I have updated the bug description now. The `sysctl crypto` command can be used to find out if a system is running in FIPS mode. I believe you should be able to test and trigger the error by following the commands I have just added to the [Test] section. The failure you'll see is now under the [Impact] section.
** Description changed: SRU Justification [Impact] - Focal systems with fips-updates enabled cannot be upgraded to Jammy. During + Some Focal systems with fips-updates enabled cannot be upgraded to Jammy. During the upgrade, there is a point where the userspace packages are upgraded to - their Jammy version, but are run on a Focal FIPS kernel. Specifically, the + their Jammy version, but are run on a Focal FIPS kernel. Specifically, the Jammy version of libgcrypt relies on the getrandom syscall with the GRND_RESEED flag set. This flag, however, is only implemented on the Jammy FIPS kernel. So, when the Jammy version of libgcrypt is run alongside a Focal FIPS kernel, - a fatal error occurs. + a fatal error occurs as below (trimmed for readability): + + ``` + Fatal: unexpected error from getentropy: Invalid argument + fatal error in libgcrypt, file ../../src/misc.c, line 146, function _gcry_logv: internal error (fatal or bug) + Aborted (core dumped) + Processing triggers for mime-support (3.64ubuntu1) ... + Processing triggers for initramfs-tools (0.136ubuntu6.7) ... + update-initramfs: Generating /boot/initrd.img-5.4.0-1112-fips + Processing triggers for libc-bin (2.35-0ubuntu3.8) ... + Processing triggers for man-db (2.9.1-1) ... + Errors were encountered while processing: + systemd + systemd-timesyncd + Fatal: unexpected error from getentropy: Invalid argument + fatal error in libgcrypt, file ../../src/misc.c, line 146, function _gcry_logv: internal error (fatal or bug) + Fatal: unexpected error from getentropy: Invalid argument + fatal error in libgcrypt, file ../../src/misc.c, line 146, function _gcry_logv: internal error (fatal or bug) + + Upgrade complete + + The upgrade has completed but there were errors during the upgrade + process. + ``` + + After that, the system becomes unusable and running some commands + (like shutdown) leads to errors: + + ``` + Fatal: unexpected error from getentropy: Invalid argument + fatal error in libgcrypt, file ../../src/misc.c, line 146, function _gcry_logv: internal error (fatal or bug) + Aborted (core dumped) + ``` [Fix] - Have getrandom not reject the GRND_RESEED flag. For Focal systems, this flag - should only be used during the upgrade process from Focal to Jammy, as the - Jammy userspace packages running on the Focal kernel will rely on it. + Focal FIPS kernel: have getrandom not reject the GRND_RESEED flag. For Focal + systems, this flag should only be used during the upgrade process from Focal + to Jammy, as the Jammy userspace packages running on the Focal kernel will rely + on it. + + ubuntu-release-upgrader: block upgrades when a FIPS kernel without the + aforementioned fix is running in FIPS mode. [Test] Summary: In a FIPS enabled machine using the fips-updates channel, test the upgrade from Focal to Jammy. + To trigger the error, run the following commands: + + pro attach <your-token> + pro enable fips --assume-yes + pro enable fips-updates --assume-yes + grub-reboot '1>2' # or any other command to boot into the -1024 kernel from the "fips" channel, obtained by enabling "fips" previously + reboot + sysctl crypto # Confirm the system is in FIPS mode + uname -a # Confirm you're running an unfixed version of a FIPS kernel + apt upgrade -y + do-release-upgrade + [Where things could go wrong] - This touches the getrandom syscall, so we have many places where things could - go wrong. However, we are just adding another possible flag for it, and not - really adding/removing/altering any other functionality, so the regression - potential is low. + Focal FIPS kernel: this touches the getrandom syscall, so we have many places + where things could go wrong. However, we are just adding another possible flag + for it, and not really adding/removing/altering any other functionality, so the + regression potential is low. + + [Other info] + - The system upgrades successfully if fips=0 is set in the kernel command line, + which can be done by editing this parameter in /etc/default/grub.d/99-fips.cfg, + running `upgrade-grub` afterwards and rebooting. + - Running the latest available kernels from fips-updates should also lead to a + successful upgrade. + -------------------------------- Original Report ------------------------------- Upgrade from 20.04 to 22.04 failed with "Fatal: unexpected error from getentropy: Invalid argument". We have fips-updates enabled thru Ubuntu pro subscription. Tried to upgrade from 18.04 to 22.04. Upgrade from 18.04 to 204 is successful but upgrade from 20.04 to 22.04 failed. Apt or do-release-upgrade commands no longer working after the upgrade failed so we have to restore the host to the Ubuntu 20.04 snapshots. # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.6 LTS Release: 20.04 Codename: focal Upgrade log: Processing triggers for libc-bin (2.35-0ubuntu3.6) ... Errors were encountered while processing: systemd ntfs-3g dbus libpam-systemd:amd64 systemd-sysv libnss-systemd:amd64 friendly-recovery samba-common-bin samba update-notifier-common Fatal: unexpected error from getentropy: Invalid argument fatal error in libgcrypt, file ../../src/misc.c, line 146, function _gcry_logv: internal error (fatal or bug) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055825 Title: fips-updates: upgrade from 20.04 to 22.04 fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2055825/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
