Hi there,
I upgraded my machine to PRO status.
But “pro status” reports that my current kernel is not a LTS Version, so I am not eligible for kernel live patching. I tried switching to 6.12.23 (current official LTS) and switching to 6.8.12 and 6.8. To no avail.
Even with 6.8 which is the advised kernel for live patching I am not eligible.
What dont I understand here ?
Thanks a lot !
Which release of Ubuntu are you running?
I am running 24.04.2
I’m on same release with kernel 6.11.0-21-generic. Livepatch is working in this constellation.
[Edit]
Just checked in terminal and there it says
livepatch - yes - warning - Current kernel is not covered by livepatch
[Edit]
But this isn’t reported in the icon or ‘Ubuntu Pro’ Tab
The LTS here does not refer to the kernel.org’s LTS but to the Ubuntu LTS release kernel, for 24.04 currently only the original GA linux-generic one is supported, the HWE (linux-generic-hwe) kernel should be supported as well on 24.04, soon after 25.04 came out (where this kernel package originally comes from)
Since livepatch requires a stable base to build the patches against, only official Ubuntu release kernels are supported indeed…
As I said I tried 6.11 (default), 6.8.12, 6.8 and 6.12.23. On neither of them I get it enabled.
In the console, all kernels report " livepatch - yes - warning - Current kernel is not covered by livepatch"
When trying to enable it in the gui, I always get the same error message:
here on kernel 6.11.0.21-generic, which is default on 24.04.2
any suggestions ?
I just learned about my system that Kernel Livepatch is not active despite it was showing to be working fine. Thank you for pointing this one out to me.
I checked some information and decided to stick with my current configuration. I turned off Kernel Livepatch within ‘Software & Updates’ to match applied Ubuntu Pro settings.
What is a GA kernel ? How can I install it ?
I got " linux-generic-hwe-24.04 6.11.0-21.21~24.04.1" installed but it is not possible to enable kernel live patching for this kernel.
Thanks
The GA (General Availability) kernel is the one 24.04 was released with, it should be whatever linux-generic installed originally (I think that was 6.8 according to the table on Kernels covered by Livepatch | Ubuntu)
The HWE kernel will still need a bit to become supprted by livepatch, it will only be fully supported after 25.04 got released (where it originally comes from)
Please also read:
which is linked at the bottom of the “Kernels covered by Livepatch” page …
So you do recommend to install 6.8 then ?
As stated above I went that way, I tried 6.8 and 6.8.12 but I was unable to enable live patching 
You want to run whatever linux-generic installs and that will be fully supported by livepatch (where did you get all these other versions from, only -generic and -hwe are actually supported kernels and have the correct patch set, security patches and config options as expected by Ubuntu user space apps and services)
These 2 kernels should work on 24.04.2:
|Ubuntu 24.04 LTS |64-bit x86 |6.8 (GA) |aws, azure, gcp, generic, gke, ibm, lowlat
or
|Ubuntu 24.04 LTS |s390x |6.8 (GA) |generic
so 6.8 generic should work… but it does not
linux-generic installed 6.11 and livepatch does not work here
my fault: with linux-generic I was refering to linux-generic-hwe
I used the “mainline” gui to install 6.8,6.8.12,6.12.23 (meanwhile uninstalled already). But 6.11, which you said should work, was installed by default (when installing and updating ubuntu).
6.11 is currently my installed kernel:
$ dpkg -l linux-generic*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-=======================-====================-============-=========================================
ii linux-generic-hwe-24.04 6.11.0-21.21~24.04.1 amd64 Complete Generic Linux kernel and headers
well, linux-meta package : Ubuntu says linux-generic is at 6.8 for 24.04 (noble), specifically at 6.8.0-57.59 … how did you get 6.11 onto a 24.04 system, this does not seem correct as 6.11 is not in the 24.04 archive at all …
I just installed an Ubuntu ISO … Maybe in the landscape process of deploying software to that machine it got updated. I will verify this in a bit, as I am currently installing the iso in a VM.
Don’t ever do that !!!
These mainline kernels are not having any security patches, do not use any sane config options and their sole purpose of existence is that a kernel team member can ask you in a bug to temporarily install a newer version to check if a certain bug has been fixed in a newer mainline release after which they will ask you to immediately remove them again since they are highly insecure and not compatible with expected userspace features … installing them will also turn off any automatic updates for kernels …
Copying the bold text from the very top of https://wiki.ubuntu.com/Kernel/MainlineBuilds here as a reminder and a direct quote from the Ubuntu kernel maintainers:
These kernels are not supported and are not appropriate for production use. Additionally, these kernels do not receive any security updates, therefore if you install them manually via the Mainline PPA, you will never receive a security update or patch for that version.
just after install of 24.04 I got the kernel version 6.11 !
but I have to admit that this 24.04 iso I install is a custom made Ubuntu iso which updates itself during installation (to 24.04.2)
So you got the HWE kernel from 24.10 then, this should be added to livepatch soon (but is not yet)