Backport patch to abort syscalls in active transactions

Bug #1572624 reported by bugproxy on 2016-04-20
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Canonical Kernel Team
Trusty
Undecided
Tim Gardner
Vivid
Undecided
Tim Gardner
Wily
Undecided
Unassigned
Xenial
Undecided
Unassigned
Yakkety
Medium
Canonical Kernel Team

Bug Description

== Comment: #0 - Tulio Magno Quites Machado Filho - 2016-02-23 12:47:09 ==
---Problem Description---
This is happening on Ubuntu 14.04.3.
User is creating stack structure using C++ transactional memory extension:

    int Pop(int)
    {
        int ret = 0;
        __transaction_atomic
        {
                if(!stack_.empty())
                {
                        ret = stack_.top();
                        stack_.pop();
                } else
                        ret = -1;
        }
        return ret;
    }

While evaluating if(!stack_.empty()), this code calls a libitm function (GCC code), which calls malloc (glibc code) which ends up calling futex (a syscall).
A syscall inside a transaction is forbidden by the kernel, but there is nothing the user can do to avoid this syscall.

This will hang the user application inside the malloc(), which would be waiting for the futex to return.

Ubuntu 14.04 provides glibc 2.19, which is too old to know about HTM.
And this is probably happening with other libraries as well.

Backporting commit b4b56f9e would solve this issue.

---uname output---
Linux 3.13.0-66-generic #108-Ubuntu SMP Wed Oct 7 16:06:09 UTC 2015 ppc64le ppc64le ppc64le GNU/Linux

---Steps to Reproduce---
 Start a transaction, make a syscall.

== Comment: #1 - Wei Guo - 2016-02-24 02:33:03 ==
I already verfied that kernel with patch b4b56f9e (on Ubuntu14.04) will work.

== Comment: #2 - Wei Guo - 2016-02-26 04:20:37 ==
Backport patch for commit b4b56f9e is attached. The patch is based on tag Ubuntu-lts-3.19.0-25.26_14.04.1.

Tested based on Ubuntu 14.04.4 LTS ( 3.19.0-25-generic).

Default Comment by Bridge

tags: added: architecture-ppc64le bugnameltc-137710 severity-medium targetmilestone-inin14044
Changed in ubuntu:
assignee: nobody → Taco Screen team (taco-screen-team)
Kevin W. Rudd (kevinr) on 2016-04-20
affects: ubuntu → linux (Ubuntu)
Changed in linux (Ubuntu):
assignee: Taco Screen team (taco-screen-team) → Canonical Kernel Team (canonical-kernel-team)
importance: Undecided → Medium
status: New → Triaged

------- Comment on attachment From <email address hidden> 2016-05-07 22:43 EDT-------

Just add more commit logs for sake of maintenance.

Tim Gardner (timg-tpi) on 2016-05-08
Changed in linux (Ubuntu Wily):
status: New → Fix Released
Changed in linux (Ubuntu Xenial):
status: New → Fix Released
Changed in linux (Ubuntu Yakkety):
status: Triaged → Fix Released
Changed in linux (Ubuntu Vivid):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → In Progress
Changed in linux (Ubuntu Vivid):
status: In Progress → Fix Committed
Kamal Mostafa (kamalmostafa) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-vivid

------- Comment From <email address hidden> 2016-05-19 16:40 EDT-------
(In reply to comment #7)
> This bug is awaiting verification that the kernel in -proposed solves the
> problem. Please test the kernel and update this bug with the results. If the
> problem is solved, change the tag 'verification-needed-vivid' to
> 'verification-done-vivid'.

vivid?
This bug has been reported to trusty.

Could you clarify if there is really a fix for trusty, please?

bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2016-05-19 22:38 EDT-------
(In reply to comment #7)
> This bug is awaiting verification that the kernel in -proposed solves the
> problem. Please test the kernel and update this bug with the results. If the
> problem is solved, change the tag 'verification-needed-vivid' to
> 'verification-done-vivid'.
>
> If verification is not done by 5 working days from today, this fix will be
> dropped from the source code, and this bug will be closed.
>
> See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
> enable and use -proposed. Thank you!

We ever tested on Ubuntu 15.04 and there was no hung issue here.
The issue was opened for Ubuntu 14 Trusty.
- Simon

Tim Gardner (timg-tpi) wrote :

Marking Vivid verification-done since it is close to EOL and is no longer relevant for this platform.

tags: added: verification-done-vivid
removed: verification-needed-vivid
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2016-06-01 15:29 EDT-------
(Updating/adding additional comment Per discussion during a Hot Bugs call..)

We would like to SRU this one into Trusty.

This is a HTM (Hardware Transactional Memory) related fix.
The combination of Glibc/Kernel in Trusty does not properly terminate a transaction when a syscall is made.

Tim Gardner (timg-tpi) wrote :

You're going to have to provide a different backport for Trusty (14.04). The toolchain won't compile the patch, and I don't know enough Power assembler to fix it.

Changed in linux (Ubuntu Trusty):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → Won't Fix

Default Comment by Bridge

Tim Gardner (timg-tpi) wrote :

This patch does not work for a 3.13 kernel.

ubuntu-trusty/arch/powerpc/include/asm/tm.h: Assembler messages:
ubuntu-trusty/arch/powerpc/include/asm/tm.h:11: Error: unrecognized opcode: `extern'

------- Comment From <email address hidden> 2016-06-09 16:53 EDT-------
Tim,

I suspect you're using the first version of the patch.
The last version is available in comment #2 and is called 0001-powerpc-tm-backport-b4b56f-to-Abort-syscalls-in-acti.patch

> This patch does not work for a 3.13 kernel.
>
> ubuntu-trusty/arch/powerpc/include/asm/tm.h: Assembler messages:
> ubuntu-trusty/arch/powerpc/include/asm/tm.h:11: Error: unrecognized opcode:
> `extern'

It seems that CONFIG_PPC_TRANSACTIONAL_MEM started to be defined.
Could you provide more context on this error message, please?

Wei, any suggestions how to proceed with this?

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.19.0-61.69

---------------
linux (3.19.0-61.69) vivid; urgency=low

  [ Kamal Mostafa ]

  * CVE-2016-1583 (LP: #1588871)
    - ecryptfs: fix handling of directory opening
    - SAUCE: proc: prevent stacking filesystems on top
    - SAUCE: ecryptfs: forbid opening files without mmap handler
    - SAUCE: sched: panic on corrupted stack end

 -- Andy Whitcroft <email address hidden> Wed, 08 Jun 2016 22:25:58 +0100

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released
bugproxy (bugproxy) on 2016-06-09
tags: removed: bugnameltc-137710 severity-medium verification-done-vivid
Tim Gardner (timg-tpi) wrote :

git://kernel.ubuntu.com/rtg/ubuntu-trusty.git lp1572624

Tim Gardner (timg-tpi) wrote :
Changed in linux (Ubuntu Trusty):
status: Won't Fix → In Progress
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2016-06-12 23:14 EDT-------
(In reply to comment #13)
> Default Comment by Bridge
>
> This patch does not work for a 3.13 kernel.
>
> ubuntu-trusty/arch/powerpc/include/asm/tm.h: Assembler messages:
> ubuntu-trusty/arch/powerpc/include/asm/tm.h:11: Error: unrecognized opcode:
> `extern'

(In reply to comment #14)
> Tim,
>
> I suspect you're using the first version of the patch.
> The last version is available in comment #2 and is called
> 0001-powerpc-tm-backport-b4b56f-to-Abort-syscalls-in-acti.patch
>
> > This patch does not work for a 3.13 kernel.
> >
> > ubuntu-trusty/arch/powerpc/include/asm/tm.h: Assembler messages:
> > ubuntu-trusty/arch/powerpc/include/asm/tm.h:11: Error: unrecognized opcode:
> > `extern'
>
> It seems that CONFIG_PPC_TRANSACTIONAL_MEM started to be defined.
> Could you provide more context on this error message, please?
>
> Wei, any suggestions how to proceed with this?

The error was fixed by following line(commit e4e38121):
#include <uapi/asm/tm.h>
+#ifndef __ASSEMBLY__
+
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
extern void do_load_up_transact_fpu(struct thread_struct *thread);

Since the tm.h can be included by an assembly and GAS will fail to parse the C specific identifier like "extern".

I doubt why we need to compile against 3.13 since Ubuntu14.04.3 is already with kernel 3.19 ( and 3.19 includes e4e38121).

I guess we are OK now per comment 15# (compile against 3.19). But please let me know if I have some misunderstanding.

tags: added: bugnameltc-137710 severity-medium verification-done-vivid
Changed in linux (Ubuntu Trusty):
status: In Progress → Fix Committed
Kamal Mostafa (kamalmostafa) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-trusty
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2016-07-01 17:02 EDT-------
I can't reproduce the issue on 3.13.0-92-generic.

Thank you!

tags: added: verification-done-trusty
removed: verification-needed-trusty
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-92.139

---------------
linux (3.13.0-92.139) trusty; urgency=low

  [ Kamal Mostafa ]

  * Release Tracking Bug
    - LP: #1597060

  [ Josh Boyer ]

  * SAUCE: UEFI: acpi: Ignore acpi_rsdp kernel parameter when module
    loading is restricted
    - LP: #1566221
  * SAUCE: UEFI: efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
    - LP: #1566221
  * SAUCE: UEFI MODSIGN: Import certificates from UEFI Secure Boot
    - LP: #1566221, #1571691
  * SAUCE: UEFI: efi: Disable secure boot if shim is in insecure mode
    - LP: #1566221, #1571691

  [ Matthew Garrett ]

  * SAUCE: UEFI: Add secure_modules() call
    - LP: #1566221
  * SAUCE: UEFI: PCI: Lock down BAR access when module security is enabled
    - LP: #1566221
  * SAUCE: UEFI: x86: Lock down IO port access when module security is
    enabled
    - LP: #1566221
  * SAUCE: UEFI: ACPI: Limit access to custom_method
    - LP: #1566221
  * SAUCE: UEFI: asus-wmi: Restrict debugfs interface when module loading
    is restricted
    - LP: #1566221
  * SAUCE: UEFI: Restrict /dev/mem and /dev/kmem when module loading is
    restricted
    - LP: #1566221
  * SAUCE: UEFI: kexec: Disable at runtime if the kernel enforces module
    loading restrictions
    - LP: #1566221
  * SAUCE: UEFI: x86: Restrict MSR access when module loading is restricted
    - LP: #1566221
  * SAUCE: UEFI: Add option to automatically enforce module signatures when
    in Secure Boot mode
    - LP: #1566221

  [ Stefan Bader ]

  * [Config] Add pm80xx scsi driver to d-i
    - LP: #1595628

  [ Tim Gardner ]

  * [Config] CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE=y
  * SAUCE: UEFI: Display MOKSBState when disabled
    - LP: #1566221, #1571691
  * SAUCE: UEFI: Add secure boot and MOK SB State disabled sysctl
    - LP: #1593075
  * SAUCE: UEFI: Set EFI_SECURE_BOOT bit in x86_efi_facility
    - LP: #1593075
  * [Config] CONFIG_EFI=n for arm64
    - LP: #1566221

  [ Upstream Kernel Changes ]

  * powerpc/tm: Abort syscalls in active transactions
    - LP: #1572624
  * HID: core: prevent out-of-bound readings
    - LP: #1579190
  * efi: Add separate 32-bit/64-bit definitions
    - LP: #1566221
  * x86/efi: Build our own EFI services pointer table
    - LP: #1566221
  * mm: migrate dirty page without clear_page_dirty_for_io etc
    - LP: #1581865
    - CVE-2016-3070
  * oom_kill: change oom_kill.c to use for_each_thread()
    - LP: #1592429
  * oom_kill: has_intersects_mems_allowed() needs rcu_read_lock()
    - LP: #1592429
  * oom_kill: add rcu_read_lock() into find_lock_task_mm()
    - LP: #1592429
  * virtio_balloon: return the amount of freed memory from leak_balloon()
    - LP: #1587089
  * virtio_balloon: free some memory from balloon on OOM
    - LP: #1587089
  * virtio_ballon: change stub of release_pages_by_pfn
    - LP: #1587089
  * virtio_balloon: do not change memory amount visible via /proc/meminfo
    - LP: #1587089

 -- Kamal Mostafa <email address hidden> Tue, 28 Jun 2016 12:40:49 -0700

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
bugproxy (bugproxy) on 2016-08-26
tags: removed: verification-done-trusty verification-done-vivid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers