[UBUNTU 22.04] Kernel oops while removing device from cio_ignore list
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
Medium
|
Skipper Bug Screeners | ||
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Canonical Kernel Team |
Bug Description
SRU Justification:
==================
[Impact]
* A kernel Oops occurs when a device is removed from the cio_ignore list
(that is used to hide ccw devices) on a system with non-I/O subchannels
(e.g. SCM or CHSC subchannels).
* As a result, previously ignored devices cannot be activated again,
and new devices cannot be found.
[Fix]
* 0c3812c347bf 0c3812c347bfb0d
[Test Plan]
* An IBM zSystems or LinuxONE LPAR with with non-I/O subchannels.
* Ubuntu Server 22.04 LTS (with GA kernel 5.15) installed.
* Define a cio_ignore list (to hide ccw devices).
* Remove a device from the cio_ignore list.
* Due to hardware requirements this test needs to be conducted by IBM.
[Where problems could occur]
* General problems may occur with ccw device activation/
in case the new initialization is erroneous.
* Issues may also have an impact on the type of ccw devices,
and may no longer be limited to non-I/O subchannels.
* Things could still go wrong in case cdev is still not properly
derived from sch-type SUBCHANNEL_TYPE_IO.
[Other Info]
* The commit is upstream since kernel 5.16 (next-20220315).
__________
---Problem Description from Peter---
A kernel oops occurs when a device is removed from the cio_ignore list on a system with non-I/O subchannels (e.g. SCM or CHSC subchannels). As a result, previously ignored devices cannot be activated, and new devices cannot be found.
---uname output---
Linux localhost 5.15.0-40-generic #43-Ubuntu SMP Wed Jun 15 12:53:53 UTC 2022 s390x s390x s390x GNU/Linux
Machine Type = s390x
---Steps to Reproduce---
On an s390x-LPAR with non-I/O subchannels, remove a device from the cio_ignore list.
Oops output:
[ 51.597505] Unable to handle kernel pointer dereference in virtual kernel address space
[ 51.597516] Failing address: 2081e99191e98000 TEID: 2081e99191e98803
[ 51.597520] Fault in home space mode while using kernel ASCE.
[ 51.597524] AS:0000000082adc007 R3:0000000000000024
[ 51.597665] Oops: 0038 ilc:3 [#1] SMP
[ 51.597671] Modules linked in: scm_block chsc_sch vfio_ccw mdev vfio_iommu_type1 vfio eadm_sch sch_fq_codel dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua drm i2c_core drm_panel_
xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear pkey zcrypt crc32_vx_s390 ghash_s390 prng chacha_s390 libchacha aes_s390 des_s390 libdes qeth_l2 bridge stp llc zfcp qeth qdio scsi_transport_fc ccwgroup sha512_s390 sha256_s390 sha1_s390 sha_common
[ 51.597735] CPU: 6 PID: 1418 Comm: cio_ignore Not tainted 5.15.0-40-generic #43-Ubuntu
[ 51.597740] Hardware name: IBM 2964 NC9 702 (LPAR)
[ 51.597742] Krnl PSW : 0704e00180000000 0000000081b0c632 (__unset_
[ 51.597752] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 51.597756] Krnl GPRS: 0000000000000001 00000000004a3ca8 0000038007e49000 2081e99191e98528
[ 51.597760] 0000000000000000 0000000081b0c610 0000000000000000 0000000081b07f10
[ 51.597762] 000002aa00000000 0000000081b0c610 0000038007e49000 0000038007a6bc98
[ 51.597765] 00000000941f9200 000003ffa8cf95e0 0000000081818900 0000038007a6bbf8
[ 51.597773] Krnl Code: 0000000081b0c624: a784000c brc 8,0000000081b0c63c
[ 51.597773] 0000000081b0c628: e33030200002 ltg %r3,32(%r3)
[ 51.597773] #0000000081b0c62e: a7840007 brc 8,0000000081b0c63c
[ 51.597773] >0000000081b0c632: e33032000012 lt %r3,512(%r3)
[ 51.597773] 0000000081b0c638: a7740007 brc 7,0000000081b0c646
[ 51.597773] 0000000081b0c63c: a7290000 lghi %r2,0
[ 51.597773] 0000000081b0c640: c0f400089854 brcl 15,0000000081c1f6e8
[ 51.597773] 0000000081b0c646: ebeff0880024 stmg %r14,%r15,136(%r15)
[ 51.597818] Call Trace:
[ 51.597820] [<0000000081b0c
[ 51.597824] ([<000000008181
[ 51.597828] [<0000000081b0e
[ 51.597832] [<0000000081b08
[ 51.597838] [<00000000814be
[ 51.597843] [<00000000813f3
[ 51.597848] [<00000000813f5
[ 51.597852] [<0000000081b49
[ 51.597857] [<0000000081b56
[ 51.597862] Last Breaking-
[ 51.597864] [<000000000000a
[ 51.597868] ---[ end trace 166ba86e913d2c60 ]---
CVE References
tags: | added: architecture-s39064 bugnameltc-198892 severity-medium targetmilestone-inin--- |
Changed in ubuntu: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
affects: | ubuntu → linux (Ubuntu) |
Changed in ubuntu-z-systems: | |
assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
Changed in linux (Ubuntu): | |
importance: | Undecided → Medium |
Changed in ubuntu-z-systems: | |
importance: | Undecided → Low |
importance: | Low → Medium |
Changed in linux (Ubuntu): | |
assignee: | Skipper Bug Screeners (skipper-screen-team) → Frank Heimes (fheimes) |
description: | updated |
Changed in linux (Ubuntu Jammy): | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
tags: |
added: targetmilestone-inin2204 verification-done-jammy removed: targetmilestone-inin--- verification-needed-jammy |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
------- Comment From <email address hidden> 2022-07-07 09:04 EDT-------
The bug occurs because the following upstream kernel commit is missing from the Ubuntu 22.04 kernel:
commit 0c3812c347bfb0d c213556a195e798 50c55702f5
Author: Vineeth Vijayan <email address hidden>
Date: Fri Sep 17 15:04:01 2021 +0200
s390/cio: derive cdev information only for IO-subchannels
cdev->online for the purge function must not be checked for the
non-IO subchannel type. Make sure that we are deriving the cdev only
from sch-type SUBCHANNEL_TYPE_IO.
Signed-off-by: Vineeth Vijayan <email address hidden>
Reviewed-by: Peter Oberparleiter <email address hidden>
Signed-off-by: Vasily Gorbik <email address hidden>
https:/ /git.kernel. org/pub/ scm/linux/ kernel/ git/torvalds/ linux.git/ commit/ ?id=0c3812c347b fb0dc213556a195 e79850c55702f5