[UBUNTU 20.04] s390x/pci: do not allow to create more pci functions than configured via CONFIG_PCI_NR_FUNCTIONS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
Medium
|
Canonical Kernel Team | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Canonical Kernel Team | ||
Focal |
Fix Released
|
Undecided
|
Canonical Kernel Team | ||
Groovy |
Fix Released
|
Undecided
|
Canonical Kernel Team |
Bug Description
SRU Justification:
==================
[Impact]
* PCI Functions with UIDs >128 are currently not accounted correctly in the s390x/pci (zPCI) code.
* Furthermore, the code allows that more than CONFIG_
* This can lead to issues with data structures which were only allocated for CONFIG_
[Fix]
* https:/
[Test Case]
* Set the kernel parameter CONFIG_
* And check if more PCI functions can be created than specified by CONFIG_
[Regression Potential]
* There is regression potential can be considered as low, since:
* the zPCI cards are less wide spread than for example ccw adapters on s390x
* the fix got already upstream accepted in 5.7, hence upstream reviewed, too
* the modifications span just two files and both are s390x arch specific
[Other Info]
* the above patch-file is based on commit 969ae01bab2fe93
* and this patch got upstream accepted with kernel v5.7-rc1, hence on the long term it should be in 'gorilla'
__________
PCI Functions with UIDs >128 are currently not accounted correctly in the s390x/pci code. Furthermore, the code allows that more than CONFIG_
This has been fixed in the following upstream commit:
969ae01bab2fe93
("s390/pci: Fix zpci_alloc_domain() over allocation")
CVE References
tags: | added: architecture-s39064 bugnameltc-184167 severity-medium targetmilestone-inin2004 |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → linux (Ubuntu) |
summary: |
- s390x/pci: do not allow to create more pci functions than configured via - CONFIG_PCI_NR_FUNCTIONS + [UBUNTU 20.04] s390x/pci: do not allow to create more pci functions than + configured via CONFIG_PCI_NR_FUNCTIONS |
Changed in ubuntu-z-systems: | |
importance: | Undecided → Medium |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
Changed in linux (Ubuntu): | |
assignee: | Skipper Bug Screeners (skipper-screen-team) → nobody |
Changed in ubuntu-z-systems: | |
status: | New → Triaged |
Changed in linux (Ubuntu): | |
status: | New → In Progress |
Changed in ubuntu-z-systems: | |
status: | Triaged → In Progress |
description: | updated |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Groovy): | |
status: | Fix Committed → In Progress |
Changed in linux (Ubuntu Focal): | |
status: | New → In Progress |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → In Progress |
Changed in linux (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Focal): | |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
Changed in linux (Ubuntu Groovy): | |
assignee: | nobody → Canonical Kernel Team (canonical-kernel-team) |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
tags: |
added: verification-done-focal removed: verification-needed-focal |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
------- Comment From <email address hidden> 2020-04-21 09:56 EDT------- PCI_NR_ FUNCTIONS are created. This can lead to issues with data structures which were only allocated for CONFIG_ PCI_NR_ FUNCTIONS.
PCI Functions with UIDs >128 are currently not accounted correctly in the s390x/pci code. Furthermore, the code allows that more than CONFIG_
This has been fixed in the following upstream commit:
969ae01bab2fe93 8b4c8324836038b 5ac1c78fac ("s390/pci: Fix zpci_alloc_domain() over allocation")