** Changed in: linux (Ubuntu Xenial)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Released
** Changed in: linux (Ubuntu)
Importance: Undecided => Medium
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Luis Henriques (henrix)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1644394
Title:
Botched backport breaks level triggered EOIs in QEMU guests with
--machine kernel_irqchip=split
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
The port of KVM's HyperV SynIC patches (and other HyperV related KVM
Patches) broke QEMU's --machine kernel_irqchip=split for Ubuntu Xenial
on x86. Guests hang in early boot.
Ubuntu Xenial dropped the upstream patch
abdb080f7ac8a85547f5e0246362790043bbd3f2 while backporting. The result
is that patch a6767645c9da8c0e91ebbb47677d933d6b378638 in Ubuntu's
tree clobbers the definition of kvm_arch_irq_routing_update, which was
renamed in abdb080f7..., and drops the IOAPIC scan request as a
result. [Aside: this also results in kvm_hv_irq_routing_update being
called outside irq_lock].
The result of this is that the EOI exit bitmaps are not updated when
the table is updated, and no IOAPIC EOIs go to userspace.
The fix is backporting abdb080f7ac8a85547f5e0246362790043bbd3f2, and
defining kvm_arch_post_irq_routing_update with the old definition of
kvm_arch_port_irq_routing_update. I've attached a patch that does
this.
Repro: The KVM-Unit-test's IOAPIC test should fail with QEMU and
--machine kernel_irqchip=split on 4.4.0-36. (Caveat: I actually
haven't tried this myself, but the theory is there.)
Security Implications: I believe this is not a security issue.
kvm_hv_irq_routing_update only moved outside the lock, not outside the
srcu critical section. If the update were outside the critical
section, this would be a racy use-after-free.
Versioning information: I cloned the tree at
git://kernel.ubuntu.com/ubuntu/ubuntu-xenial.git and checked out the
tag 'Ubuntu-4.4.0-36.55'. All of the tests were done on a build of the
4.4.0-36 kernel. Later versions also have the issue (checked
'Ubuntu-4.4.0-49.70'). The issue was introduced in
'Ubuntu-4.4.0-32.51'.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1644394/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
