-1.mga5-1-1.mga5.i586
- kernel-desktop-latest-4.4.114-1.mga5.i586
- kernel-userspace-headers-4.4.114-1.mga5.i586
- vboxadditions-kernel-4.4.114-desktop-1.mga5-5.1.30-8.mga5.i586
- vboxadditions-kernel-desktop-latest-5.1.30-8.mga5.i586

client re-started normally
$ uname -r
4.4.114-desktop-1.mga5

No regressions noted

OK for mga5-32 in a vbox VM
Comment 22 Thomas Andrews 2018-02-03 22:08:10 CET
On real hardware, Athlon X2 7750, 8GB RAM, nvidia340 graphics, Atheros wifi.

Updated to server kernel 4.4.114-1. No virtualbox on this machine.

Packages installed cleanly, nvidia340 driver module built. Browsed the web, played music, everything looks good.

CC: (none) => andrewsfarm

Comment 23 Thomas Backlund 2018-02-05 19:45:28 CET
Validating as good enough because of the security issues...

Advisory:

type: security
subject: Updated kernel packages fix security vulnerabilities
CVE:
 - CVE-2017-5715
 - CVE-2017-5753
 - CVE-2017-8824
 - CVE-2017-16911
 - CVE-2017-16912
 - CVE-2017-16913
 - CVE-2017-16914
 - CVE-2017-1000410
src:
  5:
   core:
     - kernel-4.4.114-1.mga5
     - kernel-userspace-headers-4.4.114-1.mga5
     - kmod-vboxadditions-5.1.30-8.mga5
     - kmod-virtualbox-5.1.30-8.mga5
     - kmod-xtables-addons-2.10-58.mga5
description: |
  This kernel update is based on the upstream 4.4.114 and and fixes
  several security issues.

  The most important fixes in this update is for the security issue named
  "Spectre, variant 2 (CVE-2017-5715)" that is partly mitigated by enabling
  retpoline support. For full retpoline mitigation, kernel needs to be built
  with a retpoline-aware cpmpiler, something that wont happend in Mga5 as
  Mageia 5 has reached End of Support at December 31st, 2017 (even if we
  have been providing some extended support due to Meltdown/Spectre issues.
  If you want to receive further fixes regarding theese issues, you really
  need to upgrade to Mageia 6.

  The BPF interpreter has been used as part of the spectre 2 attack
  CVE-2017-5715. To make attacker job harder introduce BPF_JIT_ALWAYS_ON
  config option that removes interpreter from the kernel in favor of JIT-only
  mode. Note: In Mageia 5 we have BPF disabled by default, so it's not
  really an issue, but the fixes are still needed in case someone enables it 

  KVM on x86 gained a memory barrier on vmcs field lookup as part of
  mitigating Spectre variant 2 (CVE-2017-5753).

  Other security fixes in this update:

  The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114
  allows allows local attackers to disclose kernel memory addresses.
  Successful exploitation requires that a USB device is attached over IP
  (CVE-2017-16911).

  The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux
  Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to
  cause a denial of service (out-of-bounds read) via a specially crafted
  USB over IP packet (CVE-2017-16912).

  The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the
  Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling
  CMD_SUBMIT packets allows attackers to cause a denial of service (arbitrary
  memory allocation) via a specially crafted USB over IP packet
  (CVE-2017-16913).

  The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the
  Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows
  attackers to cause a denial of service (NULL pointer dereference) via a
  specially crafted USB over IP packet (CVE-2017-16914).

  Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies
  in the processing of incoming L2CAP commands - ConfigRequest, and
  ConfigResponse messages. This info leak is a result of uninitialized stack
  variables that may be returned to an attacker in their uninitialized state.
  By manipulating the code flows that precede the handling of these
  configuration messages, an attacker can also gain some control over which
  data will be held in the uninitialized stack variables. This can allow him
  to bypass KASLR, and stack canaries protection - as both pointers and stack
  canaries may be leaked in this manner (CVE-2017-1000410).

  The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through
  4.14.3 allows local users to gain privileges or cause a denial of service
  (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN
  state (CVE-2017-8824).

  For other fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=22474
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.112
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.113
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.114

CC: (none) => sysadmin-bugs
Whiteboard: MGA5-32-OK => MGA5-64-OK, MGA5-32-OK
Keywords: (none) => advisory, validated_update

Comment 24 Mageia Robot 2018-02-05 20:13:32 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0107.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.