| 2011-01-20 18:35:13 |
pwolanin |
bug |
|
|
added bug |
| 2011-01-20 18:35:13 |
pwolanin |
attachment added |
|
console output https://bugs.launchpad.net/bugs/705562/+attachment/1800904/+files/ami-6836dc01-kernel-lock.txt |
|
| 2011-01-20 18:36:28 |
pwolanin |
bug |
|
|
added subscriber Scott Moser |
| 2011-01-20 21:42:17 |
Scott Moser |
bug |
|
|
added subscriber Stefan Bader |
| 2011-03-16 22:01:30 |
Robbie Williamson |
bug |
|
|
added subscriber Robbie Williamson |
| 2011-03-17 02:28:54 |
Scott Moser |
affects |
ubuntu |
linux-meta (Ubuntu) |
|
| 2011-03-17 02:28:54 |
Scott Moser |
linux-meta (Ubuntu): importance |
Undecided |
Medium |
|
| 2011-03-17 02:30:03 |
Scott Moser |
nominated for series |
|
Ubuntu Hardy |
|
| 2011-03-17 06:57:02 |
Scott Moser |
attachment added |
|
patches from 730765 applied to hardy https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/705562/+attachment/1913950/+files/combined.diff |
|
| 2011-03-17 14:44:06 |
Zaid Al Hamami |
bug |
|
|
added subscriber Zaid Al Hamami |
| 2011-03-17 16:06:20 |
Joseph Salisbury |
bug |
|
|
added subscriber Joseph Salisbury |
| 2011-03-17 17:34:39 |
Brian Murray |
bug |
|
|
added subscriber Jeremy Foshee |
| 2011-03-30 10:17:59 |
Stefan Bader |
attachment added |
|
Attempt to get edge triggered interrupts in Hardy https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/705562/+attachment/1956119/+files/0001-UBUNTU-SAUCE-XEN-Make-interrupts-edge-triggered.patch |
|
| 2011-03-30 10:21:20 |
Stefan Bader |
attachment added |
|
021-edge-irq.patch https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/705562/+attachment/1956129/+files/021-edge-irq.patch |
|
| 2011-03-30 14:19:18 |
Tim Gardner |
bug task added |
|
linux-meta (Ubuntu Hardy) |
|
| 2011-03-30 14:19:56 |
Tim Gardner |
affects |
linux-meta (Ubuntu) |
linux (Ubuntu) |
|
| 2011-03-30 14:19:56 |
Tim Gardner |
linux (Ubuntu): status |
New |
In Progress |
|
| 2011-03-30 14:19:56 |
Tim Gardner |
linux (Ubuntu): assignee |
|
Stefan Bader (stefan-bader-canonical) |
|
| 2011-03-30 14:20:33 |
Tim Gardner |
linux (Ubuntu Hardy): status |
New |
In Progress |
|
| 2011-03-30 14:20:33 |
Tim Gardner |
linux (Ubuntu Hardy): assignee |
|
Stefan Bader (stefan-bader-canonical) |
|
| 2011-03-30 14:20:46 |
Tim Gardner |
linux (Ubuntu): status |
In Progress |
Invalid |
|
| 2011-03-30 14:20:53 |
Tim Gardner |
linux (Ubuntu): assignee |
Stefan Bader (stefan-bader-canonical) |
|
|
| 2011-03-30 14:21:02 |
Tim Gardner |
bug |
|
|
added subscriber Tim Gardner |
| 2011-04-19 20:15:47 |
Joey Imbasciano |
attachment added |
|
console.txt https://bugs.launchpad.net/ubuntu/+source/linux/+bug/705562/+attachment/2069723/+files/console.txt |
|
| 2011-04-26 22:32:35 |
Joey Imbasciano |
attachment added |
|
console-output-v2-image.txt https://bugs.launchpad.net/ubuntu/hardy/+source/linux/+bug/705562/+attachment/2090759/+files/console-output-v2-image.txt |
|
| 2011-04-26 22:39:42 |
Chris Rutter |
bug |
|
|
added subscriber Chris Rutter |
| 2011-04-26 22:56:47 |
Joey Imbasciano |
attachment added |
|
kern.log https://bugs.launchpad.net/ubuntu/hardy/+source/linux/+bug/705562/+attachment/2090773/+files/kern.log |
|
| 2011-05-04 22:38:48 |
Joey Imbasciano |
attachment added |
|
server-39.kern.log https://bugs.launchpad.net/ubuntu/hardy/+source/linux/+bug/705562/+attachment/2113245/+files/server-39.kern.log |
|
| 2011-05-19 15:21:52 |
Boris Devouge |
bug |
|
|
added subscriber Boris Devouge |
| 2011-05-23 14:22:18 |
Tom Ellis |
bug |
|
|
added subscriber Tom Ellis |
| 2011-06-22 13:58:04 |
Tim Gardner |
linux (Ubuntu Hardy): status |
In Progress |
Fix Committed |
|
| 2011-06-29 09:15:15 |
Stefan Bader |
description |
For months we have been working around a bug in ami-6836dc01, but
this seems not to be reported any place. Is this a known issue?
When we use ruby/puppet (from the Canonical repo) on an instance with
this AMI (e.g. a c1.medium) or in some cases when using java
applications the instance gets locked up.
Our work-around is using kernel 2.6.27-22-xen instead - the person
who created the fixed AMI used this method:
- launch instance of ami-7e28ca17 (instance #1)
- modprobe loop on instance #1
- copy up creds, jdk and ec2-ami-tools to /dev/shm on instance #1
- launch instance of ami-69d73000
(canonical-beta-us/ubuntu-intrepid-beta2-20090226-i386.manifest.xml)
to grab kernel modules from (instance #2)
- tar.gz /lib/modules/2.6.27-22-xen on instance #2
- scp to instance #1 and untar in /lib/modules
- rm -rf the old /lib/modules/2.6.24-10-xen dir on instance #1
- edit quick-bundle script on instance #1 to hard-code AKI to
aki-20c12649, ARI to ari-21c12648 (the AKI and ARI from instance #2).
- hard-coded manifest name, bucket to whatever.
- run pre-clean script on instance #1
- run quick-bundle script on instance #1
The console output from a locked instance is attached |
SRU Justification:
Impact: For i386 PGDs are stored in a linked list. For this two elements of
struct page are (mis-)used. To have a backwards pointer, the private field is
assigned a pointer to the index field of the previous struct page. The main
problem there was that list_add and list_del operations accidentally were done
twice. Which leads to accesses to (after first list operation) innocent struct
pages.
Fix: This is a bit more than needed to fix the bug itself, but it will bring our
code more into a shape that resembles upstream (factually there is only a 2.6.18
upstream but that code did not do the double list access).
Testcase: Running a 32bit domU (64bit Hardy dom0, though that should not matter)
with the xen kernel and doing a lot of process starts (like the aslr qa
regression test does) would quite soon crash because the destructor of a PTE
(which incidentally is stored in index) was suddenly overwritten.
---
For months we have been working around a bug in ami-6836dc01, but
this seems not to be reported any place. Is this a known issue?
When we use ruby/puppet (from the Canonical repo) on an instance with
this AMI (e.g. a c1.medium) or in some cases when using java
applications the instance gets locked up.
Our work-around is using kernel 2.6.27-22-xen instead - the person
who created the fixed AMI used this method:
- launch instance of ami-7e28ca17 (instance #1)
- modprobe loop on instance #1
- copy up creds, jdk and ec2-ami-tools to /dev/shm on instance #1
- launch instance of ami-69d73000
(canonical-beta-us/ubuntu-intrepid-beta2-20090226-i386.manifest.xml)
to grab kernel modules from (instance #2)
- tar.gz /lib/modules/2.6.27-22-xen on instance #2
- scp to instance #1 and untar in /lib/modules
- rm -rf the old /lib/modules/2.6.24-10-xen dir on instance #1
- edit quick-bundle script on instance #1 to hard-code AKI to
aki-20c12649, ARI to ari-21c12648 (the AKI and ARI from instance #2).
- hard-coded manifest name, bucket to whatever.
- run pre-clean script on instance #1
- run quick-bundle script on instance #1
The console output from a locked instance is attached |
|
| 2011-06-29 09:15:54 |
Stefan Bader |
description |
SRU Justification:
Impact: For i386 PGDs are stored in a linked list. For this two elements of
struct page are (mis-)used. To have a backwards pointer, the private field is
assigned a pointer to the index field of the previous struct page. The main
problem there was that list_add and list_del operations accidentally were done
twice. Which leads to accesses to (after first list operation) innocent struct
pages.
Fix: This is a bit more than needed to fix the bug itself, but it will bring our
code more into a shape that resembles upstream (factually there is only a 2.6.18
upstream but that code did not do the double list access).
Testcase: Running a 32bit domU (64bit Hardy dom0, though that should not matter)
with the xen kernel and doing a lot of process starts (like the aslr qa
regression test does) would quite soon crash because the destructor of a PTE
(which incidentally is stored in index) was suddenly overwritten.
---
For months we have been working around a bug in ami-6836dc01, but
this seems not to be reported any place. Is this a known issue?
When we use ruby/puppet (from the Canonical repo) on an instance with
this AMI (e.g. a c1.medium) or in some cases when using java
applications the instance gets locked up.
Our work-around is using kernel 2.6.27-22-xen instead - the person
who created the fixed AMI used this method:
- launch instance of ami-7e28ca17 (instance #1)
- modprobe loop on instance #1
- copy up creds, jdk and ec2-ami-tools to /dev/shm on instance #1
- launch instance of ami-69d73000
(canonical-beta-us/ubuntu-intrepid-beta2-20090226-i386.manifest.xml)
to grab kernel modules from (instance #2)
- tar.gz /lib/modules/2.6.27-22-xen on instance #2
- scp to instance #1 and untar in /lib/modules
- rm -rf the old /lib/modules/2.6.24-10-xen dir on instance #1
- edit quick-bundle script on instance #1 to hard-code AKI to
aki-20c12649, ARI to ari-21c12648 (the AKI and ARI from instance #2).
- hard-coded manifest name, bucket to whatever.
- run pre-clean script on instance #1
- run quick-bundle script on instance #1
The console output from a locked instance is attached |
SRU Justification:
Impact: For i386 PGDs are stored in a linked list. For this two elements of struct page are (mis-)used. To have a backwards pointer, the private field is assigned a pointer to the index field of the previous struct page. The main problem there was that list_add and list_del operations accidentally were done twice. Which leads to accesses to (after first list operation) innocent struct pages.
Fix: This is a bit more than needed to fix the bug itself, but it will bring our code more into a shape that resembles upstream (factually there is only a 2.6.18 upstream but that code did not do the double list access).
Testcase: Running a 32bit domU (64bit Hardy dom0, though that should not matter) with the xen kernel and doing a lot of process starts (like the aslr qa regression test does) would quite soon crash because the destructor of a PTE (which incidentally is stored in index) was suddenly overwritten.
---
For months we have been working around a bug in ami-6836dc01, but
this seems not to be reported any place. Is this a known issue?
When we use ruby/puppet (from the Canonical repo) on an instance with
this AMI (e.g. a c1.medium) or in some cases when using java
applications the instance gets locked up.
Our work-around is using kernel 2.6.27-22-xen instead - the person
who created the fixed AMI used this method:
- launch instance of ami-7e28ca17 (instance #1)
- modprobe loop on instance #1
- copy up creds, jdk and ec2-ami-tools to /dev/shm on instance #1
- launch instance of ami-69d73000
(canonical-beta-us/ubuntu-intrepid-beta2-20090226-i386.manifest.xml)
to grab kernel modules from (instance #2)
- tar.gz /lib/modules/2.6.27-22-xen on instance #2
- scp to instance #1 and untar in /lib/modules
- rm -rf the old /lib/modules/2.6.24-10-xen dir on instance #1
- edit quick-bundle script on instance #1 to hard-code AKI to
aki-20c12649, ARI to ari-21c12648 (the AKI and ARI from instance #2).
- hard-coded manifest name, bucket to whatever.
- run pre-clean script on instance #1
- run quick-bundle script on instance #1
The console output from a locked instance is attached |
|
| 2011-06-29 09:16:06 |
Stefan Bader |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2011-06-29 09:18:31 |
Herton R. Krzesinski |
tags |
ec2-images |
ec2-images verification-needed-hardy |
|
| 2011-07-08 14:29:35 |
Stefan Bader |
tags |
ec2-images verification-needed-hardy |
ec2-images verification-done-hardy |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
linux (Ubuntu Hardy): status |
Fix Committed |
Fix Released |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2010-4076 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2010-4077 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2010-4247 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2010-4526 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2011-0726 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2011-1163 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2011-1577 |
|
| 2011-07-14 16:24:30 |
Launchpad Janitor |
cve linked |
|
2011-1746 |
|
| 2011-10-05 21:49:58 |
Jeremy Foshee |
removed subscriber Jeremy Foshee |
|
|
|
