| 2019-05-09 11:29:21 |
bugproxy |
bug |
|
|
added bug |
| 2019-05-09 11:29:23 |
bugproxy |
tags |
|
architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041 |
|
| 2019-05-09 11:29:24 |
bugproxy |
ubuntu: assignee |
|
Skipper Bug Screeners (skipper-screen-team) |
|
| 2019-05-09 11:29:27 |
bugproxy |
affects |
ubuntu |
linux (Ubuntu) |
|
| 2019-05-09 11:42:54 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
| 2019-05-09 11:43:05 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Triaged |
|
| 2019-05-09 11:43:08 |
Frank Heimes |
ubuntu-z-systems: importance |
Undecided |
High |
|
| 2019-05-09 11:59:03 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
Canonical Kernel Team (canonical-kernel-team) |
|
| 2019-05-09 14:12:09 |
Frank Heimes |
description |
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04 |
SRU Justification:
[Impact]
* Crash in qeth_irq() with "Unable to handle kernel pointer dereference in virtual kernel address space"
[Fix]
* 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear intparm during shutdown"
[Test Case]
* Offline an OSA CHPID with multiple active qeth interfaces.
[Regression Potential]
* The regression potential can be considered as very low since it only affects the s390x platform
* and there it only affects the (ccW) qeth (OSA) network devices
* and again this happens if the CHPID is offlined, which usually doesn't happen during regular operation.
[Other Info]
* It is already included in kernel 4.17, hence it's already part of cosmic, disco and eoan and proven there to work.
* It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.
_________________________
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04 |
|
| 2019-05-09 14:13:33 |
Frank Heimes |
description |
SRU Justification:
[Impact]
* Crash in qeth_irq() with "Unable to handle kernel pointer dereference in virtual kernel address space"
[Fix]
* 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear intparm during shutdown"
[Test Case]
* Offline an OSA CHPID with multiple active qeth interfaces.
[Regression Potential]
* The regression potential can be considered as very low since it only affects the s390x platform
* and there it only affects the (ccW) qeth (OSA) network devices
* and again this happens if the CHPID is offlined, which usually doesn't happen during regular operation.
[Other Info]
* It is already included in kernel 4.17, hence it's already part of cosmic, disco and eoan and proven there to work.
* It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.
_________________________
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04 |
SRU Justification:
[Impact]
* Crash in qeth_irq() with "Unable to handle kernel pointer dereference in virtual kernel address space"
[Fix]
* 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear intparm during shutdown"
[Test Case]
* Offline an OSA CHPID with multiple active qeth interfaces.
[Regression Potential]
* The regression potential can be considered as very low since it only affects the s390x platform
* and there it only affects the (ccW) qeth (OSA) network devices
* and again this happens if the CHPID is offlined, which usually doesn't happen during regular operation.
[Other Info]
* The patch was upstream accepted with kernel 4.17, hence it's already part of cosmic, disco and eoan and proven there to work.
* It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.
_________________________
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04 |
|
| 2019-05-09 15:39:59 |
Frank Heimes |
ubuntu-z-systems: status |
Triaged |
In Progress |
|
| 2019-05-13 13:50:42 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Bionic |
|
| 2019-05-13 13:50:42 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Bionic) |
|
| 2019-05-13 13:50:48 |
Kleber Sacilotto de Souza |
linux (Ubuntu): status |
New |
Fix Released |
|
| 2019-05-13 13:50:52 |
Kleber Sacilotto de Souza |
linux (Ubuntu Bionic): status |
New |
In Progress |
|
| 2019-05-13 14:00:31 |
Kleber Sacilotto de Souza |
linux (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-05-13 14:59:34 |
Frank Heimes |
ubuntu-z-systems: status |
In Progress |
Fix Committed |
|
| 2019-05-16 15:03:28 |
Ubuntu Kernel Bot |
tags |
architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041 |
architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041 verification-needed-bionic |
|
| 2019-05-21 14:56:51 |
Frank Heimes |
tags |
architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041 verification-needed-bionic |
architecture-s39064 bugnameltc-177513 severity-high targetmilestone-inin18041 verification-done verification-done-bionic |
|
| 2019-06-04 09:18:16 |
Launchpad Janitor |
linux (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-06-04 09:45:55 |
Andrew Cloke |
ubuntu-z-systems: status |
Fix Committed |
Fix Released |
|
