Bug #1557994 “s390/kconfig: setting for CONFIG...9P....” : Bugs : linux package : Ubuntu

bugproxy (bugproxy) on 2016-03-16

tags:	added: architecture-s39064 bugnameltc-139134 severity-critical targetmilestone-inin1604
Changed in ubuntu:
assignee:	nobody → Skipper Bug Screeners (skipper-screen-team)

Henish Patel (g-hpatel) on 2016-03-16

affects:

ubuntu → linux (Ubuntu)

Tim Gardner (timg-tpi) on 2016-03-16

Changed in linux (Ubuntu Xenial):
assignee:	Skipper Bug Screeners (skipper-screen-team) → Tim Gardner (timg-tpi)
status:	New → In Progress

Tim Gardner (timg-tpi) on 2016-03-16

Changed in linux (Ubuntu Xenial):
status:	In Progress → Fix Committed

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2016-03-16:

#1

@Tim,

Imho 9P can/should be =y on all arches, cause then one can use 9P as root/boot device. And it opens the interesting posibility of e.g. "booting" an lxd container in kvm, and the like.

Revision history for this message

Dimitri John Ledkov (xnox) wrote on 2016-03-16:

#2

https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/xenial/commit/?h=master-next&id=62d95836921d417373ab0b7674f9d8b5f929857b

Dimitri John Ledkov (xnox) on 2016-03-17

Changed in linux (Ubuntu Xenial):
importance:	Undecided → Wishlist

Revision history for this message

Launchpad Janitor (janitor) wrote on 2016-03-21:

#3

Download full text (11.3 KiB)

This bug was fixed in the package linux - 4.4.0-15.31

---------------
linux (4.4.0-15.31) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
- LP: #1559252

* Xilinx KU3 Capi card does not show up in Ubuntu 16.04 (LP: #1557001)
- SAUCE: (noup) cxl: Allow initialization on timebase sync failures

  * policy namespace stacking (LP: #1379535)
    - Revert "UBUNTU: SAUCE: Move replacedby allocation into label_alloc"
    - Revert "UBUNTU: SAUCE: Fixup: __label_update() still doesn't handle some cases correctly."
    - Revert "UBUNTU: SAUCE: fix: audit "no_new_privs" case for exec failure"
    - Revert "UBUNTU: SAUCE: fixup: warning about aa_label_vec_find_or_create not being static"
    - Revert "UBUNTU: SAUCE: apparmor: fix refcount race when finding a child profile"
    - Revert "UBUNTU: SAUCE: fixup: cast poison values to remove warnings"
    - Revert "UBUNTU: SAUCE: fixup: get rid of unused var build warning"
    - Revert "UBUNTU: SAUCE: fixup: 20/23 locking issue around in __label_update"
    - Revert "UBUNTU: SAUCE: fixup: make __share_replacedby private to get rid of build warning"
    - Revert "UBUNTU: SAUCE: fix: replacedby forwarding is not being properly update when ns is destroyed"
    - Revert "UBUNTU: SAUCE: apparmor: fix log of apparmor audit message when kern_path() fails"
    - Revert "UBUNTU: SAUCE: fixup: cleanup return handling of labels"
    - Revert "UBUNTU: SAUCE: apparmor: fix: ref count leak when profile sha1 hash is read"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: query label file permission"
    - Revert "UBUNTU: SAUCE: apparmor: Don't remove label on rcu callback if the label has already been removed"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: break circular refcount for label that is directly freed."
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount bug when inserting label update that transitions ns"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: now that insert can force replacement use it instead of remove_and_insert"
    - Revert "UBUNTU: SAUCE: apparmor Fix: refcount bug in pivotroot mediation"
    - Revert "UBUNTU: SAUCE: apparmor: ensure that repacedby sharing is done correctly"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: update replacedby allocation to take a gfp parameter"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: convert replacedby update to be protected by the labelset lock"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: add required locking of __aa_update_replacedby on merge path"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: deadlock in aa_put_label() call chain"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: label_vec_merge insertion"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: ensure new labels resulting from merge have a replacedby"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount leak in aa_label_merge"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount race between locating in labelset and get"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: label merge handling of marking unconfined and stale"
    - Revert "UBUNTU: SAUCE: apparmor: add underscores to indicate aa_label_next_not_in_set() use needs locking"
    - Revert "UBUNTU: SAUCE: apparmor: debug: POISON label and replaceby ...

This bug was fixed in the package linux - 4.4.0-15.31

---------------
linux (4.4.0-15.31) xenial; urgency=low

[ Tim Gardner ]

* Release Tracking Bug
    - LP: #1559252

* Xilinx KU3 Capi card does not show up in Ubuntu  16.04 (LP: #1557001)
    - SAUCE: (noup) cxl: Allow initialization on timebase sync failures

* policy namespace stacking (LP: #1379535)
    - Revert "UBUNTU: SAUCE: Move replacedby allocation into label_alloc"
    - Revert "UBUNTU: SAUCE: Fixup: __label_update() still doesn't handle some cases correctly."
    - Revert "UBUNTU: SAUCE: fix: audit "no_new_privs" case for exec failure"
    - Revert "UBUNTU: SAUCE: fixup: warning about aa_label_vec_find_or_create not being static"
    - Revert "UBUNTU: SAUCE: apparmor: fix refcount race when finding a child profile"
    - Revert "UBUNTU: SAUCE: fixup: cast poison values to remove warnings"
    - Revert "UBUNTU: SAUCE: fixup: get rid of unused var build warning"
    - Revert "UBUNTU: SAUCE: fixup: 20/23 locking issue around in __label_update"
    - Revert "UBUNTU: SAUCE: fixup: make __share_replacedby private to get rid of build warning"
    - Revert "UBUNTU: SAUCE: fix: replacedby forwarding is not being properly update when ns is destroyed"
    - Revert "UBUNTU: SAUCE: apparmor: fix log of apparmor audit message when kern_path() fails"
    - Revert "UBUNTU: SAUCE: fixup: cleanup return handling of labels"
    - Revert "UBUNTU: SAUCE: apparmor: fix: ref count leak when profile sha1 hash is read"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: query label file permission"
    - Revert "UBUNTU: SAUCE: apparmor: Don't remove label on rcu callback if the label has already been removed"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: break circular refcount for label that is directly freed."
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount bug when inserting label update that transitions ns"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: now that insert can force replacement use it instead of remove_and_insert"
    - Revert "UBUNTU: SAUCE: apparmor Fix: refcount bug in pivotroot mediation"
    - Revert "UBUNTU: SAUCE: apparmor: ensure that repacedby sharing is done correctly"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: update replacedby allocation to take a gfp parameter"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: convert replacedby update to be protected by the labelset lock"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: add required locking of __aa_update_replacedby on merge path"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: deadlock in aa_put_label() call chain"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: label_vec_merge insertion"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: ensure new labels resulting from merge have a replacedby"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount leak in aa_label_merge"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: refcount race between locating in labelset and get"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: label merge handling of marking unconfined and stale"
    - Revert "UBUNTU: SAUCE: apparmor: add underscores to indicate aa_label_next_not_in_set() use needs locking"
    - Revert "UBUNTU: SAUCE: apparmor: debug: POISON label and replaceby pointer on free"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: ensure aa_get_newest will trip debugging if the replacedby is not setup"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: insert race between label_update and label_merge"
    - Revert "UBUNTU: SAUCE: apparmor: rework retrieval of the current label in the profile update case"
    - Revert "UBUNTU: SAUCE: apparmor: Disallow update of cred when then subjective != the objective cred"
    - Revert "UBUNTU: SAUCE: apparmor: Fix: oops do to invalid null ptr deref in label print fns"
    - Revert "UBUNTU: SAUCE: fix-up: kern_mount fail path should not be doing put_buffers()"
    - Revert "UBUNTU: SAUCE: apparmor: fix sleep from invalid context"
    - Revert "UBUNTU: SAUCE: (no-up): apparmor: fix for failed mediation of socket that is being shutdown"
    - Revert "UBUNTU: SAUCE: (no-up) apparmor: Fix incompatible pointer type warnings"
    - Revert "UBUNTU: SAUCE: (no-up) apparmor: fix mount not handling disconnected paths"
    - Revert "UBUNTU: SAUCE: (no-up): apparmor: fix mediation of fs unix sockets"
    - Revert "UBUNTU: apparmor -- follow change to this_cpu_ptr"
    - Revert "UBUNTU: SAUCE: (no-up) fix: bad unix_addr_fs macro"
    - Revert "UBUNTU: SAUCE: Revert: fix: only allow a single threaded process to ..."
    - Revert "UBUNTU: SAUCE: (no-up) apparmor: Sync to apparmor3 - RC1 snapshot"
    - Revert "UBUNTU: SAUCE: (no-up) apparmor: add parameter to control whether policy hashing is used"
    - SAUCE: (no-up) apparmor: sync of apparmor3.5-beta1 snapshot
    - SAUCE: add a sysctl to enable unprivileged user ns AppArmor policy loading

* Add arm64 NUMA support (LP: #1558765)
    - SAUCE: (noup) efi: ARM/arm64: ignore DT memory nodes instead of removing them
    - SAUCE: (noup) Documentation, dt, numa: dt bindings for NUMA.
    - [Config] CONFIG_OF_NUMA=y
    - SAUCE: (noup) of, numa: Add NUMA of binding implementation.
    - SAUCE: (noup) arm64: Move unflatten_device_tree() call earlier.
    - [Config] CONFIG_NUMA=y and CONFIG_NODES_SHIFT=2 on arm64
    - SAUCE: (noup) arm64, numa: Add NUMA support for arm64 platforms.
    - SAUCE: (noup) arm64, mm, numa: Add NUMA balancing support for arm64.

* vivid/linux: total ADT test failures (LP: #1558447)
    - Revert "Revert "af_unix: Revert 'lock_interruptible' in stream receive code""

* [Hyper-V] patches to allow kdump crash through NMI (LP: #1558720)
    - Drivers: hv: vmbus: Support handling messages on multiple CPUs
    - Drivers: hv: vmbus: Support kexec on ws2012 r2 and above

* s390/pci: enforce fmb page boundary rule (LP: #1558625)
    - s390/pci: enforce fmb page boundary rule

* s390/pci: backport upstream commits since v4.4 (LP: #1558624)
    - s390/pci_dma: fix DMA table corruption with > 4 TB main memory
    - page_to_phys() always returns a multiple of PAGE_SIZE
    - s390/pci: provide ZPCI_ADDR macro
    - s390/pci: improve ZPCI_* macros
    - s390/pci: resize iomap
    - s390/pci: fix bar check
    - s390/pci: set error state for unusable functions
    - s390/pci: remove iomap sanity checks
    - s390/pci: remove pdev pointer from arch data
    - s390/pci: add ioctl interface for CLP

* IMA-appraisal is unusable in Ubuntu 16.04 (LP: #1558553)
    - [Config] CONFIG_SYSTEM_EXTRA_CERTIFICATE=y, CONFIG_SYSTEM_EXTRA_CERTIFICATE_SIZE=4096
    - KEYS: Use the symbol value for list size, updated by scripts/insert-sys-cert
    - KEYS: Reserve an extra certificate symbol for inserting without recompiling
    - SAUCE: (noup) KEYS: Support for inserting a certificate into x86 bzImage

* skb_warn_bad_offload Crash (LP: #1558025)
    - ipv4: only create late gso-skb if skb is already set up with CHECKSUM_PARTIAL

* Add PCIe root complex to Cavium arm64 (LP: #1558342)
    - [Config] CONFIG_PCI_HOST_COMMON=y
    - [Config] CONFIG_PCI_HOST_THUNDER_PEM=y
    - [Config] CONFIG_PCI_HOST_THUNDER_ECAM=y
    - PCI: generic: Move structure definitions to separate header file
    - PCI: generic: Add pci_host_common_probe(), based on gen_pci_probe()
    - PCI: generic: Expose pci_host_common_probe() for use by other drivers
    - PCI: thunder: Add PCIe host driver for ThunderX processors
    - PCI: thunder: Add driver for ThunderX-pass{1,2} on-chip devices

* [Hyper-V] vmbus: Fix a bug in hv_need_to_signal_on_read() (LP: #1556264)
    - SAUCE: (noup) Drivers: hv: vmbus: Fix a bug in hv_need_to_signal_on_read()

* Xenial update to v4.4.6 stable release (LP: #1558330)
    - arm64: account for sparsemem section alignment when choosing vmemmap offset
    - ARM: mvebu: fix overlap of Crypto SRAM with PCIe memory window
    - ARM: dts: dra7: do not gate cpsw clock due to errata i877
    - ARM: OMAP2+: hwmod: Introduce ti,no-idle dt property
    - PCI: Allow a NULL "parent" pointer in pci_bus_assign_domain_nr()
    - kvm: cap halt polling at exactly halt_poll_ns
    - KVM: VMX: disable PEBS before a guest entry
    - KVM: s390: correct fprs on SIGP (STOP AND) STORE STATUS
    - KVM: PPC: Book3S HV: Sanitize special-purpose register values on guest exit
    - KVM: MMU: fix ept=0/pte.u=1/pte.w=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0 combo
    - KVM: MMU: fix reserved bit check for ept=0/CR0.WP=0/CR4.SMEP=1/EFER.NX=0
    - s390/dasd: fix diag 0x250 inline assembly
    - tracing: Fix check for cpu online when event is disabled
    - dmaengine: at_xdmac: fix residue computation
    - jffs2: reduce the breakage on recovery from halfway failed rename()
    - ncpfs: fix a braino in OOM handling in ncp_fill_cache()
    - ASoC: dapm: Fix ctl value accesses in a wrong type
    - ASoC: samsung: Use IRQ safe spin lock calls
    - ASoC: wm8994: Fix enum ctl accesses in a wrong type
    - ASoC: wm8958: Fix enum ctl accesses in a wrong type
    - ovl: ignore lower entries when checking purity of non-directory entries
    - ovl: fix working on distributed fs as lower layer
    - wext: fix message delay/ordering
    - cfg80211/wext: fix message ordering
    - can: gs_usb: fixed disconnect bug by removing erroneous use of kfree()
    - iwlwifi: mvm: inc pending frames counter also when txing non-sta
    - mac80211: minstrel: Change expected throughput unit back to Kbps
    - mac80211: fix use of uninitialised values in RX aggregation
    - mac80211: minstrel_ht: set default tx aggregation timeout to 0
    - mac80211: minstrel_ht: fix a logic error in RTS/CTS handling
    - mac80211: check PN correctly for GCMP-encrypted fragmented MPDUs
    - mac80211: Fix Public Action frame RX in AP mode
    - gpu: ipu-v3: Do not bail out on missing optional port nodes
    - drm/amdgpu: Fix error handling in amdgpu_flip_work_func.
    - drm/radeon: Fix error handling in radeon_flip_work_func.
    - Revert "drm/radeon/pm: adjust display configuration after powerstate"
    - userfaultfd: don't block on the last VM updates at exit time
    - ovl: fix getcwd() failure after unsuccessful rmdir
    - MIPS: Fix build error when SMP is used without GIC
    - MIPS: smp.c: Fix uninitialised temp_foreign_map
    - block: don't optimize for non-cloned bio in bio_get_last_bvec()
    - target: Drop incorrect ABORT_TASK put for completed commands
    - ld-version: Fix awk regex compile failure
    - Linux 4.4.6

* linux fails to load x.509 built-in certificate (LP: #1557250)
    - lib/mpi: Endianness fix

* s390/kconfig: setting for CONFIG...9P.... (LP: #1557994)
    - [Config] CONFIG_NET_9P=m for s390x

* mlx5_core kernel trace after "ethtool -C eth1 adaptive-rx on" flow
    (LP: #1557950)
    - net/mlx5e: Don't try to modify CQ moderation if it is not supported
    - net/mlx5e: Don't modify CQ before it was created

* [Feature]SD/SDIO/eMMC support for Broxton-P (LP: #1520454)
    - mmc: sdhci: Do not BUG on invalid vdd
    - mmc: enable MMC/SD/SDIO device to suspend/resume asynchronously
    - mmc: It is not an error for the card to be removed while suspended

* s390/kconfig: disable CONFIG_VIRTIO_MMIO (LP: #1557689)
    - [Config] CONFIG_VIRTIO_MMIO=n for s390x

* s390/kconfig: CONFIG_NUMA without CONFIG_NUMA_EMU does not make any sense on s390x (LP: #1557690)
    - [Config] CONFIG_NUMA_EMU=y for s390x

* Miscellaneous Ubuntu changes
    - [Debian] git-ubuntu-log -- prevent bug references being split
    - [Debian] git-ubuntu-log -- git log output is UTF-8

-- Tim Gardner <tim.gardner@canonical.com>  Tue, 15 Mar 2016 13:18:58 -0600

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Revision history for this message

bugproxy (bugproxy) wrote on 2016-03-23: Comment bridged from LTC Bugzilla

#4

------- Comment From <email address hidden> 2016-03-23 11:57 EDT-------
On kernel 4.4.0-15 some of these options are set to =m
I'm not aware if this has same effect as =y.

root@s83lp41:~# cat /boot/config-4.4.0-15-generic | grep _9P
CONFIG_NET_9P=m
CONFIG_NET_9P_VIRTIO=m
CONFIG_NET_9P_RDMA=m
# CONFIG_NET_9P_DEBUG is not set
CONFIG_9P_FS=m
CONFIG_9P_FSCACHE=y
CONFIG_9P_FS_POSIX_ACL=y
CONFIG_9P_FS_SECURITY=y

root@s83lp41:~# uname -a
Linux s83lp41 4.4.0-15-generic #31-Ubuntu SMP Fri Mar 18 19:07:12 UTC 2016 s390x s390x s390x GNU/Linux

Revision history for this message

dann frazier (dannf) wrote on 2016-03-23:

#5

=m means they are build as dynamically loadable modules. As a general purpose distribution, we default to building things as modules when possible. This means that the code is only active and consuming memory when it is being used. =y would mean that the code is always loaded - consuming memory, and increasing the attack surface area for security issues, even if the user never needs that code.

Revision history for this message

bugproxy (bugproxy) wrote on 2016-04-01:

#6

------- Comment From <email address hidden> 2016-04-01 07:45 EDT-------
After some measurements, we think the penalty of a ramdisk (where these modules would reside on) is acceptable, when in turn we can keep the kernel itself small and minimal. So having 9pfs (with virtio and fs_cache) as a module is fine!

Ubuntu
linux package

s390/kconfig: setting for CONFIG...9P....

Bug Description

Related branches

Other bug subscribers

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Wishlist	Tim Gardner
	Xenial	Fix Released	Wishlist	Tim Gardner

Ubuntulinux package

s390/kconfig: setting for CONFIG...9P....

Bug Description

Related branches

Other bug subscribers

Remote bug watches

Ubuntu
linux package