Kernel crash due to Bluefield pka TRNG ioctl call
Bug #2001564 reported by
Shih-Yi Chen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-bluefield (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Shih-Yi Chen | ||
Jammy |
Fix Committed
|
Medium
|
Shih-Yi Chen |
Bug Description
SRU Justification
[Impact]
Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors.
Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000ffffce65d328
BF3 on Ubuntu 22.04, OpenSSl 3.0.2
[Fix]
* Change RNG ioctl kernel handler code to copy data from user to kernel space.
[Test Case]
openssl rand -engine pka 512
CVE References
description: | updated |
Changed in linux-bluefield (Ubuntu Focal): | |
assignee: | nobody → Shih-Yi Chen (shihyic) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-bluefield (Ubuntu Jammy): | |
assignee: | nobody → Shih-Yi Chen (shihyic) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-bluefield (Ubuntu): | |
status: | New → Invalid |
Changed in linux-bluefield (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
Changed in linux-bluefield (Ubuntu Jammy): | |
status: | In Progress → Fix Committed |
tags: |
added: verification-done-focal removed: verification-needed-focal |
tags: | added: verification-done-jammy |
To post a comment you must log in.
This bug is awaiting verification that the linux-bluefield /5.4.0- 1057.63 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- focal' to 'verification- done-focal' . If the problem still exists, change the tag 'verification- needed- focal' to 'verification- failed- focal'.
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!