[SRU] RISC-V: Incorrect time-base frequency in KVM

I've uploaded QEMU 9.0.2 to Oracular yesterday and it has this fix, so I'm marking its task as Fix Released.

@Heinrich, I'm preparing a batch of bugfixes for QEMU on Noble. I see you assigned this bug to yourself, but I'm going to reassign it to me just to reflect the fact that I'll be doing the upload.

Hi Heinrich,

Apologies for the delay; I'm preparing the SRU for Noble now. I've had to adjust the backported patch because of a build failure. Can you please double check it?

https://paste.debian.net/1330417/

The change affects only kvm_riscv_get_timebase_frequency. I wasn't entirely sure how to handle the case when env->kvm_timer_dirty is true, so I ignored it.

Hello Sergio,

Thank you for taking care of this change.

In Linux time_init() sets riscv_timebase during initialization of the host. The value is either based on the device-tree's property /cpus/timebase-frequency or on the ACPI table RHTC.

With the patch this value is copied to /cpus/timebase-frequency in the client device-tree.

env->kvm_timer_dirty is not related to the value of riscv_timebase in the host. This is why it is ignored in the patch.

The only code difference I see between https://paste.debian.net/1330417/ and https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2076927/+attachment/5805536/+files/0001-target-riscv-kvm-fix-timebase-frequency-when-using-K.patch seems to be the placement of this line:

uint64_t reg;

This line was move up 2 lines in the paste without functional change. Your paste looks correct.

On Wednesday, September 25 2024, Heinrich Schuchardt wrote:

> Hello Sergio,
>
> Thank you for taking care of this change.
>
> In Linux time_init() sets riscv_timebase during initialization of the
> host. The value is either based on the device-tree's property
> /cpus/timebase-frequency or on the ACPI table RHTC.
>
> With the patch this value is copied to /cpus/timebase-frequency in the
> client device-tree.
>
> env->kvm_timer_dirty is not related to the value of riscv_timebase in
> the host. This is why it is ignored in the patch.
>
>
> The only code difference I see between https://paste.debian.net/1330417/ and https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2076927/+attachment/5805536/+files/0001-target-riscv-kvm-fix-timebase-frequency-when-using-K.patch seems to be the placement of this line:
>
> uint64_t reg;
>
> This line was move up 2 lines in the paste without functional change.
> Your paste looks correct.

Thank you for confirming. I'm waiting for the build to finish in order
to run some tests, and will upload the package later today.

--
Sergio
GPG key ID: E92F D0B3 6B14 F1F4 D8E0 EB2F 106D A1C8 C3CB BF14

Hello Heinrich, or anyone else affected,

Accepted qemu into noble-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/qemu/1:8.2.2+ds-0ubuntu1.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-noble to verification-done-noble. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-noble. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

All autopkgtests for the newly accepted qemu (1:8.2.2+ds-0ubuntu1.3) for noble have finished running.
The following regressions have been reported in tests triggered by the package:

cryptsetup/2:2.7.0-1ubuntu4.1 (ppc64el)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/noble/update_excuses.html#qemu

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

This bug was fixed in the package qemu - 1:8.2.2+ds-0ubuntu1.4

---------------
qemu (1:8.2.2+ds-0ubuntu1.4) noble-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2024-4693-1.patch: virtio-pci: fix use of a
      released vector
    - debian/patches/CVE-2024-4693-2.patch: virtio-pci: Fix the use of
      an uninitialized irqfd
    - CVE-2024-4693
  * SECURITY UPDATE: heap buffer overflow
    - debian/patches/CVE-2024-7730.patch: add max size bounds check in
      input cb
    - CVE-2024-7730

 -- Bruce Cable <email address hidden> Tue, 22 Oct 2024 15:57:13 +1100