[Kernel-packages] [Bug 2045322] Re: linux-image-5.4.0-1024-fips - boots to kernel panic on AMD EPYC 7262 CPU - drbg_nopr_sha512

Fri, 09 Aug 2024 21:15:59 -0700 

The fips kernel containing the fix has been released to fips-updates:

5.4.0-1104 fips kernel has been released to fips-updates:

apt policy linux-image-5.4.0-1104-fips
linux-image-5.4.0-1104-fips:
  Installed: 5.4.0-1104.114
  Candidate: 5.4.0-1104.114
  Version table:
 *** 5.4.0-1104.114 1001
       1001 https://esm.ubuntu.com/fips-updates/ubuntu focal-updates/main amd64 
Packages
        100 /var/lib/dpkg/status

** Changed in: linux (Ubuntu)
       Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2045322

Title:
  linux-image-5.4.0-1024-fips - boots to kernel panic on AMD EPYC 7262
  CPU - drbg_nopr_sha512

Status in linux package in Ubuntu:
  Fix Released

Bug description:
  On a stock/default installation of Ubuntu 20.04.6LTS with Ubuntu Pro
  activated, running pro enable fips on a system with an AMD EPYC 7262
  results in a kernel panic during boot. Issue not reproducible on Intel
  processors.

  Kernel panic - not syncing: random: Failed to reset DRBG
  (drbg_nopr_sha512): -2

  Will include full screenshot of kernel panic as an attachment to this
  report.

  How the system was built:
  Hardware: HPE Proliant DL385Gen10 with an EPYC 7262 processor, running VMware 
ESXi 7.0u3.
  Using the latest ISO ubuntu-20.04.6-live-server-amd64.iso to install a stock 
installation (choose the defaults all the way through the setup) of Ubuntu in a 
VMware ESXi 7.0u3 virtual machine.
  Once the setup is completed and the system reboots into the newly installed 
system, I run apt-get update, apt-get upgrade, apt-get dist-upgrade, to apply 
all updates and reboot.
  Then, I run:  pro enable fips, press Y to confirm the installation, and 
reboot once it says to reboot to apply FIPS settings.

  System boots into kernel panic.
  Editing grub entry for the same kernel to change fips=1 to fips=0 bypasses 
the kernel panic and allows the system to boot normally.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2045322/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to