Ubuntu
linux package

TCMU: Fix possible overwrite of t_data_sg's last iov[] and wrongly calculating base_command_size

Bug #1689360 reported by bugproxy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
The Ubuntu-power-systems project
Invalid
Medium
Canonical Kernel Team
linux (Ubuntu)
Invalid
Medium
Unassigned
Yakkety
Won't Fix
Medium
Unassigned

Bug Description

---Problem Description---
If there has BIDI data, its first iov[] will overwrite the last
iov[] for se_cmd->t_data_sg.

---uname output---
Latest Yakkety master branch

Machine Type = P8

---Steps to Reproduce---
 Just have a system do workload using tcmu.

Stack trace output:
 I have seen this in my environment:
(gdb) print *((tcmulib_cmd->iovec)+0)
$7 = {iov_base = 0x3fff7c3d0000, iov_len = 8192}
(gdb) print *((tcmulib_cmd->iovec)+1)
$3 = {iov_base = 0x3fff7c3da000, iov_len = 4096}
(gdb) print *((tcmulib_cmd->iovec)+2)
$4 = {iov_base = 0x3fff7c3dc000, iov_len = 16384}
(gdb) print *((tcmulib_cmd->iovec)+3)
$5 = {iov_base = 0x3fff7c3f7000, iov_len = 12288}
(gdb) print *((tcmulib_cmd->iovec)+4)
$6 = {iov_base = 0x1306e853c0028, iov_len = 128} <--- bad pointer and length

cmu: Fix wrongly calculating of the base_command_size
https://patchwork.kernel.org/patch/9687657/

tcmu: Fix possible overwrite of t_data_sg's last iov[]
https://patchwork.kernel.org/patch/9687565/

tcmu: Skip Data-Out blocks before gathering Data-In buffer for BIDI case

https://patchwork.kernel.org/patch/9655423/

This patch should also be a part of these fixes. WITH BIDI op fixes.

Revision history for this message
bugproxy (bugproxy) wrote : tcmu: Fix possible overwrite of t_data_sgs last iov[]

Default Comment by Bridge

tags: added: architecture-ppc64le bugnameltc-154063 severity-critical targetmilestone-inin1610
Revision history for this message
bugproxy (bugproxy) wrote : tcmu: Fix wrongly calculating of the base_command_size

Default Comment by Bridge

Changed in ubuntu:
assignee: nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage)
affects: ubuntu → linux (Ubuntu)
Joseph Salisbury (jsalisbury)
tags: added: kernel-da-key
Manoj Iyer (manjo)
tags: added: ubuntu-17.04
Manoj Iyer (manjo)
Changed in ubuntu-power-systems:
assignee: nobody → Canonical Kernel Team (canonical-kernel-team)
Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Frank Heimes (fheimes)
Changed in ubuntu-power-systems:
status: New → Triaged
Joseph Salisbury (jsalisbury)
tags: added: yakkety
Changed in linux (Ubuntu Yakkety):
status: New → In Progress
Changed in linux (Ubuntu):
status: Triaged → In Progress
Changed in ubuntu-power-systems:
status: Triaged → In Progress
Changed in linux (Ubuntu Yakkety):
importance: Undecided → Medium
assignee: nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) → Joseph Salisbury (jsalisbury)
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Yakkety is EOL on July 20th. Does this bug affect any other releases?

Changed in linux (Ubuntu Yakkety):
status: In Progress → Won't Fix
Frank Heimes (fheimes)
Changed in ubuntu-power-systems:
importance: Undecided → Medium
Manoj Iyer (manjo)
tags: added: triage-g
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2017-08-03 13:56 EDT-------
No this bug does not affect any other releases. Zesty already has the fix in it.

Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
status: In Progress → Invalid
Andrew Cloke (andrew-cloke)
Changed in ubuntu-power-systems:
status: In Progress → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.