Slashdot Mirror
Meltdown and Spectre Patches Bricking Ubuntu 16.04 Computers (bleepingcomputer.com)
An anonymous reader writes: Ubuntu Xenial 16.04 users who updated to receive the Meltdown and Spectre patches are reporting they are unable to boot their systems and have been forced to roll back to an earlier Linux kernel image. The issues were reported by a large number of users on the Ubuntu forums and Ubuntu's Launchpad bug tracker. Only Ubuntu users running the Xenial 16.04 series appear to be affected.
All users who reported issues said they were unable to boot after upgrading to Ubuntu 16.04 with kernel image 4.4.0-108. Canonical, the company behind Ubuntu OS, deployed Linux kernel image 4.4.0-108 as part of a security update for Ubuntu Xenial 16.04 users, yesterday, on January 9. According to Ubuntu Security Notice USN-3522-1 and an Ubuntu Wiki page, this was the update that delivered the Meltdown and Spectre patches.
All users who reported issues said they were unable to boot after upgrading to Ubuntu 16.04 with kernel image 4.4.0-108. Canonical, the company behind Ubuntu OS, deployed Linux kernel image 4.4.0-108 as part of a security update for Ubuntu Xenial 16.04 users, yesterday, on January 9. According to Ubuntu Security Notice USN-3522-1 and an Ubuntu Wiki page, this was the update that delivered the Meltdown and Spectre patches.
It seems that these companies (Microsoft and Ubuntu and others) are forgetting everything about sound software development practices here. They're in such a hurry to deploy patches that they aren't taking the time to fully test them. The cure is worse than the ailment.
Which has more power: the hammer, or the anvil?
...haven't had any issues.
In debates about Christianity, there are two groups: those looking for answers, and those looking to just ask questions.
"have been forced to roll back to an earlier Linux kernel image."
So, not actually bricked then...
WORDS MEAN THINGS!
Canonical sure loves bricking computers with Ubuntu these days. Did Canonical fire all their QA people like Microsoft?
Let those hackers try and get into my system now!
“Common sense is not so common.” — Voltaire
Choosing a different kernel on boot is hardly bricking
See subject.
It's not bricking if you can revert to an older kernel. For it to be bricked it has to be completely unusable and only restorable by using another system (for phones, a JTAG programmer).
Live Long and Prosper, or DIE free!
In Grub, load a previous kernel. That's always an option.
If there's a way to recover the device, then it's not bricked. Picking the previous image in grub, while annoying, is a pretty simple workaround.
"[We'll be] really getting inside your head and making it an unpleasant place to be" -- Trent Reznor
Kernel 4.4.0-109, which fixes this problem, has already been pushed out.
Apparently, the PTI fix was not quite backported correctly.
For details, see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1741934
Really? Let me try i...***Signal Lost***
Mimetics Inc. Twitter
Sorry, but if the system can be booted by rolling back, or via other means.. It's not *bricked*!
Bricking is the equivalent of applying a killpoke. A software action that makes the hardware henceforth unusable.
This just screws up the kernel and requires you to set up a fresh one, perhaps reinstalling the core system. On Linux this is usually nothing more than a minor annoyance.
Again: it's not bricking. Bricking is when a software update or piece of code renders my smartphone not more useful than a brick and irreversibly so.
Stop using the word just because it's new and describes something significant. It doesn't make your news more interesting, it makes your news false.
Thank you.
We suffer more in our imagination than in reality. - Seneca
Upgraded my kernel yesterday without issue. Got a notice this morning 4.4.0-109.132 was available.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
Press down arrow at boot menu screen.
and so far i have not found a Linux distro to run very well on it without the system locking up, windows 10 would even lock up on it until i did a BIOS update and wiped the OEM copy of windows 10 off and did a clean windows install from an ISO downloaded from microsoft, i think it has something to do with the graphics card because Linux will run good on it until the xorg launches and tries to run an x-window-system & desktop GUI
Politics is Treachery, Religion is Brainwashing
I don't think it means what you think it means. If working around the bug means selecting a different item from the menu to boot, it's not really bricked.
Looking for a computer support specialist for your small business? Check out
Failing to use a particular new kernel is not "bricking". Bricking, as commonly used, means the physical hardware is unrecoverable and needs to be replaced. Recovering a failed Ubuntu kernel means being able to select a different kernel to boot with. This means console access or access to the disk image. These are problematic and can disable production servers. But it's much less destructive than ruining the physical hardware.
Updated this morning, rebooted a few hours ago, no problem yet:
4.4.0-108-generic #131-Ubuntu SMP Sun Jan 7 14:34:49 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Wow! Guess I'm fortunate to have a newer kernel. I was running the 4.10 kernel and the update upgraded me to the 4.13 kernel. All my computers (including one running the equivalent level of Linux Mint) booted just fine with the 4.13.0-26 kernel.
Buzzing the information Superhighway at Warp speed
From the article comments moments ago:
;-)
> Technically, if you are able to boot with an older kernel, your computer is not bricked.
> You are right. I've updated the title.
it ain't a brick
on my Intel desktop running Mint (Ubuntu derivative). I updated the kernel and got a black screen upon reboot. Investigated and found it was freezing the system exactly when the kernel loads. I simply booted the previous kernel and removed this version. A few hours later, I noticed an even newer kernel update was available and updated... problem solved. Total non-issue.
Meltdown and Spectre are serious issues. I see problem this as a bump on the way to a fix. Rarely have I had problems with updating Mint or Ubuntu. But it does happen. The fix was lightning fast.
It is just the new systemd(estroy) update gobbling all resources.
Silence is a state of mime.
Just saw the headline and panicked, checking my Linux systems (all running ubuntu 16.04 LTS) and did a quick check:
myke@mimeticsL01:~$ uname -a
Linux mimeticsL01 4.4.0-108-generic #131-Ubuntu SMP Sun Jan 7 14:34:49 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
myke@mimeticsL01:~$
I've never had a problem with Ubuntu updates (although I RFTA, it sounds like all Ubuntu users have an issue at one time or another). I suspect that the kernel update was tested before it was released so this updates affects some subset of the systems out there.
Like many other people, I was very concerned when i saw the headline saying the updated was "bricking" systems - whoever wrote the headline needs to have the term "bricking" explained to them (ideally with an actual brick).
In the future, msmash, you might want to be a bit less sensational in the headlines and make sure you understand if the terms used in it are correct.
Mimetics Inc. Twitter
Summary:
Bricked is incorrect. You just boot with an older kernel to recover.
"108" kernel has now been replaced in the main repos with "109" which fixes the issue.
This is not what "bricking" is. If you can fix it (i.e. roll back to an earlier kernel image in this case), it's simply a botched kernel update.
C'mon, msmash.
It is pitch black. You are likely to be eaten by a grue.
It seems that these companies (Microsoft and Ubuntu and others) are forgetting everything about sound software development practices here. They're in such a hurry to deploy patches that they aren't taking the time to fully test them. The cure is worse than the ailment.
Both Microsoft and Ubuntu are plagued by the vast permutations of hardware out there, all the combinations of motherboard, cpu, video, etc. Aren't there identified problems with various anti-virus software? Did some driver developer out there try something tricky too that is incompatible with the fix(es)? Historically various problems with Windows came from 3rd party drivers not necessarily Microsoft itself, perhaps Ubuntu is having similar problems?
... so they're implementing this 30% performance penalty to protect users from themselves? ...
Yes, because the flaws can be exploited by sandboxed javascript code; a web page can now own your system.
This kind of thing is hilarious when it happens to Windows users. Pass the popcorn.
But now it's getting real. Pretty much every computer I have, except my piece-of-shit phones, is running Ubuntu 16.04. Not funny anymore. OMG, is this what it feels like to be a New Yorker when I'm telling 9/11 jokes?
"Believe me!" -- Donald Trump
All new crashes:
[ 22.462856] kernel BUG at /build/linux-J4_1pC/linux-4.4.0/mm/slub.c:3627!
[ 22.462874] invalid opcode: 0000 [#1] SMP
Yay for regressions.
If Microsoft released an update that required two key presses to fix and some moron claimed in the headline that it "bricked" computers, we'd have chorus of people saying "the author is an idiot. That's not bricked.". I imagine we'll get the same response today.
It's like most of MD Solar's submissions. There may be a kernel of truth somewhere in them, but they are so wildly exaggerated that the appropriate response is an outpouring of derision for the misleading articles and headlines, not hunting for so hint of something kinda true among the bullshit.
I'd previously upgraded to 4.10.x (for some hardware support). Xenial still wanted me to do the 4.4.0-108 kernel. Needless to say, I didn't do it.
General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
Stop trying to sensationalize the headlines with a complete misuse of buzzwords like "bricking".
According to the bug reports, this issue is now fixed in the 16.04 4.4.0-109 kernel.
A bricked machine is completely useless. If you can roll back to an earlier kernel, you are not bricked. Read the article and don't just parrot a clickbait headline.
See subject: My system 'felt faster' on Win7 & I posted on it days ago & formal tests on 10 = FASTER https://hardware.slashdot.org/comments.pl?sid=11574131&cid=55874785/ - I see a lot of negativity being spread by 'competitors' on this note & despite MS' statement on Win7 being 'slowed' by this patch vs. Intel CPU Meltdown &/or Specter 2 faults on ProcessControlBlock, Transition Lookaside Buffer & page table reloads between usermode & kernelmode transitions in drivers etc. (to try get more folks onto Win10 imo as most folks aren't running VM's or DB's clientside which are the most adversely affected applications I've seen)?
* I am faster - as well as SAFER too!
(I run this system for easily 14++ hrs./day & can tell what is what - later, when news of TechSpot's analysis came thru? It bore out my perceptions).
I was worried on IP stack (it's hybrid Plug & Play design, restartable in usermode) & DirectX for gaming (not usermode drivers since WinXP) for gaming + backup/defrag (not exactly FAST to begin with anyway - but, seem same pretty much - & after updating ALL apps today + this patch I ran defrag & backup - same despite heavy disk I/O).
APK
P.S.=> IMPORTANT: I applied the same to a pal's Win7 rig BUT I backed up the post PATCH IMAGE & rebooted - got "NO OPERATING SYSTEM FOUND" but I restored from a SYSTEM IMAGE (patched one) & voila - it booted fine, patched properly & IS FASTER as is mine on 7... apk
I thought Ubuntu LTS stood for Long-Term Support and not Lunging Thrust-Smack.
Nope... if you are using a SSD you want
sudo blkdiscard -v /dev/sda
Faster and pretty much guaranteed that there is 0 chance of recovery (as once the electrons are out of the gate, there is no way back.
Everyone knows nothing like this happens to Open Sores operating systems! Because many eyes blah blah blah!
IMO, there's a difference between bricking a Linux box vs a Windows box. Unless you have a System 76, you probably installed Linux yourself, or had your nephew do it. That means you have the install media and can reinstall the damn thing.
OTOH, Windows machines don't come with install disks. If Windows is foobar, then for all intensive porpoises, it's bricked (short of taking it to a PC repair place that will unbrick it for what you can pay for a new one).
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Freshly installed 16.04.3 runs the 4.10.x kernel. It includes the HWE. That's on a laptop here.
Initial 16.04.1 and earlier installs might have 4.4.x kernels. I do have a reverse proxy running that, but it won't be patched until the scheduled maintenance period in a few days. By that time, this issue should be resolved.
My primary desktop is still running 14.04, happily.
Kernel 4.4.0-109.132 has been issued to fix this
And Alexander Peter Kowalski is still a retard.
The subject wasn't about your stupid windows box or windows at all yet like the retard you are you felt the need to chime in.
I guess you really do like showing the world just how dumb you are.
That is a normal update, since neither Windows nor Ubuntu Linux cares about stability. Why is this news? Why are people surprised?
... systemd
Anybody actually paying attention knew well before The Register printed anything.
The flaw was spelled out reasonably well by LWN as far back as November 15th, and it was noted that it was highly unusual for the patchset to be fast-tracked as it was. LWN also mentioned the initial KPTI patchset (then called KAISER) about a week earlier than that (Nov 10th). A month later, LWN followed up (including notes that ARM64 was affected) - more than a week before The Resister printed anything.
It was clear that something monumental was on the horizon, and that it was related to memory protection.
It was even clear that there was an information embargo in place, because comments were scrubbed from the associated patches.
It's been reasonably public for close to two months now.
The unknowns were more along the lines of "How deep is this pool of excrement," and "Which animal made it." Major OS patches were a fargone conclusion.
-- Sometimes you have to turn the lights off in order to see.
See subject & FACT on how I 'worked around' a "MISSING OPERATING SYSTEM" screwup on a Win7 patch in my post!
* ... & stop 'stalking' me like the RETARD you project YOU are (for your own sake - not that you care behind UNIDENTIFIABLE anonymous posts HIDING like "your kind", worms & losers, does, lmao!).
APK
P.S.=> Can't you do ANYTHING useful? I do just like MS' patch, I make you FASTER & SAFER natively via APK Hosts File Engine 10++ SR-1 32/64-bit https://www.google.com/search?hl=en&source=hp&biw=&bih=&q=%22APK+Hosts+File+Engine%22+and+%22start64%22&btnG=Google+Search&gbv=1/ for FREE (except my work's PROVEN "bugfree & bulletproof" for 5++ yrs. publicly now as well as safe)... apk
Question is, what nefarious crap are they trying to slip by us by using this crisis of forced patching?
Microsoft for instance seems to be taking the Apple tack of excessively slowing down older systems to induce upgrades to Windows 10. Intel keeps trying to drag AMD into the mix and force unnecessary slowdowns on it to slow the uptake of Ryzen systems. My fingers cramp up when I think of the stuff Apple is doing.. The list goes on..
...and a slow ISP(Frontier). I was actually in the process of downloading the update when I stumbled across this article and canceled the update. It is the xxxx.109.x kernel update but I've seen at least 1 report of that still having an issue here. I'll just wait a couple of days for this to get sorted out....
When the king heard the words of the Book of the Law he tore his robes.2Kings22:11
I ran into a similar issue on an old AMD machine in another distro. Changed a kernel option to noapic and it worked.
seems to be the new overused and abused word of the day. If it's truly "bricked", then your computer is as good as a doorstop with no possibility of being repaired let alone be rolled back. i roll my eyes.
Right?
I'm surprised that I am agreeing with the AC here.
Ubuntu may be a "free" OS, built around what was once a hobby for a bunch of nerds. That doesn't excuse where it is strategically positioned. Ubuntu is now included with Microsoft Windows. It is a part of a truly commercial desktop system. They are backed by a commercial entity in Canonical, which provides enterprise level support to compete with RedHat, etc.
In my experience, kernel updates, which deploy as part of the normal update process, are not trivial. I stopped using, and eventually deleted Ubuntu from my PC altogether, due to non-trivial kernel updates b0rking my system every single time I updated from one release to the next. Literally, every single time. At work I'm running into the other problem of inodes and/or disk space filling up on volumes containing the kernels or kernel sources, resulting in failed kernel upgrades and non-booting servers. I put up with it because Microsoft needs some competition, but I'm burned out on Ubuntu.
You keep on using that word... Are you telling me that nobody knows that in the default Ubuntu boot menu, on can select an older (non-freezing) kernel image with a few keypresses in an extremely user-friendly fashion. This isn't even remotely close to "bricking". Heck, "bricking" resides in another galaxy.
4.4.0-109 was released to fix the regression last night https://usn.ubuntu.com/usn/usn... for me 4.4.0-108 booted successfully and OOPSed on shutdown
Absolutely no disturbances with Ubuntu 16.04.3 with kernel 4.4.0-109-generic.
The headline: "Meltdown and Spectre Patches Bricking Ubuntu"
The reality: The new kernel you upgraded to won't boot. So at the grub menu, scroll down to your old kernel and boot that. Good thing this kind of issue was anticipated and is easy to deal with as a result.
When all you have is a hammer, every problem starts to look like a thumb.
And you decided to double down on the retard there Alexander Peter Kowalski.
Now you spam your BS hosts file garbage that no one brought up.
And then you claim it offers safety when many including myself have pointed out that it actually doesn't.
It is as effective as an AV scanner that detects viruses based off of file names.
It has is never has stopped an unknown threat source.
It doesn't stop entire categories of attacks like other solutions.
It can never stop all threat sources because you can't hold that many.
It can be circumvented by a trivial amount of java script because you can't list 6x10^98 hosts from a single domain, not including sub-domains.
It can't block inbound connections.
So how about you stop lying about and spamming your retard work and I will stop pointing out how much of a retard you are.
Besides you copied (ported) your work originally from someone else so you weren't even smart to come up with those very obvious and simple ideas on your own.
If you want to prove you aren't a retard then actually go and provide real proof support any of your easily refuted claims I debunked above.
Also proof isn't user testimonials, quotes from security experts that don't mention your work, non existent recommendations because your work happens to be in the Misc software section of some web site, a news article that doesn't mention you or your work, or wild speculation.
Hosts do MORE 4 LESS vs.:
NoScript https://developers.slashdot.org/comments.pl?sid=11549257&cid=55843151/
Addons https://developers.slashdot.org/comments.pl?sid=11549257&cid=55839341/
AV (security issues per Tavis Ormandy & AV slows you - hosts speed you up 2 ways. Heuristics create false positives (happened to me & I overturned it w/ 9 AV falsely accusing me (like Nirsoft too))
Remote DNS https://news.slashdot.org/comments.pl?sid=9007355&threshold=-1&commentsort=0&mode=thread&pid=51969075/ w/ security issues BY 100's & remote DNS resolves slower vs. hosts
Routers (security issues galore we see for years like UPnP etc. + added costs of purchase+higher powerbills if "bolted on")
Wildcards block innocents!
Ur FAULTY idea on create/store 4++ billion hosts https://yro.slashdot.org/comments.pl?sid=11532533&cid=55833641/ FAILS!
APK
P.S.=> Hosts make ya FASTER/SAFER natively vs. illogically "Bolting on 'MoAr'" 4 less 4 FREE
Bricking is when you cannot interact with the device, making it the equivalent of a brick. Please stop saying when a OS install is messed up it is bricked.
If you can roll back, it's not a brick. Can we stop inappropriately using the term brick? Brick means no reasonable way of installing working software as an end user.
When something is bricked you need to JTAG flash it using extra hardware, or it's simply dead.
How to know something will not be bricked in 2018: it says it'll be bricked on /.
smh
You can't connect if his system doesn't boot
You guys need to learn what "brick" means in this context. It's trivially easy to boot off removable media and fix this.
For Pete's sake, get the terms right! "Bricking" a device means exactly that -- it's just like a brick! Good for nothing except stacking in a pile. It's can't be fixed, it can't be reloaded, etc. It's effectively DEAD! "Bricking" doesn't mean you have to reinstall the OS. Good grief, get your Tech Terms straight!