This bug was fixed in the package linux - 4.13.0-39.44
---------------
linux (4.13.0-39.44) artful; urgency=medium
* linux: 4.13.0-39.44 -proposed tracker (LP: #1761456)
* intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2
Intel) // CVE-2017-5754
- x86/mm: Reinitialize TLB state on hotplug and resume
* intel-microcode 3.20180312.0 causes lockup at login screen(w/ linux-
image-4.13.0-37-generic) (LP: #1759920) // CVE-2017-5715 (Spectre v2 Intel)
- Revert "x86/mm: Only set IBPB when the new thread cannot ptrace current
thread"
- x86/speculation: Use Indirect Branch Prediction Barrier in context switch
* DKMS driver builds fail with: Cannot use CONFIG_STACK_VALIDATION=y, please
install libelf-dev, libelf-devel or elfutils-libelf-devel (LP: #1760876)
- [Packaging] include the retpoline extractor in the headers
* retpoline hints: primary infrastructure and initial hints (LP: #1758856)
- [Packaging] retpoline-extract: flag *0xNNN(%reg) branches
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool
- x86/speculation, objtool: Annotate indirect calls/jumps for objtool on
32bit
- x86/paravirt, objtool: Annotate indirect calls
- [Packaging] retpoline -- add safe usage hint support
- [Packaging] retpoline-check -- only report additions
- [Packaging] retpoline -- widen indirect call/jmp detection
- [Packaging] retpoline -- elide %rip relative indirections
- [Packaging] retpoline -- clear hint information from packages
- KVM: x86: Make indirect calls in emulator speculation safe
- KVM: VMX: Make indirect call speculation safe
- x86/boot, objtool: Annotate indirect jump in secondary_startup_64()
- SAUCE: early/late -- annotate indirect calls in early/late initialisation
code
- SAUCE: vga_set_mode -- avoid jump tables
- [Config] retpoline -- switch to new format
- [Packaging] retpoline hints -- handle missing files when RETPOLINE not
enabled
- [Packaging] final-checks -- remove check for empty retpoline files
* retpoline: ignore %cs:0xNNN constant indirections (LP: #1752655)
- [Packaging] retpoline -- elide %cs:0xNNNN constants on i386
* zfs system process hung on container stop/delete (LP: #1754584)
- SAUCE: Fix non-prefaulted page deadlock (LP: #1754584)
* zfs-linux 0.6.5.11-1ubuntu5 ADT test failure with linux 4.15.0-1.2
(LP: #1737761)
- SAUCE: (noup) Update zfs to 0.6.5.11-1ubuntu3.2
* AT_BASE_PLATFORM in AUXV is absent on kernels available on Ubuntu 17.10
(LP: #1759312)
- powerpc/64s: Fix NULL AT_BASE_PLATFORM when using DT CPU features
* btrfs and tar sparse truncate archives (LP: #1757565)
- Btrfs: move definition of the function btrfs_find_new_delalloc_bytes
- Btrfs: fix reported number of inode blocks after buffered append writes
* efifb broken on ThunderX-based Gigabyte nodes (LP: #1758375)
- drivers/fbdev/efifb: Allow BAR to be moved instead of claiming it
* Intel i40e PF reset due to incorrect MDD detection (continues...)
(LP: #1723127)
- i40e/i40evf: Account for frags split over multiple descriptors in check
linearize
* Fix an issue that when system in S3, USB keyboard can't wake up the system.
(LP: #1759511)
- ACPI / PM: Allow deeper wakeup power states with no _SxD nor _SxW
* [8086:3e92] display becomes blank after S3 (LP: #1759188)
- drm/i915: Apply Display WA #1183 on skl, kbl, and cfl
* add audio kernel patches for Raven (LP: #1758364)
- ALSA: hda: Add Raven PCI ID
- ALSA: hda/realtek - Fix ALC700 family no sound issue
* Cpu utilization showing system time for kvm guests (performance) (sysstat)
(LP: #1755979)
- KVM: PPC: Book3S HV: Fix guest time accounting with
VIRT_CPU_ACCOUNTING_GEN
* Kernel panic on a nfsroot system (LP: #1734327)
- Revert "UBUNTU: SAUCE: LSM stacking: add stacking support to apparmor
network hooks"
- Revert "UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of the
remaining blobs"
* can't record sound via front headset port on the Dell Precision 3630
(LP: #1759088)
- ALSA: hda/realtek - Fix Dell headset Mic can't record
* speaker can't output sound anymore after system resumes from S3 on a lenovo
machine with alc257 (LP: #1758829)
- ALSA: hda/realtek - Fix speaker no sound after system resume
* hda driver initialization takes too much time on the machine with coffeelake
audio controller [8086:a348] (LP: #1758800)
- ALSA: hda - Force polling mode on CFL for fixing codec communication
* Let headset-mode initialization be called on Dell Precision 3930
(LP: #1757584)
- ALSA: hda/realtek - Add headset mode support for Dell laptop
* ubuntu_zram_smoke test will cause soft lockup on Artful ThunderX ARM64
(LP: #1755073)
- SAUCE: crypto: thunderx_zip: Fix fallout from CONFIG_VMAP_STACK
* [Hyper-V] include kvp fix for Avoid reading past allocated blocks from KVP
file (LP: #1750349)
- hv: kvp: Avoid reading past allocated blocks from KVP file
* IMA policy parsing is broken in 4.13 (LP: #1755804)
- ima/policy: fix parsing of fsuuid
* external mic not work on Dell OptiPlex 7460 AIO (LP: #1755954)
- ALSA: hda/realtek - Add headset mode support for Dell laptop
* sbsa watchdog crashes thunderx2 system (LP: #1755595)
- watchdog: sbsa: use 32-bit read for WCV
* CVE-2018-8043
- net: phy: mdio-bcm-unimac: fix potential NULL dereference in
unimac_mdio_probe()
-- Stefan Bader <[email protected]> Thu, 05 Apr 2018 14:47:00
+0200
** Changed in: linux (Ubuntu Artful)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5754
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-8043
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1734327
Title:
Kernel panic on a nfsroot system
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Artful:
Fix Released
Bug description:
== SRU Justification ==
The following commit introduced a regression identified in bug 1734327:
ac8f82a0b6d9 ("UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure management of
the remaining blobs")
The regression causes a kernel panic to occur after multiple TCP connection
creations/closures to the localhost. The bug was found using STAF RPC calls,
but is easily reproducible with SSH.
A revert of commit ac8f82a0b6d9 is needed to resolve this bug. However,
commit 4ae2508f0bed
also needs to be reverted because it depend on commit ac8f82a0b6d9.
== Fix ==
Revert 4ae2508f0bed ("UBUNTU: SAUCE: LSM stacking: add stacking support to
apparmor network hooks")
Revert ac8f82a0b6d9 ("UBUNTU: SAUCE: LSM stacking: LSM: Infrastructure
management of the remaining blobs")
== Test Case ==
A test kernel was built with these two commits reverted and tested by the
original bug reporter.
The bug reporter states the test kernel resolved the bug.
== Original Bug Description ==
Summary:
Kernel panic occurs after multiple TCP connection creations/closures to the
localhost.
The bug was found using STAF RPC calls, but is easily reproducible with SSH.
The bug doesn't appear on an identical virtual machine booting from the disk.
The bug is not reproducible on a similarly-prepared Ubuntu 16.04 machine.
The bug is reproducible using an older 4.13.0-16-generic kernel
Reproducible on multiple hardware types.
Unable to create a kernel memory dump due to makedumpfile errors.
apport-bug save attached.
NFSRoot boot options:
vmlinuz initrd=initrd.img boot=nfs root=/dev/nfs
nfsroot=190.0.0.254:/diskless/host/u1616/Ubuntu/17.10 intel_iommu=on
net.ifnames=0 biosdevname=0 apparmor=0 ip=:::::eth0:dhcp
blacklist=i40e,ixgbe,fm10k crashkernel=384M-:768M rw
Software:
OS: Ubuntu 17.10
Kernel: 4.13.0-17-generic x86_64
Reproduction steps:
1. Boot a system from a nfsroot
2. Configure password-less localhost ssh access
3. Run a loop: `while true; do ssh localhost 'uname -a'; done`
4. Wait for system to crash
Trace:
4,1151,52372730,-;general protection fault: 0000 [#1] SMP
4,1152,52372771,-;Modules linked in: arc4 md4 rpcsec_gss_krb5 nls_utf8
auth_rpcgss cifs nfsv4 ccm ipmi_ssif intel_rapl sb_edac x86_pkg_temp_thermal
intel_powerclamp coretemp intel_cstate mei_me input_leds joydev intel_rapl_perf
mei kvm_intel lpc_ich ioatdma kvm irqbypass ipmi_si ipmi_devintf
ipmi_msghandler shpchp acpi_pad acpi_power_meter mac_hid ib_iser rdma_cm iw_cm
ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables
x_tables autofs4 nfsv3 nfs_acl nfs lockd grace sunrpc fscache raid10 raid456
async_raid6_recov async_memcpy async_pq async_xor async_tx xor hid_generic
usbhid hid raid6_pq libcrc32c raid1 raid0 multipath linear uas usb_storage
crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc ast ttm aesni_intel igb
drm_kms_helper aes_x86_64 crypto_simd syscopyarea glue_helper
4,1153,52373251,c; sysfillrect dca cryptd sysimgblt i2c_algo_bit fb_sys_fops
ahci ptp drm libahci pps_core wmi
4,1154,52373322,-;CPU: 11 PID: 1848 Comm: STAFProc Not tainted
4.13.0-17-generic #20-Ubuntu
4,1155,52373371,-;Hardware name: Supermicro Super Server/X10SRD-F, BIOS 2.0
12/17/2015
4,1156,52373418,-;task: ffff9d09267f5d00 task.stack: ffffafddc3a70000
4,1157,52373461,-;RIP: 0010:kfree+0x53/0x160
4,1158,52373486,-;RSP: 0018:ffff9d092ecc3bc8 EFLAGS: 00010207
4,1159,52373521,-;RAX: 0000000000000000 RBX: 241c894900000001 RCX:
0000000000000004
4,1160,52373566,-;RDX: 000032d49081cc08 RSI: 0000000000010080 RDI:
000062fac0000000
4,1161,52373611,-;RBP: ffff9d092ecc3be0 R08: 000000000001f4c0 R09:
ffffffff943bb839
4,1162,52373656,-;R10: 00904c7891000000 R11: 0000000000000000 R12:
ffff9d09267ef000
4,1163,52373701,-;R13: ffffffff93fa155e R14: ffff9d09267ef000 R15:
ffff9d09267ef000
4,1164,52373746,-;FS: 00007f3a53313700(0000) GS:ffff9d092ecc0000(0000)
knlGS:0000000000000000
4,1165,52373797,-;CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
4,1166,52373834,-;CR2: 00007fd5c9ffa780 CR3: 00000004666d7000 CR4:
00000000003406e0
4,1167,52373878,-;DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
4,1168,52373923,-;DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
4,1169,52373968,-;Call Trace:
4,1170,52373987,-; <IRQ>
4,1171,52374009,-; security_sk_free+0x3e/0x50
4,1172,52374042,-; __sk_destruct+0x108/0x190
4,1173,52374070,-; sk_destruct+0x20/0x30
4,1174,52374095,-; __sk_free+0x82/0xa0
4,1175,52374120,-; sk_free+0x19/0x20
4,1176,52374144,-; sock_put+0x14/0x20
4,1177,52374168,-; tcp_v4_rcv+0x94d/0x9d0
4,1178,52374195,-; ip_local_deliver_finish+0x5c/0x1f0
4,1179,52374226,-; ip_local_deliver+0x6f/0xe0
4,1180,52374254,-; ip_rcv_finish+0x120/0x410
4,1181,52374281,-; ip_rcv+0x28c/0x3a0
4,1182,52374305,-; ? update_load_avg+0x46d/0x590
4,1183,52374335,-; __netif_receive_skb_core+0x39a/0xaa0
4,1184,52374369,-; __netif_receive_skb+0x18/0x60
4,1185,52374398,-; ? __netif_receive_skb+0x18/0x60
4,1186,52374428,-; process_backlog+0x89/0x140
4,1187,52374457,-; net_rx_action+0x13b/0x380
4,1188,52374485,-; __do_softirq+0xde/0x2a5
4,1189,52375837,-; do_softirq_own_stack+0x1c/0x30
4,1190,52377188,-; </IRQ>
4,1191,52378538,-; do_softirq.part.17+0x4e/0x50
4,1192,52379869,-; __local_bh_enable_ip+0x5a/0x60
4,1193,52381174,-; ip_finish_output2+0x172/0x3a0
4,1194,52382442,-; ip_finish_output+0x190/0x250
4,1195,52383658,-; ? ip_finish_output+0x190/0x250
4,1196,52384833,-; ip_output+0x70/0xe0
4,1197,52385959,-; ? lock_timer_base+0x81/0xa0
4,1198,52387043,-; ip_local_out+0x35/0x40
4,1199,52388078,-; ip_queue_xmit+0x160/0x3e0
4,1200,52389068,-; ? __alloc_skb+0x87/0x1e0
4,1201,52390019,-; tcp_transmit_skb+0x538/0x9e0
4,1202,52390944,-; tcp_send_ack.part.35+0xbd/0x130
4,1203,52391849,-; tcp_send_ack+0x16/0x20
4,1204,52392729,-; tcp_cleanup_rbuf+0x67/0x100
4,1205,52393600,-; tcp_recvmsg+0x572/0xb60
4,1206,52394464,-; inet_recvmsg+0x4b/0xc0
4,1207,52395307,-; sock_recvmsg+0x3d/0x50
4,1208,52396135,-; sock_read_iter+0x90/0xe0
4,1209,52396955,-; new_sync_read+0xde/0x130
4,1210,52397766,-; __vfs_read+0x26/0x40
4,1211,52398568,-; vfs_read+0x8e/0x130
4,1212,52399347,-; SyS_read+0x55/0xc0
4,1213,52400099,-; entry_SYSCALL_64_fastpath+0x1e/0xa9
4,1214,52400845,-;RIP: 0033:0x7f3a58da0d5d
4,1215,52401583,-;RSP: 002b:00007f3a53310e70 EFLAGS: 00000246 ORIG_RAX:
0000000000000000
4,1216,52402370,-;RAX: ffffffffffffffda RBX: 00007f3a44000078 RCX:
00007f3a58da0d5d
4,1217,52403153,-;RDX: 0000000000000020 RSI: 00007f3a4400b5f8 RDI:
000000000000000f
4,1218,52403952,-;RBP: 0000000000001010 R08: 0000000000000000 R09:
0000000000000000
4,1219,52404752,-;R10: 00007f3a593e4d20 R11: 0000000000000246 R12:
00007f3a44000020
4,1220,52405553,-;R13: 0000000000001000 R14: 00007f3a44000078 R15:
0000000000000001
4,1221,52406363,-;Code: 00 80 49 01 da 0f 82 1c 01 00 00 48 c7 c7 00 00 00 80
48 2b 3d 7f e6 c1 00 49 01 fa 49 c1 ea 0c 49 c1 e2 06 4c 03 15 5d e6 c1 00 <49>
8b 42 20 48 8d 50 ff a8 01 4c 0f 45 d2 49 8b 52 20 48 8d 42
1,1222,52408171,-;RIP: kfree+0x53/0x160 RSP: ffff9d092ecc3bc8
4,1223,52409129,-;---[ end trace f7b53e7f81a1cbda ]---
0,1224,52414686,-;Kernel panic - not syncing: Fatal exception in interrupt
---
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Nov 24 12:39 seq
crw-rw---- 1 root audio 116, 33 Nov 24 12:39 timer
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.20.7-0ubuntu3.5
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq',
'/dev/snd/timer'] failed with exit code 1:
DistroRelease: Ubuntu 17.10
InstallationDate: Installed on 2017-11-03 (21 days ago)
InstallationMedia: Ubuntu-Server 17.10 "Artful Aardvark" - Release amd64
(20171017.1)
IwConfig: Error: [Errno 2] No such file or directory
MachineType: Supermicro Super Server
Package: linux (not installed)
PciMultimedia:
ProcFB: 0 astdrmfb
ProcKernelCmdLine: vmlinuz initrd=initrd.img boot=nfs root=/dev/nfs
nfsroot=190.0.0.254:/diskless/host/hostname/Ubuntu/17.10 intel_iommu=on
net.ifnames=0 biosdevname=0 apparmor=0 ip=:::::eth0:dhcp
blacklist=i40e,ixgbe,fm10k crashkernel=384M-:768M rw
ProcVersionSignature: Ubuntu 4.13.0-17.20-generic 4.13.8
RelatedPackageVersions:
linux-restricted-modules-4.13.0-17-generic N/A
linux-backports-modules-4.13.0-17-generic N/A
linux-firmware 1.169
RfKill: Error: [Errno 2] No such file or directory
Tags: artful
Uname: Linux 4.13.0-17-generic x86_64
UnreportableReason: The report belongs to a package that is not installed.
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
_MarkForUpload: False
dmi.bios.date: 12/17/2015
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 2.0
dmi.board.asset.tag: Default string
dmi.board.name: X10SRD-F
dmi.board.vendor: Supermicro
dmi.board.version: 1.01
dmi.chassis.asset.tag: Default string
dmi.chassis.type: 17
dmi.chassis.vendor: Supermicro
dmi.chassis.version: 0123456789
dmi.modalias:
dmi:bvnAmericanMegatrendsInc.:bvr2.0:bd12/17/2015:svnSupermicro:pnSuperServer:pvr0123456789:rvnSupermicro:rnX10SRD-F:rvr1.01:cvnSupermicro:ct17:cvr0123456789:
dmi.product.family: Default string
dmi.product.name: Super Server
dmi.product.version: 0123456789
dmi.sys.vendor: Supermicro
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734327/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
