APPLIED: [B/F/G/H] Out of order reads can fetch a NULL pointer causing a kernel crash
Stefan Bader
stefan.bader at canonical.com
Tue May 4 15:55:55 UTC 2021
On 26.04.21 23:41, Guilherme G. Piccoli wrote:
> BugLink: https://bugs.launchpad.net/bugs/1926184
>
>
> [NOTE]
> * We have reports of this issue happening in AWS instances, so we sent this
> with a priority "flag" for linux-aws - the tests (see below) were performed
> with -aws kernels. This will/should reach all Ubuntu kernels organically
> via the regular upstream stable process, but nothing prevent us to merge
> it now, from this submission.
>
> [Impact]
> * Out of order reads can fetch a NULL pointer causing a kernel crash. Affects
> kernels from v4.15 to v5.11.
>
> [Fix]
> * commit 84a24bf8c52e ("locking/qrwlock: Fix ordering in queued_write_lock_slowpath()")
>
> * For Bionic, we also require an additional patch:
> commit fcfdfe30e324 ("locking/barriers: Introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed()")
>
> [Where problems could occur]
>
> * This is quite a subtle bug. It is more prevalent on arm64. Regression
> possibility seems quite low. The worst impact could be a minor performance
> degradation.
>
> * Kernels 4.15 / 5.4 / 5.8 / 5.11 were successfully built and booted with this
> patch. Also, by using ftrace we could see that the changed function was executed
> with success multiple times.
>
>
Applied to bionic,focal,groovy,hirsute:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20210504/548d6c60/attachment.sig>
More information about the kernel-team
mailing list