Package: linux-image-amd64
Version: 5.10.259-1
Severity: normal
X-Debbugs-Cc: [email protected]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
This is a problem encountered with the latest security update of the
kernel for bullseye, aka oldoldstable. I'm not sure exactly where or
how to report it.
Immediately after upgrading the kernel with the latest security fixes,
[UPGRADE] linux-image-amd64:amd64 5.10.257-1 -> 5.10.259-1
in aptitude.log, the logs started filling with more than one complaint
a second like
Jul 3 13:17:31 barley kernel: [ 102.564459] hid-generic 0003:051D:0002.0002:
Event data for report 22 was too short (4 vs 2)
Jul 3 13:17:31 barley kernel: [ 102.567155] hid-generic 0003:051D:0002.0002:
Event data for report 22 was too short (4 vs 2)
Jul 3 13:17:37 barley kernel: [ 107.883143] hid_report_raw_event: 27
callbacks suppressed
Jul 3 13:17:37 barley kernel: [ 107.883171] hid-generic 0003:051D:0002.0002:
Event data for report 22 was too short (4 v 2)
According to Google AI, 0003:051D is an APC UPS connected via USB; I
do have one connected that way. I don't know that the
hid_report_raw_event messages are for the same device, though that
seems likely.
I did not get these errors with any previous version of the kernel.
Significance
============
If there actually is a problem communicating with the UPS this would
affect system reliability. The KDE battery tool show the UPS is not
present (that is, the device is listed and the status is not present),
so there may be an actual issue.
The huge number of messages makes it hard to see anything else in the
logs. They may degrade performance or add extra disk fragmentation.
logcheck email reports are now huge; like the regular logs, it is hard
to pick out anything from the noise.
Workarounds
===========
I added the following patterns to /etc/logcheck/ignore.d.server/local:
^\w{3} [ :0-9]{11} barley kernel: \[[[:blank:]]*[0-9.]+[[:blank:]]*\]
hid-generic 0003:051D:0002.0002: Event data for report 22 was too short \(4 vs
2\)[[:blank:]]*$
^\w{3} [ :0-9]{11} barley kernel: \[[[:blank:]]*[0-9.]+[[:blank:]]*\]
hid_report_raw_event: [0-9]+ callbacks? suppressed[[:blank:]]*$
This fixes the size and interpretability of the logcheck emails,
without addressing the fact that the underlying logs are still filling
and I may not have communication with the UPS.
Another alternative would be to boot the previous kernel; this seems a
bit risky given that it has known vulnerabilities. It might be
worthwhile at least to verify that this is not a hardware failure that
just happened to coincide with the restart of the new kernel.
Finally, I should upgrade the whole system, but that's too big a
project for now.
- -- System Information:
Debian Release: 11.11
APT prefers oldoldstable-security
APT policy: (500, 'oldoldstable-security'), (500,
'oldoldstable-proposed-updates-debug'), (500, 'oldoldstable-debug'), (500,
'oldoldstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-45-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE,
TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages linux-image-amd64 depends on:
ii linux-image-5.10.0-45-amd64 5.10.259-1
linux-image-amd64 recommends no packages.
linux-image-amd64 suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
iQFSBAEBCgA8FiEEreS674/HIyV9gBfdnAYPmOsbK2AFAmpIof8eHHJvc3Nib3ls
YW5Ac3RhbmZvcmRhbHVtbmkub3JnAAoJEJwGD5jrGytgoEYH/A5uCUtP0PfSS4hR
xqGuZjs2Z4By9HZd5t4cNoTpWJCOBOPPFEM7iLTi+uqEifG/vEOpXRrR/Bd3RBnY
gTU64WvRwKN1MIlKeDu3mLb835z010fmyHEk+z6Q2AayBFqIDg67bmEDGebz9Gh5
eE2hA0x5YIkH858yQVJfw31AEKZ371vvB92Kk6Rn2n+zz1/Ppc52x9gHL0U9tzm6
8ZFltjgNm9q9ceKH9Zr7QGlhfJslBZJ9u+TKLQps0yX/dEo4pYTIolIY30AXStPL
neHzNUonRu0HWmSQEEEfb7wKsWlekr9w/zP/wU1ZIcEW5BGZRiJMhqpLFfTWsRSw
/FFW5yA=
=JFo+
-----END PGP SIGNATURE-----