[UBUNTU] qdio: clear intparm during shutdown

Bug #1828394 reported by bugproxy on 2019-05-09
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Canonical Kernel Team
linux (Ubuntu)
Skipper Bug Screeners

Bug Description

SRU Justification:


* Crash in qeth_irq() with "Unable to handle kernel pointer dereference in virtual kernel address space"


* 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear intparm during shutdown"

[Test Case]

* Offline an OSA CHPID with multiple active qeth interfaces.

[Regression Potential]

* The regression potential can be considered as very low since it only affects the s390x platform

* and there it only affects the (ccW) qeth (OSA) network devices

* and again this happens if the CHPID is offlined, which usually doesn't happen during regular operation.

[Other Info]

* The patch was upstream accepted with kernel 4.17, hence it's already part of cosmic, disco and eoan and proven there to work.

* It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.

Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
               dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
               by qeth - but doesn't reset the interrupt parameter on the
               device. If qdio_shutdown() failed to terminate its
               long-running IO on the ccw_device, qeth will subsequently
               do so. In this case the IRQ for the IO completion is
               presented to qeth_irq() with the _old_ interrupt parameter,
               which gets mis-interpreted as a valid qeth_cmd_buffer
               pointer. Dereferencing this bogus pointer in
               qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
               its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.

Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa

Reported: Ubuntu 18.04

bugproxy (bugproxy) on 2019-05-09
tags: added: architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Changed in ubuntu-z-systems:
status: New → Triaged
importance: Undecided → High

------- Comment From <email address hidden> 2019-05-09 07:46 EDT-------
Problem was detected on 16.04.5 but is the same kernel like 18.04.
Can a test kernel be provided for our test. That would be great......
Many thx in advance

Changed in ubuntu-z-systems:
assignee: nobody → Canonical Kernel Team (canonical-kernel-team)
description: updated
description: updated
Frank Heimes (frank-heimes) wrote :
Changed in ubuntu-z-systems:
status: Triaged → In Progress
Changed in linux (Ubuntu):
status: New → Fix Released
Changed in linux (Ubuntu Bionic):
status: New → In Progress
Changed in linux (Ubuntu Bionic):
status: In Progress → Fix Committed
Changed in ubuntu-z-systems:
status: In Progress → Fix Committed
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-05-14 03:26 EDT-------
Canonical: Can someone provide the info where to download the test-kernel for our testing..

Frank Heimes (frank-heimes) wrote :

There is no test kernel available, yet, but a kernel will be made available for verification purposes via the proposed archive pocket as part of the kernel SRU process.
The patch/commit was already accepted:
and applied to the bionic-next tree.
One of the next steps is now to create that new kernel version and make it available via proposed.
Once available an (automated) comment will be added to this ticket and you will be asked for verification. This may take some days - see 'Kernel prep' here: https://kernel.ubuntu.com/

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-bionic
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-05-17 06:04 EDT-------
ok, we gone test the fix.

bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-05-21 08:32 EDT-------
fix works as expected

verified on bionic with kernel:

# apt show linux-image-4.15.0-51-generic
Package: linux-image-4.15.0-51-generic
Version: 4.15.0-51.55
Priority: optional
Section: kernel
Source: linux
Origin: Ubuntu

# apt changelog linux-image-4.15.0-51-generic
linux (4.15.0-51.55) bionic; urgency=medium

* linux: 4.15.0-51.55 -proposed tracker (LP: #1829219)

* disable a.out support (LP: #1818552)
- [Config] Disable a.out support

* [UBUNTU] qdio: clear intparm during shutdown (LP: #1828394)
- s390/qdio: clear intparm during shutdown

Frank Heimes (frank-heimes) wrote :

@afox thx for the verification, adjusting tags based on your successful verification.

tags: added: verification-done verification-done-bionic
removed: verification-needed-bionic
Launchpad Janitor (janitor) wrote :
Download full text (3.8 KiB)

This bug was fixed in the package linux - 4.15.0-51.55

linux (4.15.0-51.55) bionic; urgency=medium

  * linux: 4.15.0-51.55 -proposed tracker (LP: #1829219)

  * disable a.out support (LP: #1818552)
    - [Config] Disable a.out support

  * [UBUNTU] qdio: clear intparm during shutdown (LP: #1828394)
    - s390/qdio: clear intparm during shutdown

  * ftrace in ubuntu_kernel_selftests hang with Cosmic kernel (LP: #1826385)
    - kprobes/x86: Fix instruction patching corruption when copying more than one
      RIP-relative instruction

  * touchpad not working on lenovo yoga 530 (LP: #1787775)
    - Revert "UBUNTU: SAUCE: i2c:amd Depends on ACPI"
    - Revert "UBUNTU: SAUCE: i2c:amd move out pointer in union i2c_event_base"
    - Revert "UBUNTU: SAUCE: i2c:amd I2C Driver based on PCI Interface for
      upcoming platform"
    - i2c: add helpers to ease DMA handling
    - i2c: add a message flag for DMA safe buffers
    - i2c: add extra check to safe DMA buffer helper
    - i2c: Add drivers for the AMD PCIe MP2 I2C controller
    - [Config] Update config for AMD MP2 I2C driver
    - [Config] Update I2C_AMD_MP2 annotations

  * tm-unavailable in powerpc/tm failed on Bionic Power9 (LP: #1813129)
    - selftests/powerpc: Check for pthread errors in tm-unavailable
    - selftests/powerpc: Skip tm-unavailable if TM is not enabled

  * cp_abort in powerpc/context_switch from ubunut_kernel_selftests failed on
    Bionic P9 (LP: #1813134)
    - selftests/powerpc: Remove redundant cp_abort test

  * bionic/linux: completely remove snapdragon files from sources (LP: #1827880)
    - [Packaging] remove snapdragon dead files
    - [Config] update configs after snapdragon removal

  * The noise keeps occurring when Headset is plugged in on a Dell machine
    (LP: #1827972)
    - ALSA: hda/realtek - Fixed Dell AIO speaker noise

  * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232)
    - geneve: correctly handle ipv6.disable module parameter

  * There are 4 HDMI/Displayport audio output listed in sound setting without
    attach any HDMI/DP monitor (LP: #1827967)
    - ALSA: hda/hdmi - Read the pin sense from register when repolling
    - ALSA: hda/hdmi - Consider eld_valid when reporting jack event

  * Headphone jack switch sense is inverted: plugging in headphones disables
    headphone output (LP: #1824259)
    - ASoC: rt5645: Headphone Jack sense inverts on the LattePanda board

  * CTAUTO:DevOps:860.50:devops4fp1:Error occurred during LINUX Dmesg error
    Checking for all LINUX clients for devops4p10 (LP: #1766201)
    - SAUCE: integrity: downgrade error to warning

  * Screen freeze after resume from S3 when HDMI monitor plugged on Dell
    Precision 7740 (LP: #1825958)
    - PCI: Restore resized BAR state on resume

  * potential memory corruption on arm64 on dev release (LP: #1827437)
    - driver core: Postpone DMA tear-down until after devres release

  * powerpc/pmu/ebb test in ubuntu_kernel_selftest failed with "error while
    loading shared libraries" on Bionic/Cosmic PowerPC (LP: #1812805)
    - selftests/powerpc/pmu: Link ebb tests with -no-pie

  * unnecessary request_queue freeze (LP: #1815733)
    - block: av...


Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Changed in ubuntu-z-systems:
status: Fix Committed → Fix Released
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2019-06-11 06:37 EDT-------
IBM Bugzilla status -> closed, Fix Released for requested distro

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers