group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #27068
[Bug 1797314] Re: fscache: bad refcounting in fscache_op_complete leads to OOPS
This bug was fixed in the package linux - 4.15.0-39.42
---------------
linux (4.15.0-39.42) bionic; urgency=medium
* linux: 4.15.0-39.42 -proposed tracker (LP: #1799411)
* Linux: insufficient shootdown for paging-structure caches (LP: #1798897)
- mm: move tlb_table_flush to tlb_flush_mmu_free
- mm/tlb: Remove tlb_remove_table() non-concurrent condition
- mm/tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE
- [Config] CONFIG_HAVE_RCU_TABLE_INVALIDATE=y
* Ubuntu18.04: GPU total memory is reduced (LP: #1792102)
- Revert "powerpc/powernv: Increase memory block size to 1GB on radix"
* arm64: snapdragon: reduce boot noise (LP: #1797154)
- [Config] arm64: snapdragon: DRM_MSM=m
- [Config] arm64: snapdragon: SND*=m
- [Config] arm64: snapdragon: disable ARM_SDE_INTERFACE
- [Config] arm64: snapdragon: disable DRM_I2C_ADV7511_CEC
- [Config] arm64: snapdragon: disable VIDEO_ADV7511, VIDEO_COBALT
* [Bionic] CPPC bug fixes (LP: #1796949)
- ACPI / CPPC: Update all pr_(debug/err) messages to log the susbspace id
- cpufreq: CPPC: Don't set transition_latency
- ACPI / CPPC: Fix invalid PCC channel status errors
* regression in 'ip --family bridge neigh' since linux v4.12 (LP: #1796748)
- rtnetlink: fix rtnl_fdb_dump() for ndmsg header
* screen displays abnormally on the lenovo M715 with the AMD GPU (Radeon Vega
8 Mobile, rev ca, 1002:15dd) (LP: #1796786)
- drm/amd/display: Fix takover from VGA mode
- drm/amd/display: early return if not in vga mode in disable_vga
- drm/amd/display: Refine disable VGA
* arm64: snapdragon: WARNING: CPU: 0 PID: 1 arch/arm64/kernel/setup.c:271
reserve_memblock_reserved_regions (LP: #1797139)
- SAUCE: arm64: Fix /proc/iomem for reserved but not memory regions
* The front MIC can't work on the Lenovo M715 (LP: #1797292)
- ALSA: hda/realtek - Fix the problem of the front MIC on the Lenovo M715
* Keyboard backlight sysfs sometimes is missing on Dell laptops (LP: #1797304)
- platform/x86: dell-smbios: Correct some style warnings
- platform/x86: dell-smbios: Rename dell-smbios source to dell-smbios-base
- platform/x86: dell-smbios: Link all dell-smbios-* modules together
- [Config] CONFIG_DELL_SMBIOS_SMM=y, CONFIG_DELL_SMBIOS_WMI=y
* rpi3b+: ethernet not working (LP: #1797406)
- lan78xx: Don't reset the interface on open
* 87cdf3148b11 was never backported to 4.15 (LP: #1795653)
- xfrm: Verify MAC header exists before overwriting eth_hdr(skb)->h_proto
* [Ubuntu18.04][Power9][DD2.2]package installation segfaults inside debian
chroot env in P9 KVM guest with HTM enabled (kvm) (LP: #1792501)
- KVM: PPC: Book3S HV: Fix guest r11 corruption with POWER9 TM workarounds
* Provide mode where all vCPUs on a core must be the same VM (LP: #1792957)
- KVM: PPC: Book3S HV: Provide mode where all vCPUs on a core must be the same
VM
* fscache: bad refcounting in fscache_op_complete leads to OOPS (LP: #1797314)
- SAUCE: fscache: Fix race in decrementing refcount of op->npages
* CVE-2018-9363
- Bluetooth: hidp: buffer overflow in hidp_process_report
* CVE-2017-13168
- scsi: sg: mitigate read/write abuse
* [Bionic] ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID
is set (LP: #1797200)
- ACPI / PPTT: use ACPI ID whenever ACPI_PPTT_ACPI_PROCESSOR_ID_VALID is set
* [Bionic] arm64: topology: Avoid checking numa mask for scheduler MC
selection (LP: #1797202)
- arm64: topology: Avoid checking numa mask for scheduler MC selection
* crypto/vmx - Backport of Fix sleep-in-atomic bugs patch for 18.04
(LP: #1790832)
- crypto: vmx - Fix sleep-in-atomic bugs
* hns3: autoneg settings get lost on down/up (LP: #1797654)
- net: hns3: Fix for information of phydev lost problem when down/up
* not able to unwind the stack from within __kernel_clock_gettime in the Linux
vDSO (LP: #1797963)
- powerpc/vdso: Correct call frame information
* Signal 7 error when running GPFS tracing in cluster (LP: #1792195)
- powerpc/mm/books3s: Add new pte bit to mark pte temporarily invalid.
- powerpc/mm/radix: Only need the Nest MMU workaround for R -> RW transition
* Support Edge Gateway's WIFI LED (LP: #1798330)
- SAUCE: mwifiex: Switch WiFi LED state according to the device status
* Support Edge Gateway's Bluetooth LED (LP: #1798332)
- SAUCE: Bluetooth: Support for LED on Edge Gateways
* USB cardreader (0bda:0328) make the system can't enter s3 or hang
(LP: #1798328)
- usb: Don't disable Latency tolerance Messaging (LTM) before port reset
* CVE-2018-15471
- xen-netback: fix input validation in xenvif_set_hash_mapping()
* CVE-2018-16658
- cdrom: Fix info leak/OOB read in cdrom_ioctl_drive_status
* [Bionic] Update ThunderX2 implementation defined pmu core events
(LP: #1796904)
- perf vendor events arm64: Update ThunderX2 implementation defined pmu core
events
* the machine of lenovo M715 with the AMD GPU (Radeon Vega 8 Mobile, rev ca,
1002:15dd) often hangs randomly (LP: #1796789)
- drm/amd: Add missing fields in atom_integrated_system_info_v1_11
* [18.04] GLK hang after a while (LP: #1760545)
- drm/i915/glk: Add MODULE_FIRMWARE for Geminilake
* Fix usbcore.quirks when used at boot (LP: #1795784)
- usb: core: safely deal with the dynamic quirk lists
-- Kleber Sacilotto de Souza <kleber.souza@xxxxxxxxxxxxx> Tue, 23 Oct
2018 14:44:55 +0000
** Changed in: linux (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-13168
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-15471
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-16658
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-9363
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1797314
Title:
fscache: bad refcounting in fscache_op_complete leads to OOPS
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Cosmic:
Fix Committed
Bug description:
SRU Justification
-----------------
[Impact]
A kernel BUG is sometimes observed when using fscache:
[4740718.880898] FS-Cache:
[4740718.880920] FS-Cache: Assertion failed
[4740718.880934] FS-Cache: 0 > 0 is false
[4740718.881001] ------------[ cut here ]------------
[4740718.881017] kernel BUG at /usr/src/linux-4.4.0/fs/fscache/operation.c:449!
[4740718.881040] invalid opcode: 0000 [#1] SMP
[4740718.892659] Call Trace:
[4740718.893506] [<ffffffffc1464cf9>] cachefiles_read_copier+0x3a9/0x410 [cachefiles]
[4740718.894374] [<ffffffffc037e272>] fscache_op_work_func+0x22/0x50 [fscache]
[4740718.895180] [<ffffffff81096da0>] process_one_work+0x150/0x3f0
[4740718.895966] [<ffffffff8109751a>] worker_thread+0x11a/0x470
[4740718.896753] [<ffffffff81808e59>] ? __schedule+0x359/0x980
[4740718.897783] [<ffffffff81097400>] ? rescuer_thread+0x310/0x310
[4740718.898581] [<ffffffff8109cdd6>] kthread+0xd6/0xf0
[4740718.899469] [<ffffffff8109cd00>] ? kthread_park+0x60/0x60
[4740718.900477] [<ffffffff8180d0cf>] ret_from_fork+0x3f/0x70
[4740718.901514] [<ffffffff8109cd00>] ? kthread_park+0x60/0x60
[Problem]
In include/linux/fscache-cache.h, fscache_retrieval_complete reads, in
part:
atomic_sub(n_pages, &op->n_pages);
if (atomic_read(&op->n_pages) <= 0)
fscache_op_complete(&op->op, true);
The code is using atomic_sub followed by an atomic_read. This causes
two threads doing a decrement of pages to race with each other seeing
the op->refcount <= 0 at same time, and end up calling
fscache_op_complete in both the threads leading to the OOPS.
[Fix]
The fix is trivial to use atomic_sub_return instead of two calls.
[Testcase]
I believe the user has tested the patch successfully on their fscache/cachefiles setup.
[Regression Potential]
Limited to fscache. Small, comprehensible change.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1797314/+subscriptions
