Activity log for bug #1869229

Date Who What changed Old value New value Message
2020-03-26 15:55:15 Heitor Alves de Siqueira bug added bug
2020-03-26 15:55:21 Heitor Alves de Siqueira linux (Ubuntu): assignee Heitor Alves de Siqueira (halves)
2020-03-26 15:55:32 Heitor Alves de Siqueira nominated for series Ubuntu Xenial
2020-03-26 15:55:32 Heitor Alves de Siqueira bug task added linux (Ubuntu Xenial)
2020-03-26 15:55:42 Heitor Alves de Siqueira linux (Ubuntu): status New Fix Released
2020-03-26 17:34:17 Heitor Alves de Siqueira linux (Ubuntu Xenial): status New Confirmed
2020-03-26 17:34:20 Heitor Alves de Siqueira linux (Ubuntu Xenial): assignee Heitor Alves de Siqueira (halves)
2020-03-26 18:17:57 Heitor Alves de Siqueira description [Impact] When mounting LVM snapshots using xfs, it's possible to hit a BUG_ON() in nvme driver. Upstream commit 729204ef49ec ("block: relax check on sg gap") introduced a way to merge bios if they are physically contiguous. This can lead to issues if one rq starts with a non-aligned buffer, as it can cause the merged segment to end in an unaligned virtual boundary. In some AWS instances, it's possible to craft such a request when attempting to mount LVM snapshots using xfs. This will then cause a kernel spew due to a BUG_ON in nvme_setup_prps(), which checks if dma_len is aligned to the page size. [Fix] Upstream commit 5a8d75a1b8c9 ("block: fix bio_will_gap() for first bvec with offset") disallows requests that begin with an unaligned buffer from being merged. [Test Case] This has been verified on AWS with c5d.large instances: 1) Prepare the LVM device + snapshot $ sudo vgcreate vg0 /dev/nvme1n1 $ sudo lvcreate -L5G -n data0 vg0 $ sudo mkfs.xfs /dev/vg0/data0 $ sudo mount /dev/vg0/data0 /mnt $ sudo touch /mnt/test $ sudo touch /mnt/test2 $ sudo ls /mnt $ sudo umount /mnt $ sudo lvcreate -l100%FREE -s /dev/vg0/data0 -n data0_snap 2) Attempting to mount the previously created snapshot results in the Oops: $ sudo mount /dev/vg0/data0_snap /mnt Segmentation fault (core dumped) [Regression Potential] The fix prevents some bios from being merged, so it can have a performance impact in certain scenarios. The patch only targets misaligned segments, so the impact should be less noticeable in the general case. The commit is also present in mainline kernels since 4.13, and hasn't been changed significantly, so potential for other regressions should be low. [Impact] When mounting LVM snapshots using xfs, it's possible to hit a BUG_ON() in nvme driver. Upstream commit 729204ef49ec ("block: relax check on sg gap") introduced a way to merge bios if they are physically contiguous. This can lead to issues if one rq starts with a non-aligned buffer, as it can cause the merged segment to end in an unaligned virtual boundary. In some AWS instances, it's possible to craft such a request when attempting to mount LVM snapshots using xfs. This will then cause a kernel spew due to a BUG_ON in nvme_setup_prps(), which checks if dma_len is aligned to the page size. [Fix] Upstream commit 5a8d75a1b8c9 ("block: fix bio_will_gap() for first bvec with offset") prevents requests that begin with an unaligned buffer from being merged. [Test Case] This has been verified on AWS with c5d.large instances: 1) Prepare the LVM device + snapshot $ sudo vgcreate vg0 /dev/nvme1n1 $ sudo lvcreate -L5G -n data0 vg0 $ sudo mkfs.xfs /dev/vg0/data0 $ sudo mount /dev/vg0/data0 /mnt $ sudo touch /mnt/test $ sudo touch /mnt/test2 $ sudo ls /mnt $ sudo umount /mnt $ sudo lvcreate -l100%FREE -s /dev/vg0/data0 -n data0_snap 2) Attempting to mount the previously created snapshot results in the Oops: $ sudo mount /dev/vg0/data0_snap /mnt Segmentation fault (core dumped) [Regression Potential] The fix prevents some bios from being merged, so it can have a performance impact in certain scenarios. The patch only targets misaligned segments, so the impact should be less noticeable in the general case. The commit is also present in mainline kernels since 4.13, and hasn't been changed significantly, so potential for other regressions should be low.
2020-03-26 20:32:32 Matthew Ruffell bug added subscriber Matthew Ruffell
2020-04-01 20:47:38 Kelsey Steele linux (Ubuntu Xenial): status Confirmed Fix Committed
2020-04-07 12:17:10 Ubuntu Kernel Bot tags sts sts verification-needed-xenial
2020-04-08 03:21:51 Matthew Ruffell tags sts verification-needed-xenial sts verification-done-xenial
2020-04-23 14:02:15 Philippe Torche bug added subscriber Philippe Torche
2020-04-28 21:57:20 Launchpad Janitor linux (Ubuntu Xenial): status Fix Committed Fix Released
2020-04-28 21:57:20 Launchpad Janitor cve linked 2019-19768