[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
This bug was fixed in the package linux-bluefield - 5.4.0-1058.64
---
linux-bluefield (5.4.0-1058.64) focal; urgency=medium
* focal/linux-bluefield: 5.4.0-1058.64 -proposed tracker (LP:
#2006592)
* nft_lookup crash when running DDOS attack (LP: #2006397)
- netfilter: nf_tables: constify nft_reg_load{8, 16, 64}()
- netfilter: nft_set_bitmap: initialize set element extension in lookups
- netfilter: nf_tables: do not update stateful expressions if lookup is
inverted
linux-bluefield (5.4.0-1057.63) focal; urgency=medium
* focal/linux-bluefield: 5.4.0-1057.63 -proposed tracker (LP:
#2003464)
* Focal update: v5.4.221 upstream stable release (LP: #1997993)
- [Config] bluefield: Enable ARM64_ERRATUM_1742098 config on arm64
* mlxbf-pmc counters not functional for llt_miss block (LP: #2004235)
- SAUCE: mlxbf-pmc: Bug fix for BlueField-3 counter offsets
* Add support for CT accounting stats (LP: #1998938)
- netfilter: conntrack: export nf_ct_acct_update()
- netfilter: flowtable: add counter support
- net/sched: act_ct: update nf_conn_acct for act_ct SW offload in flowtable
- net/sched: act_ct: enable stats for HW offloaded entries
* allow per-net notifier to follow netdev into namespace (LP: #2002361)
- net: push loops and nb calls into helper functions
- net: introduce per-netns netdevice notifiers
- net: push code from net notifier reg/unreg into helpers
- net: introduce dev_net notifier register/unregister variants
* mlxbf-pmc support for BlueField-3 (LP: #2002501)
- SAUCE: mlxbf-pmc: Support for BlueField-3 performance counters
* Kernel crash due to Bluefield pka TRNG ioctl call (LP: #2001564)
- SAUCE: mlxbf-pka: Fix kernel crash with pka TRNG ioctl call
* mlxbf-pmc: Fix event string typo (LP: #1998863)
- SAUCE: mlxbf-pmc: Fix event string typo
[ Ubuntu: 5.4.0-139.156 ]
* focal/linux: 5.4.0-139.156 -proposed tracker (LP: #2003486)
* Revoke & rotate to new signing key (LP: #2002812)
- [Packaging] Revoke and rotate to new signing key
[ Ubuntu: 5.4.0-138.155 ]
* focal/linux: 5.4.0-138.155 -proposed tracker (LP: #2001845)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
* Focal update: v5.4.224 upstream stable release (LP: #1999273)
- RDMA/cma: Use output interface for net_dev check
- IB/hfi1: Correctly move list in sc_disable()
- NFSv4.1: Handle RECLAIM_COMPLETE trunking errors
- NFSv4.1: We must always send RECLAIM_COMPLETE after a reboot
- nfs4: Fix kmemleak when allocate slot failed
- net: dsa: Fix possible memory leaks in dsa_loop_init()
- RDMA/core: Fix null-ptr-deref in ib_core_cleanup()
- RDMA/qedr: clean up work queue on failure in qedr_alloc_resources()
- nfc: s3fwrn5: Fix potential memory leak in s3fwrn5_nci_send()
- nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()
- net: fec: fix improper use of NETDEV_TX_BUSY
- ata: pata_legacy: fix pdc20230_set_piomode()
- net: sched: Fix use after free in red_enqueue()
- net: tun: fix bugs for oversize packet when napi frags enabled
- netfilter: nf_tables: release flow rule object from commit path
- ipvs: use explicitly signed chars
- ipvs: fix WARNING in __ip_vs_cleanup_batch()
- ipvs: fix WARNING in ip_vs_app_net_cleanup()
- rose: Fix NULL pointer dereference in rose_send_frame()
- mISDN: fix possible memory leak in mISDN_register_device()
- isdn: mISDN: netjet: fix wrong check of device registration
- btrfs: fix inode list leak during backref walking at
resolve_indirect_refs()
- btrfs: fix inode list leak during backref walking at find_parent_nodes()
- btrfs: fix ulist leaks in error paths of qgroup self tests
- Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()
- net: mdio: fix undefined behavior in bit shift for __mdiobus_register
- net, neigh: Fix null-ptr-deref in neigh_table_clear()
- ipv6: fix WARNING in ip6_route_net_exit_late()
- media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE
- media: cros-ec-cec: limit msg.len to CEC_MAX_MSG_SIZE
- media: dvb-frontends/drxk: initialize err to 0
- media: meson: vdec: fix possible refcount leak in vdec_probe()
- scsi: core: Restrict legal sdev_state transitions via sysfs
- HID: saitek: add madcatz variant of MMO7 mouse device ID
- i2c: xiic: Add platform module alias
- xfs: don't fail verifier on empty attr3 leaf block
- xfs: use ordered buffers to initialize dquot buffers during quotacheck
- xfs: gut error handling in xfs_trans_unreserve_and_mod_sb()
- xfs: group quota should return EDQUOT when prj quota enabled
- xfs: don't fail unwritten extent conversion on writeback due to edquot
- xfs: Add the missed xfs_perag_put() for xfs_ifree_cluster()
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory
- block, bfq: protect 'bfqd->queued' by 'bfqd->lock'
- bind
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
** Tags added: verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: Fix Committed Status in linux-bluefield source package in Jammy: Fix Committed Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: Fix Committed Status in linux-bluefield source package in Jammy: Fix Committed Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
This bug is awaiting verification that the linux-bluefield/5.4.0-1057.63 kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: kernel-spammed-focal-linux-bluefield verification-needed-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: Fix Committed Status in linux-bluefield source package in Jammy: Fix Committed Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
** Changed in: linux-bluefield (Ubuntu Focal) Status: In Progress => Fix Committed ** Changed in: linux-bluefield (Ubuntu Jammy) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: Fix Committed Status in linux-bluefield source package in Jammy: Fix Committed Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
** Also affects: linux-bluefield (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: linux-bluefield (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: linux-bluefield (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: linux-bluefield (Ubuntu Focal) Status: New => In Progress ** Changed in: linux-bluefield (Ubuntu Focal) Assignee: (unassigned) => Shih-Yi Chen (shihyic) ** Changed in: linux-bluefield (Ubuntu Jammy) Importance: Undecided => Medium ** Changed in: linux-bluefield (Ubuntu Jammy) Status: New => In Progress ** Changed in: linux-bluefield (Ubuntu Jammy) Assignee: (unassigned) => Shih-Yi Chen (shihyic) ** Changed in: linux-bluefield (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: Invalid Status in linux-bluefield source package in Focal: In Progress Status in linux-bluefield source package in Jammy: In Progress Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2001564] Re: Kernel crash due to Bluefield pka TRNG ioctl call
** Description changed: - Reproducible with TLS/HTTPS client initiates TLS handshake on BF3 with - Ubuntu 22.04, OpenSSL 3.0.2. + SRU Justification - wget https://google.com + [Impact] + Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. - kernel will crash with the following logs. + Unable to handle kernel access to user memory outside uaccess routines + at virtual address ce65d328 - [ 1126.234077] Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 - [ 1126.255579] Mem abort info: - [ 1126.261186] ESR = 0x960f - [ 1126.267319] EC = 0x25: DABT (current EL), IL = 32 bits - [ 1126.277968] SET = 0, FnV = 0 - [ 1126.284081] EA = 0, S1PTW = 0 - [ 1126.290367] FSC = 0x0f: level 3 permission fault - [ 1126.299964] Data abort info: - [ 1126.305727] ISV = 0, ISS = 0x000f - [ 1126.313411] CM = 0, WnR = 0 - [ 1126.319349] user pgtable: 4k pages, 48-bit VAs, pgdp=000154bf1000 - [ 1126.332259] [ce65d328] pgd=08011927a003, p4d=08011927a003, pud=080103a97003, pmd=080156cba003, pte=00e8000115a3ff43 - [ 1126.357360] Internal error: Oops: 960f [#1] PREEMPT SMP + BF3 on Ubuntu 22.04, OpenSSl 3.0.2 + + [Fix] + * Change RNG ioctl kernel handler code to copy data from user to kernel space. + + [Test Case] + openssl rand -engine pka 512 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-bluefield in Ubuntu. https://bugs.launchpad.net/bugs/2001564 Title: Kernel crash due to Bluefield pka TRNG ioctl call Status in linux-bluefield package in Ubuntu: New Bug description: SRU Justification [Impact] Bluefield 3 on Ubuntu 22.04 and OpenSSL 3.0.2, encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors. Unable to handle kernel access to user memory outside uaccess routines at virtual address ce65d328 BF3 on Ubuntu 22.04, OpenSSl 3.0.2 [Fix] * Change RNG ioctl kernel handler code to copy data from user to kernel space. [Test Case] openssl rand -engine pka 512 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2001564/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
