This bug was fixed in the package linux - 4.4.0-127.153
---
linux (4.4.0-127.153) xenial; urgency=medium
* CVE-2018-3639 (powerpc)
- powerpc/pseries: Support firmware disable of RFI flush
- powerpc/powernv: Support firmware disable of RFI flush
- powerpc/rfi-flush: Move
Ubuntu 4.4.0-123.147-generic 4.4.128 does fix it for us as well.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
Title:
bpf_map_lookup_elem: BUG: unable to handle kernel paging
Tested with kernel 4.4.0-123.147. Issue is fixed there.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
This bug is awaiting verification that the kernel in -proposed solves
the problem. Please test the kernel and update this bug with the
results. If the problem is solved, change the tag 'verification-needed-
xenial' to 'verification-done-xenial'. If the problem still exists,
change the tag
** Changed in: linux (Ubuntu Xenial)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
Title:
bpf_map_lookup_elem: BUG: unable to handle
** Changed in: linux (Ubuntu Xenial)
Importance: Medium => High
** Changed in: linux (Ubuntu)
Status: Triaged => Invalid
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
I was wondering about the 'Importance' definition too. It's also a
panic-reboot loop just after booting when using Weave Scope in the
Kubernetes cluster because Scope installs the BPF probe during
initialization.
--
You received this bug notification because you are a member of Kernel
Packages,
For us the importance of this issue would be High instead of Medium (not
sure if there is an objective definition somewhere, could not find it).
Reason is that we rely on BPF quite heavily in our infrastructure and
servers just crash pretty much immediately once we install the current
kernel
(I used my team account cloudstackers-7 before, now with my own one)
The bounds check may not be necessary, because
replace_map_fd_with_map_ptr is called before do_check and the relevant
check is already in replace_map_fd_with_map_ptr. But it's not obvious,
so at least a comment in do_check may
I've duped the other bug to this one.
I do agree that the "seen = true" you identified looks like a mistake, I
will fix up the patch to remove that.
You also added some bounds checking. I see your point in adding that, I
can't find anything which would guarantee that there is an additional
Seth, I reported the same issue in LP#1763352
(https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1763352).
My patch there does essentially the same as yours, so I will mention in that
ticket that it's a duplicate.
But your patch does not remove the wrong
"env->insn_aux_data[insn_idx].seen =
No it's not well documented, and it's a complicated mishmash of auto
package tests (these do have documentation but not useful here) and
autotests maintained by the kernel team. We do run some bpf autotests,
we could see about adding them there.
> to allow time for testing and verifications
Is the testing process documented somewhere? Ideally we should add a
step in the process to test @schuio's reproducer (or an equivalent) to
avoid future similar regressions for software using eBPF.
--
You received this bug notification because you
Note though that it should be in xenial-proposed within two weeks (at
which point you'll be prompted to verify the fix there).
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
On Fri, Apr 13, 2018 at 12:19:26PM -, schu wrote:
> Seth, can you give an ETA for when the update with the fix will be
> published?
>
> If it's only a matter of a few days, adding a workaround might not be
> necessary..
> (https://github.com/weaveworks/scope/pull/3141#discussion_r181340479)
Seth, can you give an ETA for when the update with the fix will be
published?
If it's only a matter of a few days, adding a workaround might not be
necessary..
(https://github.com/weaveworks/scope/pull/3141#discussion_r181340479)
Thanks again.
--
You received this bug notification because you
`Ubuntu 4.4.0-119.143+lp1763454v201804121433-generic 4.4.114` does fix
the problem for us. Tested with Scope
e2b4b3edf63a62836ca27024003cc38aa6b9c0b5
Thanks Seth!
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
Test build is at the link below, please let me know if it fixes the
issue. Thanks!
http://people.canonical.com/~sforshee/lp1763454/
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
** Changed in: linux (Ubuntu Xenial)
Assignee: (unassigned) => Seth Forshee (sforshee)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1763454
Title:
bpf_map_lookup_elem: BUG:
I'm taking a guess at the cause of this kernel panic:
commit c131187db2d3fa2f8bf32fdf4e9a4ef805168467 was backported from
upstream kernel into the Ubuntu kernel.
But this part was not backported:
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -4213,6 +4216,8 @@ static int
** Changed in: linux (Ubuntu)
Importance: Undecided => Medium
** Also affects: linux (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: linux (Ubuntu Xenial)
Status: New => Incomplete
** Changed in: linux (Ubuntu Xenial)
Importance: Undecided => Medium
**
21 matches
Mail list logo