s390x kernels are inconsistent for cloud stuff

Bug #1532886 reported by Dimitri John Ledkov on 2016-01-11
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Tim Gardner
Xenial
Medium
Tim Gardner

Bug Description

So to do virtual machine / cloudy stuff things in the kernel config, are not how one would expect them to be. Whilst investigating that I've went ahead to compare all our kernel configs.

amd64/config.common.amd64:CONFIG_VIRTIO_BLK=y
amd64/config.common.amd64:CONFIG_VIRTIO_NET=y
arm64/config.common.arm64:CONFIG_VIRTIO_BLK=y
arm64/config.common.arm64:CONFIG_VIRTIO_NET=y
armhf/config.common.armhf:CONFIG_VIRTIO_BLK=y
armhf/config.common.armhf:CONFIG_VIRTIO_NET=y
i386/config.common.i386:CONFIG_VIRTIO_BLK=y
i386/config.common.i386:CONFIG_VIRTIO_NET=y
powerpc/config.common.powerpc:CONFIG_VIRTIO_BLK=y
powerpc/config.common.powerpc:CONFIG_VIRTIO_NET=y
ppc64el/config.common.ppc64el:CONFIG_VIRTIO_BLK=y
ppc64el/config.common.ppc64el:CONFIG_VIRTIO_NET=y

but...
s390x/config.common.s390x:CONFIG_VIRTIO_BLK=m
s390x/config.common.s390x:CONFIG_VIRTIO_NET=m

It would make sense to set CONFIG_VIRTIO_BLK and _NET to "=y" on s390x.

Also:

amd64/config.common.amd64:CONFIG_KVM=m
arm64/config.common.arm64:CONFIG_KVM=y
armhf/config.common.armhf:CONFIG_KVM=y
i386/config.common.i386:CONFIG_KVM=m
powerpc/config.common.powerpc:CONFIG_KVM=y
ppc64el/config.common.ppc64el:CONFIG_KVM=y
s390x/config.common.s390x:CONFIG_KVM=m

Is a bit of mixed bag... x86+s390x have it as a module, yet arm*+powerpc* have it built in? Maybe all arches should be =y ?

another one:
Is there something special about ZLIB_DEFLATE on s390x?

amd64/config.common.amd64:CONFIG_ZLIB_DEFLATE=y
arm64/config.common.arm64:CONFIG_ZLIB_DEFLATE=y
armhf/config.common.armhf:CONFIG_ZLIB_DEFLATE=y
i386/config.common.i386:CONFIG_ZLIB_DEFLATE=y
powerpc/config.common.powerpc:CONFIG_ZLIB_DEFLATE=y
ppc64el/config.common.ppc64el:CONFIG_ZLIB_DEFLATE=y

s390x/config.common.s390x:CONFIG_ZLIB_DEFLATE=m

CVE References

Andy Whitcroft (apw) on 2016-01-11
Changed in linux (Ubuntu):
status: New → Confirmed
Tim Gardner (timg-tpi) wrote :

I'm not sure why CONFIG_ZLIB_DEFLATE is forced to =m for s390. Regardless, the whole lib directory is referenced in debian.master/control.d/generic.inclusion-list which gets zlib_deflate.ko into the linux-image-generic-*.deb package.

Changed in linux (Ubuntu Xenial):
assignee: nobody → Tim Gardner (timg-tpi)
status: Confirmed → Fix Committed
Dimitri John Ledkov (xnox) wrote :

I can confirm the proposed image works great for VIRTIO_BLK/_NET stuff. Thank you.

Changed in linux (Ubuntu Xenial):
importance: Undecided → Medium
Dimitri John Ledkov (xnox) wrote :

I'm partially happy about this bug report now:

s390x/config.common.s390x:CONFIG_KVM=m

Is still a module rather than built-in on s390x. Unlike x86 there is only one implementation and it should be loaded by default. The trouble is, that it doesn't get autoloaded (and/or when libvirt-bin service tries to load it, it gets permission denied).

Please set CONFIG_KVM=y, as without that libvirt does not just work(tm)

Tim Gardner (timg-tpi) wrote :

Done. "UBUNTU: [Config] CONFIG_KVM=y for s390x"

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 4.3.0-6.17

---------------
linux (4.3.0-6.17) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1532958

  [ Eric Dumazet ]

  * SAUCE: (noup) net: fix IP early demux races
    - LP: #1526946

  [ Guilherme G. Piccoli ]

  * SAUCE: powerpc/eeh: Validate arch in eeh_add_device_early()
    - LP: #1486180

  [ Hui Wang ]

  * [Config] CONFIG_I2C_DESIGNWARE_BAYTRAIL=y, CONFIG_IOSF_MBI=y
    - LP: #1527096

  [ Jann Horn ]

  * ptrace: being capable wrt a process requires mapped uids/gids
    - LP: #1527374

  [ Serge Hallyn ]

  * SAUCE: add a sysctl to disable unprivileged user namespace unsharing

  [ Tim Gardner ]

  * [Config] CONFIG_ZONE_DEVICE=y for amd64
  * [Config] CONFIG_VIRTIO_BLK=y, CONFIG_VIRTIO_NET=y for s390
    - LP: #1532886

  [ Upstream Kernel Changes ]

  * rhashtable: Fix walker list corruption
    - LP: #1526811
  * rhashtable: Kill harmless RCU warning in rhashtable_walk_init
    - LP: #1526811
  * ovl: fix permission checking for setattr
    - LP: #1528904
    - CVE-2015-8660

 -- Tim Gardner <email address hidden> Thu, 17 Dec 2015 05:34:47 -0700

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers