kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #86945
[Bug 1375266] Re: amd-iommu: kernel BUG & lockup after shutting down KVM guest using PCI passthrough/PCIe bridge
This bug was fixed in the package linux - 3.13.0-39.66
---------------
linux (3.13.0-39.66) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1386629
[ Upstream Kernel Changes ]
* KVM: x86: Check non-canonical addresses upon WRMSR
- LP: #1384539
- CVE-2014-3610
* KVM: x86: Prevent host from panicking on shared MSR writes.
- LP: #1384539
- CVE-2014-3610
* KVM: x86: Improve thread safety in pit
- LP: #1384540
- CVE-2014-3611
* KVM: x86: Fix wrong masking on relative jump/call
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Warn if guest virtual address space is not 48-bits
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Emulator fixes for eip canonical checks on near branches
- LP: #1384545
- CVE-2014-3647
* KVM: x86: emulating descriptor load misses long-mode case
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Handle errors when RIP is set during far jumps
- LP: #1384545
- CVE-2014-3647
* kvm: vmx: handle invvpid vm exit gracefully
- LP: #1384544
- CVE-2014-3646
* Input: synaptics - gate forcepad support by DMI check
- LP: #1381815
linux (3.13.0-38.65) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1379244
[ Andy Whitcroft ]
* Revert "SAUCE: scsi: hyper-v storsvc switch up to SPC-3"
- LP: #1354397
* [Config] linux-image-extra is additive to linux-image
- LP: #1375310
* [Config] linux-image-extra postrm is not needed on purge
- LP: #1375310
[ Upstream Kernel Changes ]
* Revert "KVM: x86: Increase the number of fixed MTRR regs to 10"
- LP: #1377564
* Revert "USB: option,zte_ev: move most ZTE CDMA devices to zte_ev"
- LP: #1377564
* aufs: bugfix, stop calling security_mmap_file() again
- LP: #1371316
* ipvs: fix ipv6 hook registration for local replies
- LP: #1349768
* Drivers: add blist flags
- LP: #1354397
* sd: fix a bug in deriving the FLUSH_TIMEOUT from the basic I/O timeout
- LP: #1354397
* drm/i915/bdw: Add 42ms delay for IPS disable
- LP: #1374389
* drm/i915: add null render states for gen6, gen7 and gen8
- LP: #1374389
* drm/i915/bdw: 3D_CHICKEN3 has write mask bits
- LP: #1374389
* drm/i915/bdw: Disable idle DOP clock gating
- LP: #1374389
* drm/i915: call lpt_init_clock_gating on BDW too
- LP: #1374389
* drm/i915: shuffle panel code
- LP: #1374389
* drm/i915: extract backlight minimum brightness from VBT
- LP: #1374389
* drm/i915: respect the VBT minimum backlight brightness
- LP: #1374389
* drm/i915/bdw: Apply workarounds in render ring init function
- LP: #1374389
* drm/i915/bdw: Cleanup pre prod workarounds
- LP: #1374389
* drm/i915: Replace hardcoded cacheline size with macro
- LP: #1374389
* drm/i915: Refactor Broadwell PIPE_CONTROL emission into a helper.
- LP: #1374389
* drm/i915: Add the WaCsStallBeforeStateCacheInvalidate:bdw workaround.
- LP: #1374389
* drm/i915/bdw: Remove BDW preproduction W/As until C stepping.
- LP: #1374389
* mptfusion: enable no_write_same for vmware scsi disks
- LP: #1371591
* iommu/amd: Fix cleanup_domain for mass device removal
- LP: #1375266
* cifs: mask off top byte in get_rfc1002_length()
- LP: #1372482
* Input: synaptics - add support for ForcePads
- LP: #1377564
* ASoC: pxa-ssp: drop SNDRV_PCM_FMTBIT_S24_LE
- LP: #1377564
* drm/radeon: add bapm module parameter
- LP: #1377564
* drm/radeon: Add missing lines to ci_set_thermal_temperature_range
- LP: #1377564
* drm/radeon: Add ability to get and change dpm state when radeon PX card
is turned off
- LP: #1377564
* ALSA: hda/realtek - Avoid setting wrong COEF on ALC269 & co
- LP: #1377564
* of/irq: Fix lookup to use 'interrupts-extended' property first
- LP: #1377564
* Possible null ptr deref in SMB2_tcon
- LP: #1377564
* CIFS: Fix SMB2 readdir error handling
- LP: #1377564
* CIFS: Fix wrong directory attributes after rename
- LP: #1377564
* md/raid6: avoid data corruption during recovery of double-degraded
RAID6
- LP: #1377564
* ARM: dts: i.MX53: fix apparent bug in VPU clks
- LP: #1377564
* pata_scc: propagate return value of scc_wait_after_reset
- LP: #1377564
* libata: widen Crucial M550 blacklist matching
- LP: #1377564
* ALSA: hda - restore the gpio led after resume
- LP: #1358116, #1377564
* md/raid10: fix memory leak when reshaping a RAID10.
- LP: #1377564
* md/raid10: Fix memory leak when raid10 reshape completes.
- LP: #1377564
* MIPS: OCTEON: make get_system_type() thread-safe
- LP: #1377564
* can: c_can: checking IS_ERR() instead of NULL
- LP: #1377564
* HID: logitech: perform bounds checking on device_id early enough
- LP: #1377564
* firmware: Do not use WARN_ON(!spin_is_locked())
- LP: #1377564
* drm/radeon: add new KV pci id
- LP: #1377564
* drm/radeon: add new bonaire pci ids
- LP: #1377564
* drm/radeon: add additional SI pci ids
- LP: #1377564
* ibmveth: Fix endian issues with rx_no_buffer statistic
- LP: #1377564
* spi/omap-mcspi: Fix the spi task hangs waiting dma_rx
- LP: #1377564
* xtensa: replace IOCTL code definitions with constants
- LP: #1377564
* xtensa: fix address checks in dma_{alloc,free}_coherent
- LP: #1377564
* xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS
- LP: #1377564
* xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
- LP: #1377564
* xtensa: fix a6 and a7 handling in fast_syscall_xtensa
- LP: #1377564
* staging: lustre: Remove circular dependency on header
- LP: #1377564
* USB: option: reduce interrupt-urb logging verbosity
- LP: #1377564
* USB: option: add VIA Telecom CDS7 chipset device id
- LP: #1377564
* USB: zte_ev: remove duplicate Gobi PID
- LP: #1377564
* USB: zte_ev: remove duplicate Qualcom PID
- LP: #1377564
* USB: ftdi_sio: add Basic Micro ATOM Nano USB2Serial PID
- LP: #1377564
* USB: serial: pl2303: add device id for ztek device
- LP: #1377564
* USB: ftdi_sio: Added PID for new ekey device
- LP: #1377564
* xhci: Treat not finding the event_seg on COMP_STOP the same as
COMP_STOP_INVAL
- LP: #1377564
* usb: xhci: amd chipset also needs short TX quirk
- LP: #1377564
* xhci: rework cycle bit checking for new dequeue pointers
- LP: #1377564
* spi/pxa2xx: Add ACPI ID for Intel Braswell
- LP: #1377564
* ALSA: core: fix buffer overflow in snd_info_get_line()
- LP: #1377564
* HID: logitech-dj: prevent false errors to be shown
- LP: #1377564
* usb: ehci: using wIndex + 1 for hub port
- LP: #1377564
* staging/rtl8188eu: add 0df6:0076 Sitecom Europe B.V.
- LP: #1377564
* staging: r8188eu: Add new USB ID
- LP: #1377564
* mtd: nand: omap: Fix 1-bit Hamming code scheme, omap_calculate_ecc()
- LP: #1377564
* trace: Fix epoll hang when we race with new entries
- LP: #1377564
* cfq-iosched: Fix wrong children_weight calculation
- LP: #1377564
* USB: sisusb: add device id for Magic Control USB video
- LP: #1377564
* NFSv4: Fix problems with close in the presence of a delegation
- LP: #1377564
* usb: hub: Prevent hub autosuspend if usbcore.autosuspend is -1
- LP: #1377564
* ARM: 8128/1: abort: don't clear the exclusive monitors
- LP: #1377564
* ARM: 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy
strex
- LP: #1377564
* USB: serial: fix potential stack buffer overflow
- LP: #1377564
* USB: serial: fix potential heap buffer overflow
- LP: #1377564
* ext4: update i_disksize coherently with block allocation on error path
- LP: #1377564
* jbd2: fix infinite loop when recovering corrupt journal blocks
- LP: #1377564
* jbd2: fix descriptor block size handling errors with journal_csum
- LP: #1377564
* memblock, memhotplug: fix wrong type in memblock_find_in_range_node().
- LP: #1377564
* xattr: fix check for simultaneous glibc header inclusion
- LP: #1377564
* KVM: s390: Fix user triggerable bug in dead code
- LP: #1377564
* KVM: s390/mm: try a cow on read only pages for key ops
- LP: #1377564
* regmap: Fix regcache debugfs initialization
- LP: #1377564
* regmap: Fix handling of volatile registers for format_write() chips
- LP: #1377564
* ASoC: rt5640: Do not allow regmap to use bulk read-write operations
- LP: #1377564
* drm/i915: Remove bogus __init annotation from DMI callbacks
- LP: #1377564
* hwmon: (ds1621) Update zbits after conversion rate change
- LP: #1377564
* arm64: ptrace: fix compat hardware watchpoint reporting
- LP: #1377564
* ARM/ARM64: KVM: Nuke Hyp-mode tlbs before enabling MMU
- LP: #1377564
* arm/arm64: KVM: Complete WFI/WFE instructions
- LP: #1377564
* get rid of propagate_umount() mistakenly treating slaves as busy.
- LP: #1377564
* fix EBUSY on umount() from MNT_SHRINKABLE
- LP: #1377564
* regmap: Don't attempt block writes when syncing cache on single_rw
devices
- LP: #1377564
* drm/vmwgfx: Fix a potential infinite spin waiting for fifo idle
- LP: #1377564
* ALSA: hda - Fix digital mic on Acer Aspire 3830TG
- LP: #1377564
* xfs: don't dirty buffers beyond EOF
- LP: #1377564
* xfs: don't zero partial page cache pages during O_DIRECT writes
- LP: #1377564
* xfs: don't zero partial page cache pages during O_DIRECT writes
- LP: #1377564
* ALSA: hda - Fix COEF setups for ALC1150 codec
- LP: #1377564
* i2c: rcar: fix MNR interrupt handling
- LP: #1377564
* i2c: mv64xxx: continue probe when clock-frequency is missing
- LP: #1377564
* i2c: at91: Fix a race condition during signal handling in
at91_do_twi_xfer.
- LP: #1377564
* i2c: at91: add bound checking on SMBus block length bytes
- LP: #1377564
* aio: add missing smp_rmb() in read_events_ring
- LP: #1377564
* KEYS: Fix use-after-free in assoc_array_gc()
- LP: #1377564
* ACPI / cpuidle: fix deadlock between cpuidle_lock and cpu_hotplug.lock
- LP: #1377564
* USB: fix build error with CONFIG_PM_RUNTIME disabled
- LP: #1377564
* Linux 3.13.11.8
- LP: #1377564
* powerpc: Fix kdump hang issue on p8 with relocation on exception
enabled.
- LP: #1352056
* net-gre-gro: Fix a bug that breaks the forwarding path
- LP: #1377851
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Tue, 28 Oct 2014 10:29:51 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3610
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3611
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3646
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3647
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1375266
Title:
amd-iommu: kernel BUG & lockup after shutting down KVM guest using PCI
passthrough/PCIe bridge
Status in The Linux Kernel:
Unknown
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Bug description:
SRU Justification:
[Impact]
When using a KVM VM and adding certain combinations of PCI/PCI-e devices an oops and freeze can occur when shutting down a VM.
[Fix]
Commit 9b29d3c6510407d91786c1cf9183ff4debb3473a which is upstream in 3.17-rc2 and in stable/3.16.y.
This fix changes how cleanup_domain detaches device, instead of using the list_for_each_entyr_safe macro, it just iterates through the devices and removes the first element.
[Test Case]
Create KVM VM with a specific configuration of PCI/PCIe devices, and shutdown the VM. See https://bugzilla.kernel.org/show_bug.cgi?id=81841 for details.
--
This kernel lockup bug was reported to and fixed upstream:
https://bugzilla.kernel.org/show_bug.cgi?id=81841
Please backport the "stable" kernel patch to Ubuntu kernels (at least trusty, which I use in this setup):
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9b29d3c6510407d91786c1cf9183ff4debb3473a
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-3.13.0-35-generic 3.13.0-35.62
ProcVersionSignature: Ubuntu 3.13.0-35.62-generic 3.13.11.6
Uname: Linux 3.13.0-35-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version k3.13.0-35-generic.
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay'
ApportVersion: 2.14.1-0ubuntu3.4
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/by-path', '/dev/snd/controlC1', '/dev/snd/hwC1D0', '/dev/snd/pcmC1D0c', '/dev/snd/pcmC1D0p', '/dev/snd/pcmC1D1p', '/dev/snd/pcmC1D2c', '/dev/snd/controlC0', '/dev/snd/hwC0D0', '/dev/snd/pcmC0D3p', '/dev/snd/pcmC0D7p', '/dev/snd/pcmC0D8p', '/dev/snd/pcmC0D9p', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory: 'iw'
Card0.Amixer.info: Error: [Errno 2] No such file or directory: 'amixer'
Card0.Amixer.values: Error: [Errno 2] No such file or directory: 'amixer'
Card1.Amixer.info: Error: [Errno 2] No such file or directory: 'amixer'
Card1.Amixer.values: Error: [Errno 2] No such file or directory: 'amixer'
Date: Mon Sep 29 16:19:50 2014
HibernationDevice: RESUME=UUID=54378db4-8de4-45f0-b7cb-2d8e1097139d
InstallationDate: Installed on 2014-09-04 (25 days ago)
InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2)
MachineType: To Be Filled By O.E.M. To Be Filled By O.E.M.
ProcEnviron:
LANGUAGE=en_US:en
TERM=xterm
PATH=(custom, no user)
LANG=en_US.UTF-8
SHELL=/usr/bin/zsh
ProcFB: 0 radeondrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-35-generic root=UUID=a8f2d0ae-f43e-47de-9ef9-99fed8c9c78e ro nomdmonddf nomdmonisw nomdmonddf nomdmonisw
RelatedPackageVersions:
linux-restricted-modules-3.13.0-35-generic N/A
linux-backports-modules-3.13.0-35-generic N/A
linux-firmware 1.127.7
RfKill: Error: [Errno 2] No such file or directory: 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
WifiSyslog:
dmi.bios.date: 01/24/2014
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: P2.90
dmi.board.name: FM2A88X Extreme6+
dmi.board.vendor: ASRock
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: To Be Filled By O.E.M.
dmi.chassis.version: To Be Filled By O.E.M.
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrP2.90:bd01/24/2014:svnToBeFilledByO.E.M.:pnToBeFilledByO.E.M.:pvrToBeFilledByO.E.M.:rvnASRock:rnFM2A88XExtreme6+:rvr:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
dmi.product.name: To Be Filled By O.E.M.
dmi.product.version: To Be Filled By O.E.M.
dmi.sys.vendor: To Be Filled By O.E.M.
To manage notifications about this bug go to:
https://bugs.launchpad.net/linux/+bug/1375266/+subscriptions
References
