[Kernel-packages] [Bug 1828394] Re: [UBUNTU] qdio: clear intparm during shutdown

Mon, 13 May 2019 07:06:07 -0700 

** Changed in: linux (Ubuntu Bionic)
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1828394

Title:
  [UBUNTU] qdio: clear intparm during shutdown

Status in Ubuntu on IBM z Systems:
  In Progress
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  Fix Committed

Bug description:
  SRU Justification:

  [Impact]

  * Crash in qeth_irq() with "Unable to handle kernel pointer
  dereference in virtual kernel address space"

  [Fix]

  * 89286320a236d245834075fa13adb0bdd827ecaa 8928632 "s390/qdio: clear
  intparm during shutdown"

  [Test Case]

  * Offline an OSA CHPID with multiple active qeth interfaces.

  [Regression Potential]

  * The regression potential can be considered as very low since it only
  affects the s390x platform

  * and there it only affects the (ccW) qeth (OSA) network devices

  * and again this happens if the CHPID is offlined, which usually
  doesn't happen during regular operation.

  [Other Info]

  * The patch was upstream accepted with kernel 4.17, hence it's already
  part of cosmic, disco and eoan and proven there to work.

  * It needs to be applied to kernel 4.15 to land in 18.04 GA and 16.04.5 HWE.
  _________________________

  Description:   qdio: clear intparm during shutdown
  Symptom:       Crash in qeth_irq() with "Unable to handle kernel pointer
                 dereference in virtual kernel address space".
  Problem:       During shutdown, qdio returns its ccw device back to control
                 by qeth - but doesn't reset the interrupt parameter on the
                 device. If qdio_shutdown() failed to terminate its
                 long-running IO on the ccw_device, qeth will subsequently
                 do so. In this case the IRQ for the IO completion is
                 presented to qeth_irq() with the _old_ interrupt parameter,
                 which gets mis-interpreted as a valid qeth_cmd_buffer
                 pointer. Dereferencing this bogus pointer in
                 qeth_release_buffer() triggers the crash.
  Solution:      When returning the ccw device in qdio_shutdown(), also reset
                 its interrupt parameter.
  Reproduction:  Offline an OSA CHPID with multiple active qeth interfaces.

  Component: Kernel
  Upstream-ID:   89286320a236d245834075fa13adb0bdd827ecaa

  Reported:      Ubuntu 18.04

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1828394/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to