Hi Daniel, yes, 5.8 is - as of today - still the current kernel in hirsute (main and proposed). But the kernel teams plans to migrate to 5.10 soon, hence the effort (and pre-requirement for the migration) to test secureboot lock-down upfront. This is to make sure that potential issues in the secureboot lock-down area will not affect any (production) keys. The keys used for signing are bound the the archive where the kernel is build and comes from, and the PPA has a separate one. Inside of the PPA you will also find the 5.10 source code as tar.gz file.
If you follow this PPA link: https://launchpad.net/~canonical-kernel-team/+archive/ubuntu/bootstrap/+packages and click on the kernel that was used for the testing (and open the twistie or section), or at least on a kernel that is close enough (this these kernels get pretty frequently updated), like: "linux-5.10 - 5.10.0-0.1", you will find the sources in the (I think only) tar.gz file that is listed there, like: linux-5.10_5.10.0-0.1.tar.gz (176.3 MiB) https://launchpad.net/~canonical-kernel-team/+archive/ubuntu/bootstrap/+sourcefiles/linux-5.10/5.10.0-0.1/linux-5.10_5.10.0-0.1.tar.gz -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1904906 Title: 5.10 kernel fails to boot with secure boot disabled Status in The Ubuntu-power-systems project: New Status in linux package in Ubuntu: New Bug description: Canonical requests to test the secure boot for the 5.10 kernel but kernel fails to boot with secure boot disabled. The 5.10 kernel can be found in: https://launchpad.net/~canonical-kernel-team/+archive/ubuntu/bootstrap They can be installed by installing the linux-generic-wip package with this PPA enabled. As usual, they are only signed using a key specific to that PPA. This key can be retrieved from the signing tarballs for the kernels, e.g.: http://ppa.launchpad.net/canonical-kernel- team/bootstrap/ubuntu/dists/hirsute/main/signed/linux-5.10-ppc64el/5.10.0-2.3/signed.tar.gz Our tester installed the 5.10 kernel via aptitude. If booting directly from the bootmenu, it stucks at: "kexec_core: Starting new kernel" If booting recovery kernel for 5.10.0, it proceeds farther and after kexec_core, it failed at: " [ 0.029830] LSM: Security Framework initializing [ 0.029916] Yama: b " Two attempts with a different scenario; running with 5.8 kernel and boot via commandline for 5.10: kexec -l /boot/vmlinux-5.10.0-0-generic --initrd=/boot/initrd.img-5.10.0-0-generic --append="root=UUID=49d000cb-dba2-4d70-809e-38f2b31d0f09 ro quiet splash" kexec -e Both attempts also failed while rebooting, once with the same error as the error from booting with bootmenu; the other failure occurred a lot earlier. Wondering what new CONFIGs and/or features for the 5.10 kernel? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-power-systems/+bug/1904906/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
