[Bug 2065432] Re: Unable to authenticate with smartcard: gnome-shell throws on unhandled promise rejection

[Robert Malz]

Adding debdiff with 2 patches required for noble package.
d/p/lp2065432-fix-login-with-smartcards.patch: fixes upstream bug
d/p/lp2065432-fix-auth-service-discovery.patch: fixes service discovery (not 
applicable to upstream)

** Description changed:

- Upstream report: https://gitlab.gnome.org/GNOME/gnome-
- shell/-/issues/7526
+ [ Impact ]
+ 
+  * Starting from gnome-shell version 46.0, which is available in noble, 
logging in to the 
+Ubuntu system with smart card does not work.
+
+  * Only workaround is to downgrade gnome-shell to a version 45.0
+ 
+  * Login problem is caused by two seperate issues, one caused by the bug in 
the upstream [1],
+second is related to ubuntu specific code added as part of patch:
+gdm-util-Figure-out-default-service-from-service-definiti.patch
+
+  * Upstream issue has been alraedy fixed with [2], issue was caused by feature
+which was checking conflicting sessions during login.
+  
+  * To fix login problem, upstream patch needs to be backported as well as
+ubuntu specific code fixed
+ 
+ [ Test Plan ]
+ 
+  * To reproduce an issue, smart card (with at least self signed certificate) 
is required.
+  
+  * The simplest steps to reproduce the problem:
+1. Create user "test"
+2. Configure sssd.conf:
+  root@rmalz:/etc/sssd# cat sssd.conf
+  [sssd]
+  services = pam
+  enable_files_domain = True
+  certificate_verification = no_verification
+ 
+  [certmap/implicit_files/test]
+  matchrule = .*
+ 
+  [pam]
+  pam_cert_auth = True
+3. Enable smart card login:
+pam-auth-update --disable sss-smart-card-required --enable 
sss-smart-card-optional
+ 
+  * With these settings, login "test" user. Two problems will occurr.
+First, gnome-shell will not prompt for a smart card PIN and will continue 
to ask for password.
+This is caused by incorrect detection of default auth service, issue 
introduced with:
+gdm-util-Figure-out-default-service-from-service-definiti.patch
+
+Second, if first problem is fixed, login screen will freeze. This issue is 
caused by upstream
+bug [1].
+ 
+ [ Where problems could occur ]
+ 
+  * Upstream patch is changing behavior of finding conflicting sessions,
+ possible risk of regression for non smart card cases
+ 
+  * There is additional patch [3], introduced as part of fix for [1]. It seems 
that this patch is fixing presentation issue
+which is different from initial login problem and no part of this SRU.
+ 
+  * Patches for both [2] and 
gdm-util-Figure-out-default-service-from-service-definiti.patch have been 
tested locally, allowing
+to login without issues.
+ 
+ [ Other Info ]
+ 
+  * Links:
+[1] - https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7526
+[2] - 
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/3448/diffs?commit_id=e5d9a0fec869adbe610c46114afaede04f8c89e2
+[3] - 
https://gitlab.gnome.org/GNOME/gnome-shell/-/merge_requests/3448/diffs?commit_id=647747fbd6afef2f9f939682ab6527f3877ffbfb
+ 
+  * Original case description:
+ Upstream report: https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7526
  
  Opening as part of response to support ticket.
  
  After boot, GDM does not prompt for smartcard authentication correctly.
  It is possible to strike Esc and get GDM to prompt for a username and a
  smartcard PIN from the initial locked-out state, but this does not start
  a new desktop session and instead hangs. Striking Esc allows for the
  login to be attempted again, but with the same results.
  
  Syslog entries include unhandled promise rejections from the
  onSessionOpened event in loginDialog, and perhaps more importantly also
  from the user verification stack that is used to create the initial
  authentication options prompt (stack traces of the syslog entries
  attached).
  
  Affects GDM 46.0-2ubuntu1 in Noble.
  
  To reproduce, configure smartcard auth for a network user on a new Noble
  install and try to sign in.

** Patch added: "noble.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/2065432/+attachment/5810879/+files/noble.debdiff

** Also affects: gnome-shell (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Changed in: gnome-shell (Ubuntu Noble)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Changed in: gnome-shell (Ubuntu Noble)
   Importance: Undecided => High

** Changed in: gnome-shell (Ubuntu Noble)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2065432

Title:
  Unable to authenticate with smartcard: gnome-shell throws on unhandled
  promise rejection

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-shell/+bug/2065432/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2066315] Re: Users who upgraded to rejected SRU 1.72.4-0ubuntu0.22.04.1 aren't restored

[Robert Malz]

Verified on Jammy in AWS workspaces.
Test plan:
1. Upgrade from 1.72.4-0ubuntu0.22.04.1 to 
1.72.4-0ubuntu0.22.04.3~really.is.1.72.2.0ubuntu2
2. Monitor system for couple of days

Done in 3 VMs, no issues detected. I'll keep VMs running for couple of
days doing random GUI operations and update this case if anything will
be detected.

** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2066315

Title:
  Users who upgraded to rejected SRU 1.72.4-0ubuntu0.22.04.1 aren't
  restored

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gjs/+bug/2066315/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2023572] Re: SRU gjs 1.72.4 to jammy

[Robert Malz]

Tested package on jammy VMs for around week, no gjs crashes detected.


** Tags removed: verification-needed-jammy
** Tags added: verification-done-jammy

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2023572

Title:
  SRU gjs 1.72.4 to jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gjs/+bug/2023572/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2061986] [NEW] Mount CIFS fails with Permission denied

[Robert Malz]

Public bug reported:

[ Impact ]

 * Mounting SMB share from server without Key Exchange capability is
failing with Access Denied error

 * Even though SMB server during Session Setup Response in NTLMSSP_CHALLANGE 
message does not advertise
   Key Exchange capabilities SMB client < 5.16 will forcefully use it leading 
to error response during
   TCON requests.

 * Issue can be reproduced on 5.15 or older Kernels, there is no reproduction 
on 6.5 Kernel
 
 * This scenario was fixed in upstream commit 
9de0737d5ba0425c3154d5d83da12a8fa8595c0f
 
 * An example of server without Key Exchange capability is Oracle Solaris 11.4 
SMB zfs, meaning
   mounting share from that server will result in ACCESS_DENIED error.
 
[ Test Plan ]

 * So far issue was reported only with Oracle Solaris 11.04 smb server
and Ubuntu with Kernel <= 5.15

 * To reproduce, setup Oracle Solaris SMB server and try to mount share on 
22.04/20.04 (5.15/5.04)
   Steps to configure SMB server:
1. Download the ISO for Oracle Solaris Common Build Edition [1]
2. Create a VM with at least 16 GB of memory - I have experienced installation 
issues with less memory
3. Install Oracle Solaris using the downloaded ISO
a. Make sure to create a test user
4. Log into the VM as the root user
5. Create a test directory for the share:
a. mkdir /smbshare && chmod 777 /smbshare 
6. Disable the normal Samba daemon: [2]
a. svcadm disable svc:/network/samba
b. svcadm disable svc:/network/wins
7 Configure the server to serve Samba shares using ZFS in Workgroup mode [3]
a. svcadm enable -r smb/server
b. smbadm join -w workgroup
8 Update the /etc/pam.d/other file to require authentication by adding the 
following line:
a. password requiredpam_smb_passwd.so.1nowarn
9. Reset the password for the test user so that it is updated in the SMB 
password database
10. Create the pool and share it using Samba: [4]
a. zfs create -o mountpoint=/smbshare/ rpool/smbshare
b. zfs share -o share.smb=on rpool/smbshare%share

[1] <https://www.oracle.com/solaris/solaris11/downloads/solaris-downloads.html>
[2] 
<https://docs.oracle.com/cd/E26502_01/html/E29004/migratingfromsamba.html#scrolltoc>
[3] 
<https://docs.oracle.com/cd/E26502_01/html/E29004/configuringoperationmodetm.html#configureworkgroupmodetask>
[4] 
<https://docs.oracle.com/cd/E26502_01/html/E29004/managingsmbshares.html#createstaticsmbsharezfstask>

 * With server configured, mount share using ubuntu SMB client
   Expected result: mount operation should succeed
   Actual result: mount returns following error:
root@ubuntu20:/mnt# mount -t cifs -o username=rmalz //192.168.50.217/smbshare 
test
Password for rmalz@//192.168.50.217/smbshare:  
mount error(13): Permission denied
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) and kernel log 
messages (dmesg) 

[ Where problems could occur ]

 * Upstream patch is changing smb client behavior based on server 
NTLMSSP_CHALLENGE Negotiate Flags,
   if server does not advertise Key Exchange Capability but requires it from 
client communication might
   be broken. It is unknown if such servers are used, such instance should be 
treated as a server bug.

 * Patch is available in upstream kernel since 5.16, any issues associated with 
it should be already
   detected.

 * Patch adds additional requirement checks on server NTLM flags, although it 
is possible to hit
   these checks, I was not able to find any instances of that occurring.

 * To lower regression potential, upstream patch backported to Ubuntu 5.15 and 
5.04 Kernels have been
   tested in following environments:
   smb server: Oracle Solaris 11.04, Ubuntu 22.04 HWE
   smb client: Ubuntu 22.04, Ubuntu 20.04
   During testing no issues have been detected.

[ Other Info ]
 
 * Error message coming from SMB client is the same as providing incorrect 
credentials, which might
   confuse users. 
 * Attaching tcpdump pcaps with SMB operations from 5.15 Kernel with and 
without patch.

** Affects: linux (Ubuntu)
 Importance: Medium
 Assignee: Robert Malz (rmalz)
 Status: New

** Affects: linux (Ubuntu Focal)
 Importance: Medium
 Assignee: Robert Malz (rmalz)
 Status: New

** Affects: linux (Ubuntu Jammy)
 Importance: Medium
 Assignee: Robert Malz (rmalz)
 Status: New

** Changed in: linux (Ubuntu)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Changed in: linux (Ubuntu)
   Importance: Undecided => Medium

** Also affects: linux (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: linux (Ubuntu Jammy)
   Importance: Undecided
   Status: New

** Changed in: linux (Ubuntu Focal)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Changed in: linux (Ubuntu Jammy)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Changed in: linux (Ubuntu Focal)
   Importance: Undecided => Medium

** Changed in: linux (Ubuntu Jammy)

[Bug 2061986] Re: Mount CIFS fails with Permission denied

[Robert Malz]

Attaching tcpdump output with patch


** Attachment added: "base_5_15_104_with_patch_filtered.pcap"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2061986/+attachment/5766753/+files/base_5_15_104_with_patch_filtered.pcap

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061986

Title:
  Mount CIFS fails with Permission denied

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2061986/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2061986] Re: Mount CIFS fails with Permission denied

[Robert Malz]

Attaching tcpdump output without patch

** Attachment added: "base_5_15_104_filtered.pcap"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2061986/+attachment/5766752/+files/base_5_15_104_filtered.pcap

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061986

Title:
  Mount CIFS fails with Permission denied

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2061986/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2054872] Re: Cannot change IRQ 70 affinity: Input/output error

[Robert Malz]

88438 174955 233311 126152 
160532 145524 171051 153168 119414 134045 Function call interrupts
+  TLB: 94988 98433 115358 96450 118525 98758 124773 94916 123529 90824 119527 
95110 120917 98504 107344 96577 TLB shootdowns
+  TRM: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Thermal event interrupts
+  THR: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Threshold APIC interrupts
+  DFR: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Deferred Error APIC interrupts
+  MCE: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Machine check exceptions
+  MCP: 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 15 Machine check polls
+  ERR: 1
+  MIS: 0
+  PIN: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Posted-interrupt notification event
+  NPI: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Nested posted-interrupt event
+  PIW: 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 Posted-interrupt wakeup event

** Patch added: "noble.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/irqbalance/+bug/2054872/+attachment/5756029/+files/noble.debdiff

** Changed in: irqbalance (Ubuntu)
   Importance: Undecided => Medium

** Changed in: irqbalance (Ubuntu)
   Status: Incomplete => In Progress

** Changed in: irqbalance (Ubuntu)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Also affects: irqbalance (Ubuntu Noble)
   Importance: Medium
     Assignee: Robert Malz (rmalz)
   Status: In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054872

Title:
  Cannot change IRQ 70 affinity: Input/output error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/irqbalance/+bug/2054872/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2054872] Re: Cannot change IRQ 70 affinity: Input/output error

[Robert Malz]

irqbalance 1.9.3-2ubuntu4 verified on 6.8.0-11-generic
Issue no longer reproduces.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2054872

Title:
  Cannot change IRQ 70 affinity: Input/output error

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/irqbalance/+bug/2054872/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2036239] Re: Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

[Robert Malz]

Hi Roxana,
Mantic verification is still not finished.
I did some touch tests without stress traffic.
I'm trying to get my hands on E810 device to finish testing, I'll update ticket 
once it's done.
Wishful ETA EOW 09.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2036239

Title:
  Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2036239/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2036239] Re: Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

[Robert Malz]

LP update:

Mantic update:
Due to lack of reproduction environment I have been performing following 
regression test:
1. Setup:
   nic: 2port E810-C
both interfaces set up in bonding
   kernel: 6.5.0-25-generic
2. Test cases:
   0) verified that code from the change is used during driver init
   a) stress traffic for 12h (multiple streams of iperf (tcp))
   b) if up/down during stress traffic
   c) reload driver during stress traffic
Look for any issues related to traffic processing, look for tx_hangs
3. Result: No issues have been detected during test execution

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2036239

Title:
  Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2036239/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2036239] Re: Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

[Robert Malz]

** Tags removed: verification-needed-mantic-linux
** Tags added: verification-done-mantic-linux

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2036239

Title:
  Intel E810-XXV - NETDEV WATCHDOG: (ice): transmit queue timed out

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2036239/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2077011] Re: netplan ignores NetworkManager ipv4.route-metric

[Robert Malz]

** Patch added: "noble.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2077011/+attachment/5810010/+files/noble.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2077011

Title:
  netplan ignores NetworkManager ipv4.route-metric

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2077011/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2077011] Re: netplan ignores NetworkManager ipv4.route-metric

[Robert Malz]

** Patch removed: "noble.debdiff"
   
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2077011/+attachment/5810010/+files/noble.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2077011

Title:
  netplan ignores NetworkManager ipv4.route-metric

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2077011/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2076319] Re: Netplan generate is creating directories with incorrect permission

[Robert Malz]

Adding debdiff for noble

** Patch added: "noble debdiff"
   
https://bugs.launchpad.net/netplan/+bug/2076319/+attachment/5810012/+files/noble.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076319

Title:
  Netplan generate is creating directories with incorrect permission

To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/2076319/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2076319] Re: Netplan generate is creating directories with incorrect permission

[Robert Malz]

Adding debdiff for jammy based on 0.106.1-7ubuntu0.22.04.4

** Patch added: "debdiff based on 0.106.1-7ubuntu0.22.04.4"
   
https://bugs.launchpad.net/netplan/+bug/2076319/+attachment/5810013/+files/jammy_04_to_05.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076319

Title:
  Netplan generate is creating directories with incorrect permission

To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/2076319/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2076319] Re: Netplan generate is creating directories with incorrect permission

[Robert Malz]

Adding debdiff for jammy based on 0.107.1-3ubuntu0.22.04.1

** Patch added: "debdiff based on 0.107.1-3ubuntu0.22.04.1"
   
https://bugs.launchpad.net/netplan/+bug/2076319/+attachment/5810014/+files/jammy_107_1_04_01_to_107_1_04_02.debdiff

** Changed in: netplan.io (Ubuntu Jammy)
   Status: New => In Progress

** Changed in: netplan.io (Ubuntu Noble)
   Status: New => In Progress

** Changed in: netplan.io (Ubuntu Jammy)
 Assignee: (unassigned) => Robert Malz (rmalz)

** Changed in: netplan.io (Ubuntu Noble)
 Assignee: (unassigned) => Robert Malz (rmalz)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2076319

Title:
  Netplan generate is creating directories with incorrect permission

To manage notifications about this bug go to:
https://bugs.launchpad.net/netplan/+bug/2076319/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2061986] Re: Mount CIFS fails with Permission denied

[Robert Malz]

Verified issue on both linux/5.4.0-186.206 and linux/5.15.0-111.121.
Following steps from description I was not able to reproduce issue nor I did 
not hit any new problems.
Marking as verified.

** Tags removed: verification-needed-focal-linux verification-needed-jammy-linux
** Tags added: verification-done-focal-linux verification-done-jammy-linux

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2061986

Title:
  Mount CIFS fails with Permission denied

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2061986/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2023572] Re: SRU gjs 1.72.4 to jammy

[Robert Malz]

Sorry for lack of update,
https://wiki.ubuntu.com/DesktopTeam/TestPlans/gjs was not executed.
For a test I wrote a script to spam random windows
let win = new Gtk.Window({
title: "Hello, GJS",
default_width: 200,
default_height: 100,
});
and left it over a week checking if any crashes happened.
tests were performed on 1.72.4-0ubuntu0.22.04.3~really.is.1.72.2.0ubuntu2

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2023572

Title:
  SRU gjs 1.72.4 to jammy

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gjs/+bug/2023572/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2097455] [NEW] Incorrect LAPIC/x2APIC parsing order

[Robert Malz]

Public bug reported:

[ Impact ]

 * In Kernels with commit ec9aedb2aa1a (6.7) CPUs can be enumerated in the order
   which violates ACPI specification that states:
"OSPM should initialize processors in the order that they appear in the 
MADT"

 * The problematic commit parses all LAPIC entries before any x2APIC
   entries, aiming to ignore x2APIC entries with APIC ID < 255 when valid
   LAPIC entries exist. However, it disrupts the CPU enumeration order on
   systems where x2APIC entries precede LAPIC entries in the MADT.
   
 * In scenarios with strict CPU pinning this behavior might introduce
   performance degradation or hyperthreading related side-channel
   vulnerabilities
   
 * Issue has been fixed upstream with commit 0141978ae75

[ Test Plan ]

 * Issue reproduces only in specific ACPI MADT configurations with
   mixed LAPIC and x2APIC entries. An example of it would be AMD Genoa CPUs.

 * Easiest way to reproduce it locally is to replace x2APIC entry
   before LAPIC in MADT table.
   Steps to reproduce (local VM):
   1. Set up a VM with 288 vCPUs
sudo qemu-system-x86_64 -enable-kvm \
  -M q35,accel=kvm,kernel-irqchip=split \
  -device intel-iommu,intremap=on \
  -smp 288,cores=144,threads=1,sockets=2 \
  -m 20G \
  -cpu host \
  -object memory-backend-ram,id=mem0,size=10G \
  -object memory-backend-ram,id=mem1,size=10G \
  -numa node,cpus=0-143,nodeid=0,memdev=mem0 \
  -numa node,cpus=144-287,nodeid=1,memdev=mem1 \
  -drive file=/var/lib/libvirt/images/ubuntu24.04.qcow2,format=qcow2 \
  -boot d
   2. Dump acpi apic/madt tables from VM
acpidump > acpidump.dat
acpixtract -a acpidump.dat
iasl -d apic.dat

apic.dsl file will be generated.
   3. Craft apic.dsl and switch order of CPUs
   4. Compile apic.dsl to aml file
iasl -tc apic.dsl
   5. Inject new table to VM
sudo qemu-system-x86_64 -enable-kvm \
  -M q35,accel=kvm,kernel-irqchip=split \
  -device intel-iommu,intremap=on \
  -smp 288,cores=144,threads=1,sockets=2 \
  -acpitable file=apic.aml \
  -m 20G \
  -cpu host \
  -object memory-backend-ram,id=mem0,size=10G \
  -object memory-backend-ram,id=mem1,size=10G \
  -numa node,cpus=0-143,nodeid=0,memdev=mem0 \
  -numa node,cpus=144-287,nodeid=1,memdev=mem1 \
  -drive file=/var/lib/libvirt/images/ubuntu24.04.qcow2,format=qcow2 \
  -boot d
Results:
Depending on MADT changes. For following example I have moved single x2APIC 
entry
after the first LAPIC.
Incorrect enumeration present on 6.8 Kernels:
NUMA node(s): 2
NUMA node0 CPU(s):0-143
NUMA node1 CPU(s):144-287
Enumeration on 6.8 Kernel with applied fixes:
NUMA node(s): 2
NUMA node0 CPU(s):0,2-144
NUMA node1 CPU(s):1,145-287

[ Where problems could occur ]

 * Fix has been tested using alocal VM with a modified MADT table.

 * MADT table can have multiple possible configurations, making it hard to
   fully test the fix.
   
 * Potential regression with CPU enumeration can be hard to detect as was in 
case of
   patch that introduced the issue.

[ Other Info ]

 * Patch which introduced an issue: ec9aedb2aa1ab7ac420c00b31f5edc5be15ec167
 
 * Patch fixing the issue: 0141978ae75bd48bac13fca6de131a5071c32011

 * Originally issue has been reported for AMD Genoa CPU with following 
enumeration:
  6.5.0
   NUMA node(s):   2
   NUMA node0 CPU(s):  0-89,180-269
   NUMA node1 CPU(s):  90-179,270-359
  6.8.0
   NUMA node(s): 2
   NUMA node0 CPU(s):0-179
   NUMA node1 CPU(s):180-359

** Affects: linux (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: linux (Ubuntu Noble)
 Importance: Undecided
 Status: New

** Affects: linux (Ubuntu Oracular)
 Importance: Undecided
 Status: New

** Also affects: linux (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Also affects: linux (Ubuntu Oracular)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2097455

Title:
  Incorrect LAPIC/x2APIC parsing order

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2097455] Re: Fix LAPIC/x2APIC parsing order

[Robert Malz]

modified apic.dsl

** Attachment added: "modified_apic.dsl"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+attachment/5855117/+files/modified_apic.dsl

** Summary changed:

- Fix LAPIC/x2APIC parsing order
+ Incorrect LAPIC/x2APIC parsing order

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2097455

Title:
  Incorrect LAPIC/x2APIC parsing order

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2097455] Re: Fix LAPIC/x2APIC parsing order

[Robert Malz]

attaching apic.dsl files

** Attachment added: "clean_apic.dsl"
   
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+attachment/5855116/+files/clean_apic.dsl

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2097455

Title:
  Incorrect LAPIC/x2APIC parsing order

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2097455] Re: Incorrect LAPIC/x2APIC parsing order

[Robert Malz]

Tested CPU ordering on both 6.11.0-21-generic 6.8.0-56-generic with modified 
ACPI tables.
Everything looks correct:


Linux rmalz 6.11.0-19-generic #19~24.04.1-Ubuntu SMP PREEMPT_DYNAMIC Mon Feb 17 
11:51:52 UTC 2 x86_64 x86_64 x86_64 GNU/Linux
NUMA node(s): 2
NUMA node0 CPU(s):0-143
NUMA node1 CPU(s):144-287

Linux rmalz 6.11.0-21-generic #21-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 19 
16:50:40 UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
NUMA node(s): 2
NUMA node0 CPU(s):0,2-144
NUMA node1 CPU(s):1,145-287

Linux rmalz 6.8.0-55-generic #57-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 12 23:42:21 
UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
NUMA node(s): 2
NUMA node0 CPU(s):0-143
NUMA node1 CPU(s):144-287

Linux rmalz 6.8.0-56-generic #58-Ubuntu SMP PREEMPT_DYNAMIC Fri Feb 14 15:33:28 
UTC 2025 x86_64 x86_64 x86_64 GNU/Linux
NUMA node(s): 2
NUMA node0 CPU(s):0,2-144
NUMA node1 CPU(s):1,145-287


** Tags removed: verification-needed-noble-linux 
verification-needed-oracular-linux
** Tags added: verification-done-noble-linux verification-done-oracular-linux

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2097455

Title:
  Incorrect LAPIC/x2APIC parsing order

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2097455/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 2112237] [NEW] hwdb.bin not available in initramfs

[Robert Malz]

Public bug reported:

[Impact]
Devices that rely on hwdb metadata for proper naming or configuration may not 
function as expected during initramfs boot.
The issue is that systemd currently does not include the hwdb database in the 
initramfs, despite the fact that udev rules
triggered during early boot can rely on it.

This can result in:
- Network interfaces being named generically or inconsistently
- Missing metadata required by certain udev rules to configure hardware 
correctly
- Confusion or misbehavior in early provisioning and installation environments

This can be observed in any environments using devices that rely on
metadata from hwdb for correct naming.

The core problem is that the initramfs environment behaves inconsistently 
compared to the root filesystem environment due to
missing hwdb data, even though the same udev rules run in both.

This issue has been resolved with upstream commit:
https://salsa.debian.org/systemd-team/systemd/-/commit/e3955d1ca26b94b918ca000837f75c0342e77ad7

[Test Case]
Use hardware with known hwdb-dependent behavior.
Without access to such hardware, scenario can be verified using custom hwdb 
rules:
(assuming a VM with virtio interface)
cat /sys/class/net/enp1s0/device/../modalias
pci:v1AF4d1041sv1AF4sd1100bc02sc00i00

nano /etc/udev/hwdb.d/99-custom-net-names.hwdb
pci:v1AF4d1041*
  ID_NET_NAME_PATH=customvirtio0

build hwdb:
systemd-hwdb update

trigger modified hooks:
update-initramfs -u

reboot into initramfs:
check if hwdb.bin is present
check if udev applies new interface name

[Where problems could occur]
This change affects the systemd-udev initramfs hook, ensuring the hwdb database 
is installed into the initramfs.
This does not change udev behavior itself, but makes static metadata available 
in the initramfs.

Potential areas of concern:
- Slight increase in initramfs size.
- If the hook fails to copy hwdb.bin, initramfs builds could break.
- Some environments may have scripts or tools that have adapted to the absence 
of hwdb data in the initramfs.
These might begin behaving differently once the metadata becomes available for 
instance, interfaces might be renamed, or metadata-dependent logic could change 
unexpectedly.

[Other Info]
Upstream commit:
https://salsa.debian.org/systemd-team/systemd/-/commit/e3955d1ca26b94b918ca000837f75c0342e77ad7
Patch is available in Plucky.

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: systemd (Ubuntu Focal)
 Importance: Undecided
 Status: New

** Affects: systemd (Ubuntu Jammy)
 Importance: Undecided
 Status: New

** Affects: systemd (Ubuntu Noble)
 Importance: Undecided
 Status: New

** Affects: systemd (Ubuntu Oracular)
 Importance: Undecided
 Status: New

** Also affects: systemd (Ubuntu Focal)
   Importance: Undecided
   Status: New

** Also affects: systemd (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Also affects: systemd (Ubuntu Jammy)
   Importance: Undecided
   Status: New

** Also affects: systemd (Ubuntu Oracular)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2112237

Title:
  hwdb.bin not available in initramfs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2112237/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs