[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
This bug was fixed in the package linux - 3.13.0-168.218 --- linux (3.13.0-168.218) trusty; urgency=medium * linux: 3.13.0-168.218 -proposed tracker (LP: #1819663) * CVE-2019-9213 - mm: enforce min addr even if capable() in expand_downwards() * CVE-2019-3460 - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt * CVE-2017-1000410 - Bluetooth: Prevent stack info leak from the EFS element. * ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF (LP: #1815501) - ixgbe: check for vfs outside of sriov_num_vfs before dereference * CVE-2018-19824 - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in card.c * CVE-2019-3459 - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer * CVE-2019-7222 - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222) * CVE-2019-6974 - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974) * CVE-2017-18360 - USB: serial: io_ti: fix div-by-zero in set_termios -- Stefan Bader Thu, 14 Mar 2019 14:44:53 +0100 ** Changed in: linux (Ubuntu Trusty) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2017-1000410 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-18360 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-19824 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3459 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-3460 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-6974 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-7222 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-9213 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Released Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
Tested on linux-generic 3.13.0.168.179 from trusty-proposed. Tried reproducing according to test case from description, and verified that ixgbe is fixed: # uname -r 3.13.0-168-generic # apt-cache madison linux-generic linux-generic | 3.13.0.168.179 | http://archive.ubuntu.com/ubuntu/trusty-proposed/main amd64 Packages # ip link set dev eth4 vf -1 spoofchk off RTNETLINK answers: Invalid argument dmesg is clean after spoofchk, and network connectivity continues operating as expected. ** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858 EFLAGS: 00010283 [ 241.072663] RAX: RBX:
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If the problem still exists, change the tag 'verification-needed-trusty' to 'verification-failed- trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
** Changed in: linux (Ubuntu Trusty) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: Fix Committed Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858 EFLAGS: 00010283 [ 241.072663] RAX: RBX: 88102236 RCX: [ 241.073090] RDX: RSI: 81fc RDI: 88102236 [ 241.073522] RBP: 8810275c9858 R08: fffb R09: ffa8 [ 241.073953] R10: ffa1 R11: 0246 R12: 8810275c9950 [ 241.074381] R13: R14: a01511c0 R15: ffea [ 241.074814] FS: 7f3188ce6740() GS:88203f3e() knlGS: [ 241.075299] CS: 0010 DS:
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
SRUv2 sent to kernel-team mailing list: https://lists.ubuntu.com/archives/kernel-team/2019-February/098451.htm -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: In Progress Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858 EFLAGS: 00010283 [ 241.072663] RAX: RBX: 88102236 RCX: [ 241.073090] RDX: RSI: 81fc RDI: 88102236 [ 241.073522] RBP: 8810275c9858 R08: fffb R09: ffa8 [ 241.073953] R10: ffa1 R11: 0246 R12: 8810275c9950 [ 241.074381] R13: R14: a01511c0 R15: ffea [ 241.074814] FS: 7f3188ce6740() GS:88203f3e() knlGS: [
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
SRU request sent to kernel-team mailing list: https://lists.ubuntu.com/archives/kernel-team/2019-February/098444.html -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: In Progress Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858 EFLAGS: 00010283 [ 241.072663] RAX: RBX: 88102236 RCX: [ 241.073090] RDX: RSI: 81fc RDI: 88102236 [ 241.073522] RBP: 8810275c9858 R08: fffb R09: ffa8 [ 241.073953] R10: ffa1 R11: 0246 R12: 8810275c9950 [ 241.074381] R13: R14: a01511c0 R15: ffea [ 241.074814] FS: 7f3188ce6740() GS:88203f3e() knlGS:
[Kernel-packages] [Bug 1815501] Re: ixgbe: Kernel Oops when attempting to disable spoofchk in a non-existing VF
** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Trusty) Status: New => In Progress ** Changed in: linux (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Trusty) Assignee: (unassigned) => Heitor R. Alves de Siqueira (halves) ** Tags added: sts -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1815501 Title: ixgbe: Kernel Oops when attempting to disable spoofchk in a non- existing VF Status in linux package in Ubuntu: Fix Released Status in linux source package in Trusty: In Progress Bug description: [Impact] Trusty 3.13 kernel Oops due to ixgbe driver failing to check non-existing VF [Description] In the current Trusty kernel, when the ixgbe driver tries to enable or disable spoofchk for a non-existing VF, it causes a kernel oops. This is due to a missing check in ixgbe_ndo_set_vf_spoofchk() before dereferencing the VF. There is an upstream commit to fix this issue (600a507ddcb99 ixgbe: check for vfs outside of sriov_num_vfs before dereference), but it needs to be cherry-picked into 3.13 for Trusty. Upstream commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=600a507ddcb99 $ git describe --contains 600a507ddcb99 Ubuntu-lts-3.19.0-7.7_14.04.1~1051^2~26^2 $ rmadison linux-generic => linux-generic | 3.13.0.24.28 | trusty | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-security | amd64, ... => linux-generic | 3.13.0.165.175 | trusty-updates | amd64, ... linux-generic | 4.4.0.21.22| xenial | amd64, ... linux-generic | 4.15.0.20.23 | bionic | amd64, ... linux-generic | 4.18.0.10.11 | cosmic | amd64, ... linux-generic | 4.19.0.12.13 | disco| amd64, ... [Fix] The fix is to check if the requested VF exists before dereferencing it in the driver. Upstream commit 600a507ddcb99 introduced this check, and it's a clean cherry pick into the latest Trusty kernel. [Test Case] 1) Deploy a Trusty system with an ixgbe adapter and latest kernel from -updates: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 14.04.5 LTS Release:14.04 Codename: trusty # uname -r 3.13.0-165-generic # lspci -v -s 04:00.0 04:00.0 Ethernet controller: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 (rev 01) Subsystem: Hewlett-Packard Company 561FLR-T 2-port 10Gb Ethernet Adapter Flags: bus master, fast devsel, latency 0, IRQ 16 Memory at 92e0 (32-bit, prefetchable) [size=2M] Memory at 93004000 (32-bit, prefetchable) [size=16K] [virtual] Expansion ROM at 9308 [disabled] [size=512K] Capabilities: [40] Power Management version 3 Capabilities: [50] MSI: Enable- Count=1/1 Maskable+ 64bit+ Capabilities: [70] MSI-X: Enable+ Count=64 Masked- Capabilities: [a0] Express Endpoint, MSI 00 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [150] Alternative Routing-ID Interpretation (ARI) Capabilities: [160] Single Root I/O Virtualization (SR-IOV) Capabilities: [1d0] Access Control Services Kernel driver in use: ixgbe 2) Attempt to disable spoofchk with VF -1: # ip link set dev eth4 vf -1 spoofchk off Killed # dmesg [ 241.066440] BUG: unable to handle kernel paging request at fffa [ 241.066880] IP: [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.067331] PGD 2c13067 PUD 2c15067 PMD 0 [ 241.067591] Oops: 0002 [#1] SMP [ 241.067793] Modules linked in: ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi dm_crypt gpio_ich x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm hpilo lpc_ich ioatdma ipmi_si shpchp acpi_power_meter mac_hid nls_iso8859_1 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd ixgbe tg3 dca ptp pps_core hpsa nvme mdio wmi [ 241.070462] CPU: 43 PID: 2214 Comm: ip Not tainted 3.13.0-165-generic #215-Ubuntu [ 241.070908] Hardware name: HP ProLiant DL360 Gen9, BIOS P89 05/06/2015 [ 241.071302] task: 880035c4c800 ti: 8810275c8000 task.ti: 8810275c8000 [ 241.071751] RIP: 0010:[] [] ixgbe_ndo_set_vf_spoofchk+0x3c/0xc0 [ixgbe] [ 241.072349] RSP: 0018:8810275c9858 EFLAGS: 00010283 [ 241.072663] RAX: RBX: 88102236 RCX: [ 241.073090] RDX: RSI: 81fc RDI: 88102236 [ 241.073522] RBP: 8810275c9858 R08: fffb R09: ffa8 [ 241.073953] R10:
