4.15.0-100.101 breaks userspace builds due to a bug in the headers /usr/include/linux/swab.h of linux-libc-dev
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Critical
|
Kleber Sacilotto de Souza |
Bug Description
[Impact]
The build of qemu and other userspace broke because of the following patch applied to bionic as part of one of the upstream stable updates:
commit 2385a55f64a65ba
Author: Yury Norov <email address hidden>
Date: Thu Jan 30 22:16:40 2020 -0800
uapi: rename ext2_swab() to swab() and share globally in swab.h
BugLink: https:/
[ Upstream commit d5767057c9a76a2
The affected header file is shipped by the linux-libc-dev package.
[Fix]
The fix has already been applied on mainline and the stable trees and can be cherry-picked to bionic/linux.
commit 467d12f5c784289
Author: Christian Borntraeger <email address hidden>
Date: Thu Feb 20 20:04:03 2020 -0800
include/
[Testcase]
Install linux-libc-dev and build qemu.
[Regression Potential]
Low. The fix is simple and has already landed on upstream stable, with no follow-up so far on mainline.
----
This started as a debug session why qemu no more builds in
https:/
The summary of the kernel bug discovered is:
$ diff -Naur swab.h.
--- swab.h.
+++ swab.h.
@@ -4,6 +4,7 @@
#include <linux/types.h>
+#include <asm/bitsperlong.h>
#include <asm/swab.h>
/*
@@ -132,6 +133,15 @@
#endif
+static __always_inline unsigned long __swab(const unsigned long y)
+{
+#if BITS_PER_LONG == 64
+ return __swab64(y);
+#else /* BITS_PER_LONG == 32 */
+ return __swab32(y);
+#endif
+}
+
/**
* __swahw32 - return a word-swapped 32-bit value
* @x: value to wordswap
That means the linux-libc-dev package being part of the proposed new 4.15 kernel in Bionic will break at least qemu and maybe others.
The problem is that it includes <asm/bitsperlong.h> which defines:
# define __BITS_PER_LONG 64
But then uses BITS_PER_LONG (missing the leading underscores).
Due to that it will in the qemu case use what qemu has defined and break.
But even worse in other cases maybe use the wrong swab function.
Broken by [1]
commit 2385a55f64a65ba
Author: Yury Norov <email address hidden>
Date: Thu Jan 30 22:16:40 2020 -0800
uapi: rename ext2_swab() to swab() and share globally in swab.h
Fixed by [2] (but missing in our proposed kernel)
commit 467d12f5c784289
Author: Christian Borntraeger <email address hidden>
Date: Thu Feb 20 20:04:03 2020 -0800
include/
This fix also is in 4.14 stable kernel as ffd115f2dca955c
That should be the closest for our kernel.
@Kernel - Please consider NOT to release 4.15.0-100.101 as-is, it needs this fix.
Getting this fixed effectively gates any qemu update in Bionic (and maybe other things as well).
CVE References
Changed in linux (Ubuntu Bionic): | |
status: | New → In Progress |
importance: | Undecided → Critical |
description: | updated |
description: | updated |
Assigned to klebers who seems to own it (per IRC discussion on this topic).
Please give me a ping here once a re-spin of this is in Bionic-proposed.