Your message dated Thu, 20 Feb 2025 19:17:37 +0100
with message-id <z7dxwzc2ygdg4...@eldamar.lan>
and subject line Re: Bug#1042815: linux-image-6.1.0-10-amd64: Fails to load
kernel modules due to bpf/btf issue
has caused the Debian Bug report #1042815,
regarding linux-image-6.1.0-10-amd64: Fails to load kernel modules due to
bpf/btf issue
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1042815: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042815
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: linux-image-6.1.0-10-amd64
Severity: important
Tags: patch
Dear Maintainer,
Current kernel failed to load modules for MASQUERADE nat rules giving the
following
in dmesg:
[37404.063872] BPF: [99720] ENUM STROY
[37404.064350] BPF: size=4 vlen=14
[37404.064699] BPF:
[37404.065000] BPF: Invalid name
[37404.065287] BPF:
[37404.065463] failed to validate module [nf_conntrack] BTF: -22
[37404.067137] missing module BTF, cannot register kfuncs
The following upstream patch fixes the issue:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=3de4d22cc9ac7c9f38e10edcf54f9a8891a9c2aa
And it has been included in upstream stable 6.1 kernel releases since 6.1.39:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/log/?h=linux-6.1.y&ofs=400
Please include in Bookworm as its currently preventing netavark from using
iptables
to load the MASQUERADE module and, thus, preventing me from running containers.
Thanks. :)
PS: This, I think, is covered in bug 1003965 but my attempt to email into that
bug appears
to have failed. If it ever succeeds apologies for the dupe report. :(
-- System Information:
Debian Release: 12.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8),
LANGUAGE=en_AU:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---
Hi,
On Thu, Aug 03, 2023 at 12:28:00PM +1000, AP wrote:
> On Tue, Aug 01, 2023 at 01:44:26PM +0200, Salvatore Bonaccorso wrote:
> > > PS: This, I think, is covered in bug 1003965 but my attempt to email into
> > > that bug appears
> > > to have failed. If it ever succeeds apologies for the dupe report. :(
> >
> > is the assumption that you updated from 6.1.37-1 or 6.1.38-1 to
> > 6.1.38-2 (or any of the combinations which did not bump ABI) but did
> > not reboot before loading the module correct?
>
> Nope. You're right. This is what happens when you ansiblise everything.
>
> The initial image is with -1, my playbook upgraded it to -2 and tried to use
> it
> and it failed. Just did a manual test and modified my playbook to reboot and
> tested that and it works fine after reboot.
>
> So... my bad. Feeling a bit sheepish. Apologies.
>
> Still... downloading and installing a new kernel shouldn't break a live
> system.
So I think we can close this bug now as in practice for stable we need
to bump ABI on each update (to actually suffice the requirements for
secure boot), and for trixie and above the issue is implicitly
resolved as well as there is no such thing anymore of maintaining
manually the ABI, but for each build the modules are signed with an
ephemeral key.
So closing the issue now.
Regards,
Salvatore
--- End Message ---
