powerpc/tm: Fix local DoS

Bug #1520411 reported by Michael Neuling on 2015-11-27
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Joseph Salisbury
Trusty
Medium
Joseph Salisbury
Vivid
Medium
Joseph Salisbury
Wily
Medium
Joseph Salisbury
Xenial
Medium
Joseph Salisbury

Bug Description

The following two fixes have just made it into mpes powerpc fixes tree:

  7f821fc powerpc/tm: Check for already reclaimed tasks
  d2b9d2a powerpc/tm: Block signal return setting invalid MSR state

They fix local DoS (userspace can crash the OS) on powerpc POWER8 cpus for any kernel v3.9+

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1520411

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Michael Neuling (mikey-neuling) wrote :

The bug causes the machine to oops so I can't run this.

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Changed in linux (Ubuntu):
importance: Undecided → Medium
assignee: nobody → Joseph Salisbury (jsalisbury)
status: Confirmed → In Progress
Changed in linux (Ubuntu Wily):
status: New → In Progress
Changed in linux (Ubuntu Vivid):
status: New → In Progress
Changed in linux (Ubuntu Trusty):
status: New → In Progress
Changed in linux (Ubuntu Wily):
importance: Undecided → Medium
Changed in linux (Ubuntu Vivid):
importance: Undecided → Medium
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
Changed in linux (Ubuntu Wily):
assignee: nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu Vivid):
assignee: nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu Trusty):
assignee: nobody → Joseph Salisbury (jsalisbury)
tags: added: trusty vivid wily xenial
Changed in linux (Ubuntu Xenial):
status: In Progress → Confirmed
Joseph Salisbury (jsalisbury) wrote :

I built a Wily test kernel with a cherry pick of the two requested commits. The test kernel can be downloaded from:

http://kernel.ubuntu.com/~jsalisbury/lp1520411/

Can you test this kernel an see if it resolves this bug?

Michael Neuling (mikey-neuling) wrote :

I don't think the debs have been created correctly. The debs that have been created don't seem to have the ppc64 LE config which normally end with *_ppc64el.deb

Joseph Salisbury (jsalisbury) wrote :

Sorry about that. I built a new test kernel for your arch. It can also be downloaded from:

http://kernel.ubuntu.com/~jsalisbury/lp1520411/

Michael Neuling (mikey-neuling) wrote :

Thanks. Works for me for the tests I've posted here:
https://lists.ozlabs.org/pipermail/linuxppc-dev/2015-November/136403.html

Andy Whitcroft (apw) on 2015-12-16
Changed in linux (Ubuntu Wily):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Vivid):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Trusty):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.3.0-5.16

---------------
linux (4.3.0-5.16) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1526986
  * [Config] Spell ignore.modules correctly
    Fixes FTBS

 -- Tim Gardner <email address hidden> Wed, 16 Dec 2015 15:52:52 -0700

Changed in linux (Ubuntu Xenial):
status: Confirmed → Fix Released
Luis Henriques (henrix) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Luis Henriques (henrix) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Luis Henriques (henrix) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-wily' to 'verification-done-wily'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-trusty verification-needed-utopic verification-needed-vivid verification-needed-wily
Andy Whitcroft (apw) wrote :

Fix released in 3.19.0-47.53

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released
Andy Whitcroft (apw) wrote :

Fix released in 4.2.0-27.32

Changed in linux (Ubuntu Wily):
status: Fix Committed → Fix Released
Andy Whitcroft (apw) wrote :

Fix released in 3.13.0-77.121

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers