NVME errors in confidential vms

Bug #1943902 reported by Khaled El Mously
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-gcp (Ubuntu)
Invalid
Undecided
Khaled El Mously
Focal
Fix Released
Medium
Khaled El Mously
linux-gcp-5.4 (Ubuntu)
Invalid
Undecided
Khaled El Mously
Bionic
Fix Released
Undecided
Khaled El Mously

Bug Description

See https://canonical.lightning.force.com/lightning/r/Case/5004K000009WBzrQAG/view for more info

[Impact]
Using nvme with swiotlb in confidential VMs can encounter hardware read/write errors.

[Fix]

The following upstream patches from v5.12 address this:

3d2d861eb03e nvme-pci: set min_align_mask
1f221a0d0dbf swiotlb: respect min_align_mask
16fc3cef33a0 swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
26a7e094783d swiotlb: refactor swiotlb_tbl_map_single
ca10d0f8e530 swiotlb: clean up swiotlb_tbl_unmap_single
c32a77fd1878 swiotlb: factor out a nr_slots helper
c7fbeca757fe swiotlb: factor out an io_tlb_offset helper
b5d7ccb7aac3 swiotlb: add a IO_TLB_SIZE define

[Test]

Using a confidential VM, with 'swiotlb=force' set on the kernel command line, and an additional nvme device attached:

$ sudo mkfs.xfs -f /dev/nvme2n1
meta-data=/dev/nvme2n1 isize=512 agcount=4, agsize=131072 blks
         = sectsz=512 attr=2, projid32bit=1
         = crc=1 finobt=1, sparse=0, rmapbt=0, refl
ink=0
data = bsize=4096 blocks=524288, imaxpct=25
         = sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=2560, version=2
         = sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
mkfs.xfs: pwrite failed: Input/output error

Note the input/output error

The error no longer happens with the fixes applied.

[Regression Potential]

Low risk as the patches are mostly clean-up and refactor.
Regression in swiotlb could cause hardware read/write errors

description: updated
no longer affects: linux-oracle (Ubuntu)
no longer affects: linux-gcp-5.4 (Ubuntu Focal)
no longer affects: linux-gcp (Ubuntu Bionic)
Changed in linux-gcp (Ubuntu):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp-5.4 (Ubuntu):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp (Ubuntu Focal):
assignee: nobody → Khaled El Mously (kmously)
Changed in linux-gcp-5.4 (Ubuntu Bionic):
assignee: nobody → Khaled El Mously (kmously)
description: updated
description: updated
Stefan Bader (smb)
Changed in linux-gcp (Ubuntu Focal):
importance: Undecided → Medium
status: New → In Progress
Changed in linux-gcp-5.4 (Ubuntu):
status: New → Invalid
Changed in linux-gcp (Ubuntu):
status: New → Invalid
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-gcp - 5.4.0-1055.59

---------------
linux-gcp (5.4.0-1055.59) focal; urgency=medium

  * focal/linux-gcp: 5.4.0-1055.59 -proposed tracker (LP: #1947072)

  * NVME errors in confidential vms (LP: #1943902)
    - swiotlb: remove the tbl_dma_addr argument to swiotlb_tbl_map_single
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: refactor swiotlb_tbl_map_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - swiotlb: respect min_align_mask
    - nvme-pci: set min_align_mask
    - swiotlb: move orig addr and size validation into swiotlb_bounce
    - swiotlb: Fix the type of index
    - swiotlb: manipulate orig_addr when tlb_addr has offset

 -- Khalid Elmously <email address hidden> Wed, 13 Oct 2021 23:25:16 -0400

Changed in linux-gcp (Ubuntu Focal):
status: In Progress → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-gcp-5.4 - 5.4.0-1055.59~18.04.1

---------------
linux-gcp-5.4 (5.4.0-1055.59~18.04.1) bionic; urgency=medium

  * bionic/linux-gcp-5.4: 5.4.0-1055.59~18.04.1 -proposed tracker (LP: #1947075)

  [ Ubuntu: 5.4.0-1055.59 ]

  * focal/linux-gcp: 5.4.0-1055.59 -proposed tracker (LP: #1947072)
  * NVME errors in confidential vms (LP: #1943902)
    - swiotlb: remove the tbl_dma_addr argument to swiotlb_tbl_map_single
    - driver core: add a min_align_mask field to struct device_dma_parameters
    - swiotlb: add a IO_TLB_SIZE define
    - swiotlb: factor out an io_tlb_offset helper
    - swiotlb: factor out a nr_slots helper
    - swiotlb: clean up swiotlb_tbl_unmap_single
    - swiotlb: refactor swiotlb_tbl_map_single
    - swiotlb: don't modify orig_addr in swiotlb_tbl_sync_single
    - swiotlb: respect min_align_mask
    - nvme-pci: set min_align_mask
    - swiotlb: move orig addr and size validation into swiotlb_bounce
    - swiotlb: Fix the type of index
    - swiotlb: manipulate orig_addr when tlb_addr has offset

 -- Khalid Elmously <email address hidden> Thu, 14 Oct 2021 03:47:52 -0400

Changed in linux-gcp-5.4 (Ubuntu Bionic):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers