[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
This bug was fixed in the package linux - 4.4.0-130.156 --- linux (4.4.0-130.156) xenial; urgency=medium * linux: 4.4.0-130.156 -proposed tracker (LP: #1776822) * CVE-2018-3665 (x86) - x86/fpu: Fix early FPU command-line parsing - x86/fpu: Fix 'no387' regression - x86/fpu: Disable MPX when eagerfpu is off - x86/fpu: Default eagerfpu=on on all CPUs - x86/fpu: Fix FNSAVE usage in eagerfpu mode - x86/fpu: Fix math emulation in eager fpu mode - x86/fpu: Fix eager-FPU handling on legacy FPU machines linux (4.4.0-129.155) xenial; urgency=medium * linux: 4.4.0-129.155 -proposed tracker (LP: #1776352) * Xenial update to 4.4.134 stable release (LP: #1775771) - MIPS: ptrace: Expose FIR register through FP regset - MIPS: Fix ptrace(2) PTRACE_PEEKUSR and PTRACE_POKEUSR accesses to o32 FGRs - KVM: Fix spelling mistake: "cop_unsuable" -> "cop_unusable" - affs_lookup(): close a race with affs_remove_link() - aio: fix io_destroy(2) vs. lookup_ioctx() race - ALSA: timer: Fix pause event notification - mmc: sdhci-iproc: fix 32bit writes for TRANSFER_MODE register - libata: Blacklist some Sandisk SSDs for NCQ - libata: blacklist Micron 500IT SSD with MU01 firmware - xen-swiotlb: fix the check condition for xen_swiotlb_free_coherent - Revert "ipc/shm: Fix shmat mmap nil-page protection" - ipc/shm: fix shmat() nil address after round-down when remapping - kasan: fix memory hotplug during boot - kernel/sys.c: fix potential Spectre v1 issue - kernel/signal.c: avoid undefined behaviour in kill_something_info - xfs: remove racy hasattr check from attr ops - do d_instantiate/unlock_new_inode combinations safely - firewire-ohci: work around oversized DMA reads on JMicron controllers - NFSv4: always set NFS_LOCK_LOST when a lock is lost. - ALSA: hda - Use IS_REACHABLE() for dependency on input - ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read() - kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl - tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account - PCI: Add function 1 DMA alias quirk for Marvell 9128 - tools lib traceevent: Simplify pointer print logic and fix %pF - perf callchain: Fix attr.sample_max_stack setting - tools lib traceevent: Fix get_field_str() for dynamic strings - dm thin: fix documentation relative to low water mark threshold - nfs: Do not convert nfs_idmap_cache_timeout to jiffies - watchdog: sp5100_tco: Fix watchdog disable bit - kconfig: Don't leak main menus during parsing - kconfig: Fix automatic menu creation mem leak - kconfig: Fix expr_free() E_NOT leak - ipmi/powernv: Fix error return code in ipmi_powernv_probe() - Btrfs: set plug for fsync - btrfs: Fix out of bounds access in btrfs_search_slot - Btrfs: fix scrub to repair raid6 corruption - scsi: fas216: fix sense buffer initialization - HID: roccat: prevent an out of bounds read in kovaplus_profile_activated() - jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path - powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes - powerpc/numa: Ensure nodes initialized for hotplug - RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure - ntb_transport: Fix bug with max_mw_size parameter - ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid - ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute - ocfs2: return error when we attempt to access a dirty bh in jbd2 - mm/mempolicy: fix the check of nodemask from user - mm/mempolicy: add nodes_empty check in SYSC_migrate_pages - asm-generic: provide generic_pmdp_establish() - mm: pin address_space before dereferencing it while isolating an LRU page - IB/ipoib: Fix for potential no-carrier state - x86/power: Fix swsusp_arch_resume prototype - firmware: dmi_scan: Fix handling of empty DMI strings - ACPI: processor_perflib: Do not send _PPC change notification if not ready - MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS - xen-netfront: Fix race between device setup and open - xen/grant-table: Use put_page instead of free_page - RDS: IB: Fix null pointer issue - arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics - proc: fix /proc/*/map_files lookup - cifs: silence compiler warnings showing up with gcc-8.0.0 - bcache: properly set task state in bch_writeback_thread() - bcache: fix for allocator and register thread race - bcache: fix for data collapse after re-attaching an attached device - bcache: return attach error when no cache set exist - tools/libbpf: handle issues with bpf ELF objects containing .eh_frames - locking/qspinlock: Ensure node->count is updated before initialising node - irqchip/gic-v3: Change pr_debug message to pr_devel - scsi: ufs: Enable quirk to ignore sending
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
# uname -r 4.4.0-129-generic # fdisk -l /dev/nbd0 Disk /dev/nbd0: 1.1 TiB, 1181116006400 bytes, 2306867200 sectors [snip] ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed- xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
SRU request submitted: https://lists.ubuntu.com/archives/kernel-team/2018-May/092684.html ** Description changed: + == SRU Justification == + With the Xenial kernel, the bug reporter states there is an NBD size + overflow with image size exceeding 1TB. + + There's an issue in kernel's NBD module which prevents some larger images to be + correctly "connected" , largely described here: + https://github.com/NetworkBlockDevice/nbd/issues/44 + + This is a regression from Trusty and was fixed in mainline as of + v4.10-rc1. + + == Fix == + ef77b515243b ("nbd: use loff_t for blocksize and nbd_set_size args") + + == Regression Potential == + Medium. A backport was needed. However, it was due to some context + diffs and the way debugfs_create_u32 was used in Xenial and how + debugfs_create_u64 was used in the patch. + + == Test Case == + A test kernel was built with this patch and tested by the original bug reporter. + The bug reporter states the test kernel resolved the bug. + + + == Original Bug Report == Release 16.04, kernel 4.4.0-124-generic There's an issue in kernel's NBD module which prevents some larger images to be correctly "connected" , largely described here: https://github.com/NetworkBlockDevice/nbd/issues/44 There is a small patch here that was accepted into mainline 4.10: https://www.spinics.net/lists/linux-block/msg07060.html This is a regression from the previous LTS 3.13 kernel. Here is a small example of the faulty behaviour: # qemu-img create -f qcow2 test.img 1100G Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 lazy_refcounts=off refcount_bits=16 # qemu-nbd -c /dev/nbd0 test.img # blockdev --getsize64 /dev/nbd0 18446743055802302464 The correct response would be 1181116006400; this breaks most tools and makes the image unusable, e.g. # fdisk -l /dev/nbd0 fdisk: cannot open /dev/nbd0: Invalid argument - --- + --- AlsaDevices: - total 0 - crw-rw 1 root audio 116, 1 May 21 12:51 seq - crw-rw 1 root audio 116, 33 May 21 12:51 timer + total 0 + crw-rw 1 root audio 116, 1 May 21 12:51 seq + crw-rw 1 root audio 116, 33 May 21 12:51 timer AplayDevices: Error: [Errno 2] No such file or directory ApportVersion: 2.20.1-0ubuntu2.17 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: DistroRelease: Ubuntu 16.04 HibernationDevice: RESUME=/dev/mapper/VolGroup00-swap_1 IwConfig: Error: [Errno 2] No such file or directory MachineType: Supermicro SYS-1028R-WTR Package: linux (not installed) PciMultimedia: - + ProcEnviron: - LANGUAGE=en_AU: - TERM=xterm - PATH=(custom, no user) - LANG=en_AU - SHELL=/bin/bash + LANGUAGE=en_AU: + TERM=xterm + PATH=(custom, no user) + LANG=en_AU + SHELL=/bin/bash ProcFB: 0 VESA VGA ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-124-generic root=/dev/mapper/VolGroup00-root ro nomodeset elevator=noop consoleblank=0 net.ifnames=0 biosdevname=0 modprobe.blacklist=igb nosplash quiet ProcVersionSignature: Ubuntu 4.4.0-124.148-generic 4.4.117 RelatedPackageVersions: - linux-restricted-modules-4.4.0-124-generic N/A - linux-backports-modules-4.4.0-124-generic N/A - linux-firmware 1.157.18 + linux-restricted-modules-4.4.0-124-generic N/A + linux-backports-modules-4.4.0-124-generic N/A + linux-firmware 1.157.18 RfKill: Error: [Errno 2] No such file or directory Tags: xenial xenial Uname: Linux 4.4.0-124-generic x86_64 UnreportableReason: The report belongs to a package that is not installed. UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: - + _MarkForUpload: False dmi.bios.date: 02/08/2018 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 3.0a dmi.board.asset.tag: Default string dmi.board.name: X10DRW-i dmi.board.vendor: Supermicro dmi.board.version: 1.10 dmi.chassis.asset.tag: Default string dmi.chassis.type: 1 dmi.chassis.vendor: Supermicro dmi.chassis.version: 0123456789 dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3.0a:bd02/08/2018:svnSupermicro:pnSYS-1028R-WTR:pvr0123456789:rvnSupermicro:rnX10DRW-i:rvr1.10:cvnSupermicro:ct1:cvr0123456789: dmi.product.name: SYS-1028R-WTR dmi.product.version: 0123456789 dmi.sys.vendor: Supermicro -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
Thank you for your prompt attention! I can confirm your test kernel resolves this issue: # uname -v #154~lp1772575 SMP Tue May 22 16:06:05 UTC 2018 # blockdev --getsize64 /dev/nbd0 1181116006400 # fdisk -l /dev/nbd0 | head -1 Disk /dev/nbd0: 1.1 TiB, 1181116006400 bytes, 2306867200 sectors -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
I built a test kernel with commit ef77b515243b3499d62cf446eda6ca7e0a0b079c. The test kernel can be downloaded from: http://kernel.ubuntu.com/~jsalisbury/lp1772575 Can you test this kernel and see if it resolves this bug? Thanks in advance! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
** Changed in: linux (Ubuntu) Importance: Undecided => Medium ** Changed in: linux (Ubuntu) Status: Confirmed => Triaged ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress ** Changed in: linux (Ubuntu) Status: Triaged => Invalid ** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Joseph Salisbury (jsalisbury) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1772575] Re: Kernel 4.4 NBD size overflow with image size exceeding 1TB
apport information ** Tags added: apport-collected xenial ** Description changed: Release 16.04, kernel 4.4.0-124-generic There's an issue in kernel's NBD module which prevents some larger images to be correctly "connected" , largely described here: https://github.com/NetworkBlockDevice/nbd/issues/44 There is a small patch here that was accepted into mainline 4.10: https://www.spinics.net/lists/linux-block/msg07060.html This is a regression from the previous LTS 3.13 kernel. Here is a small example of the faulty behaviour: # qemu-img create -f qcow2 test.img 1100G Formatting 'test.img', fmt=qcow2 size=1181116006400 cluster_size=65536 lazy_refcounts=off refcount_bits=16 # qemu-nbd -c /dev/nbd0 test.img # blockdev --getsize64 /dev/nbd0 18446743055802302464 The correct response would be 1181116006400; this breaks most tools and makes the image unusable, e.g. # fdisk -l /dev/nbd0 fdisk: cannot open /dev/nbd0: Invalid argument + --- + AlsaDevices: + total 0 + crw-rw 1 root audio 116, 1 May 21 12:51 seq + crw-rw 1 root audio 116, 33 May 21 12:51 timer + AplayDevices: Error: [Errno 2] No such file or directory + ApportVersion: 2.20.1-0ubuntu2.17 + Architecture: amd64 + ArecordDevices: Error: [Errno 2] No such file or directory + AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: + DistroRelease: Ubuntu 16.04 + HibernationDevice: RESUME=/dev/mapper/VolGroup00-swap_1 + IwConfig: Error: [Errno 2] No such file or directory + MachineType: Supermicro SYS-1028R-WTR + Package: linux (not installed) + PciMultimedia: + + ProcEnviron: + LANGUAGE=en_AU: + TERM=xterm + PATH=(custom, no user) + LANG=en_AU + SHELL=/bin/bash + ProcFB: 0 VESA VGA + ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-124-generic root=/dev/mapper/VolGroup00-root ro nomodeset elevator=noop consoleblank=0 net.ifnames=0 biosdevname=0 modprobe.blacklist=igb nosplash quiet + ProcVersionSignature: Ubuntu 4.4.0-124.148-generic 4.4.117 + RelatedPackageVersions: + linux-restricted-modules-4.4.0-124-generic N/A + linux-backports-modules-4.4.0-124-generic N/A + linux-firmware 1.157.18 + RfKill: Error: [Errno 2] No such file or directory + Tags: xenial xenial + Uname: Linux 4.4.0-124-generic x86_64 + UnreportableReason: The report belongs to a package that is not installed. + UpgradeStatus: No upgrade log present (probably fresh install) + UserGroups: + + _MarkForUpload: False + dmi.bios.date: 02/08/2018 + dmi.bios.vendor: American Megatrends Inc. + dmi.bios.version: 3.0a + dmi.board.asset.tag: Default string + dmi.board.name: X10DRW-i + dmi.board.vendor: Supermicro + dmi.board.version: 1.10 + dmi.chassis.asset.tag: Default string + dmi.chassis.type: 1 + dmi.chassis.vendor: Supermicro + dmi.chassis.version: 0123456789 + dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr3.0a:bd02/08/2018:svnSupermicro:pnSYS-1028R-WTR:pvr0123456789:rvnSupermicro:rnX10DRW-i:rvr1.10:cvnSupermicro:ct1:cvr0123456789: + dmi.product.name: SYS-1028R-WTR + dmi.product.version: 0123456789 + dmi.sys.vendor: Supermicro ** Attachment added: "CRDA.txt" https://bugs.launchpad.net/bugs/1772575/+attachment/5142710/+files/CRDA.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1772575 Title: Kernel 4.4 NBD size overflow with image size exceeding 1TB To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1772575/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs