This bug was fixed in the package linux - 4.10.0-30.34
---------------
linux (4.10.0-30.34) zesty; urgency=low
* CVE-2017-7533
- dentry name snapshots
linux (4.10.0-29.33) zesty; urgency=low
* linux: 4.10.0-29.33 -proposed tracker (LP: #1704961)
* Opal and POWER9 DD2 (LP: #1702159)
- powerpc/powernv: Tell OPAL about our MMU mode on POWER9
- powerpc/powernv: Fix boot on Power8 bare metal due to
opal_configure_cores()
* CVE-2017-1000364
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
- mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
* [Xenial] nvme: Quirks for PM1725 controllers (LP: #1704435)
- nvme: Quirks for PM1725 controllers
* hns: under heavy load, NIC may fail and require reboot (LP: #1704146)
- net: hns: Bugfix for Tx timeout handling in hns driver
* New ACPI identifiers for ThunderX SMMU (LP: #1703437)
- iommu/arm-smmu: Plumb in new ACPI identifiers
* CVE-2017-7482
- rxrpc: Fix several cases where a padded len isn't checked in ticket decode
* CVE-2017-1000365
- fs/exec.c: account for argv/envp pointers
* CVE-2017-10810
- drm/virtio: don't leak bo on drm_gem_object_init failure
* Data corruption with hio driver (LP: #1701316)
- SAUCE: hio: Fix incorrect use of enum req_opf values
* arm64: fix crash reading /proc/kcore (LP: #1702749)
- fs/proc: kcore: use kcore_list type to check for vmalloc/module address
- arm64: mm: select CONFIG_ARCH_PROC_KCORE_TEXT
* cxlflash update request in the Xenial SRU stream (LP: #1702521)
- scsi: cxlflash: Refactor context reset to share reset logic
- scsi: cxlflash: Support SQ Command Mode
- scsi: cxlflash: Cleanup prints
- scsi: cxlflash: Cancel scheduled workers before stopping AFU
- scsi: cxlflash: Enable PCI device ID for future IBM CXL Flash AFU
- scsi: cxlflash: Separate RRQ processing from the RRQ interrupt handler
- scsi: cxlflash: Serialize RRQ access and support offlevel processing
- scsi: cxlflash: Implement IRQ polling for RRQ processing
- scsi: cxlflash: Update sysfs helper routines to pass config structure
- scsi: cxlflash: Support dynamic number of FC ports
- scsi: cxlflash: Remove port configuration assumptions
- scsi: cxlflash: Hide FC internals behind common access routine
- scsi: cxlflash: SISlite updates to support 4 ports
- scsi: cxlflash: Support up to 4 ports
- scsi: cxlflash: Fence EEH during probe
- scsi: cxlflash: Remove unnecessary DMA mapping
- scsi: cxlflash: Fix power-of-two validations
- scsi: cxlflash: Fix warnings/errors
- scsi: cxlflash: Improve asynchronous interrupt processing
- scsi: cxlflash: Support multiple hardware queues
- scsi: cxlflash: Add hardware queues attribute
- scsi: cxlflash: Introduce hardware queue steering
- cxl: Enable PCI device IDs for future IBM CXL adapters
- scsi: cxlflash: Select IRQ_POLL
- scsi: cxlflash: Combine the send queue locks
- scsi: cxlflash: Update cxlflash_afu_sync() to return errno
- scsi: cxlflash: Reset hardware queue context via specified register
- scsi: cxlflash: Schedule asynchronous reset of the host
- scsi: cxlflash: Handle AFU sync failures
- scsi: cxlflash: Track pending scsi commands in each hardware queue
- scsi: cxlflash: Flush pending commands in cleanup path
- scsi: cxlflash: Add scsi command abort handler
- scsi: cxlflash: Create character device to provide host management
interface
- scsi: cxlflash: Separate AFU internal command handling from AFU sync
specifics
- scsi: cxlflash: Introduce host ioctl support
- scsi: cxlflash: Refactor AFU capability checking
- scsi: cxlflash: Support LUN provisioning
- scsi: cxlflash: Support AFU debug
- scsi: cxlflash: Support WS16 unmap
- scsi: cxlflash: Remove zeroing of private command data
- scsi: cxlflash: Update TMF command processing
- scsi: cxlflash: Avoid double free of character device
- scsi: cxlflash: Update send_tmf() parameters
- scsi: cxlflash: Update debug prints in reset handlers
* Ath10k to read different board data file if specify in SMBIOS (LP: #1666742)
- ath10k: search SMBIOS for OEM board file extension
* APST gets enabled against explicit kernel option (LP: #1699004)
- nvme: Display raw APST configuration via DYNAMIC_DEBUG
- nvme: Add nvme_core.force_apst to ignore the NO_APST quirk
- nvme: explicitly disable APST on quirked devices
* Quirk for non-compliant PCI bridge on HiSilicon D05 board (LP: #1698706)
- SAUCE: PCI: Support hibmc VGA cards behind a misbehaving HiSilicon bridge
* New NVLINK2 patches (LP: #1701272)
- powerpc/powernv/npu-dma: Add explicit flush when sending an ATSD
- powerpc/npu-dma: Remove spurious WARN_ON when a PCI device has no of_node
* ERAT invalidate on context switch removal (LP: #1700819)
- powerpc: Only do ERAT invalidate on radix context switch on P9 DD1
* powerpc: Invalidate ERAT on powersave wakeup for POWER9 (LP: #1700521)
- powerpc/64s: Invalidate ERAT on powersave wakeup for POWER9
* update ENA driver to 1.2.0k from net-next (LP: #1701575)
- net/ena: use napi_complete_done() return value
- net: ena: remove superfluous check in ena_remove()
- net/ena: switch to pci_alloc_irq_vectors
- net: ena: fix rare uncompleted admin command false alarm
- net: ena: fix bug that might cause hang after consecutive open/close
interface.
- net: ena: add missing return when ena_com_get_io_handlers() fails
- net: ena: fix race condition between submit and completion admin command
- net: ena: add missing unmap bars on device removal
- net: ena: fix theoretical Rx hang on low memory systems
- net: ena: disable admin msix while working in polling mode
- net: ena: bug fix in lost tx packets detection mechanism
- net: ena: update ena driver to version 1.1.7
- net: ena: change return value for unsupported features unsupported return
value
- net: ena: add hardware hints capability to the driver
- net: ena: change sizeof() argument to be the type pointer
- net: ena: add reset reason for each device FLR
- net: ena: add support for out of order rx buffers refill
- net: ena: allow the driver to work with small number of msix vectors
- net: ena: use napi_schedule_irqoff when possible
- net: ena: separate skb allocation to dedicated function
- net: ena: use lower_32_bits()/upper_32_bits() to split dma address
- net: ena: update driver's rx drop statistics
- net: ena: update ena driver to version 1.2.0
-- Thadeu Lima de Souza Cascardo <casca...@canonical.com> Mon, 31 Jul
2017 14:27:53 -0300
** Changed in: linux (Ubuntu Zesty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000364
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000365
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-10810
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7482
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7533
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1701316
Title:
Data corruption with hio driver
Status in linux package in Ubuntu:
Fix Committed
Status in linux source package in Xenial:
Invalid
Status in linux source package in Yakkety:
Won't Fix
Status in linux source package in Zesty:
Fix Released
Status in linux source package in Artful:
Fix Committed
Bug description:
Impact: Data corruption is seen when using the hio driver with 4.10
and later kernels.
Fix: Patch to fix incorrect use of enumerated values as bitmasks.
Test case: See below.
Regression potential: Very low. Changes are simple and Obviously
Correct (TM), and they only affect the hio driver.
---
We are seeing data corruption issues using the hio driver with kernel
4.10.0
# uname -a
Linux arbok 4.10.0-26-generic #30~16.04.1-Ubuntu SMP Tue Jun 27 09:40:14 UTC
2017 x86_64 x86_64 x86_64 GNU/Linux
Making xfs fails:
root@arbok:~# mkfs.xfs /dev/hioa
meta-data=/dev/hioa isize=512 agcount=4, agsize=48835584 blks
= sectsz=512 attr=2, projid32bit=1
= crc=1 finobt=1, sparse=0
data = bsize=4096 blocks=195342336, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=1
log =internal log bsize=4096 blocks=95382, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
bad magic number
bad magic number
Metadata corruption detected at xfs_sb block 0x0/0x200
libxfs_writebufr: write verifer failed on xfs_sb bno 0x0/0x200
The drive appears to be healthy. Firmware has been upgraded to ver
656:
root@arbok:~# hio_info -d /dev/hioa
hioa Serial number: 022XWV10G2000325
Size(GB): 800
Max size(GB): 800
Hardware version: 1.0
Firmware version: 656
Driver version: 2.1.0.28
Work mode: MLC
Run time (sec.): 8910490
Total read(MB): 8499
Total write(MB): 0
Lifetime remaining: 99.844%
Max bad block rate: 0.167%
Health: OK
Comment: NA
No relevant entries about read/write errors in dmesg
Also just copying 8G random data and reading those back gives a hash mismatch:
root@arbok:~# dd if=/dev/urandom of=test.dat bs=1G count=8 iflag=fullblock
8+0 records in
8+0 records out
8589934592 bytes (8.6 GB, 8.0 GiB) copied, 85.6076 s, 100 MB/s
root@arbok:~# dd if=test.dat of=/dev/hioa bs=1G count=8 iflag=fullblock
8+0 records in
8+0 records out
8589934592 bytes (8.6 GB, 8.0 GiB) copied, 10.6034 s, 810 MB/s
root@arbok:~# dd if=/dev/hioa of=read-back.dat bs=1G count=8 iflag=fullblock
sha256sum test.dat read-
8+0 records in
8+0 records out
8589934592 bytes (8.6 GB, 8.0 GiB) copied, 66.1872 s, 130 MB/s
root@arbok:~# sha256sum test.dat read-back.dat
6376d245a07c42c990589a3c17c44e63d826d1cb583fc5a065deff9dae69fd3a test.dat
ebfb4ef19ae410f190327b5ebd312711263bc7579970e87d9c1e2d84e06b3c25
read-back.dat
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1701316/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
