** Description changed: + SRU Justification: + ================== + + [Impact] + + * This SRU fixes a combination of multiple issues: + + * HW Compression needs to be enabled with Default-Compression-Level 6, + by adding CFLAGS attribute "-DDFLTCC_LEVEL_MASK=0x7e" during build of + zlib and gzip. (LP 1884514) + + * zlib DFLTCC compression level switching can corrupt data because + hardware and software compression states become desynchronized. (LP + 1893170) + + * Since zlib is not working on all s390x system configurations support + for switching between software and hardware compression is required + especially for Java. (LP 1882494) + + * zlib on s390x may produce incomplete raw streams (but not gzip/zlib). + (LP 1889059) + + [Test Case] + + * Since especially DFLTCC requires a s390x generation z15 or LinuxONE + III the tests need to be done by IBM. + + * IBM has a set of tests available, that exercise public zlib APIs by + calling them in different sequences with different buffer sizes and + flush modes. + + * Partially these come from the IBM z/OS team, who developed their own + zlib support for the hardware accelerator, and partially they are + developed by the IBM Linux team based on issues encountered during + development as well as fuzzing. + + * IBM also uses the zlib-ng test-suite as well as squash and stress-ng. + + * Compress data using zlib/DFLTCC with different compression level and + verify state and if data got corrupted or not. (LP 1893170) + + * Check whether hardware compression was enabled for Default- + Compression-Level 6 after adding CFLAGS attribute + "-DDFLTCC_LEVEL_MASK=0x7e" while building zlib and gzip or not. (LP + 1884514) + + * On a system with patched zlib package, switch between hardware and + software compression and use zlib via the java.util.zip package + (http://java.sun.com/developer/technicalArticles/Programming/compression/). + (LP 1882494) + + * On a z15 system with hardware acceleration compression (DFLTCC) + enabled, create a raw (negative windowBits value) stream with zlib. Then + check if EOBS is missing or truncated. (LP 1889059) + + [Regression Potential] + + * There is a certain risk for regressions with the modifications that + are introduced by the four LP bugs. + + * In case the package fails entirely, it will have (in worst case) an + impact on all zlib, gzip and DFLTCC compression/decompression functions, + that are very wide spread (gzip, tar cfz, everything with zlib) in Linux + and would virtually make the system unusable. + + * If potential issues are limited to hardware assisted compression + (which is more likely, since these patches are mostly about hw assisted + compression), then issues would be limited to systems that provide this + feature (latest s390x generation only). + + * A switch back to software got introduced (by setting DFLTCC=0 + environment variable) that will help to mitigate a potential negative + impact of the hw assisted compression. + + * Only the latest s390x generation (z15 and LinuxONE III) supports + hardware assisted DFLTCC and is potentially affected. + + * A patched test package was made available and got successfully tested + by IBM. All four bugs were finally considered as solved with zlib + (1:1.2.11.dfsg-2ubuntu2~ppa2) available here: + https://launchpad.net/~mwhudson/+archive/ubuntu/devirt/+packages?field.name_filter=zlib + + __________ + Description: zlib: DFLTCC compression level switching issues Symptom: Switching compression levels corrupts data Problem: Hardware and software compression states become desynchronized. Solution: Improve compression state synchronization. Since zlib project - does not accept patches at the moment, the fix has been - integrated into the DFLTCC pull request: - https://github.com/madler/zlib/pull/410 - The commitid is 992a7afc3edfa511dff0650d1c545b11bf64e655. + does not accept patches at the moment, the fix has been + integrated into the DFLTCC pull request: + https://github.com/madler/zlib/pull/410 + The commitid is 992a7afc3edfa511dff0650d1c545b11bf64e655. Reproduction: Not possible with popular command line tools. The issues were - discovered using example_call_fuzzer from: - https://github.com/iii-i/zlib-ng/tree/fuzz/test/fuzz/ + discovered using example_call_fuzzer from: + https://github.com/iii-i/zlib-ng/tree/fuzz/test/fuzz/ This needs also be applied against 20.04 !
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1893170 Title: [Ubuntu 20.10] zlib: DFLTCC compression level switching issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1893170/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
