[UBUNTU 22.04] zipl segfaults when "parameters=" is missing
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
Medium
|
Skipper Bug Screeners | ||
s390-tools (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Unassigned | ||
Kinetic |
Fix Released
|
Medium
|
Unassigned | ||
s390-tools-signed (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Unassigned | ||
Kinetic |
Fix Released
|
Medium
|
Unassigned |
Bug Description
SRU Justification:
------------------
[Impact]
* The zipl boot-loader tool segfaults if a section doesn't contain
a "parameters =" line.
* Adding a "parameters =" line makes the problem go away.
* This is especially problematic when secure execution is set up,
since the parameter is provided in the secure image
and hence a zipl parameter is not needed.
[Fix]
* 6ff8202f 6ff8202fa9e1721
[Test Plan]
* Setup a default Ubuntu Server for s390x test installation.
* Backup the existing /etc/zipl.conf:
cp /etc/zipl.conf ~
* Edit /etc/zipl.conf and remove (or better comment out)
'the parameters =' line:
sudo vi /etc/zipl.conf
and save the file.
* Execute the zipl tool to re-write the zipl bootloader
and it will segfault
without the patch (like this):
sudo zipl
Using config file '/etc/zipl.conf'
Segmentation fault
* or complete successfully (like this):
sudo zipl
Using config file '/etc/zipl.conf'
Building bootmap in '/boot'
Adding IPL section 'ubuntu' (default)
Preparing boot device: dasda (0101).
Done.
[Where problems could occur]
* It's a patch that changes just one line,
checks the existence of the parmline
and only then computes it's length,
and otherwise sets the length to 0.
* Issues could occur if the compact/short if
statement is wrong and for example the logic mixed up.
* Or if somewhere else in the code a length of 0
for the parameters line is not expected and will
cause further issues.
* Both cases can simply be covered by the above test.
[Other Info]
* The above fix is included in s390-tools v2.23
and is with that incl. in the kinetic s390-tools version.
__________
ZIPL segfaults if a section doesn't contain a "parameter=" line.
Adding that line makes the problem go away.
This is especially a problem when secure execution is set up since the parameter is provided in the secure image and hence a zipl parameter is not needed.
---uname output---
Linux linux6 5.15.0-27-generic #28-Ubuntu SMP Thu Apr 14 04:55:23 UTC 2022 s390x s390x s390x GNU/Linux
Machine Type = z16
---Steps to Reproduce---
Add a section to /etc/zipl.conf that doesn't have a parameter line.
Userspace tool common name: zipl
The userspace tool has the following bit modes: 64-bit
tags: | added: architecture-s39064 bugnameltc-198062 severity-medium targetmilestone-inin--- |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → linux (Ubuntu) |
affects: | linux (Ubuntu) → s390-tools (Ubuntu) |
Changed in ubuntu-z-systems: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
Changed in s390-tools (Ubuntu): | |
assignee: | Skipper Bug Screeners (skipper-screen-team) → nobody |
Changed in ubuntu-z-systems: | |
status: | New → Incomplete |
description: | updated |
Changed in s390-tools (Ubuntu Jammy): | |
status: | New → In Progress |
importance: | Undecided → Medium |
Changed in s390-tools-signed (Ubuntu Jammy): | |
status: | New → In Progress |
importance: | Undecided → Medium |
Changed in s390-tools-signed (Ubuntu Kinetic): | |
status: | In Progress → Fix Released |
Changed in s390-tools (Ubuntu Kinetic): | |
status: | In Progress → Fix Released |
tags: |
added: targetmilestone-inin2204 removed: targetmilestone-inin--- |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
------- Comment From <email address hidden> 2022-06-01 06:56 EDT-------
@Frank: The problem could not be analyzed in detail yet and we do not have an ETA for a fix. Therefore, it doesn't make sense to wait for this to be included in your upcoming s390-tools "bundle" update.