** Also affects: linux (Ubuntu Bionic)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu)
Status: New => Fix Released
** Changed in: linux (Ubuntu Bionic)
Status: New => In Progress
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1828394
Title:
[UBUNTU] qdio: clear intparm during shutdown
Status in Ubuntu on IBM z Systems:
In Progress
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Bionic:
Fix Committed
Bug description:
SRU Justification:
[Impact]
* Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space"
[Fix]
* 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear
intparm during shutdown"
[Test Case]
* Offline an OSA CHPID with multiple active qeth interfaces.
[Regression Potential]
* The regression potential can be considered as very low since it only
affects the s390x platform
* and there it only affects the (ccW) qeth (OSA) network devices
* and again this happens if the CHPID is offlined, which usually
doesn't happen during regular operation.
[Other Info]
* The patch was upstream accepted with kernel 4.17, hence it's already
part of cosmic, disco and eoan and proven there to work.
* It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.
_________________________
Description: qdio: clear intparm during shutdown
Symptom: Crash in qeth_irq() with "Unable to handle kernel pointer
dereference in virtual kernel address space".
Problem: During shutdown, qdio returns its ccw device back to control
by qeth - but doesn't reset the interrupt parameter on the
device. If qdio_shutdown() failed to terminate its
long-running IO on the ccw_device, qeth will subsequently
do so. In this case the IRQ for the IO completion is
presented to qeth_irq() with the _old_ interrupt parameter,
which gets mis-interpreted as a valid qeth_cmd_buffer
pointer. Dereferencing this bogus pointer in
qeth_release_buffer() triggers the crash.
Solution: When returning the ccw device in qdio_shutdown(), also reset
its interrupt parameter.
Reproduction: Offline an OSA CHPID with multiple active qeth interfaces.
Component: Kernel
Upstream-ID: 89286320a236d245834075fa13adb0bdd827ecaa
Reported: Ubuntu 18.04
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1828394/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
