This kernel is already in use in Cauldron too...


Advisory:
This kernel update is based on upstream 5.10.8 and fixes atleast the
following security issue:

SCSI “EXTENDED COPY” (XCOPY) requests sent to a Linux SCSI target (LIO)
allow an attacker to read or write anywhere on any LIO backstore configured
on the host, provided the attacker has access to one LUN and knowledge of
the victim backstore’s vpd_unit_serial (AKA “wwn”). This is possible
regardless of the transport/HBA settings for the victim backstore
(CVE-2020-28374).

It also adds the following fixes:
- fix up kernel-devel packages to not cause errors during dkms installs
  (mga# 27080)
- backported crypto AES-NI XTS fixes the performance regression introduced
  by the retpoline fixes
- backported support for nVidia RTX3xxx (Ampere) modesetting
- backported fixes for broken Intel Haswell GT1 graphics
- backported fixes for iwlwifi causing some systems to hang on boot
- backport fix so the admin can chose to disable i915 security mitigations
  to recover from the big performance loss on older hardware caused
  by earlier security fixes


references:
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.7
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.8

i5-2500, 16GB RAM, Intel graphics, wired Internet connection, 64-bit Plasma system.

The following 6 packages are going to be installed:

- cpupower-5.10.8-2.mga7.x86_64
- kernel-desktop-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-latest-5.10.8-2.mga7.x86_64
- kernel-userspace-headers-5.10.8-2.mga7.x86_64
- virtualbox-kernel-5.10.8-desktop-2.mga7-6.1.16-10.mga7.x86_64
- virtualbox-kernel-desktop-latest-6.1.16-10.mga7.x86_64

No installation issues. Upon rebooting, tried this and that, no issues noted.

CC: (none) => andrewsfarm

Dell Dimension e520, Core2Quad, 4GB RAM, AMD HD 8570 graphics, Realtek rtl8192cu wifi, 32-bit Plasma system.

The following 3 packages are going to be installed:

- cpupower-5.10.8-2.mga7.i586
- kernel-desktop-5.10.8-2.mga7-1-1.mga7.i586
- kernel-desktop-latest-5.10.8-2.mga7.i586

No installation issues. Rebooting into runlevel 3 and running "startx" to bypass the sddm login screen, everything looks good. 

However, if the sddm login screen is used, it is completely unresponsive to mouse clicks or keyboard input. This is an old problem, seen through several kernel updates. See bug 26994. Until recently, I believed it to be an sddm problem, but now it appears to be related to the kernel/amdgpu driver. If the vesa video driver is used, the login screen is responsive, if slow and jerky.

I do not believe this is enough to hold back the kernel update, as it is easily worked around, but I thought it was worth noting it.

(In reply to Thomas Andrews from comment #3)


> No installation issues. Rebooting into runlevel 3 and running "startx" to
> bypass the sddm login screen, everything looks good. 
> 
> However, if the sddm login screen is used, it is completely unresponsive to
> mouse clicks or keyboard input. This is an old problem, seen through several
> kernel updates. See bug 26994. Until recently, I believed it to be an sddm
> problem, but now it appears to be related to the kernel/amdgpu driver. If
> the vesa video driver is used, the login screen is responsive, if slow and
> jerky.
> 
> I do not believe this is enough to hold back the kernel update, as it is
> easily worked around, but I thought it was worth noting it.

Open a separate bugreport for this and attach output of lspcidrake -v, dmesg or journal from boot and xorg.conf

your gpu is probably one of the ones covered by both amdgpu and radeon, causing conflicts somewhere...

Host: canopus Kernel: 5.10.6-desktop-1.mga7 x86_64
Mobo: ASUSTeK model: TUF X299 MARK 2
10-Core: Intel Core i9-7900X type: MT MCP
NVIDIA GP102 [GeForce GTX 1080 Ti] driver: nouveau 

Installed:
- bpftool-5.10.8-2.mga7.x86_64
- cpupower-5.10.8-2.mga7.x86_64
- cpupower-devel-5.10.8-2.mga7.x86_64
- kernel-desktop-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-latest-5.10.8-2.mga7.x86_64
- kernel-desktop-latest-5.10.8-2.mga7.x86_64
- kernel-doc-5.10.8-2.mga7.noarch
- kernel-userspace-headers-5.10.8-2.mga7.x86_64
- lib64bpf-devel-5.10.8-2.mga7.x86_64
- lib64bpf0-5.10.8-2.mga7.x86_64
- perf-5.10.8-2.mga7.x86_64
- xtables-addons-kernel-5.10.8-desktop-2.mga7-3.13-6.mga7.x86_64
- xtables-addons-kernel-desktop-latest-3.13-6.mga7.x86_64

After reboot there was no sign of nvidia although
# urpmi dkms-nvidia-current
reported that it was installed.  Ran drakx11 and dracut and rebooted.

Host: canopus Kernel: 5.10.8-desktop-2.mga7 x86_64
Device-1: NVIDIA GP102 [GeForce GTX 1080 Ti] driver: nvidia v: 460.32.03 
Display: x11 server: Mageia X.org 1.20.10 driver: nvidia,v4l

Installed virtualbox-kernel-desktop-latest as an afterthought.  Launched one of four clients.  Runs OK.
Ran the usual tests - no problems.
NFS shares mounted already.  Looks good.

CC: (none) => tarazed25

on mga7-64  kernel-desktop  plasma

Packages installed cleanly:
- cpupower-5.10.8-2.mga7.x86_64
- kernel-desktop-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-latest-5.10.8-2.mga7.x86_64
- kernel-desktop-latest-5.10.8-2.mga7.x86_64
- kernel-userspace-headers-5.10.8-2.mga7.x86_64

system re-booted normally:

uname -r
5.10.8-desktop-2.mga7

# dkms status
virtualbox, 6.1.16-4.mga7, 5.10.8-desktop-2.mga7, x86_64: installed 

no regressions observed

vbox and client launched normally

looks OK for mga7-64 on this system:

Mobo: Dell model: 09WH54 v: UEFI [Legacy]: Dell v: 2.13.1 
CPU: Intel Core i7-6700
Graphics: Intel HD Graphics 530 (Skylake GT2)

CC: (none) => jim

(In reply to Thomas Backlund from comment #4)
> (In reply to Thomas Andrews from comment #3)
> 
> 
> > No installation issues. Rebooting into runlevel 3 and running "startx" to
> > bypass the sddm login screen, everything looks good. 
> > 
> > However, if the sddm login screen is used, it is completely unresponsive to
> > mouse clicks or keyboard input. This is an old problem, seen through several
> > kernel updates. See bug 26994. Until recently, I believed it to be an sddm
> > problem, but now it appears to be related to the kernel/amdgpu driver. If
> > the vesa video driver is used, the login screen is responsive, if slow and
> > jerky.
> > 
> > I do not believe this is enough to hold back the kernel update, as it is
> > easily worked around, but I thought it was worth noting it.
> 
> Open a separate bugreport for this and attach output of lspcidrake -v, dmesg
> or journal from boot and xorg.conf
> 
> your gpu is probably one of the ones covered by both amdgpu and radeon,
> causing conflicts somewhere...

There already is bug 26994 on this, but it is confusing because of the way I first spotted the problem back in July 2020 and the way new information came to light. It has received little attention, because it appears I have been the only one seeing the symptoms. I will file a new, more appropriate bug, and mark the original as a duplicate.

64 bit OK on My machine "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display.

Disk&Filesystem: SSD with EFI and ext 4 /boot, then an encrypted partition for LVM, containing swap and ext4 /home & /

$ sudo dkms status tells nvidia-current and virtualbox are OK

Plasma desktop, used now ant then during the day
Thunderbird, LibreOffice, Ktorrent, Nextcloud client...
Video with sound in Firefox
CUDA and OpenCL detected
Stress test: While workinng with other things BOINC use all cores to 100%, videos do not stutter.

Also virtualbox 6.1.16 seem OK running MSW7 64 bit guest incl folder sharing, USB, bidirectional clipboard, dynamic guest window resizing. All as usual, need to free 1 or 2 cores from BOINC to avoid video stutter in guest firefox, playing from internet.

CC: (none) => fri

Host: juza Kernel: 5.10.6-desktop-1.mga7 x86_64
Lenovo Ideapad Y500
Quad Core: Intel Core i7-3630QM type: MT MCP speed: 1198 MHz
NVIDIA GK107M [GeForce GT 650M] driver: nvidia v: 460.32.03
Qualcomm Atheros AR8161 Gigabit Ethernet driver: alx
Intel Centrino Wireless-N 2230 driver: iwlwifi

Installed these:

- cpupower-5.10.8-2.mga7.x86_64
- kernel-desktop-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-5.10.8-2.mga7-1-1.mga7.x86_64
- kernel-desktop-devel-latest-5.10.8-2.mga7.x86_64
- kernel-desktop-latest-5.10.8-2.mga7.x86_64
- kernel-doc-5.10.8-2.mga7.noarch
- kernel-userspace-headers-5.10.8-2.mga7.x86_64

and these:
bpftool, cpupower-devel, lib64bpf0, lib64bpf-devel, perf,
virtualbox-kernel, virtualbox-kernel-desktop-latest,
xtables-addons-kernel, xtables-addons-kernel-desktop-latest

After reboot:
Host: juza Kernel: 5.10.8-desktop-2.mga7 x86_64

nvidia running.  Switched to wifi via Network Center - had to suppress roaming.
Installed some extra packages.  glmark2 failed.  Everything else seems to be in order.

validating and flushing out ... new virtualbox and more kernel fixes are coming...

Keywords: (none) => advisory, validated_update
CC: (none) => sysadmin-bugs
Whiteboard: (none) => MGA7-64-OK

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0047.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED