| 2018-09-04 14:29:17 |
bugproxy |
bug |
|
|
added bug |
| 2018-09-04 16:24:40 |
Ubuntu Foundations Team Bug Bot |
tags |
|
bot-comment |
|
| 2018-09-05 08:25:29 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
| 2018-09-05 08:25:51 |
Frank Heimes |
ubuntu: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
| 2018-09-05 08:26:01 |
Frank Heimes |
affects |
ubuntu |
linux (Ubuntu) |
|
| 2018-09-05 08:26:01 |
Frank Heimes |
linux (Ubuntu): assignee |
Skipper Bug Screeners (skipper-screen-team) |
|
|
| 2018-09-05 08:26:12 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Triaged |
|
| 2018-09-05 08:26:36 |
Frank Heimes |
ubuntu-z-systems: importance |
Undecided |
High |
|
| 2018-09-05 08:27:04 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
Canonical Kernel Team (canonical-kernel-team) |
|
| 2018-09-05 10:58:13 |
Dimitri John Ledkov |
nominated for series |
|
Ubuntu Bionic |
|
| 2018-09-05 10:58:13 |
Dimitri John Ledkov |
bug task added |
|
linux (Ubuntu Bionic) |
|
| 2018-09-05 10:59:40 |
Dimitri John Ledkov |
linux (Ubuntu): status |
New |
Fix Committed |
|
| 2018-09-05 11:13:53 |
Frank Heimes |
description |
s390/pci: fix out of bounds access during irq setup
During interrupt setup we allocate interrupt vectors, walk the list of msi
descriptors, and fill in the message data. Requesting more interrupts than
supported on s390 can lead to an out of bounds access.
When we restrict the number of interrupts we should also stop walking the
msi list after all supported interrupts are handled.
Upstream-ID: 866f3576a72b2233a76dffb80290f8086dc49e17
kernel 4.19
Also to be applied to 18.10 |
== SRU Justification ==
IBM is requesting this commit (from 4.19) for s390: 866f3576a72b2233a76dffb80290f8086dc49e17
It fixes a problem with requesting more interrupts than supported on s390.
The issue can finally lead to an out of bounds access.
It needs to be applied to 18.04 and 16.04 (in addition to cosmic).
== Fix ==
commit 866f3576a72b2233a76dffb80290f8086dc49e17 upstream.
During interrupt setup we allocate interrupt vectors, walk the list of msi
descriptors, and fill in the message data. Requesting more interrupts than
supported on s390 can lead to an out of bounds access.
When we restrict the number of interrupts we should also stop walking the
msi list after all supported interrupts are handled.
== Regression Potential ==
Low. The modification is limited to the following two lines in s390/pci:
...
+ if (hwirq >= msi_vecs)
+ break;
...
https://lkml.org/lkml/2018/9/3/1125
== Test Case ==
A test case will be provided by IBM.
And the test and verification will also be done by IBM.
__________
Bug Description:
s390/pci: fix out of bounds access during irq setup
During interrupt setup we allocate interrupt vectors, walk the list of msi
descriptors, and fill in the message data. Requesting more interrupts than
supported on s390 can lead to an out of bounds access.
When we restrict the number of interrupts we should also stop walking the
msi list after all supported interrupts are handled.
Upstream-ID: 866f3576a72b2233a76dffb80290f8086dc49e17
kernel 4.19
Also to be applied to 18.10 |
|
| 2018-09-06 15:42:36 |
Joseph Salisbury |
marked as duplicate |
|
1790480 |
|
| 2018-10-17 11:39:44 |
bugproxy |
tags |
bot-comment |
architecture-s3903164 bot-comment bugnameltc-171073 severity-high targetmilestone-inin1804 |
|
| 2019-07-24 21:27:04 |
Brad Figg |
tags |
architecture-s3903164 bot-comment bugnameltc-171073 severity-high targetmilestone-inin1804 |
architecture-s3903164 bot-comment bugnameltc-171073 cscc severity-high targetmilestone-inin1804 |
|
