Bug 662721
| Summary: | Fix hot-unplug handling of virtio-console ports [rhel-6.0.z] | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | RHEL Program Management <pm-rhel> |
| Component: | kernel | Assignee: | Frantisek Hrbata <fhrbata> |
| Status: | CLOSED ERRATA | QA Contact: | Jan Malanik <jmalanik> |
| Severity: | medium | Docs Contact: | |
| Priority: | urgent | ||
| Version: | 6.1 | CC: | amit.shah, cpelland, dhoward, gyue, jmalanik, lihuang, llim, michen, pm-eus, security-response-team, tburke |
| Target Milestone: | rc | Keywords: | ZStream |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel-2.6.32-71.16.1.el6 | Doc Type: | Bug Fix |
| Doc Text: |
The virtio-console device did not handle the hot-unplug operation properly. As a result, virtio-console could access the memory outside the driver's memory area and cause kernel panic on the guest. With this update, multiple fixes to the virtio-console device resolved this issue and the hot-unplug operation works as expected.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-02-22 17:39:03 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 628805 | ||
| Bug Blocks: | |||
|
Description
RHEL Program Management
2010-12-13 17:21:30 UTC
Reproduced this bug with fixed in 2.6.32-71.15.1.el6using the steps in:https://bugzilla.redhat.com/show_bug.cgi?id=624628#c24 and The sigio test are all FAIL. Verified on 2.6.32-71.16.1.el6(guest's kernel) using the same steps and sigio test are all pass: # ./run-test.sh /usr/libexec/qemu-kvm -drive file=/home/rhel6.0_64.qcow2,if=none,id=test,boot=on,cache=none,format=qcow2,werror=stop,rerror=stop -device virtio-blk-pci,drive=test -chardev socket,path=/tmp/amit/test0,server,nowait,id=test0 -chardev socket,path=/tmp/amit/test1,server,nowait,id=test1 -chardev socket,path=/tmp/amit/test2,server,nowait,id=test2 -chardev socket,path=/tmp/amit/test3,server,nowait,id=test3 -chardev socket,path=/tmp/amit/test4,server,nowait,id=test4 -device virtio-serial -device virtconsole,chardev=test0,name=console.0 -device virtserialport,chardev=test1,name=test1 -device virtserialport,chardev=test2,name=test2 -device virtserialport,chardev=test3,name=test3 -device virtserialport,chardev=test4,name=test4 -vnc :1 -net none -enable-kvm -m 1G -serial file:/tmp/amit/test-serial.log -monitor unix:/tmp/amit/test-monitor,server,nowait -snapshot -smp 2 Using CPU model "cpu64-rhel6" Using CPU model "cpu64-rhel6" Guest is up 1 ......... test_sigio_handler - enabled ( open): PASS test_sigio_handler - enabled ( in): PASS test_sigio_handler - enabled ( close): PASS test_sigio_handler - enabled ( multi-c2): PASS test_sigio_handler - enabled ( multi-c3): PASS test_sigio_handler - enabled ( multi-c4): PASS test_sigio_handler - enabled (poll-sigio): PASS ......... sorry for pasting wrong verified info here, change it back to ON_QA. Reproduced this bug with qemu-kvm-0.12.1.2-2.146 and guest kernel 2.6.32-71.14.1.el6 using the following steps, guest hang after hotplugging virtserialport during file transfer from guest to host, tried 4 times, failed 4 times. Verified this bug with qemu-kvm-0.12.1.2-2.146 and guest kernel 2.6.32-71.16.1.el6 using the following steps, guest runs normally after hotplugging virtserialport during file transfer from guest to host and dd reports "dd: write '/dev/vport0p1' : No such device", tried 4 times, pass 4 times. steps: 1. start guest # /usr/libexec/qemu-kvm -m 2G -smp 2 -uuid `uuidgen` -rtc base=utc,clock=host,driftfix=slew -boot c -drive file=/home/rhel6.0_64.qcow2,index=0,if=none,id=drive-virtio-disk1,media=disk,cache=none,format=qcow2 -device virtio-blk-pci,bus=pci.0,drive=drive-virtio-disk1,id=virtio-disk0 -netdev tap,id=hostnet0,vhost=on -device virtio-net-pci,netdev=hostnet0,mac=20:20:20:51:29:71,bus=pci.0,addr=0x7,id=hostnet0 -monitor unix:'/tmp/monitor-humanmonitor1-20100625-165355-sNdR',server,nowait -serial stdio -vnc :1 -device virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x4 -chardev socket,id=channel0,path=/home/rhel6.channel0,server,nowait -device virtserialport,chardev=channel0,name=org.linux-kvm.port.0,bus=virtio-serial0.0,id=port1 2. in host: #nc -U /home/rhel6.channel0 3. in guest: # dd if=/dev/vda of=/dev/vport0p1 bs=1M count=1024 4. hot-unplug the port in monitor during the date transferring (qemu) device_del port1 (In reply to comment #6) > Reproduced this bug with qemu-kvm-0.12.1.2-2.146 and guest kernel > 2.6.32-71.14.1.el6 using the following steps, guest hang after hotplugging s/hotplugging/hot-unplugging > virtserialport during file transfer from guest to host, tried 4 times, failed 4 > times. > > Verified this bug with qemu-kvm-0.12.1.2-2.146 and guest kernel > 2.6.32-71.16.1.el6 using the following steps, guest runs normally after > hotplugging virtserialport during file transfer from guest to host and dd s/hotplugging/hot-unplugging > reports "dd: write '/dev/vport0p1' : No such device", tried 4 times, pass 4 > times. > > steps: > 1. start guest > # /usr/libexec/qemu-kvm -m 2G -smp 2 -uuid `uuidgen` -rtc > base=utc,clock=host,driftfix=slew -boot c -drive > file=/home/rhel6.0_64.qcow2,index=0,if=none,id=drive-virtio-disk1,media=disk,cache=none,format=qcow2 > -device virtio-blk-pci,bus=pci.0,drive=drive-virtio-disk1,id=virtio-disk0 > -netdev tap,id=hostnet0,vhost=on -device > virtio-net-pci,netdev=hostnet0,mac=20:20:20:51:29:71,bus=pci.0,addr=0x7,id=hostnet0 > -monitor unix:'/tmp/monitor-humanmonitor1-20100625-165355-sNdR',server,nowait > -serial stdio -vnc :1 -device > virtio-serial-pci,id=virtio-serial0,max_ports=16,bus=pci.0,addr=0x4 -chardev > socket,id=channel0,path=/home/rhel6.channel0,server,nowait -device > virtserialport,chardev=channel0,name=org.linux-kvm.port.0,bus=virtio-serial0.0,id=port1 > 2. in host: > #nc -U /home/rhel6.channel0 > 3. in guest: > # dd if=/dev/vda of=/dev/vport0p1 bs=1M count=1024 > 4. hot-unplug the port in monitor during the date transferring > (qemu) device_del port1 An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2011-0283.html
Technical note added. If any revisions are required, please edit the "Technical Notes" field
accordingly. All revisions will be proofread by the Engineering Content Services team.
New Contents:
The virtio-console device did not handle the hot-unplug operation properly. As a result, virtio-console could access the memory outside the driver's memory area and cause kernel panic on the guest. With this update, multiple fixes to the virtio-console device resolved this issue and the hot-unplug operation works as expected.
|