tcp_fastopen_backup_key.sh from net in ubuntu_kernel_selftests failed on Eoan LPAR
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-kernel-tests |
Fix Released
|
High
|
Colin Ian King | ||
linux (Ubuntu) |
Fix Released
|
High
|
Colin Ian King | ||
Focal |
Fix Released
|
Medium
|
Colin Ian King | ||
Groovy |
Fix Released
|
High
|
Colin Ian King |
Bug Description
== SRU Justification Focal, Groovy ==
Running the tcp_fastopen_
The test rotates TFO keys for ipv4/ipv6. It demonstrate how the primary and backup TFO keys can be rotated while minimizing the number of client cookies that are rejected. Due to an endianess issue, big endian systems were getting endian reversed values, so the values being from /proc/sys/
/proc/sys/
== Fix ==
Upstream (linux-next) fix:
commit f19008e676366c4
Author: Jason Baron <email address hidden>
Date: Mon Aug 10 13:38:39 2020 -0400
tcp: correct read of TFO keys on big endian systems
== Test case ==
Run the kernel self tests tcp_fastopen_
== Regression Potential ==
This fix touches the reading of the tcp fast open key proc interface /proc/sys/
There is some data copying to keys using unaligned puts and memcpy() so there is a potential that we may have data bounds errors causing memory corruption.
----
Issue found on Eoan (5.3.0-42.34, 5.3.0-43.36) with all s390x instances:
- LPAR s2lp4
- zVM kernel03
- zKVM s2lp6g003
# selftests: net: tcp_fastopen_
# PASS
# PASS
# PASS
# PASS
# PASS
# PASS
# PASS
# PASS
# PASS
# FAIL: TcpExtTCPFastOp
not ok 30 selftests: net: tcp_fastopen_
CVE References
tags: | added: sru-20200316 |
tags: | added: 5.3 eoan s390x ubuntu-kernel-selftests |
description: | updated |
tags: | added: 5.4 focal sru-20200629 |
Changed in ubuntu-kernel-tests: | |
importance: | Undecided → High |
assignee: | nobody → Colin Ian King (colin-king) |
status: | New → In Progress |
description: | updated |
Changed in linux (Ubuntu Focal): | |
importance: | Undecided → High |
assignee: | nobody → Colin Ian King (colin-king) |
Changed in linux (Ubuntu Groovy): | |
importance: | Undecided → High |
assignee: | nobody → Colin Ian King (colin-king) |
Changed in linux (Ubuntu Focal): | |
status: | New → In Progress |
Changed in linux (Ubuntu Groovy): | |
status: | New → In Progress |
description: | updated |
Changed in linux (Ubuntu Focal): | |
importance: | High → Medium |
Changed in linux (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
I've tested this on kernels from 5.3 through to 5.8-rc6 with the same result. The TcpExtTCPFastOp enPassiveFail is non-zero on these and only on s390x. Tried it on a LPAR and also emulated with QEMU and some issue. I've reported this upstream.