[SRU,F/J:linux-bluefield,v1,0/1] UBUNTU: SAUCE: Fix kernel crash with pka TRNG ioctl all

Message ID	20230104150306.29134-1-shihyic@nvidia.com
Headers	show Return-Path: <kernel-team-bounces@lists.ubuntu.com> Received-SPF: Pass (protection.outlook.com: domain of mellanox.com designates 216.228.117.160 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.160; helo=mail.nvidia.com; pr=C From: shihyic <shihyic@nvidia.com> To: <kernel-team@lists.ubuntu.com> Subject: [SRU][F/J:linux-bluefield][PATCH v1 0/1] UBUNTU: SAUCE: Fix kernel crash with pka TRNG ioctl all Date: Wed, 4 Jan 2023 10:03:05 -0500 Message-ID: <20230104150306.29134-1-shihyic@nvidia.com> MIME-Version: 1.0 Precedence: list Cc: Shih-Yi Chen <shihyic@nvidia.com> Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>
Series	UBUNTU: SAUCE: Fix kernel crash with pka TRNG ioctl all \| expand [SRU,F/J:linux-bluefield,v1,0/1] UBUNTU: SAUCE: Fix kernel crash with pka TRNG ioctl all [SRU,F/J:linux-bluefield,v1,1/1] UBUNTU: SAUCE: mlxbf-pka: Fix kernel crash with pka TRNG ioctl call

shihyic Jan. 4, 2023, 3:03 p.m. UTC

From: Shih-Yi Chen <shihyic@nvidia.com>

BugLink: https://bugs.launchpad.net/bugs/2001564

SRU Justification

[Impact]
Bluefield encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors.

Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000ffffce65d328

[Fix]
* Change TRNG ioctl kernel handler code to copy data from user to kernel space.

[Test Case]
* openssl rand -engine pka 512
* Tested with HTTPS clients like wget, curl using pka engine for TLS handshakes.

[Potential Regression]
* This fix has been tested with varieties of HTTPS clients and no known regression.

Tim Gardner Jan. 6, 2023, 4:57 p.m. UTC | #1

On 1/4/23 8:03 AM, shihyic wrote:
> From: Shih-Yi Chen <shihyic@nvidia.com>
> 
> BugLink: https://bugs.launchpad.net/bugs/2001564
> 
> SRU Justification
> 
> [Impact]
> Bluefield encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors.
> 
> Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000ffffce65d328
> 
> [Fix]
> * Change TRNG ioctl kernel handler code to copy data from user to kernel space.
> 
> [Test Case]
> * openssl rand -engine pka 512
> * Tested with HTTPS clients like wget, curl using pka engine for TLS handshakes.
> 
> [Potential Regression]
> * This fix has been tested with varieties of HTTPS clients and no known regression.
> 
> 
Acked-by: Tim Gardner <tim.gardner@canonical.com>

Cengiz Can Jan. 9, 2023, 8:31 p.m. UTC | #2

On 23-01-04 10:03:05, shihyic wrote:
> From: Shih-Yi Chen <shihyic@nvidia.com>
> 
> BugLink: https://bugs.launchpad.net/bugs/2001564
> 
> SRU Justification
> 
> [Impact]
> Bluefield encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors.
> 
> Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000ffffce65d328
> 
> [Fix]
> * Change TRNG ioctl kernel handler code to copy data from user to kernel space.
> 
> [Test Case]
> * openssl rand -engine pka 512
> * Tested with HTTPS clients like wget, curl using pka engine for TLS handshakes.
> 
> [Potential Regression]
> * This fix has been tested with varieties of HTTPS clients and no known regression. 

Acked-by: Cengiz Can <cengiz.can@canonical.com>

> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Bartlomiej Zolnierkiewicz Jan. 13, 2023, 3:51 p.m. UTC | #3

Applied to focal:linux-bluefield/master-next and
jammy:linux-bluefield/master-next. Thanks.

--
Best regards,
Bartlomiej

On Fri, Jan 6, 2023 at 5:14 PM shihyic <shihyic@nvidia.com> wrote:
>
> From: Shih-Yi Chen <shihyic@nvidia.com>
>
> BugLink: https://bugs.launchpad.net/bugs/2001564
>
> SRU Justification
>
> [Impact]
> Bluefield encounters kernel crash/oops when HTTPS client uses OpenSSL with PKA engine during TLS handshake. The issue is with TRNG ioctl call. The kernel logs show the following errors.
>
> Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000ffffce65d328
>
> [Fix]
> * Change TRNG ioctl kernel handler code to copy data from user to kernel space.
>
> [Test Case]
> * openssl rand -engine pka 512
> * Tested with HTTPS clients like wget, curl using pka engine for TLS handshakes.
>
> [Potential Regression]
> * This fix has been tested with varieties of HTTPS clients and no known regression.
>

shihyic April 4, 2023, 6:46 p.m. UTC | #4

From: Shih-Yi Chen <shihyic@nvidia.com>

BugLink: https://bugs.launchpad.net/bugs/2015292

SRU Justification

[Impact]
Bluefield 3 ACPI/Window RAM configuration and related code is missing. This affects BF3 functionality w/ PKA Ring character devices being created correctly.

[Fix]
* Added ACPI config and code to detect BF3 hardware and provision the Ring devices correctly.

[Test Case]
* Tested on BF3 with mlxbf-pka module load and check the /dev/pka/<n> Ring char devices are created with correct number of entries.
* Tested with "openssl speed -engine pka -async_jobs 8 rsa" and verified the performance number show the PKA acceleration in place.

[Potential Regression]
* This fix has been tested with varieties of BF3: MB and HB cards.

Tim Gardner April 5, 2023, 2:26 p.m. UTC | #5

On 4/4/23 12:46 PM, Shih-Yi Chen wrote:
> From: Shih-Yi Chen <shihyic@nvidia.com>
> 
> BugLink: https://bugs.launchpad.net/bugs/2015292
> 
> SRU Justification
> 
> [Impact]
> Bluefield 3 ACPI/Window RAM configuration and related code is missing. This affects BF3 functionality w/ PKA Ring character devices being created correctly.
> 
> [Fix]
> * Added ACPI config and code to detect BF3 hardware and provision the Ring devices correctly.
> 
> [Test Case]
> * Tested on BF3 with mlxbf-pka module load and check the /dev/pka/<n> Ring char devices are created with correct number of entries.
> * Tested with "openssl speed -engine pka -async_jobs 8 rsa" and verified the performance number show the PKA acceleration in place.
> 
> [Potential Regression]
> * This fix has been tested with varieties of BF3: MB and HB cards.
> 

Perhaps my email client has malfunctioned, but this email appears to be 
unattached to a thread, nor is there a patch associated with it.

Bartlomiej Zolnierkiewicz April 5, 2023, 5:01 p.m. UTC | #6

On Wed, Apr 5, 2023 at 4:27 PM Tim Gardner <tim.gardner@canonical.com> wrote:
>
> On 4/4/23 12:46 PM, Shih-Yi Chen wrote:
> > From: Shih-Yi Chen <shihyic@nvidia.com>
> >
> > BugLink: https://bugs.launchpad.net/bugs/2015292
> >
> > SRU Justification
> >
> > [Impact]
> > Bluefield 3 ACPI/Window RAM configuration and related code is missing. This affects BF3 functionality w/ PKA Ring character devices being created correctly.
> >
> > [Fix]
> > * Added ACPI config and code to detect BF3 hardware and provision the Ring devices correctly.
> >
> > [Test Case]
> > * Tested on BF3 with mlxbf-pka module load and check the /dev/pka/<n> Ring char devices are created with correct number of entries.
> > * Tested with "openssl speed -engine pka -async_jobs 8 rsa" and verified the performance number show the PKA acceleration in place.
> >
> > [Potential Regression]
> > * This fix has been tested with varieties of BF3: MB and HB cards.
> >
>
> Perhaps my email client has malfunctioned, but this email appears to be
> unattached to a thread, nor is there a patch associated with it.

Same issue for me.

Shih-Yi, could you please check that on your side and submit the
patchset again if needed. Thank you.

--
Best regards,
Bartlomiej

[SRU,F/J:linux-bluefield,v1,0/1] UBUNTU: SAUCE: Fix kernel crash with pka TRNG ioctl all

Message

Comments