CONFIG_IPMI_SI_PROBE_DEFAULTS should be disabled on ARM
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
dann frazier | ||
Trusty |
Fix Released
|
High
|
dann frazier | ||
Utopic |
Fix Released
|
High
|
dann frazier | ||
Vivid |
Fix Released
|
High
|
dann frazier |
Bug Description
[Impact]
Causes fault which can lead to a hang or crash on ARM systems when loading the ipmi_si module.
The ipmi_si driver includes code that probes into iospace for a KCS interface. This is to support platforms that don't expose this interface in SMBIOS/ACPI tables, and this is a defined discovery mechanism as per the IPMI Spec (v2.0r1, section 9.5). However, this assumption is x86-centric. It is not safe to blindly probe I/O space on ARM platforms.
[Test Case]
sudo modprobe ipmi_si
This should discover an IPMI system interface if present, or fail to load otherwise. But it should not cause a hang, a synchronous external abort, or other kernel failure.
[Regression Risk]
The proposed fix is only to the ARM config, so the risk to other architectures is negligible. There is a risk that there exists some system out there where this probing works - but I'm highly confident no such system exists. Existing ARM systems supported by Ubuntu either describe their IPMI/KCS interface using device-tree or do not provide one.
CVE References
Changed in linux (Ubuntu Utopic): | |
status: | New → In Progress |
Changed in linux (Ubuntu Trusty): | |
status: | New → In Progress |
Changed in linux (Ubuntu Utopic): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Trusty): | |
importance: | Undecided → High |
Changed in linux (Ubuntu Utopic): | |
assignee: | nobody → dann frazier (dannf) |
Changed in linux (Ubuntu Trusty): | |
assignee: | nobody → dann frazier (dannf) |
Changed in linux (Ubuntu Vivid): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Utopic): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Vivid): | |
status: | Fix Committed → Fix Released |
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification- needed- trusty' to 'verification- done-trusty' .
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/ /wiki.ubuntu. com/Testing/ EnableProposed for documentation how to enable and use -proposed. Thank you!