[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hello niranjuv 'apt' also allows to install local packages, if you point it to a local package using a local path, like: apt install ./*.deb it has the advantage that it resolves the dependency chain nicely but, yes, 'dpkg -I' is a valid alternative I'm a bit confused that the verification worked fine here on noble: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2091099/comments/18 (just a wild guess) Since KVM has also kernel parts, this might be due to a different (maybe outdated) kernel? Can you check if you are on the latest kernel level (and having it active: uname -a)? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
It is not clear to me why you did not use "apt install" instead of "apt download". In order to further diagnose the issue, we need more information. 1) How are you actually installing the packages? 2) What tests are you performing? Are you running the test provided in the "Test plan" section of the bug? 3) What exactly are you seeing on your system when you run the tests? It would be very helpful if you could provide a step-by-step reproducer of the problem you're experiencing. As you can check on comment #18, I did the verification myself and confirmed that the package fixes the problem as outlined in the "Test plan" section of the bug. Thank you. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Tags removed: targetmilestone-inin--- ** Tags added: targetmilestone-inin2404 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hi 'niranjuv', please notice that these updated packages are for 24.04 (code-name 'noble'), you cannot test them properly on a different Ubuntu release. Please double check with "lsb_release -a". If you need to install the packages on an isolated system, it's of course a bit more work. In case you have a system (s390x, 24.04) that has connectivity, you may download the packages with the help of "apt-get download ...", transfer them install them from local disk for example with "apt install *.deb". Or fetch them package by package from here: https://launchpad.net/ubuntu/+source/qemu https://launchpad.net/ubuntu/+source/qemu/1:8.2.2+ds-0ubuntu1.5 (s390x:) https://launchpad.net/ubuntu/+source/qemu/1:8.2.2+ds-0ubuntu1.5/+build/29976972 then transfer and install ... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
This bug was fixed in the package qemu - 1:9.0.2+ds-4ubuntu9 --- qemu (1:9.0.2+ds-4ubuntu9) plucky; urgency=medium * d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix regression regarding CVE-2023-2861 affecting 9p filesystems. (LP: #2091099) -- Sergio Durigan Junior Tue, 07 Jan 2025 14:56:38 -0500 ** Changed in: qemu (Ubuntu Plucky) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hello, I don't know how you downloaded the packages you're mentioning, but the best way to test this update is by following the instructions given by the SRU team on comment #13. Namely: - You need to enable the -proposed repository on your system (instructions at https://wiki.ubuntu.com/Testing/EnableProposed). - You need to upgrade the QEMU package from this repository. For example, if you're on Noble: apt -t noble-proposed install qemu-system-s390x This should be enough to tell apt to upgrade all QEMU packages that are needed. - Then you can perform your tests. If that doesn't work, could you please let me know which steps you're taking to verify the fix, please? Are they the same steps described in the "Test plan" section (from this bug's description)? Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: ubuntu-z-systems Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
The plucky task is still open, but the upload fixing it is in proposed, so that's good enough. There is a oracular/i386 autopkgtest stuck in "running", but the history shows it never passed, so that's ok too. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
This bug was fixed in the package qemu - 1:8.2.2+ds-0ubuntu1.5 --- qemu (1:8.2.2+ds-0ubuntu1.5) noble; urgency=medium * d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix regression regarding CVE-2023-2861 affecting 9p filesystems. (LP: #2091099) -- Sergio Durigan Junior Wed, 11 Dec 2024 22:06:49 -0500 ** Changed in: qemu (Ubuntu Noble) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
This bug was fixed in the package qemu - 1:9.0.2+ds-4ubuntu5.2 --- qemu (1:9.0.2+ds-4ubuntu5.2) oracular; urgency=medium * d/p/u/lp-2091099-fix-9p-regression-cve-2023-2861.patch: Fix regression regarding CVE-2023-2861 affecting 9p filesystems. (LP: #2091099) -- Sergio Durigan Junior Tue, 07 Jan 2025 18:18:14 -0500 ** Changed in: qemu (Ubuntu Oracular) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hi @niranjuv, we are working to get this solved and the fix published on several levels. Since this is a bug that also needs to be fixed in Ubuntu releases that are already out and in service, we are required to follow the Ubuntu SRU "stable release update" process that is pretty strict (by intention). It requires the completion of quite significant (and of course successful) testing - without this the updated package is not acceptable by our SRU team and cannot be rolled out and published. The SRU process is in place to take as much care as possible on such SRU updates, since what we (all) want to avoid are regressions. And in case of Ubuntu (and especially Ubuntu LTS releases) that can quickly affect multi-millions of installations. And that's also the reason why the fix needs to be rolled out from newest (current development) release to oldest affected release, just to avoid any regression in case of Ubuntu release upgrades. The SRU process for packages is unfortunately queue based (in contrast to kernel SRUs, which happen in more or less fixed cycles - every 2 / 4 weeks). And over the YE break packages in the queue pilled up a bit. Canonical's Ubuntu distro teams are working on this backlog. But since it's queue based, it's difficult to give an ETA. The so called "aging period" is a fixed part of the SRU process and is in place to allow not only our testing to be completed, but also other people's testing in their particular environments. With that let me point out two more things: i) An updated package with a fix included is already available now, but via the so called -proposed archive pocket. Nevertheless, everyone who enabled or opted-in to use -proposed can install, test and use that package. But until the testing is completed and the aging period is over, it will stay in -proposed, means it will not be visible for default installations (where -proposed is disabled). At the end of the aging period - and in case no regressions were found - this exact same package will transition from the -proposed to the -updates (respectively -security) pocket, and will become available as regular update for everyone. Since I'm unsure if our automated SRU messages/comments here in Launchpad (like https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2091099/comments/13) are detailed enough, let me quickly list the steps on how to get the updated package installed from proposed: sudo add-apt-repository -y "deb http://ports.ubuntu.com/ubuntu-ports/ $(lsb_release -sc)-proposed main universe" sudo apt -y update # if not automatically done by the previous command sudo apt -y -t=$(lsb_release -sc)-proposed install qemu-system # or maybe more fine grained 'qemu-system-s390x' ii) One may think that this SRU process is a bit lengthy and there must be a quicker way to get a fixed package more quickly into production environments. And that is true, in such cases, Ubuntu users that have a subscription in place (called 'Ubuntu Pro'), are eligible to open a SalesForce (support) case at Canonical. With that our service and support colleagues (rather than we, development) will pick this up. And they have the option to bridge the gap/time that is caused by the SRU process with the help of a hot fix package. However, the SRU process as such will still be needed. I hope that shows the overall effort that is required for such SRUs and helps a bit. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: ubuntu-z-systems Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hello niranjuv, I performed the verification for both uploads (I thought you wanted to do that, but I decided to do it myself in order to speed things up). We have to wait 7 days after the SRU team accepted the packages so that they can be properly released. On top of that, we are facing some problems with our test infrastructure which is slowing things down a bit. I'll work on expediting the test results now, but we are still constrained by the 7-day aging period. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Performing the verification on Oracular. First, making sure that the bug manifests when using the current version from the archive. # apt policy qemu-system-s390x # apt policy qemu-system-s390x qemu-system-s390x: Installed: 1:9.0.2+ds-4ubuntu5.1 Candidate: 1:9.0.2+ds-4ubuntu5.1 Version table: *** 1:9.0.2+ds-4ubuntu5.1 500 500 http://ports.ubuntu.com/ubuntu-ports oracular-updates/main s390x Packages 500 http://ports.ubuntu.com/ubuntu-ports oracular-security/main s390x Packages 100 /var/lib/dpkg/status 1:9.0.2+ds-4ubuntu5 500 500 http://ports.ubuntu.com/ubuntu-ports oracular/main s390x Packages # sh ./t.sh # sh ./t.sh Creating Ubuntu target OS Running OS in qemu KASLR disabled: CPU has no PRNG KASLR disabled: CPU has no PRNG Test for unix domain sockets qemu-system-s390x: 9p: broken or compromised client detected; attempt to open special file (i.e. neither regular file, nor directory) nc: No such device or address nc: /socket: No such file or directory Sockets fail Now, upgrading the package to the version in -proposed and verifying that it fixes the problem. # apt policy qemu-system-s390x # apt policy qemu-system-s390x qemu-system-s390x: Installed: 1:9.0.2+ds-4ubuntu5.2 Candidate: 1:9.0.2+ds-4ubuntu5.2 Version table: *** 1:9.0.2+ds-4ubuntu5.2 100 100 http://ports.ubuntu.com/ubuntu-ports oracular-proposed/main s390x Packages 100 /var/lib/dpkg/status 1:9.0.2+ds-4ubuntu5.1 500 500 http://ports.ubuntu.com/ubuntu-ports oracular-updates/main s390x Packages 500 http://ports.ubuntu.com/ubuntu-ports oracular-security/main s390x Packages 1:9.0.2+ds-4ubuntu5 500 500 http://ports.ubuntu.com/ubuntu-ports oracular/main s390x Packages # sh ./t.sh # sh ./t.sh Creating Ubuntu target OS Running OS in qemu KASLR disabled: CPU has no PRNG KASLR disabled: CPU has no PRNG Test for unix domain sockets Sockets work This concludes the verification on Oracular. ** Tags removed: verification-needed verification-needed-oracular ** Tags added: verification-done verification-done-oracular -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Performing the verification on Noble. First, making sure that the bug manifests when using the current version from the archive. # apt policy qemu-system-s390x qemu-system-s390x: Installed: 1:8.2.2+ds-0ubuntu1.4 Candidate: 1:8.2.2+ds-0ubuntu1.4 Version table: *** 1:8.2.2+ds-0ubuntu1.4 500 500 http://ports.ubuntu.com/ubuntu-ports noble-updates/main s390x Packages 500 http://ports.ubuntu.com/ubuntu-ports noble-security/main s390x Packages 100 /var/lib/dpkg/status 1:8.2.2+ds-0ubuntu1 500 500 http://ports.ubuntu.com/ubuntu-ports noble/main s390x Packages # sh ./t.sh Creating Ubuntu target OS Running OS in qemu KASLR disabled: CPU has no PRNG KASLR disabled: CPU has no PRNG Test for unix domain sockets qemu-system-s390x: 9p: broken or compromised client detected; attempt to open special file (i.e. neither regular file, nor directory) nc: No such device or address nc: /socket: No such file or directory Sockets fail Now, upgrading the package to the version in -proposed and verifying that it fixes the problem. # apt policy qemu-system-s390x qemu-system-s390x: Installed: 1:8.2.2+ds-0ubuntu1.5 Candidate: 1:8.2.2+ds-0ubuntu1.5 Version table: *** 1:8.2.2+ds-0ubuntu1.5 100 100 http://ports.ubuntu.com/ubuntu-ports noble-proposed/main s390x Packages 100 /var/lib/dpkg/status 1:8.2.2+ds-0ubuntu1.4 500 500 http://ports.ubuntu.com/ubuntu-ports noble-updates/main s390x Packages 500 http://ports.ubuntu.com/ubuntu-ports noble-security/main s390x Packages 1:8.2.2+ds-0ubuntu1 500 500 http://ports.ubuntu.com/ubuntu-ports noble/main s390x Packages # sh ./t.sh Creating Ubuntu target OS Running OS in qemu KASLR disabled: CPU has no PRNG KASLR disabled: CPU has no PRNG Test for unix domain sockets Sockets work This concludes the verification on Noble. ** Tags removed: verification-needed-noble ** Tags added: verification-done-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
I retried the failing autopkgtests[1], since all but one were problems in the autopkgtest infrastructure (the tell is when the version of the package is flagged as "unknown"). 1. https://people.canonical.com/~ubuntu-archive/proposed-migration/noble/update_excuses.html#qemu -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hello niranjuv, As you can see, the SRU processed the uploads. You can find instructions on how to perform the verification in the emails above. Thanks. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hello bugproxy, or anyone else affected, Accepted qemu into oracular-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/qemu/1:9.0.2+ds-4ubuntu5.2 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- oracular to verification-done-oracular. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-oracular. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: qemu (Ubuntu Oracular) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-oracular ** Changed in: qemu (Ubuntu Noble) Status: In Progress => Fix Committed ** Tags added: verification-needed-noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
I'm on my SRU shift today and am looking at this update right now. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: ubuntu-z-systems Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
I uploaded the fix to Plucky, Oracular and Noble, after confirming that it works for each one of those releases. ** Changed in: qemu (Ubuntu Noble) Status: New => In Progress ** Changed in: qemu (Ubuntu Oracular) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: qemu (Ubuntu Plucky) Status: New => Fix Committed ** Changed in: qemu (Ubuntu Oracular) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) ** Changed in: qemu (Ubuntu Noble) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Description changed: [ Impact ] Users of the 9p filesystem may encounter problems when guests try to access host files, which can lead to e.g. guest boot issues. [ Test plan ] Using the script kindly provided by the reporter, we can set up our test environment as such (this requires an s390x machine): $ lxc profile create lp2091099 $ lxc profile edit lp2091099 << _EOF_ name: kvm-nodisk description: "" config: - boot.autostart: "true" - linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables,kvm - security.nesting: "true" - security.privileged: "true" + boot.autostart: "true" + linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables,kvm + security.nesting: "true" + security.privileged: "true" devices: - eth0: - name: eth0 - nictype: bridged - parent: lxdbr0 - type: nic - kvm: - path: /dev/kvm - type: unix-char - mem: - path: /dev/mem - type: unix-char - tun: - path: /dev/net/tun - type: unix-char + eth0: + name: eth0 + nictype: bridged + parent: lxdbr0 + type: nic + kvm: + path: /dev/kvm + type: unix-char + mem: + path: /dev/mem + type: unix-char + tun: + path: /dev/net/tun + type: unix-char _EOF_ $ lxc launch ubuntu-daily:noble n-9ptest --profile default --profile lp2091099 $ lxc shell n-9ptest # apt update - # apt install -y qemu-system-x86 debootstrap + # apt install -y qemu-system-s390x debootstrap # cat > t.sh << _EOF_ #!/bin/bash # Cleanup target dir [ -d ./target ] && rm -rf target mkdir target # Add configuration updates mkdir -p ./target/etc/initramfs-tools/ echo 9p >> ./target/etc/initramfs-tools/modules echo 9pnet_virtio >> ./target/etc/initramfs-tools/modules # Add the test script cat > ./target/test_init << EOF #!/bin/bash echo "Test for unix domain sockets" nc -Ul /socket & sleep 1 echo "Sockets work" | nc -UN /socket || echo "Sockets fail" echo o > /proc/sysrq-trigger sleep 999 EOF chmod 700 ./target/test_init # Create an Ubuntu 23.10 around it echo "Creating Ubuntu target OS" debootstrap --variant=minbase\ --include=udev,kmod,initramfs-tools,systemd,netcat-openbsd,linux-image-generic \ --exclude=man,bash-completion \ noble ./target > /dev/null || exit 1 # Run the test in 9p forwarded filesystem echo "Running OS in qemu" qemu-system-s390x \ -m 8192 \ -smp 4 \ -nodefaults -nographic -no-reboot -no-user-config \ -kernel ./target/boot/vmlinuz \ -initrd ./target/boot/initrd.img \ -append 'root=fsRoot rw rootfstype=9p rootflags=trans=virtio,version=9p2000.L,msize=512000,cache=mmap,posixacl console=ttysclp0 init=/test_init quiet' \ -fsdev local,security_model=passthrough,multidevs=remap,id=fsdev-fsRoot,path=./target \ -device virtio-9p-pci,id=fsRoot,fsdev=fsdev-fsRoot,mount_tag=fsRoot \ -device virtio-serial-ccw -device sclpconsole,chardev=console \ -chardev stdio,id=console,signal=off _EOF_ + # sh ./t.sh + + On a problematic system, you should see something similar to the + following output: + + Creating Ubuntu target OS + Running OS in qemu + KASLR disabled: CPU has no PRNG + KASLR disabled: CPU has no PRNG + Test for unix domain sockets + qemu-system-s390x: 9p: broken or compromised client detected; attempt to open special file (i.e. neither regular file, nor directory) + nc: No such device or address + nc: /socket: No such file or directory + Sockets fail + [ Where problems could occur ] This failure is caused by a regression introduced by a fix to a CVE. As such, the possibility of introducing a security regression needs to be considered. The CVE fix was about preventing guests to open files on the host when using 9p, but it ended up being too restrictive and impacting use cases when there needs to be an access. The patch is not too complex and is specifically aimed at allowing open(2) with O_PATH, which is an operation that is as secure as possible without actually opening the file. According to the manpage: - O_PATH (since Linux 2.6.39) - Obtain a file descriptor that can be used for two purposes: to indicate a location in the filesystem tree and to perform operations that act purely at the file descriptor level. The file itself is not opened, and other file operations (e.g., read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), ioctl(2), mmap(2)) fail with the error EBADF. + O_PATH (since Linux 2.6.39) + Obtain a file descriptor that can be used for two purposes: to indicate a location in the filesystem tree and to perform operations that act purely at the file descriptor level. The file itself is not opened, and other file operations (e.g., read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), ioctl(2), mmap(2)) fail with the error EBADF. [ Original Description ] == Reported by -
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Hi, Not yet, unfortunately. The SRU team is not really reviewing/accepting new uploads this week due to the end-of-year break, so we're pretty much stuck until next year (there are actually a few other bugs that need to be fixed in QEMU and I will do one single upload for everything). I will let you know when the situation changes. Thanks for the patience. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Description changed: + [ Impact ] + + Users of the 9p filesystem may encounter problems when guests try to + access host files, which can lead to e.g. guest boot issues. + + [ Test plan ] + + Using the script kindly provided by the reporter, we can set up our test + environment as such (this requires an s390x machine): + + $ lxc profile create lp2091099 + $ lxc profile edit lp2091099 << _EOF_ + name: kvm-nodisk + description: "" + config: + boot.autostart: "true" + linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables,kvm + security.nesting: "true" + security.privileged: "true" + devices: + eth0: + name: eth0 + nictype: bridged + parent: lxdbr0 + type: nic + kvm: + path: /dev/kvm + type: unix-char + mem: + path: /dev/mem + type: unix-char + tun: + path: /dev/net/tun + type: unix-char + _EOF_ + $ lxc launch ubuntu-daily:noble n-9ptest --profile default --profile lp2091099 + $ lxc shell n-9ptest + # apt update + # apt install -y qemu-system-x86 debootstrap + # cat > t.sh << _EOF_ + #!/bin/bash + + # Cleanup target dir + [ -d ./target ] && rm -rf target + mkdir target + + # Add configuration updates + mkdir -p ./target/etc/initramfs-tools/ + echo 9p >> ./target/etc/initramfs-tools/modules + echo 9pnet_virtio >> ./target/etc/initramfs-tools/modules + + # Add the test script + cat > ./target/test_init << EOF + #!/bin/bash + + echo "Test for unix domain sockets" + + nc -Ul /socket & + sleep 1 + echo "Sockets work" | nc -UN /socket || echo "Sockets fail" + + echo o > /proc/sysrq-trigger + sleep 999 + EOF + chmod 700 ./target/test_init + + # Create an Ubuntu 23.10 around it + echo "Creating Ubuntu target OS" + debootstrap --variant=minbase\ + --include=udev,kmod,initramfs-tools,systemd,netcat-openbsd,linux-image-generic \ + --exclude=man,bash-completion \ + noble ./target > /dev/null || exit 1 + + # Run the test in 9p forwarded filesystem + echo "Running OS in qemu" + qemu-system-s390x \ + -m 8192 \ + -smp 4 \ + -nodefaults -nographic -no-reboot -no-user-config \ + -kernel ./target/boot/vmlinuz \ + -initrd ./target/boot/initrd.img \ + -append 'root=fsRoot rw rootfstype=9p rootflags=trans=virtio,version=9p2000.L,msize=512000,cache=mmap,posixacl console=ttysclp0 init=/test_init quiet' \ + -fsdev local,security_model=passthrough,multidevs=remap,id=fsdev-fsRoot,path=./target \ + -device virtio-9p-pci,id=fsRoot,fsdev=fsdev-fsRoot,mount_tag=fsRoot \ + -device virtio-serial-ccw -device sclpconsole,chardev=console \ + -chardev stdio,id=console,signal=off + _EOF_ + + [ Where problems could occur ] + + This failure is caused by a regression introduced by a fix to a CVE. As + such, the possibility of introducing a security regression needs to be + considered. The CVE fix was about preventing guests to open files on + the host when using 9p, but it ended up being too restrictive and + impacting use cases when there needs to be an access. + + The patch is not too complex and is specifically aimed at allowing + open(2) with O_PATH, which is an operation that is as secure as possible + without actually opening the file. According to the manpage: + + O_PATH (since Linux 2.6.39) + Obtain a file descriptor that can be used for two purposes: to indicate a location in the filesystem tree and to perform operations that act purely at the file descriptor level. The file itself is not opened, and other file operations (e.g., read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), ioctl(2), mmap(2)) fail with the error EBADF. + + [ Original Description ] + == Reported by - 2024-12-04 == ---Problem Description--- [UBUNTU 24.04] OS guest boot issues on 9p filesystem - + ---uname output--- Linux winlnxnw 6.8.0-45-generic #45-Ubuntu SMP Fri Aug 30 11:09:37 UTC 2024 s390x s390x s390x GNU/Linux - - Contact Information = [email protected] - - Machine Type = 3931-7G4 - + + Contact Information = [email protected] + + Machine Type = 3931-7G4 + ---Steps to Reproduce--- - Run this script (fails with a qemu error message) + Run this script (fails with a qemu error message) #!/bin/bash # Cleanup target dir [ -d ./target ] && rm -rf target mkdir target # Add configuration updates mkdir -p ./target/etc/initramfs-tools/ echo 9p >> ./target/etc/initramfs-tools/modules echo 9pnet_virtio >> ./target/etc/initramfs-tools/modules # Add the test script cat > ./target/test_init << EOF #!/bin/bash echo "Test for unix domain sockets" nc -Ul /socket & sleep 1 echo "Sockets work" | nc -UN /socket || echo "Sockets fail" echo o > /proc/sysrq-trigger sleep 999 EOF chmod 700 ./target/test_init # Create an Ubuntu 23.10 around it echo "Creating Ubuntu target OS" debootstrap --variant=minbase\ - --include=udev,kmod,initramfs-tools,systemd,netcat-openbsd,linux-image-generic \ -
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Upstream fixed it with https://gitlab.com/qemu- project/qemu/-/commit/d06a9d843fb65351e0e4dc42ba0c404f01ea92b3. I'm now building a package containing the backported fix in my PPA (https://launchpad.net/~sergiodj/+archive/ubuntu/qemu). I should be able to put an MP up for review tomorrow. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Also affects: qemu (Ubuntu Noble) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
Thank you. I'm working on backporting the fix now. I'll run tests and hopefully get the SRU going by the end of the day. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: ubuntu-z-systems Importance: Undecided => Critical ** Changed in: ubuntu-z-systems Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Changed in: qemu (Ubuntu) Assignee: Skipper Bug Screeners (skipper-screen-team) => Sergio Durigan Junior (sergiodj) ** Tags added: server-todo -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
** Package changed: linux (Ubuntu) => qemu (Ubuntu) ** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Changed in: ubuntu-z-systems Assignee: (unassigned) => Skipper Bug Screeners (skipper-screen-team) ** Changed in: qemu (Ubuntu) Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2091099] Re: [UBUNTU 24.04] OS guest boot issues on 9p filesystem
--- Comment From [email protected] 2024-12-05 07:22 EDT--- This bug was already detected in Jammy and was fixed in Ubuntu 22.04 (package qemu - 1:6.2+dfsg-2ubuntu6.21) ==> see bugzilla / LP item 'Bug 206380 - LP2065579 : [UBUNTU 22.04] OS guest boot issues on 9p filesystem' Now, the problem seems to be back with Noble. --- Comment From [email protected] 2024-12-05 07:25 EDT--- From the original Jammy bug: This Bug is the result of the fix to: CVE-2023-2861: Prohibit opening any special file directly on host I also opened a Bug in the qemu bugtracker https://gitlab.com/qemu-project/qemu/-/issues/2337 The containers fail because syslog cannot open its unix domain socket on the filesystem. We tracked the change that provokes this error to a CVE change in qemu that forbids opening of special files to prevent exposing data from the host. Special files should be handled by the guest os. Unix domain socket files are also special files, and they are handled by the guest OS in their entirety, and the 9p server in qemu assigns them individual inodes so they are safe to open. But they must be opened so their fd can be passed to the appropriate connect() or bind() function so the OS can use them. Socket files don't have a traditional read or write functionality, they are mere representatives for a local address. There is no convention for where domain socket files should go, so there is no easy fix by just creating a tmpfs somewhere. We also see other workloads and services failing for not being able to open their local socket files. The analysis of CVE-2023-2861 in detail reveals - opening of device files through the 9p server directly grants access to read/write functions of those device files. Also device files can be created in-place anywhere. - opening of FIFOs is somewhat unsafe as long as there are possible collisions that could expose host data using read/write. - opening of sockets is safe because the 9p server protects the revealed inode and provides no way to connect the file to a socket. The qemu team has made a change, but that only made things different, not better. ** Bug watch added: gitlab.com/qemu-project/qemu/-/issues #2337 https://gitlab.com/qemu-project/qemu/-/issues/2337 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2861 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091099 Title: [UBUNTU 24.04] OS guest boot issues on 9p filesystem To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2091099/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
