Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled guest

Bug #2020319 reported by Chengen Du
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
In Progress
Undecided
Chengen Du
Bionic
New
Undecided
Unassigned
Focal
Fix Released
Medium
Chengen Du
Jammy
Fix Released
Medium
Chengen Du
linux-gcp (Ubuntu)
Invalid
Undecided
Unassigned
Bionic
New
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Jammy
Fix Released
Medium
Thadeu Lima de Souza Cascardo

Bug Description

[Impact]
When launching a SEV-enabled guest, the guest kernel panics with the following call trace,
indicating a critical error in the system.

==========
[ 1.090638] software IO TLB: Memory encryption is active and system is using DMA bounce buffers
[ 1.092105] Linux agpgart interface v0.103
[ 1.092716] BUG: unable to handle page fault for address: ffff9b820003d068
[ 1.093445] #PF: supervisor read access in kernel mode
[ 1.093966] #PF: error_code(0x0000) - not-present page
[ 1.094481] PGD 800100000067 P4D 800100000067 PUD 8001001d7067 PMD 8001001da067 PTE 80000000fed40173
[ 1.094629] Oops: 0000 [#1] SMP NOPTI
[ 1.094629] CPU: 1 PID: 1 Comm: swapper/0 Not tainted 5.15.0-46-generic #49-Ubuntu
[ 1.094629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 0.0.0 02/06/2015
[ 1.094629] RIP: 0010:memcpy_fromio+0x27/0x50
[ 1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66
[ 1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212
[ 1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 0000000000000002
[ 1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: ffff9b820001ba90
[ 1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 0000000000000f80
[ 1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: ffff8cc7068eca48
[ 1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 00000000fed40080
[ 1.094629] FS: 0000000000000000(0000) GS:ffff8cc77bd00000(0000) knlGS:0000000000000000
[ 1.094629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 0000000000350ee0
[ 1.094629] Call Trace:
[ 1.094629] <TASK>
[ 1.094629] crb_map_io+0x315/0x870
[ 1.094629] ? radix_tree_iter_tag_clear+0x12/0x20
[ 1.094629] ? _raw_spin_unlock_irqrestore+0xe/0x30
[ 1.094629] crb_acpi_add+0xc2/0x140
[ 1.094629] acpi_device_probe+0x4c/0x170
[ 1.094629] really_probe+0x222/0x420
[ 1.094629] __driver_probe_device+0x119/0x190
[ 1.094629] driver_probe_device+0x23/0xc0
[ 1.094629] __driver_attach+0xbd/0x1e0
[ 1.094629] ? __device_attach_driver+0x120/0x120
[ 1.094629] bus_for_each_dev+0x7e/0xd0
[ 1.094629] driver_attach+0x1e/0x30
[ 1.094629] bus_add_driver+0x139/0x200
[ 1.094629] driver_register+0x95/0x100
[ 1.094629] ? init_tis+0xfd/0xfd
[ 1.094629] acpi_bus_register_driver+0x39/0x50
[ 1.094629] crb_acpi_driver_init+0x15/0x1b
[ 1.094629] do_one_initcall+0x48/0x1e0
[ 1.094629] do_initcalls+0x12f/0x159
[ 1.094629] kernel_init_freeable+0x162/0x1b5
[ 1.094629] ? rest_init+0x100/0x100
[ 1.094629] kernel_init+0x1b/0x150
[ 1.094629] ? rest_init+0x100/0x100
[ 1.094629] ret_from_fork+0x22/0x30
[ 1.094629] </TASK>
[ 1.094629] Modules linked in:
[ 1.094629] CR2: ffff9b820003d068
[ 1.094629] ---[ end trace 3d6d81c42a3c2030 ]---
[ 1.094629] RIP: 0010:memcpy_fromio+0x27/0x50
[ 1.094629] Code: cc cc cc 0f 1f 44 00 00 55 48 89 e5 48 85 d2 74 28 40 f6 c6 01 75 30 48 83 fa 01 76 06 40 f6 c6 02 75 1c 48 89 d1 48 c1 e9 02 <f3> a5 f6 c2 02 74 02 66 a5 f6 c2 01 74 01 a4 5d e9 14 b3 97 00 66
[ 1.094629] RSP: 0018:ffff9b820001ba50 EFLAGS: 00010212
[ 1.094629] RAX: ffff9b820003d040 RBX: ffff9b820001bac0 RCX: 0000000000000002
[ 1.094629] RDX: 0000000000000008 RSI: ffff9b820003d068 RDI: ffff9b820001ba90
[ 1.094629] RBP: ffff9b820001ba50 R08: 0000000000000f80 R09: 0000000000000f80
[ 1.094629] R10: 00000000fed40080 R11: ffff9b820001bac0 R12: ffff8cc7068eca48
[ 1.094629] R13: ffff8cc700a64288 R14: 0000000000000000 R15: 00000000fed40080
[ 1.094629] FS: 0000000000000000(0000) GS:ffff8cc77bd00000(0000) knlGS:0000000000000000
[ 1.094629] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1.094629] CR2: ffff9b820003d068 CR3: 0000800174a10000 CR4: 0000000000350ee0
[ 1.094629] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009
[ 1.094629] Kernel Offset: 0x200000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[ 1.094629] ---[ end Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009 ]---
==========

[Fix]
The issue arises when launching kernels in libvirt-managed SEV virtual machines due to the addition of a tpm-crb device by virt-install.
Upstream commit 4009a4ac82dd has fixed this issue.
==========
Author: Joerg Roedel <email address hidden>
Date: Mon Mar 21 10:33:51 2022 +0100

x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO

The io-specific memcpy/memset functions use string mmio accesses to do
their work. Under SEV, the hypervisor can't emulate these instructions
because they read/write directly from/to encrypted memory.
==========

[Test Plan]
1. Use virt-install to create a SEV-enabled guest
virt-install --name sev_guest --memory 16384 --vcpus 16 --boot uefi --disk /root/focal-server-cloudimg-amd64.img,device=disk,bus=scsi --os-variant ubuntu20.04 --import --controller type=scsi,model=virtio-scsi,driver.iommu=on --controller type=virtio-serial,driver.iommu=on --network default --memballoon driver.iommu=on --graphics none --launchSecurity sev --noautoconsole
2. Poweron the guest and kernel panic occurred.

[Where problems could occur]
SEV doesn't support string I/O, so the patch unrolls the string I/O operation into a loop operating on one element at a time.
The affected range is limited to virtual machines and specific platforms that support SEV (i.e., AMD Epyc) and have SEV-ES not enabled.

Chengen Du (chengendu)
Changed in linux (Ubuntu):
assignee: nobody → ChengEn, Du (chengendu)
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 2020319

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Chengen Du (chengendu)
Changed in linux (Ubuntu Focal):
status: New → In Progress
Changed in linux (Ubuntu Jammy):
status: New → In Progress
Changed in linux (Ubuntu Focal):
assignee: nobody → ChengEn, Du (chengendu)
Changed in linux (Ubuntu Jammy):
assignee: nobody → ChengEn, Du (chengendu)
Chengen Du (chengendu)
Changed in linux (Ubuntu):
status: Incomplete → In Progress
Stefan Bader (smb)
Changed in linux (Ubuntu Jammy):
importance: Undecided → Medium
Changed in linux (Ubuntu Focal):
importance: Undecided → Medium
Changed in linux (Ubuntu Jammy):
status: In Progress → Fix Committed
Stefan Bader (smb)
Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/5.15.0-77.84 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux verification-needed-jammy
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux/5.4.0-154.171 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux verification-needed-focal
Revision history for this message
Fabio Augusto Miranda Martins (fabio.martins) wrote :

I've verified a Jammy guest as follows:

1. Reproduced the problem with kernel 5.15.0-75-generic:

https://pastebin.ubuntu.com/p/844W5SzjR8/

2. As a workaround removed:

  <launchSecurity type="sev">
    <policy>0x0003</policy>
  </launchSecurity>

3. Installed kernel from -proposed:

root@ubuntu:~# apt-cache policy linux-image-virtual linux-virtual
linux-image-virtual:
  Installed: 5.15.0.77.75
  Candidate: 5.15.0.77.75
  Version table:
 *** 5.15.0.77.75 500
        500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     5.15.0.75.73 500
        500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
     5.15.0.25.27 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
linux-virtual:
  Installed: 5.15.0.77.75
  Candidate: 5.15.0.77.75
  Version table:
 *** 5.15.0.77.75 500
        500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     5.15.0.75.73 500
        500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
     5.15.0.25.27 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages

4. Added back:

  <launchSecurity type="sev">
    <policy>0x0003</policy>
  </launchSecurity>

5. Instance booted fine:

ubuntu@ubuntu:~$ uname -a
Linux ubuntu 5.15.0-77-generic #84-Ubuntu SMP Fri Jun 16 16:16:44 UTC 2023 x86_6
4 x86_64 x86_64 GNU/Linux
ubuntu@ubuntu:~$ sudo dmesg | grep -i sev
[ 0.217323] AMD Memory Encryption Features active: SEV
[ 5.296555] SVM: KVM is unsupported when running as an SEV guest

6. Full dmesg: https://paste.ubuntu.com/p/5MDcKbVzPv/

Revision history for this message
Fabio Augusto Miranda Martins (fabio.martins) wrote :

Verified a Focal guest as follows:

1. Reproduced the problem with kernel 5.4.0-152-generic:

https://pastebin.ubuntu.com/p/Cgj6j4Prbc/

2. As a workaround removed:

  <launchSecurity type="sev">
    <policy>0x0003</policy>
  </launchSecurity>

3. Installed kernel from -proposed:

root@ubuntu:~# apt-cache policy linux-image-virtual linux-virtual
linux-image-virtual:
  Installed: 5.4.0.154.151
  Candidate: 5.4.0.154.151
  Version table:
 *** 5.4.0.154.151 500
        500 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     5.4.0.152.149 500
        500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
     5.4.0.26.32 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
linux-virtual:
  Installed: 5.4.0.154.151
  Candidate: 5.4.0.154.151
  Version table:
 *** 5.4.0.154.151 500
        500 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     5.4.0.152.149 500
        500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages
     5.4.0.26.32 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages

4. Added back:

  <launchSecurity type="sev">
    <policy>0x0003</policy>
  </launchSecurity>

5. Instance booted fine:

ubuntu@ubuntu:~$ uname -a
Linux ubuntu 5.4.0-154-generic #171-Ubuntu SMP Fri Jun 16 16:29:04 UTC 2023 x86_
64 x86_64 x86_64 GNU/Linux
ubuntu@ubuntu:~$ sudo dmesg | grep -i sev
[ 0.172491] AMD Secure Encrypted Virtualization (SEV) active
[ 5.318658] SVM: KVM is unsupported when running as an SEV guest

6. Full dmesg: https://paste.ubuntu.com/p/dP4Zp8pKfm/

tags: added: verification-done verification-done-focal verification-done-jammy
removed: verification-needed-focal verification-needed-jammy
Changed in linux-gcp (Ubuntu):
status: New → Invalid
Changed in linux-gcp (Ubuntu Jammy):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Thadeu Lima de Souza Cascardo (cascardo)
Changed in linux-gcp (Ubuntu Jammy):
status: In Progress → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-nvidia-tegra-igx/5.15.0-1002.2 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-nvidia-tegra-igx verification-needed-jammy
removed: verification-done verification-done-jammy
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-nvidia-tegra-5.15/5.15.0-1016.16~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-nvidia-tegra-5.15 verification-needed-focal
removed: verification-done-focal
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-nvidia-tegra/5.15.0-1016.16 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy' to 'verification-done-jammy'. If the problem still exists, change the tag 'verification-needed-jammy' to 'verification-failed-jammy'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-nvidia-tegra
Chengen Du (chengendu)
tags: added: verification-done-focal verification-done-jammy
removed: verification-needed-focal verification-needed-jammy
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (21.8 KiB)

This bug was fixed in the package linux - 5.4.0-156.173

---------------
linux (5.4.0-156.173) focal; urgency=medium

  * focal/linux: 5.4.0-156.173 -proposed tracker (LP: #2026585)

  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE

  * Focal update: v5.4.241 upstream stable release (LP: #2023930)
    - scsi: ses: Handle enclosure with just a primary component gracefully
    - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    - treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
    - smb3: fix problem with null cifs super block with previous patch
    - pinctrl: amd: Use irqchip template
    - pinctrl: amd: disable and mask interrupts on probe
    - pinctrl: amd: Disable and mask interrupts on resume
    - pwm: cros-ec: Explicitly set .polarity in .get_state()
    - pwm: sprd: Explicitly set .polarity in .get_state()
    - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
      sta
    - icmp: guard against too small mtu
    - net: don't let netpoll invoke NAPI if in xmit context
    - sctp: check send stream number after wait_for_sndbuf
    - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    - gpio: davinci: Add irq chip flag to skip set wake
    - sunrpc: only free unix grouplist after RCU settles
    - NFSD: callback request does not use correct credential for AUTH_SYS
    - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    - usb: typec: altmodes/displayport: Fix configure initial pin assignment
    - USB: serial: option: add Telit FE990 compositions
    - USB: serial: option: add Quectel RM500U-CN modem
    - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    - tty: serial: sh-sci: Fix transmit end interrupt handler
    - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    - tty: serial: fsl_lpuart: avoid checking for transfer complete when
      UARTCTRL_SBK is asserted in lpuart32_tx_empty
    - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    - nilfs2: fix sysfs interface lifetime
    - ALSA: hda/realtek: Add quirk for Clevo X370SNW
    - perf/core: Fix the same task check in perf_event_set_output
    - ftrace: Mark get_lock_parent_ip() __always_inline
    - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    - tracing: Free error logs of tracing instances
    - net_sched: prevent NULL dereference if default qdisc setup failed
    - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    - ring-buffer: Fix race while reader and writer are on the same page
    - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    - irqdomain: Look for existing mapping only once
    - irqdomain: Refactor __irq_domain_alloc_irqs()
    - irqdomain: Fix mapping-creation race
    - Revert "pinctrl: amd: Disable and mask interrupts on resume"
    - ALSA: emu10k1: fix capture interrupt handler unlinking
    - ALSA: hd...

Changed in linux (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (21.9 KiB)

This bug was fixed in the package linux-gcp - 5.4.0-1110.119

---------------
linux-gcp (5.4.0-1110.119) focal; urgency=medium

  * focal/linux-gcp: 5.4.0-1110.119 -proposed tracker (LP: #2026563)

  [ Ubuntu: 5.4.0-156.173 ]

  * focal/linux: 5.4.0-156.173 -proposed tracker (LP: #2026585)
  * CVE-2023-3390
    - netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
  * Focal update: v5.4.241 upstream stable release (LP: #2023930)
    - scsi: ses: Handle enclosure with just a primary component gracefully
    - x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot
    - cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach()
    - treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()
    - smb3: fix problem with null cifs super block with previous patch
    - pinctrl: amd: Use irqchip template
    - pinctrl: amd: disable and mask interrupts on probe
    - pinctrl: amd: Disable and mask interrupts on resume
    - pwm: cros-ec: Explicitly set .polarity in .get_state()
    - pwm: sprd: Explicitly set .polarity in .get_state()
    - wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded
      sta
    - icmp: guard against too small mtu
    - net: don't let netpoll invoke NAPI if in xmit context
    - sctp: check send stream number after wait_for_sndbuf
    - ipv6: Fix an uninit variable access bug in __ip6_make_skb()
    - gpio: davinci: Add irq chip flag to skip set wake
    - sunrpc: only free unix grouplist after RCU settles
    - NFSD: callback request does not use correct credential for AUTH_SYS
    - xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu
    - USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs
    - usb: typec: altmodes/displayport: Fix configure initial pin assignment
    - USB: serial: option: add Telit FE990 compositions
    - USB: serial: option: add Quectel RM500U-CN modem
    - iio: adc: ti-ads7950: Set `can_sleep` flag for GPIO chip
    - iio: dac: cio-dac: Fix max DAC write value check for 12-bit
    - tty: serial: sh-sci: Fix transmit end interrupt handler
    - tty: serial: sh-sci: Fix Rx on RZ/G2L SCI
    - tty: serial: fsl_lpuart: avoid checking for transfer complete when
      UARTCTRL_SBK is asserted in lpuart32_tx_empty
    - nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()
    - nilfs2: fix sysfs interface lifetime
    - ALSA: hda/realtek: Add quirk for Clevo X370SNW
    - perf/core: Fix the same task check in perf_event_set_output
    - ftrace: Mark get_lock_parent_ip() __always_inline
    - can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access
    - tracing: Free error logs of tracing instances
    - net_sched: prevent NULL dereference if default qdisc setup failed
    - drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path
    - ring-buffer: Fix race while reader and writer are on the same page
    - mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()
    - irqdomain: Look for existing mapping only once
    - irqdomain: Refactor __irq_domain_alloc_irqs()
    - irqdomain: Fix mapping-creation race
    - Revert "pinctrl: amd: Disable...

Changed in linux-gcp (Ubuntu Focal):
status: New → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (83.7 KiB)

This bug was fixed in the package linux - 5.15.0-79.86

---------------
linux (5.15.0-79.86) jammy; urgency=medium

  * jammy/linux: 5.15.0-79.86 -proposed tracker (LP: #2026531)

  * Jammy update: v5.15.111 upstream stable release (LP: #2025095)
    - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
    - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
    - selftests mount: Fix mount_setattr_test builds failed
    - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    - x86/cpu: Add model number for Intel Arrow Lake processor
    - wireguard: timers: cast enum limits members to int in prints
    - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
    - arm64: Always load shadow stack pointer directly from the task struct
    - arm64: Stash shadow stack pointer in the task struct on interrupt
    - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
    - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
    - IMA: allow/fix UML builds
    - USB: dwc3: fix runtime pm imbalance on probe errors
    - USB: dwc3: fix runtime pm imbalance on unbind
    - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
    - hwmon: (adt7475) Use device_property APIs when configuring polarity
    - posix-cpu-timers: Implement the missing timer_wait_running callback
    - blk-mq: release crypto keyslot before reporting I/O complete
    - blk-crypto: make blk_crypto_evict_key() return void
    - blk-crypto: make blk_crypto_evict_key() more robust
    - ext4: use ext4_journal_start/stop for fast commit transactions
    - staging: iio: resolver: ads1210: fix config mode
    - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
    - xhci: fix debugfs register accesses while suspended
    - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
    - MIPS: fw: Allow firmware to pass a empty env
    - ipmi:ssif: Add send_retries increment
    - ipmi: fix SSIF not responding under certain cond.
    - kheaders: Use array declaration instead of char
    - wifi: mt76: add missing locking to protect against concurrent rx/status
      calls
    - pwm: meson: Fix axg ao mux parents
    - pwm: meson: Fix g12a ao clk81 name
    - soundwire: qcom: correct setting ignore bit on v1.5.1
    - pinctrl: qcom: lpass-lpi: set output value before enabling output
    - ring-buffer: Sync IRQ works before buffer destruction
    - crypto: api - Demote BUG_ON() in crypto_unregister_alg() to a WARN_ON()
    - crypto: safexcel - Cleanup ring IRQ workqueues on load failure
    - rcu: Avoid stack overflow due to __rcu_irq_enter_check_tick() being kprobe-
      ed
    - reiserfs: Add security prefix to xattr name in reiserfs_security_write()
    - KVM: nVMX: Emulate NOPs in L2, and PAUSE if it's not intercepted
    - relayfs: fix out-of-bounds access in relay_file_read
    - writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs
 ...

Changed in linux (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (84.4 KiB)

This bug was fixed in the package linux-gcp - 5.15.0-1039.47

---------------
linux-gcp (5.15.0-1039.47) jammy; urgency=medium

  * jammy/linux-gcp: 5.15.0-1039.47 -proposed tracker (LP: #2026499)

  * Encountering an issue with memcpy_fromio causing failed boot of SEV-enabled
    guest (LP: #2020319)
    - Revert "x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO"
    - x86/sev: Unroll string mmio with CC_ATTR_GUEST_UNROLL_STRING_IO

  * Jammy update: v5.15.107 upstream stable release (LP: #2023320)
    - [Config] updateconfigs for ns module merger
    - [Config] updateconfigs for Intel skl_int3472 driver split

  * Jammy update: v5.15.105 upstream stable release (LP: #2023230)
    - [Config] updateconfigs for SERIAL_8250_ASPEED_VUART

  * Use new annotations model (LP: #2019000)
    - [Config]: Derive config from primary kernel

  [ Ubuntu: 5.15.0-79.86 ]

  * jammy/linux: 5.15.0-79.86 -proposed tracker (LP: #2026531)
  * Jammy update: v5.15.111 upstream stable release (LP: #2025095)
    - ASOC: Intel: sof_sdw: add quirk for Intel 'Rooks County' NUC M15
    - ASoC: soc-pcm: fix hw->formats cleared by soc_pcm_hw_init() for dpcm
    - x86/hyperv: Block root partition functionality in a Confidential VM
    - iio: adc: palmas_gpadc: fix NULL dereference on rmmod
    - ASoC: Intel: bytcr_rt5640: Add quirk for the Acer Iconia One 7 B1-750
    - selftests mount: Fix mount_setattr_test builds failed
    - asm-generic/io.h: suppress endianness warnings for readq() and writeq()
    - x86/cpu: Add model number for Intel Arrow Lake processor
    - wireguard: timers: cast enum limits members to int in prints
    - wifi: mt76: mt7921e: Set memory space enable in PCI_COMMAND if unset
    - arm64: Always load shadow stack pointer directly from the task struct
    - arm64: Stash shadow stack pointer in the task struct on interrupt
    - PCI: pciehp: Fix AB-BA deadlock between reset_lock and device_lock
    - PCI: qcom: Fix the incorrect register usage in v2.7.0 config
    - IMA: allow/fix UML builds
    - USB: dwc3: fix runtime pm imbalance on probe errors
    - USB: dwc3: fix runtime pm imbalance on unbind
    - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write
    - hwmon: (adt7475) Use device_property APIs when configuring polarity
    - posix-cpu-timers: Implement the missing timer_wait_running callback
    - blk-mq: release crypto keyslot before reporting I/O complete
    - blk-crypto: make blk_crypto_evict_key() return void
    - blk-crypto: make blk_crypto_evict_key() more robust
    - ext4: use ext4_journal_start/stop for fast commit transactions
    - staging: iio: resolver: ads1210: fix config mode
    - tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH
    - xhci: fix debugfs register accesses while suspended
    - tick/nohz: Fix cpu_is_hotpluggable() by checking with nohz subsystem
    - MIPS: fw: Allow firmware to pass a empty env
    - ipmi:ssif: Add send_retries increment
    - ipmi: fix SSIF not responding under certain cond.
    - kheaders: Use array declaration instead of char
    - wifi: mt76: add missing locking to protect against concurrent rx/status
      calls
    - pwm: meson: Fix axg ao ...

Changed in linux-gcp (Ubuntu Jammy):
status: Fix Committed → Fix Released
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-ibm/5.4.0-1055.60 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-ibm' to 'verification-done-focal-linux-ibm'. If the problem still exists, change the tag 'verification-needed-focal-linux-ibm' to 'verification-failed-focal-linux-ibm'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-ibm-v2 verification-needed-focal-linux-ibm
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-azure/5.4.0-1114.120 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-azure' to 'verification-done-focal-linux-azure'. If the problem still exists, change the tag 'verification-needed-focal-linux-azure' to 'verification-failed-focal-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-azure-v2 verification-needed-focal-linux-azure
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-aws/5.15.0-1044.49 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-aws' to 'verification-done-jammy-linux-aws'. If the problem still exists, change the tag 'verification-needed-jammy-linux-aws' to 'verification-failed-jammy-linux-aws'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-aws-v2 verification-needed-jammy-linux-aws
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-bluefield/5.4.0-1069.75 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-bluefield' to 'verification-done-focal-linux-bluefield'. If the problem still exists, change the tag 'verification-needed-focal-linux-bluefield' to 'verification-failed-focal-linux-bluefield'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-bluefield-v2 verification-needed-focal-linux-bluefield
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-azure/5.15.0-1046.53 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-azure' to 'verification-done-jammy-linux-azure'. If the problem still exists, change the tag 'verification-needed-jammy-linux-azure' to 'verification-failed-jammy-linux-azure'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-azure-v2 verification-needed-jammy-linux-azure
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-aws-5.15/5.15.0-1046.51~20.04.1 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal-linux-aws-5.15' to 'verification-done-focal-linux-aws-5.15'. If the problem still exists, change the tag 'verification-needed-focal-linux-aws-5.15' to 'verification-failed-focal-linux-aws-5.15'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-focal-linux-aws-5.15-v2 verification-needed-focal-linux-aws-5.15
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the linux-xilinx-zynqmp/5.15.0-1024.28 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-jammy-linux-xilinx-zynqmp' to 'verification-done-jammy-linux-xilinx-zynqmp'. If the problem still exists, change the tag 'verification-needed-jammy-linux-xilinx-zynqmp' to 'verification-failed-jammy-linux-xilinx-zynqmp'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: kernel-spammed-jammy-linux-xilinx-zynqmp-v2 verification-needed-jammy-linux-xilinx-zynqmp
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.