Comments

313 Comments

working well for us in our branched stream of FCOS

I was able to install azure-cli and python3-openstackclient together now.

BZ#2029805 Azure CLI and OpenStack CLI cannot be installed together because of jsondiff/jsonpatch conflict

can this go into F35 before final freeze?

karma

seems to be working OK in Fedora CoreOS next stream

BZ#2002475 dnsmasq-2.86 is available
karma

podman rootless containers seem broken. Opened https://bugzilla.redhat.com/show_bug.cgi?id=1990653

karma

works for me for the new kernel argument stuff

Looks good in my local tests. 👍

BZ#1980560 If init_t can read all file_type directories, it should be able to watch them as well

Currently it's considered a downgrade when I go from F34 to F35..

elfutils-libs 0.185-2.fc34 -> 0.185-1.fc35

Can we get 0.185-2 (or later) built for rawhide?

I spoke too soon. I'm seeing a kernel null pointer dereference:

[    8.849896] BUG: kernel NULL pointer dereference, address: 0000000000000010
[    8.850941] #PF: supervisor read access in kernel mode
[    8.851691] #PF: error_code(0x0000) - not-present page
[    8.852422] PGD 0 P4D 0 
[    8.852803] Oops: 0000 [#1] SMP NOPTI
[    8.853321] CPU: 1 PID: 20 Comm: kworker/1:0 Tainted: G        W        --------- ---  5.14.0-0.rc1.16.fc35.x86_64 #1
[    8.854790] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-1.fc33 04/01/2014
[    8.856053] Workqueue: events ttm_device_delayed_workqueue [ttm]
[    8.856944] RIP: 0010:qxl_bo_delete_mem_notify+0x19/0x40 [qxl]
[    8.857793] Code: 89 e7 45 31 e4 e8 b7 1c cb ef eb ea 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 fd e8 a2 02 00 00 84 c0 74 0d 48 8b 85 68 01 00 00 <83> 78 10 03 74 02 5d c3 8b 85 64 02 00 00 85 c0 74 f4 48 8b 7d 08
[    8.860522] RSP: 0018:ffffa5b4400b3dd0 EFLAGS: 00010202
[    8.861287] RAX: 0000000000000000 RBX: ffff8b86c1822670 RCX: ffff8b86c033cf80
[    8.862319] RDX: ffff8b86ce2eb990 RSI: ffff8b86ce2eb990 RDI: ffff8b86ce2eb800
[    8.863360] RBP: ffff8b86ce2eb800 R08: ffff8b86ce2eb990 R09: 0000000000000000
[    8.864397] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8b86ce2eb990
[    8.865438] R13: ffff8b86ce2eb800 R14: ffff8b86ce2eb960 R15: ffff8b86ce2eb990
[    8.866483] FS:  0000000000000000(0000) GS:ffff8b86f8d00000(0000) knlGS:0000000000000000
[    8.867649] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    8.868481] CR2: 0000000000000010 CR3: 0000000111c28000 CR4: 0000000000350ee0
[    8.869515] Call Trace:
[    8.869871]  ttm_bo_cleanup_memtype_use+0x22/0x60 [ttm]
[    8.870648]  ttm_bo_release+0x1a1/0x300 [ttm]
[    8.871294]  ttm_bo_delayed_delete+0x1be/0x220 [ttm]
[    8.872027]  ttm_device_delayed_workqueue+0x18/0x40 [ttm]
[    8.872831]  process_one_work+0x1ec/0x390
[    8.873430]  worker_thread+0x53/0x3e0
[    8.873978]  ? process_one_work+0x390/0x390
[    8.874598]  kthread+0x127/0x150
[    8.875073]  ? set_kthread_struct+0x40/0x40
[    8.875692]  ret_from_fork+0x22/0x30
[    8.876229] Modules linked in: rfkill snd_hda_codec_generic ledtrig_audio intel_rapl_msr snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi snd_hda_codec qxl snd_hda_core drm_ttm_helper ttm snd_hwdep snd_pcsp drm_kms_helper intel_rapl_common snd_pcm snd_timer virtio_balloon joydev snd soundcore cec i2c_piix4 drm ip_tables squashfs nls_utf8 isofs dm_multipath crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel serio_raw virtio_console e1000 ata_generic pata_acpi qemu_fw_cfg xfs loop fuse
[    8.882535] CR2: 0000000000000010
[    8.883019] ---[ end trace c31395b6993f2691 ]---
[    8.883703] RIP: 0010:qxl_bo_delete_mem_notify+0x19/0x40 [qxl]
[    8.884539] Code: 89 e7 45 31 e4 e8 b7 1c cb ef eb ea 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 fd e8 a2 02 00 00 84 c0 74 0d 48 8b 85 68 01 00 00 <83> 78 10 03 74 02 5d c3 8b 85 64 02 00 00 85 c0 74 f4 48 8b 7d 08
[    8.887185] RSP: 0018:ffffa5b4400b3dd0 EFLAGS: 00010202
[    8.887936] RAX: 0000000000000000 RBX: ffff8b86c1822670 RCX: ffff8b86c033cf80
[    8.888946] RDX: ffff8b86ce2eb990 RSI: ffff8b86ce2eb990 RDI: ffff8b86ce2eb800
[    8.889960] RBP: ffff8b86ce2eb800 R08: ffff8b86ce2eb990 R09: 0000000000000000
[    8.890979] R10: 0000000000000001 R11: 0000000000000000 R12: ffff8b86ce2eb990
[    8.892022] R13: ffff8b86ce2eb800 R14: ffff8b86ce2eb960 R15: ffff8b86ce2eb990
[    8.893042] FS:  0000000000000000(0000) GS:ffff8b86f8d00000(0000) knlGS:0000000000000000
[    8.894207] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[    8.895137] CR2: 0000000000000010 CR3: 0000000111c28000 CR4: 0000000000350ee0

should be fixed by 3efe180d5105d367ae1dfadb97892ab93a89a783 drm/qxl: add NULL check for bo->resource

Note there seems to be a regression in the multipath code recently (or maybe a desired change that we need to account for). See https://github.com/coreos/fedora-coreos-tracker/issues/897

Will try to open a proper BZ report soon.

karma

works for me in FCOS testing

karma

rpm-ostree composes fail with this grub in our build tooling for Fedora CoreOS (and likely Silverblue and IoT):

Running posttrans scripts... done
error: Running %posttrans for grub2-common: bwrap(/bin/sh): Child process killed by signal 1

I can also see the error if I try to just update the rpm in my coreos-assembler container:

[coreos-assembler]$ sudo rpm -Uvh grub2-common-2.06-1.fc34.noarch.rpm grub2-tools-minimal-2.06-1.fc34.aarch64.rpm grub2-tools-2.06-1.fc34.aarch64.rpm grub2-efi-aa64-2.06-1.fc34.aarch64.rpm grub2-tools-extra-2.06-1.fc34.aarch64.rpm
Verifying...                          ################################# [100%]
Preparing...                          ################################# [100%]
Updating / installing...
   1:grub2-common-1:2.06-1.fc34       ################################# [ 10%]
   2:grub2-tools-minimal-1:2.06-1.fc34################################# [ 20%]
   3:grub2-tools-1:2.06-1.fc34        ################################# [ 30%]
   4:grub2-efi-aa64-1:2.06-1.fc34     ################################# [ 40%]
   5:grub2-tools-extra-1:2.06-1.fc34  ################################# [ 50%]
Cleaning up / removing...
   6:grub2-efi-aa64-1:2.06~rc1-4.fc34 ################################# [ 60%]
   7:grub2-tools-extra-1:2.06~rc1-4.fc################################# [ 70%]
   8:grub2-tools-minimal-1:2.06~rc1-4.################################# [ 80%]
   9:grub2-tools-1:2.06~rc1-4.fc34    ################################# [ 90%]
  10:grub2-common-1:2.06~rc1-4.fc34   ################################# [100%]
/usr/sbin/grub2-probe: error: failed to get canonical path of 'fuse-overlayfs'.
warning: %posttrans(grub2-common-1:2.06-1.fc34.noarch) scriptlet failed, exit status 1

I think this might be related to https://src.fedoraproject.org/rpms/grub2/c/7a89121a6acb710fb6a35095de35c059c82a22c3?branch=f34

karma

working for me! kernel arg support is nice!

We've had no complaints from users of Fedora CoreOS testing & next branches. I assume that means it's good.

BZ#1954736 CVE-2021-30465 runc: vulnerable to symlink exchange attack
BZ#1962096 CVE-2021-30465 runc: vulnerable to symlink exchange attack [fedora-all]