Message ID | CA+jPhpcATmzzx6iYU6WTpoij5uPGkdkaWbYSMisLbCvZgTB1AQ@mail.gmail.com |
---|---|
Headers | show |
Series | Fixes for LP1800639 [v2] | expand |
On 02/11/2018 19:19, Frank Heimes wrote: > BugLink: http://bugs.launchpad.net/bugs/1800639 > > == SRU Justification == > > 'Fix socket buffer (skb) leaks for HiperTransport' > Description: net/af_iucv: fix skb leaks for HiperTransport > Symptom: Memory leaks and/or double-freed network packets. > Problem: Inbound packets may have any combination of flag bits set in > their iucv header. Current code only handles certain > combinations, and ignores (ie. leaks) all packets with other flags. > > On Transmit, current code is inconsistent about whether the error > paths need to free the skb. Depending on which error path is > taken, it may either get freed twice, or leak. > Solution: On receive, drop any skb with an unexpected combination of iucv > Header flags. > On transmit, be consistent in all error paths about free'ing the skb. > > == Fix == > > 2224409 ("net/af_iucv: drop inbound packets with invalid flags") > b2f5439 ("net/af_iucv: fix skb handling on HiperTransport xmit error") > > == Regression Potential == > > Low, because: > - IUCV functionality is very special to s390x > - and even more special because it's only supported in z/VM environments > (z/VM hypervisor to guest or guest to guest communications) > - So everything is s390x specific. > - Patch is limited to this single file: /net/iucv/af_iucv.c > - This was identified as problem situation by IBM > then fixed, the fix tested and now needs to rolled out as preventive fix. > > == Test Case == > > Set IUCV communication on an Ubuntu s390x system that runs as z/VM guest: > https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ludd/ludd_r_afiucv_setup.html > Provoke an error situation. > This is btw. hard to do, because the 'Inter-User Communication Vehicle" > (IUCV) is a virtual z/VM internal > network that does not use any real media. > To check for regressions one can use a shell over an ssh connection > using an IUCV interface > or use an application that utilizes AF_IUCV sockets (like ICC). > > Both patches are upstream cherry picks and look OK to me.. so for both patches: Acked-by: Colin Ian King <colin.king@canonical.com>
On 02.11.18 20:19, Frank Heimes wrote: > BugLink: http://bugs.launchpad.net/bugs/1800639 > > == SRU Justification == > > 'Fix socket buffer (skb) leaks for HiperTransport' > Description: net/af_iucv: fix skb leaks for HiperTransport > Symptom: Memory leaks and/or double-freed network packets. > Problem: Inbound packets may have any combination of flag bits set in > their iucv header. Current code only handles certain > combinations, and ignores (ie. leaks) all packets with other flags. > > On Transmit, current code is inconsistent about whether the error > paths need to free the skb. Depending on which error path is > taken, it may either get freed twice, or leak. > Solution: On receive, drop any skb with an unexpected combination of iucv > Header flags. > On transmit, be consistent in all error paths about free'ing the skb. > > == Fix == > > 2224409 ("net/af_iucv: drop inbound packets with invalid flags") > b2f5439 ("net/af_iucv: fix skb handling on HiperTransport xmit error") > > == Regression Potential == > > Low, because: > - IUCV functionality is very special to s390x > - and even more special because it's only supported in z/VM environments > (z/VM hypervisor to guest or guest to guest communications) > - So everything is s390x specific. > - Patch is limited to this single file: /net/iucv/af_iucv.c > - This was identified as problem situation by IBM > then fixed, the fix tested and now needs to rolled out as preventive fix. > > == Test Case == > > Set IUCV communication on an Ubuntu s390x system that runs as z/VM guest: > https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ludd/ludd_r_afiucv_setup.html > Provoke an error situation. > This is btw. hard to do, because the 'Inter-User Communication Vehicle" (IUCV) > is a virtual z/VM internal > network that does not use any real media. > To check for regressions one can use a shell over an ssh connection using an > IUCV interface > or use an application that utilizes AF_IUCV sockets (like ICC). > > Acked-by: Stefan Bader <stefan.bader@canonical.com> ... still not liking HTML mails...
Couldn't extract the patches from the email again. I cherry-picked from mainline (which worked fine this time) and manually edited the commit messages. On 2018-11-02 20:19:54 , Frank Heimes wrote: > BugLink: http://bugs.launchpad.net/bugs/1800639 > > == SRU Justification == > > 'Fix socket buffer (skb) leaks for HiperTransport' > Description: net/af_iucv: fix skb leaks for HiperTransport > Symptom: Memory leaks and/or double-freed network packets. > Problem: Inbound packets may have any combination of flag bits set in > their iucv header. Current code only handles certain > combinations, and ignores (ie. leaks) all packets with other flags. > > On Transmit, current code is inconsistent about whether the error > paths need to free the skb. Depending on which error path is > taken, it may either get freed twice, or leak. > Solution: On receive, drop any skb with an unexpected combination of iucv > Header flags. > On transmit, be consistent in all error paths about free'ing the skb. > > == Fix == > > 2224409 ("net/af_iucv: drop inbound packets with invalid flags") > b2f5439 ("net/af_iucv: fix skb handling on HiperTransport xmit error") > > == Regression Potential == > > Low, because: > - IUCV functionality is very special to s390x > - and even more special because it's only supported in z/VM environments > (z/VM hypervisor to guest or guest to guest communications) > - So everything is s390x specific. > - Patch is limited to this single file: /net/iucv/af_iucv.c > - This was identified as problem situation by IBM > then fixed, the fix tested and now needs to rolled out as preventive fix. > > == Test Case == > > Set IUCV communication on an Ubuntu s390x system that runs as z/VM guest: > https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ludd/ludd_r_afiucv_setup.html > Provoke an error situation. > This is btw. hard to do, because the 'Inter-User Communication Vehicle" > (IUCV) is a virtual z/VM internal > network that does not use any real media. > To check for regressions one can use a shell over an ssh connection using > an IUCV interface > or use an application that utilizes AF_IUCV sockets (like ICC). > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team