This bug is awaiting verification that the linux-lowlatency- hwe-6.11/6.11.0-1007.7~24.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-noble-linux- lowlatency-hwe-6.11' to 'verification-done-noble-linux-lowlatency- hwe-6.11'. If the problem still exists, change the tag 'verification- needed-noble-linux-lowlatency-hwe-6.11' to 'verification-failed-noble- linux-lowlatency-hwe-6.11'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-noble-linux-lowlatency-hwe-6.11-v2 verification-needed-noble-linux-lowlatency-hwe-6.11 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2077145 Title: GDS force mitigation re-enabled in 6.10 (and 6.11) causing crashes Status in linux package in Ubuntu: Fix Released Bug description: The (supposedly unintended) re-enabling of GDS force migration in the Ubuntu 6.10 kernels causes the AVX instruction to be disabled on older CPUs which have no available microcode update. This causes various programs to crash due to the unconditional use of AVX in libgnutls.so, libxul.so, etc. Typically "traps" of "invalid opcode" will be seen in dmesg output along with the initial notice: [ 0.121833] GDS: Microcode update needed! Disabling AVX as mitigation. [ 0.121835] GDS: Mitigation: AVX disabled, no microcode When GDS force mitigation appeared in the kernel, with default "y", it created a lot of issues like these and Ubuntu quickly patched all their kernels, this from the 6.2.0-28.29_6.2.0-31.31 diff: ========== ``` diff -u linux-6.2.0/debian.master/changelog linux-6.2.0/debian.master/changelog --- linux-6.2.0/debian.master/changelog +++ linux-6.2.0/debian.master/changelog @@ -1,3 +1,13 @@ +linux (6.2.0-31.31) lunar; urgency=medium + + * lunar/linux: 6.2.0-31.31 -proposed tracker (LP: #2031146) + + * libgnutls report "trap invalid opcode" when trying to install packages over + https (LP: #2031093) + - [Config]: disable CONFIG_GDS_FORCE_MITIGATION + + -- Thadeu Lima de Souza Cascardo <casca...@canonical.com> Mon, 14 Aug 2023 08:29:52 -0300 + linux (6.2.0-28.29) lunar; urgency=medium * lunar/linux: 6.2.0-28.29 -proposed tracker (LP: #2030547) diff -u linux-6.2.0/debian.master/config/annotations linux-6.2.0/debian.master/config/annotations --- linux-6.2.0/debian.master/config/annotations +++ linux-6.2.0/debian.master/config/annotations @@ -4992,7 +4992,7 @@ CONFIG_GCC_VERSION policy<{'amd64': '120200', 'arm64': '120200', 'armhf': '120200', 'ppc64el': '120200', 'riscv64': '120200', 's390x': '120200'}> CONFIG_GCOV_KERNEL policy<{'amd64': 'n', 'arm64': 'n', 'armhf': 'n', 'ppc64el': 'n', 'riscv64': 'n', 's390x': 'n'}> CONFIG_GDB_SCRIPTS policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 'riscv64': 'y', 's390x': 'y'}> -CONFIG_GDS_FORCE_MITIGATION policy<{'amd64': 'y'}> +CONFIG_GDS_FORCE_MITIGATION policy<{'amd64': 'n'}> CONFIG_GEMINI_ETHERNET policy<{'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm'}> CONFIG_GENERIC_ADC_BATTERY policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm'}> CONFIG_GENERIC_ADC_THERMAL policy<{'amd64': 'm', 'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm'}> ``` ========== In upstream 6.9 the option was renamed from CONFIG_GDS_FORCE_MITIGATION to CONFIG_MITIGATION_GDS_FORCE, but when Ubuntu jumped from 6.8 to 6.10, this customization was lost, seen in the 6.8.0-31.31_6.10.0-15.15 diff: ========== ``` CONFIG_GDB_SCRIPTS policy<{'amd64': 'y', 'arm64': 'y', 'armhf': 'y', 'ppc64el': 'y', 'riscv64': 'y', 's390x': 'y'}> -CONFIG_GDS_FORCE_MITIGATION policy<{'amd64': 'n'}> CONFIG_GEMINI_ETHERNET policy<{'arm64': 'm', 'armhf': 'm', 'ppc64el': 'm', 'riscv64': 'm'}> ... CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY policy<{'arm64': 'y'}> +CONFIG_MITIGATION_CALL_DEPTH_TRACKING policy<{'amd64': 'y'}> +CONFIG_MITIGATION_GDS_FORCE policy<{'amd64': 'y'}> +CONFIG_MITIGATION_IBPB_ENTRY policy<{'amd64': 'y'}> +CONFIG_MITIGATION_IBRS_ENTRY policy<{'amd64': 'y'}> ``` ========== I am sure this was an oversight, and that the old option was simply dropped because it didn't exist any longer, without thinking of it being renamed (among a lot of other renames). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2077145/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
