Hi Ben, Thanks for your response. Is there any ETA for when the new version will be released ? We'd like to patch the Meltdown vulnerability and also keep hidepid enabled, but currently the system is unusable with this kernel and hidepid enabled. We tried running with wheezy-backports but it seems that kernel doesn't have the meltdown patch yet. We'd prefer not to compile the kernel manually from source.
Thank you, Niels Hendriks On 15 January 2018 at 00:02, Ben Hutchings <b...@decadent.org.uk> wrote: > Control: tag -1 patch > > On Mon, 2018-01-08 at 10:29 +0100, Camilo Echevarne wrote: > [...] > > After updating the linux-image-amd64 system package, when we try to > > mount proc with the hidepid option the server throws a kernel panic. > [...] > > This is a warning, not a panic (which would stop the kernel > completely). Still, I assume that the permission denial makes it > impractical to use the system with hidepid enabled. > > This problem was not caused by any of the fixes in the latest update, > but by a fix in 3.2.93 that meant I should have updated the backport of > the hidepid feature. However, I added a binary compatibility patch to > avoid problems like this with any out-of-tree users of the API, and > that hid the problem until I bumped the ABI number and removed all the > binary compatibility patches. > > I'll fix this in the next upload. As a temporary measure, you can > rebuild the kernel package with the attached patch, by following the > instructions here: > https://kernel-handbook.alioth.debian.org/ch-common- > tasks.html#s-common-official > > Ben. > > -- > Ben Hutchings > The generation of random numbers is too important to be left to chance. > - Robert Coveyou >
