NVME errors in confidential vms
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-gcp (Ubuntu) |
Invalid
|
Undecided
|
Khaled El Mously | ||
Focal |
Fix Released
|
Medium
|
Khaled El Mously | ||
linux-gcp-5.4 (Ubuntu) |
Invalid
|
Undecided
|
Khaled El Mously | ||
Bionic |
Fix Released
|
Undecided
|
Khaled El Mously |
Bug Description
See https:/
[Impact]
Using nvme with swiotlb in confidential VMs can encounter hardware read/write errors.
[Fix]
The following upstream patches from v5.12 address this:
3d2d861eb03e nvme-pci: set min_align_mask
1f221a0d0dbf swiotlb: respect min_align_mask
16fc3cef33a0 swiotlb: don't modify orig_addr in swiotlb_
26a7e094783d swiotlb: refactor swiotlb_
ca10d0f8e530 swiotlb: clean up swiotlb_
c32a77fd1878 swiotlb: factor out a nr_slots helper
c7fbeca757fe swiotlb: factor out an io_tlb_offset helper
b5d7ccb7aac3 swiotlb: add a IO_TLB_SIZE define
[Test]
Using a confidential VM, with 'swiotlb=force' set on the kernel command line, and an additional nvme device attached:
$ sudo mkfs.xfs -f /dev/nvme2n1
meta-data=
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=0, rmapbt=0, refl
ink=0
data = bsize=4096 blocks=524288, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
mkfs.xfs: pwrite failed: Input/output error
Note the input/output error
The error no longer happens with the fixes applied.
[Regression Potential]
Low risk as the patches are mostly clean-up and refactor.
Regression in swiotlb could cause hardware read/write errors
description: | updated |
no longer affects: | linux-oracle (Ubuntu) |
no longer affects: | linux-gcp-5.4 (Ubuntu Focal) |
no longer affects: | linux-gcp (Ubuntu Bionic) |
Changed in linux-gcp (Ubuntu): | |
assignee: | nobody → Khaled El Mously (kmously) |
Changed in linux-gcp-5.4 (Ubuntu): | |
assignee: | nobody → Khaled El Mously (kmously) |
Changed in linux-gcp (Ubuntu Focal): | |
assignee: | nobody → Khaled El Mously (kmously) |
Changed in linux-gcp-5.4 (Ubuntu Bionic): | |
assignee: | nobody → Khaled El Mously (kmously) |
description: | updated |
description: | updated |
Changed in linux-gcp (Ubuntu Focal): | |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-gcp-5.4 (Ubuntu): | |
status: | New → Invalid |
Changed in linux-gcp (Ubuntu): | |
status: | New → Invalid |
This bug was fixed in the package linux-gcp - 5.4.0-1055.59
---------------
linux-gcp (5.4.0-1055.59) focal; urgency=medium
* focal/linux-gcp: 5.4.0-1055.59 -proposed tracker (LP: #1947072)
* NVME errors in confidential vms (LP: #1943902) tbl_map_ single dma_parameters tbl_unmap_ single tbl_map_ single tbl_sync_ single
- swiotlb: remove the tbl_dma_addr argument to swiotlb_
- driver core: add a min_align_mask field to struct device_
- swiotlb: add a IO_TLB_SIZE define
- swiotlb: factor out an io_tlb_offset helper
- swiotlb: factor out a nr_slots helper
- swiotlb: clean up swiotlb_
- swiotlb: refactor swiotlb_
- swiotlb: don't modify orig_addr in swiotlb_
- swiotlb: respect min_align_mask
- nvme-pci: set min_align_mask
- swiotlb: move orig addr and size validation into swiotlb_bounce
- swiotlb: Fix the type of index
- swiotlb: manipulate orig_addr when tlb_addr has offset
-- Khalid Elmously <email address hidden> Wed, 13 Oct 2021 23:25:16 -0400