[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
** Changed in: linux (Ubuntu Cosmic) Status: Fix Committed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug was fixed in the package linux - 4.4.0-157.185 --- linux (4.4.0-157.185) xenial; urgency=medium * linux: 4.4.0-157.185 -proposed tracker (LP: #1837476) * systemd 229-4ubuntu21.22 ADT test failure with linux 4.4.0-156.183 (storage) (LP: #1837235) - Revert "block/bio: Do not zero user pages" - Revert "block: Clear kernel memory before copying to user" - Revert "bio_copy_from_iter(): get rid of copying iov_iter" linux (4.4.0-156.183) xenial; urgency=medium * linux: 4.4.0-156.183 -proposed tracker (LP: #1836880) * BCM43602 802.11ac Wireless regression - PCI ID 14e4:43ba (LP: #1836801) - brcmfmac: add eth_type_trans back for PCIe full dongle linux (4.4.0-155.182) xenial; urgency=medium * linux: 4.4.0-155.182 -proposed tracker (LP: #1834918) * Geneve tunnels don't work when ipv6 is disabled (LP: #1794232) - geneve: correctly handle ipv6.disable module parameter * Kernel modules generated incorrectly when system is localized to a non- English language (LP: #1828084) - scripts: override locale from environment when running recordmcount.pl * Handle overflow in proc_get_long of sysctl (LP: #1833935) - sysctl: handle overflow in proc_get_long * Xenial update: 4.4.181 upstream stable release (LP: #1832661) - x86/speculation/mds: Revert CPU buffer clear on double fault exit - x86/speculation/mds: Improve CPU buffer clear documentation - ARM: exynos: Fix a leaked reference by adding missing of_node_put - crypto: vmx - fix copy-paste error in CTR mode - crypto: crct10dif-generic - fix use via crypto_shash_digest() - crypto: x86/crct10dif-pcl - fix use via crypto_shash_digest() - ALSA: usb-audio: Fix a memory leak bug - ALSA: hda/hdmi - Consider eld_valid when reporting jack event - ALSA: hda/realtek - EAPD turn on later - ASoC: max98090: Fix restore of DAPM Muxes - ASoC: RT5677-SPI: Disable 16Bit SPI Transfers - mm/mincore.c: make mincore() more conservative - ocfs2: fix ocfs2 read inode data panic in ocfs2_iget - mfd: da9063: Fix OTP control register names to match datasheets for DA9063/63L - tty/vt: fix write/write race in ioctl(KDSKBSENT) handler - ext4: actually request zeroing of inode table after grow - ext4: fix ext4_show_options for file systems w/o journal - Btrfs: do not start a transaction at iterate_extent_inodes() - bcache: fix a race between cache register and cacheset unregister - bcache: never set KEY_PTRS of journal key to 0 in journal_reclaim() - ipmi:ssif: compare block number correctly for multi-part return messages - crypto: gcm - Fix error return code in crypto_gcm_create_common() - crypto: gcm - fix incompatibility between "gcm" and "gcm_base" - crypto: chacha20poly1305 - set cra_name correctly - crypto: salsa20 - don't access already-freed walk.iv - crypto: arm/aes-neonbs - don't access already-freed walk.iv - writeback: synchronize sync(2) against cgroup writeback membership switches - fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount - ALSA: hda/realtek - Fix for Lenovo B50-70 inverted internal microphone bug - KVM: x86: Skip EFER vs. guest CPUID checks for host-initiated writes - net: avoid weird emergency message - net/mlx4_core: Change the error print to info print - ppp: deflate: Fix possible crash in deflate_init - tipc: switch order of device registration to fix a crash - tipc: fix modprobe tipc failed after switch order of device registration - stm class: Fix channel free in stm output free path - md: add mddev->pers to avoid potential NULL pointer dereference - intel_th: msu: Fix single mode with IOMMU - of: fix clang -Wunsequenced for be32_to_cpu() - cifs: fix strcat buffer overflow and reduce raciness in smb21_set_oplock_level() - media: ov6650: Fix sensor possibly not detected on probe - NFS4: Fix v4.0 client state corruption when mount - clk: tegra: Fix PLLM programming on Tegra124+ when PMC overrides divider - fuse: fix writepages on 32bit - fuse: honor RLIMIT_FSIZE in fuse_file_fallocate - iommu/tegra-smmu: Fix invalid ASID bits on Tegra30/114 - ceph: flush dirty inodes before proceeding with remount - tracing: Fix partial reading of trace event's id file - memory: tegra: Fix integer overflow on tick value calculation - perf intel-pt: Fix instructions sampling rate - perf intel-pt: Fix improved sample timestamp - perf intel-pt: Fix sample timestamp wrt non-taken branches - fbdev: sm712fb: fix brightness control on reboot, don't set SR30 - fbdev: sm712fb: fix VRAM detection, don't set SR70/71/74/75 - fbdev: sm712fb: fix white screen of death on reboot, don't set CR3B-CR3F - fbdev: sm712fb: fix boot screen glitch when sm712fb replaces VGA - fbdev: sm712fb: fix crashes during framebuffer writes by correctly
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug was fixed in the package linux - 5.0.0-21.22 --- linux (5.0.0-21.22) disco; urgency=medium * linux: 5.0.0-21.22 -proposed tracker (LP: #1834902) * Disco update: 5.0.15 upstream stable release (LP: #1834529) - net: stmmac: Use bfsize1 in ndesc_init_rx_desc - Drivers: hv: vmbus: Remove the undesired put_cpu_ptr() in hv_synic_cleanup() - ubsan: Fix nasty -Wbuiltin-declaration-mismatch GCC-9 warnings - staging: greybus: power_supply: fix prop-descriptor request size - staging: wilc1000: Avoid GFP_KERNEL allocation from atomic context. - staging: most: cdev: fix chrdev_region leak in mod_exit - staging: most: sound: pass correct device when creating a sound card - ASoC: tlv320aic3x: fix reset gpio reference counting - ASoC: hdmi-codec: fix S/PDIF DAI - ASoC: stm32: sai: fix iec958 controls indexation - ASoC: stm32: sai: fix exposed capabilities in spdif mode - ASoC: stm32: sai: fix race condition in irq handler - ASoC:soc-pcm:fix a codec fixup issue in TDM case - ASoC:hdac_hda:use correct format to setup hda codec - ASoC:intel:skl:fix a simultaneous playback & capture issue on hda platform - ASoC: dpcm: prevent snd_soc_dpcm use after free - ASoC: nau8824: fix the issue of the widget with prefix name - ASoC: nau8810: fix the issue of widget with prefixed name - ASoC: samsung: odroid: Fix clock configuration for 44100 sample rate - ASoC: rt5682: Check JD status when system resume - ASoC: rt5682: fix jack type detection issue - ASoC: rt5682: recording has no sound after booting - ASoC: wm_adsp: Add locking to wm_adsp2_bus_error - clk: meson-gxbb: round the vdec dividers to closest - ASoC: stm32: dfsdm: manage multiple prepare - ASoC: stm32: dfsdm: fix debugfs warnings on entry creation - ASoC: cs4270: Set auto-increment bit for register writes - ASoC: dapm: Fix NULL pointer dereference in snd_soc_dapm_free_kcontrol - drm/omap: hdmi4_cec: Fix CEC clock handling for PM - IB/hfi1: Clear the IOWAIT pending bits when QP is put into error state - IB/hfi1: Eliminate opcode tests on mr deref - IB/hfi1: Fix the allocation of RSM table - MIPS: KGDB: fix kgdb support for SMP platforms. - ASoC: tlv320aic32x4: Fix Common Pins - drm/mediatek: Fix an error code in mtk_hdmi_dt_parse_pdata() - perf/x86/intel: Fix handling of wakeup_events for multi-entry PEBS - perf/x86/intel: Initialize TFA MSR - linux/kernel.h: Use parentheses around argument in u64_to_user_ptr() - iov_iter: Fix build error without CONFIG_CRYPTO - xtensa: fix initialization of pt_regs::syscall in start_thread - ASoC: rockchip: pdm: fix regmap_ops hang issue - drm/amdkfd: Add picasso pci id - drm/amdgpu: Adjust IB test timeout for XGMI configuration - drm/amdgpu: amdgpu_device_recover_vram always failed if only one node in shadow_list - drm/amd/display: fix cursor black issue - ASoC: cs35l35: Disable regulators on driver removal - objtool: Add rewind_stack_do_exit() to the noreturn list - slab: fix a crash by reading /proc/slab_allocators - drm/sun4i: tcon top: Fix NULL/invalid pointer dereference in sun8i_tcon_top_un/bind - virtio_pci: fix a NULL pointer reference in vp_del_vqs - RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove - RDMA/hns: Fix bug that caused srq creation to fail - KEYS: trusted: fix -Wvarags warning - scsi: csiostor: fix missing data copy in csio_scsi_err_handler() - drm/mediatek: fix possible object reference leak - drm/mediatek: fix the rate and divder of hdmi phy for MT2701 - drm/mediatek: make implementation of recalc_rate() for MT2701 hdmi phy - drm/mediatek: remove flag CLK_SET_RATE_PARENT for MT2701 hdmi phy - drm/mediatek: using new factor for tvdpll for MT2701 hdmi phy - drm/mediatek: no change parent rate in round_rate() for MT2701 hdmi phy - ASoC: Intel: kbl: fix wrong number of channels - ASoC: stm32: sai: fix master clock management - ALSA: hda: Fix racy display power access - virtio-blk: limit number of hw queues by nr_cpu_ids - blk-mq: introduce blk_mq_complete_request_sync() - nvme: cancel request synchronously - nvme-fc: correct csn initialization and increments on error - nvmet: fix discover log page when offsets are used - platform/x86: pmc_atom: Drop __initconst on dmi table - NFSv4.1 fix incorrect return value in copy_file_range - perf/core: Fix perf_event_disable_inatomic() race - genirq: Prevent use-after-free and work list corruption - usb: dwc3: Allow building USB_DWC3_QCOM without EXTCON - usb: dwc3: Fix default lpm_nyet_threshold value - USB: serial: f81232: fix interrupt worker not stop - USB: cdc-acm: fix unthrottle races - usb-storage: Set virt_boundary_mask to avoid SG overflows - intel_th: pci: Add Comet Lake support - iio: adc: qcom-spmi-adc5: Fix of-based
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug was fixed in the package linux - 4.15.0-55.60 --- linux (4.15.0-55.60) bionic; urgency=medium * linux: 4.15.0-55.60 -proposed tracker (LP: #1834954) * Request backport of ceph commits into bionic (LP: #1834235) - ceph: use atomic_t for ceph_inode_info::i_shared_gen - ceph: define argument structure for handle_cap_grant - ceph: flush pending works before shutdown super - ceph: send cap releases more aggressively - ceph: single workqueue for inode related works - ceph: avoid dereferencing invalid pointer during cached readdir - ceph: quota: add initial infrastructure to support cephfs quotas - ceph: quota: support for ceph.quota.max_files - ceph: quota: don't allow cross-quota renames - ceph: fix root quota realm check - ceph: quota: support for ceph.quota.max_bytes - ceph: quota: update MDS when max_bytes is approaching - ceph: quota: add counter for snaprealms with quota - ceph: avoid iput_final() while holding mutex or in dispatch thread * QCA9377 isn't being recognized sometimes (LP: #1757218) - SAUCE: USB: Disable USB2 LPM at shutdown * hns: fix ICMP6 neighbor solicitation messages discard problem (LP: #1833140) - net: hns: fix ICMP6 neighbor solicitation messages discard problem - net: hns: fix unsigned comparison to less than zero * Fix occasional boot time crash in hns driver (LP: #1833138) - net: hns: Fix probabilistic memory overwrite when HNS driver initialized * use-after-free in hns_nic_net_xmit_hw (LP: #1833136) - net: hns: fix KASAN: use-after-free in hns_nic_net_xmit_hw() * hns: attempt to restart autoneg when disabled should report error (LP: #1833147) - net: hns: Restart autoneg need return failed when autoneg off * systemd 237-3ubuntu10.14 ADT test failure on Bionic ppc64el (test-seccomp) (LP: #1821625) - powerpc: sys_pkey_alloc() and sys_pkey_free() system calls - powerpc: sys_pkey_mprotect() system call * [UBUNTU] pkey: Indicate old mkvp only if old and curr. mkvp are different (LP: #1832625) - pkey: Indicate old mkvp only if old and current mkvp are different * [UBUNTU] kernel: Fix gcm-aes-s390 wrong scatter-gather list processing (LP: #1832623) - s390/crypto: fix gcm-aes-s390 selftest failures * System crashes on hot adding a core with drmgr command (4.15.0-48-generic) (LP: #1833716) - powerpc/numa: improve control of topology updates - powerpc/numa: document topology_updates_enabled, disable by default * Kernel modules generated incorrectly when system is localized to a non- English language (LP: #1828084) - scripts: override locale from environment when running recordmcount.pl * [UBUNTU] kernel: Fix wrong dispatching for control domain CPRBs (LP: #1832624) - s390/zcrypt: Fix wrong dispatching for control domain CPRBs * CVE-2019-11815 - net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). * Sound device not detected after resume from hibernate (LP: #1826868) - drm/i915: Force 2*96 MHz cdclk on glk/cnl when audio power is enabled - drm/i915: Save the old CDCLK atomic state - drm/i915: Remove redundant store of logical CDCLK state - drm/i915: Skip modeset for cdclk changes if possible * Handle overflow in proc_get_long of sysctl (LP: #1833935) - sysctl: handle overflow in proc_get_long * Dell XPS 13 (9370) defaults to s2idle sleep/suspend instead of deep, NVMe drains lots of power under s2idle (LP: #1808957) - Revert "UBUNTU: SAUCE: pci/nvme: prevent WDC PC SN720 NVMe from entering D3 and being disabled" - Revert "UBUNTU: SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "UBUNTU: SAUCE: pci: prevent Intel NVMe SSDPEKKF from entering D3" - Revert "SAUCE: nvme: add quirk to not call disable function when suspending" - Revert "SAUCE: pci: prevent sk hynix nvme from entering D3" - PCI: PM: Avoid possible suspend-to-idle issue - PCI: PM: Skip devices in D0 for suspend-to-idle - nvme-pci: Sync queues on reset - nvme: Export get and set features - nvme-pci: Use host managed power state for suspend * linux v4.15 ftbfs on a newer host kernel (e.g. hwe) (LP: #1823429) - selinux: use kernel linux/socket.h for genheaders and mdp * 32-bit x86 kernel 4.15.0-50 crash in vmalloc_sync_all (LP: #1830433) - x86/mm/pat: Disable preemption around __flush_tlb_all() - x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() - x86/mm: Disable ioremap free page handling on x86-PAE - ioremap: Update pgtable free interfaces with addr - x86/mm: Add TLB purge to free pmd/pte page interfaces - x86/init: fix build with CONFIG_SWAP=n - x86/mm: provide pmdp_establish() helper - x86/mm: Use WRITE_ONCE() when setting PTEs * hinic: fix oops due to race in set_rx_mode (LP: #1832048) - hinic: fix a bug in set
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
Eoan already got this patch. ** Changed in: linux (Ubuntu Eoan) Status: In Progress => Fix Released ** Changed in: ubuntu-kernel-tests Status: In Progress => Fix Released ** Tags removed: verification-needed-cosmic ** Tags added: verification-done-cosmic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
sysctl02 test passed with Xenial kernel. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
sysctl02 test passed with Bionic kernel. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
sysctl02 test passed with Disco kernel. ** Tags removed: verification-needed-disco ** Tags added: verification-done-disco -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- cosmic' to 'verification-done-cosmic'. If the problem still exists, change the tag 'verification-needed-cosmic' to 'verification-failed- cosmic'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-cosmic ** Tags added: verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed- bionic'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed- xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- disco' to 'verification-done-disco'. If the problem still exists, change the tag 'verification-needed-disco' to 'verification-failed-disco'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-disco ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
** Changed in: linux (Ubuntu Cosmic) Status: In Progress => Fix Committed ** Changed in: linux (Ubuntu Disco) Status: In Progress => Fix Committed ** Changed in: linux (Ubuntu Xenial) Status: In Progress => Fix Committed ** Changed in: linux (Ubuntu Bionic) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
https://lists.ubuntu.com/archives/kernel-team/2019-June/101710.html ** Also affects: linux (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Eoan) Importance: Undecided Status: Incomplete ** Also affects: linux-kvm (Ubuntu Eoan) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Disco) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Disco) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Bionic) Importance: Undecided Status: New ** No longer affects: linux-kvm (Ubuntu) ** No longer affects: linux-kvm (Ubuntu Xenial) ** No longer affects: linux-kvm (Ubuntu Cosmic) ** Changed in: linux (Ubuntu Xenial) Status: New => In Progress ** Changed in: linux (Ubuntu Xenial) Assignee: (unassigned) => Po-Hsu Lin (cypressyew) ** Changed in: linux (Ubuntu Bionic) Status: New => In Progress ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => Po-Hsu Lin (cypressyew) ** No longer affects: linux-kvm (Ubuntu Bionic) ** No longer affects: linux-kvm (Ubuntu Disco) ** No longer affects: linux-kvm (Ubuntu Eoan) ** Changed in: linux (Ubuntu Cosmic) Status: Incomplete => In Progress ** Changed in: linux (Ubuntu Cosmic) Assignee: (unassigned) => Po-Hsu Lin (cypressyew) ** Changed in: linux (Ubuntu Disco) Assignee: (unassigned) => Po-Hsu Lin (cypressyew) ** Changed in: linux (Ubuntu Disco) Status: New => In Progress ** Changed in: linux (Ubuntu Eoan) Assignee: (unassigned) => Po-Hsu Lin (cypressyew) ** Changed in: linux (Ubuntu Eoan) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
** Description changed: + == SRU Justification == + With the upper / lower boundary confined in bug 1834310, the file-max + is still suffering with overflow issue. + + This is because the simple_strtoul() used in proc_get_long() to parse + user input explicitly ignores overflows. So when you tried to put 2^64 + into file-max, it will: + # echo 18446744073709551616 > /proc/sys/fs/file-max + # cat /proc/sys/fs/file-max + 0 + + Which will cause your system to silently die behind your back. + + This issue was reported by the case 1 of the sysctl02 test in LTP: + sysctl02 1 TFAIL: /proc/sys/fs/file-max overflows and set to 0 + + + == Fix == + * 7f2923c4 (sysctl: handle overflow in proc_get_long) + + A new strtoul_lenient() was introduced here to solve this issue, with + extra check to notify userspace with -EINVAL. + + This patch can be cherry-picked into B/C/D/E, it needs some content + adjustment for X. + + == Test == + Test kernels could be found here: + https://people.canonical.com/~phlin/kernel/lp-1833935-proc_get_long/ + + The attempt to set file-max to 2^64 will be rejected: + $ sudo sysctl -w -q fs.file-max=18446744073709551616 + sysctl: setting key "fs.file-max": Invalid argument + + Tested and passed with these kernels on AMD64 KVM nodes. + + == Regression Potential == + Low, the newly introduced function strtoul_lenient() is just for + proc_get_long here. + + + == Original bug report == Test complains about apparmor enabled. As it's enabled by default, I think we might need to disable this test. Furthermore, this test will need kallsyms to be enabled, which is not for KVM kernels. <<>> tag=sysctl02_sh stime=1561360893 cmdline="sysctl02.sh" contacts="" analysis=exit <<>> incrementing stop sysctl02 1 TINFO: timeout per run is 0h 5m 0s sysctl02 1 TFAIL: /proc/sys/fs/file-max overflows and set to 0 sysctl02 2 TFAIL: /proc/sys/fs/file-max overflows and set to 18446744073709551615 sysctl02 3 TFAIL: /proc/sys/fs/file-max overflows and set to 9223372036854775808 sysctl02 4 TCONF: /proc/kallsyms not enabled sysctl02 4 TINFO: AppArmor enabled, this may affect test results sysctl02 4 TINFO: You can try to disable it with TST_DISABLE_APPARMOR=1 (requires super/root) sysctl02 4 TINFO: loaded AppArmor profiles: none Summary: passed 0 failed 3 skipped 1 warnings 0 <<>> initiation_status="ok" duration=0 termination_type=exited termination_id=33 corefile=no cutime=2 cstime=1 <<>> ProblemType: Bug DistroRelease: Ubuntu 18.10 Package: linux-image-4.18.0-1015-kvm 4.18.0-1015.15 ProcVersionSignature: User Name 4.18.0-1015.15-kvm 4.18.20 Uname: Linux 4.18.0-1015-kvm x86_64 ApportVersion: 2.20.10-0ubuntu13.3 Architecture: amd64 Date: Mon Jun 24 07:21:41 2019 SourcePackage: linux-kvm UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1833935] Re: Handle overflow in proc_get_long of sysctl
** Summary changed: - sysctl02_sh from ubuntu_ltp failed with Cosmic kernel + Handle overflow in proc_get_long of sysctl -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1833935 Title: Handle overflow in proc_get_long of sysctl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1833935/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
