APPLIED/cmnt: [SRU][Cosmic][Bionic][Xenial][PATCH 0/2] Fixes for LP1800639 [v2]

Khaled Elmously khalid.elmously at canonical.com
Thu Nov 8 05:29:12 UTC 2018 

Couldn't extract the patches from the email again. I cherry-picked from mainline (which worked fine this time) and manually edited the commit messages.



On 2018-11-02 20:19:54 , Frank Heimes wrote:
> BugLink: http://bugs.launchpad.net/bugs/1800639
> 
> == SRU Justification ==
> 
> 'Fix socket buffer (skb) leaks for HiperTransport'
> Description: net/af_iucv: fix skb leaks for HiperTransport
> Symptom: Memory leaks and/or double-freed network packets.
> Problem: Inbound packets may have any combination of flag bits set in
> their iucv header. Current code only handles certain
> combinations, and ignores (ie. leaks) all packets with other flags.
> 
> On Transmit, current code is inconsistent about whether the error
> paths need to free the skb. Depending on which error path is
> taken, it may either get freed twice, or leak.
> Solution: On receive, drop any skb with an unexpected combination of iucv
> Header flags.
> On transmit, be consistent in all error paths about free'ing the skb.
> 
> == Fix ==
> 
> 2224409 ("net/af_iucv: drop inbound packets with invalid flags")
> b2f5439 ("net/af_iucv: fix skb handling on HiperTransport xmit error")
> 
> == Regression Potential ==
> 
> Low, because:
> - IUCV functionality is very special to s390x
> - and even more special because it's only supported in z/VM environments
>   (z/VM hypervisor to guest or guest to guest communications)
> - So everything is s390x specific.
> - Patch is limited to this single file: /net/iucv/af_iucv.c
> - This was identified as problem situation by IBM
>   then fixed, the fix tested and now needs to rolled out as preventive fix.
> 
> == Test Case ==
> 
> Set IUCV communication on an Ubuntu s390x system that runs as z/VM guest:
> https://www.ibm.com/support/knowledgecenter/en/linuxonibm/com.ibm.linux.z.ludd/ludd_r_afiucv_setup.html
> Provoke an error situation.
> This is btw. hard to do, because the 'Inter-User Communication Vehicle"
> (IUCV) is a virtual z/VM internal
> network that does not use any real media.
> To check for regressions one can use a shell over an ssh connection using
> an IUCV interface
> or use an application that utilizes AF_IUCV sockets (like ICC).

> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

More information about the kernel-team mailing list