group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #38279
[Bug 1866149] Re: CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd default sysctl
This bug was fixed in the package linux-kvm - 4.15.0-1084.86
---------------
linux-kvm (4.15.0-1084.86) bionic; urgency=medium
* bionic/linux-kvm: 4.15.0-1084.86 -proposed tracker (LP: #1911288)
* CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd
default sysctl (LP: #1866149)
- [Config]: set CONFIG_BASE_FULL
[ Ubuntu: 4.15.0-133.137 ]
* bionic/linux: 4.15.0-133.137 -proposed tracker (LP: #1911295)
* [drm:qxl_enc_commit [qxl]] *ERROR* head number too large or missing monitors
config: (LP: #1908219)
- qxl: remove qxl_io_log()
- qxl: move qxl_send_monitors_config()
- qxl: hook monitors_config updates into crtc, not encoder.
* Touchpad not detected on ByteSpeed C15B laptop (LP: #1906128)
- Input: i8042 - add ByteSpeed touchpad to noloop table
* vmx_nm_test in ubuntu_kvm_unit_tests interrupted on X-oracle-4.15 /
B-oracle-4.15 / X-KVM / B-KVM (LP: #1872401)
- KVM: nVMX: Always reflect #NM VM-exits to L1
* stack trace in kernel (LP: #1903596)
- net: napi: remove useless stack trace
* CVE-2020-27777
- [Config]: Set CONFIG_PPC_RTAS_FILTER
* Bionic update: upstream stable patchset 2020-12-04 (LP: #1906875)
- regulator: defer probe when trying to get voltage from unresolved supply
- ring-buffer: Fix recursion protection transitions between interrupt context
- time: Prevent undefined behaviour in timespec64_to_ns()
- nbd: don't update block size after device is started
- btrfs: sysfs: init devices outside of the chunk_mutex
- btrfs: reschedule when cloning lots of extents
- genirq: Let GENERIC_IRQ_IPI select IRQ_DOMAIN_HIERARCHY
- hv_balloon: disable warning when floor reached
- net: xfrm: fix a race condition during allocing spi
- perf tools: Add missing swap for ino_generation
- ALSA: hda: prevent undefined shift in snd_hdac_ext_bus_get_link()
- can: rx-offload: don't call kfree_skb() from IRQ context
- can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ
context
- can: dev: __can_get_echo_skb(): fix real payload length return value for RTR
frames
- can: can_create_echo_skb(): fix echo skb generation: always use skb_clone()
- can: peak_usb: add range checking in decode operations
- can: peak_usb: peak_usb_get_ts_time(): fix timestamp wrapping
- can: peak_canfd: pucan_handle_can_rx(): fix echo management when loopback is
on
- xfs: flush new eof page on truncate to avoid post-eof corruption
- Btrfs: fix missing error return if writeback for extent buffer never started
- ath9k_htc: Use appropriate rs_datalen type
- usb: gadget: goku_udc: fix potential crashes in probe
- gfs2: Free rd_bits later in gfs2_clear_rgrpd to fix use-after-free
- gfs2: Add missing truncate_inode_pages_final for sd_aspace
- gfs2: check for live vs. read-only file system in gfs2_fitrim
- scsi: hpsa: Fix memory leak in hpsa_init_one()
- drm/amdgpu: perform srbm soft reset always on SDMA resume
- mac80211: fix use of skb payload instead of header
- cfg80211: regulatory: Fix inconsistent format argument
- scsi: scsi_dh_alua: Avoid crash during alua_bus_detach()
- iommu/amd: Increase interrupt remapping table limit to 512 entries
- pinctrl: intel: Set default bias in case no particular value given
- ARM: 9019/1: kprobes: Avoid fortify_panic() when copying optprobe template
- pinctrl: aspeed: Fix GPI only function problem.
- nbd: fix a block_device refcount leak in nbd_release
- xfs: fix flags argument to rmap lookup when converting shared file rmaps
- xfs: fix rmap key and record comparison functions
- xfs: fix a missing unlock on error in xfs_fs_map_blocks
- of/address: Fix of_node memory leak in of_dma_is_coherent
- cosa: Add missing kfree in error path of cosa_write
- perf: Fix get_recursion_context()
- ext4: correctly report "not supported" for {usr,grp}jquota when
!CONFIG_QUOTA
- ext4: unlock xattr_sem properly in ext4_inline_data_truncate()
- thunderbolt: Add the missed ida_simple_remove() in ring_request_msix()
- uio: Fix use-after-free in uio_unregister_device()
- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode
- mei: protect mei_cl_mtu from null dereference
- futex: Don't enable IRQs unconditionally in put_pi_state()
- ocfs2: initialize ip_next_orphan
- selinux: Fix error return code in sel_ib_pkey_sid_slow()
- don't dump the threads that had been already exiting when zapped.
- drm/gma500: Fix out-of-bounds access to struct drm_device.vblank[]
- pinctrl: amd: use higher precision for 512 RtcClk
- pinctrl: amd: fix incorrect way to disable debounce filter
- swiotlb: fix "x86: Don't panic if can not alloc buffer for swiotlb"
- IPv6: Set SIT tunnel hard_header_len to zero
- net/af_iucv: fix null pointer dereference on shutdown
- net/x25: Fix null-ptr-deref in x25_connect
- vrf: Fix fast path output packet handling with async Netfilter rules
- r8169: fix potential skb double free in an error path
- net: Update window_clamp if SOCK_RCVBUF is set
- random32: make prandom_u32() output unpredictable
- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-
on STIBP
- perf/core: Fix bad use of igrab()
- perf/core: Fix crash when using HW tracing kernel filters
- perf/core: Fix a memory leak in perf_event_parse_addr_filter()
- Revert "kernel/reboot.c: convert simple_strtoul to kstrtoint"
- reboot: fix overflow parsing reboot cpu number
- Convert trailing spaces and periods in path components
- xfs: fix scrub flagging rtinherit even if there is no rt device
- drm/amd/pm: perform SMC reset on suspend/hibernation
- drm/amd/pm: do not use ixFEATURE_STATUS for checking smc running
- s390/smp: move rcu_cpu_starting() earlier
- tpm_tis: Disable interrupts on ThinkPad T490s
- tick/common: Touch watchdog in tick_unfreeze() on all CPUs
- mfd: sprd: Add wakeup capability for PMIC IRQ
- btrfs: ref-verify: fix memory leak in btrfs_ref_tree_mod
- thunderbolt: Fix memory leak if ida_simple_get() fails in
enumerate_services()
- btrfs: fix potential overflow in cluster_pages_for_defrag on 32bit arch
- mmc: renesas_sdhi_core: Add missing tmio_mmc_host_free() at remove
[ Ubuntu: 4.15.0-132.136 ]
* bionic/linux: 4.15.0-132.136 -proposed tracker (LP: #1911147)
* Packaging resync (LP: #1786013)
- update dkms package versions
* CVE-2020-28374
- SAUCE: target: fix XCOPY NAA identifier lookup
[ Ubuntu: 4.15.0-130.134 ]
* Packaging resync (LP: #1786013)
- update dkms package versions
* CVE-2021-1052 // CVE-2021-1053
- [Packaging] NVIDIA -- Add the NVIDIA 460 driver
-- Kelsey Skunberg <kelsey.skunberg@xxxxxxxxxxxxx> Thu, 14 Jan 2021
16:21:24 -0700
** Changed in: linux-kvm (Ubuntu Bionic)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27777
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-28374
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-1052
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-1053
** Changed in: linux-kvm (Ubuntu Focal)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-16120
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1866149
Title:
CONFIG_BASE_SMALL=1 restricts pid space, which conflicts with systemd
default sysctl
Status in linux package in Ubuntu:
Invalid
Status in linux-kvm package in Ubuntu:
Incomplete
Status in linux source package in Xenial:
Invalid
Status in linux-kvm source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Invalid
Status in linux-kvm source package in Bionic:
Fix Released
Status in linux source package in Focal:
Invalid
Status in linux-kvm source package in Focal:
Fix Released
Status in linux source package in Groovy:
Invalid
Status in linux-kvm source package in Groovy:
Fix Released
Bug description:
[Impact]
systemd-systemctl will fail to set kernel.pid_max, leading to a degraded boot.
[Fix]
Set CONFIG_BASE_FULL=y, CONFIG_BASE_SMALL=0.
[Test case]
Write 419304 to /proc/sys/kernel/pid_max.
[Potential regression]
Boot time may be affected.
====================================================================
I'm not completely sure which package to log this against.
I'm running the kvm focal minimal cloud image from 20200302. I noticed
on boot that there was an error complaining that systemd-systemctl
couldn't update pid_max to the value it wanted:
systemd-sysctl[117]: Couldn't write '4194304' to 'kernel/pid_max':
Invalid argument
Digging into it a bit more, this comes from /usr/lib/sysctl.d/50-pid-max.conf:
# Bump the numeric PID range to its maximum of 2^22 (from the in-kernel default
# of 2^16), to make PID collisions less likely.
kernel.pid_max = 4194304
However, the linux-image-kvm kernel is compiled with
CONFIG_BASE_SMALL=1
and this triggers the following code in include/linux/threads.h
#define PID_MAX_LIMIT (CONFIG_BASE_SMALL ? PAGE_SIZE * 8 : \
(sizeof(long) > 4 ? 4 * 1024 * 1024 : PID_MAX_DEFAULT))
which means that if CONFIG_BASE_SMALL is set we get a maximum limit of
PAGE_SIZE * 8, which on x86 would be 32768.
As a workaround I can override it with a file in /etc/sysctl.d/ but
this shouldn't be needed.
I really don't know if CONFIG_BASE_SMALL makes any sense on x86 cloud
images, they really aren't small machines in the scheme of things!
Cheers
David
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1866149/+subscriptions