update/security: Upgrade kernel on scaleway machines #3719
Labels
Comments
|
To reiterate, in the scaleway console the Eclipse Adoptium user is not able to access the |
|
Upgrade process has not been successful, so we should look at reprovisioning and re-running ansible on the machines instead of upgrading the existing ones. |
|
Ive set up https://ci.adoptium.net/computer/test-rise-ubuntu2404-riscv64-1X/ as the first reprovisioned node. Old node: |
|
The test-ubuntu2404 machines have been reinstalled. Their kernels have been upgraded to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
With the recent GhostWrite attack, we need to update the kernels on our RISC-V machines hosted at Scaleway. The steps are documented at https://www.scaleway.com/en/docs/bare-metal/elastic-metal/reference-content/elastic-metal-rv1-guidelines/#update-the-kernel
That kernel update will also allow to disable completely the support for vector on these machines, both for security reasons (as it's the source of the attack in question), but also because the vector instructions available on this machines implement an unratified version of the Vector spec (not 1.0.0).
cc @sxa
The text was updated successfully, but these errors were encountered: