2021-02-06 21:56:34 |
Nathan Chancellor |
bug |
|
|
added bug |
2021-02-08 22:30:06 |
Bryce Harrington |
description |
Commit 5d971f9e67 ("memory: Revert "memory: accept mismatching sizes in memory_region_access_valid"") was cherry-picked to deal with CVE-2020-13754 but the follow up fix in commit ab3d207fe8 ("riscv: sifive_test: Allow 16-bit writes to memory region") was not, resulting in the bug described in the commit message in 1:4.2-3ubuntu6.11: https://github.com/nathanchance/continuous-integration2/runs/1834110909
Please consider adding ab3d207fe8 to the next release so that there is no more regression. |
Commit 5d971f9e67 ("memory: Revert "memory: accept mismatching sizes in memory_region_access_valid"") was cherry-picked to deal with CVE-2020-13754 but the follow up fix in commit ab3d207fe8 ("riscv: sifive_test: Allow 16-bit writes to memory region") was not, resulting in the bug described in the commit message in 1:4.2-3ubuntu6.11: https://github.com/nathanchance/continuous-integration2/runs/1834110909
Please consider adding ab3d207fe8 to the next release so that there is no more regression.
[Changelog]
qemu (1:4.2-3ubuntu6.11) focal; urgency=medium
* d/p/ubuntu/lp-1907656-s390x-s390-virtio-ccw-Reset-PCI-devices-during-subsy:
avoid PCI devices to become unavailable on reset (LP: #1907656)
...
qemu (1:4.2-3ubuntu6.4) focal-security; urgency=medium
...
* SECURITY UPDATE: out-of-bounds access via msi-x mmio operation
- debian/patches/ubuntu/CVE-2020-13754-1.patch: revert accepting
mismatching sizes in memory_region_access_valid in memory.c.
- debian/patches/ubuntu/CVE-2020-13754-2.patch: accept byte and word
access to core ACPI registers in hw/acpi/core.c.
- CVE-2020-13754
[CI Log]
Requesting system poweroff
[ 4.312781] reboot: Power down
sbi_trap_error: hart0: trap handler failed (error -2)
sbi_trap_error: hart0: mcause=0x0000000000000007 mtval=0x0000000000100000
sbi_trap_error: hart0: mepc=0x000000008000d4b0 mstatus=0x0000000000001822
sbi_trap_error: hart0: ra=0x00000000800098de sp=0x0000000080015c78
...
Traceback (most recent call last):
File "./check_logs.py", line 106, in <module>
boot_test(build)
File "./check_logs.py", line 94, in boot_test
run_boot()
File "./check_logs.py", line 82, in run_boot
raise e
File "./check_logs.py", line 78, in run_boot
subprocess.run(boot_qemu, check=True)
File "/usr/lib/python3.8/subprocess.py", line 512, in run
raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['./boot-utils/boot-qemu.sh', '-a', 'riscv', '-k', '/home/runner/work/continuous-integration2/continuous-integration2/Image']' returned non-zero exit status 124.
Error: Process completed with exit code 1. |
|
2021-02-08 22:33:08 |
Bryce Harrington |
attachment added |
|
Patch mentioned in bug report https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1914883/+attachment/5461442/+files/5c49f7ee3b98316850de6a33952a4ac47701c118.patch |
|
2021-02-08 22:33:17 |
Bryce Harrington |
nominated for series |
|
Ubuntu Focal |
|
2021-02-08 22:33:17 |
Bryce Harrington |
bug task added |
|
qemu (Ubuntu Focal) |
|
2021-02-08 22:33:31 |
Bryce Harrington |
qemu (Ubuntu Focal): status |
New |
Triaged |
|
2021-02-08 22:34:27 |
Bryce Harrington |
tags |
|
server-next |
|
2021-02-08 22:34:37 |
Bryce Harrington |
qemu (Ubuntu Focal): importance |
Undecided |
High |
|
2021-02-08 22:35:49 |
Bryce Harrington |
summary |
Please cherry-pick ab3d207fe89bc0c63739db19e177af49179aa457 into Focal package |
hart0: trap handler failed (error -2) (Needs cherry-pick ab3d207f) |
|
2021-02-09 00:31:15 |
Ubuntu Foundations Team Bug Bot |
tags |
server-next |
patch server-next |
|
2021-02-09 11:31:46 |
Christian Ehrhardt |
qemu (Ubuntu Focal): assignee |
|
Marc Deslauriers (mdeslaur) |
|
2021-02-09 11:31:51 |
Christian Ehrhardt |
bug |
|
|
added subscriber Marc Deslauriers |
2021-02-09 11:31:54 |
Christian Ehrhardt |
cve linked |
|
2020-13754 |
|
2021-02-09 11:36:22 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
2021-02-09 13:20:55 |
Christian Ehrhardt |
bug |
|
|
added subscriber Christian Ehrhardt |
2021-02-09 20:03:34 |
Nathan Chancellor |
attachment added |
|
Image https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1914883/+attachment/5462006/+files/Image |
|
2021-02-09 20:04:20 |
Nathan Chancellor |
attachment added |
|
rootfs.cpio https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1914883/+attachment/5462013/+files/rootfs.cpio |
|
2021-02-22 15:53:04 |
Launchpad Janitor |
qemu (Ubuntu): status |
New |
Fix Released |
|
2021-02-22 15:53:09 |
Launchpad Janitor |
qemu (Ubuntu): status |
New |
Fix Released |
|
2021-02-22 16:03:16 |
Launchpad Janitor |
qemu (Ubuntu Focal): status |
Triaged |
Fix Released |
|