APAR status
Closed as program error.
Error description
Running mmbuildgpl on x86_64 with Linux kernels that include fixes for the retbleed vulnerability (CVE-2022-29900) results in an error. As a result, GPFS is not usable with these kernel versions. Specifically, this problem is hit with: SLES 15 SP3 kernel update 5.3.18-150300.59.87.1 or higher SLES 15 SP4 kernel update 5.14.21-150400.24.11.1 Ubuntu 22.04 kernel update 5.15.0-45.48 It is expected that the same changes will also be backported to RHEL, but no RHEL kernel updates with retbleed fixes have been released yet. The same applies to Ubuntu 20.04; no kernel updates have been released yet with this changes, but this should happen eventually. The information provided by the Linux distributions are useful references: https://www.suse.com/security/cve/CVE-2022-29900.html https://ubuntu.com/security/CVE-2022-29900 https://access.redhat.com/security/cve/CVE-2022-29900
Local fix
The required change can also be applied manually: Edit the file /usr/lpp/mmfs/src/gpl-linux/Kbuild Around line 100 there is a line: $(KBHOSTPROGS) := lxtrace Before that line, add a new one with: CFLAGS_kdump-kern.o += -mfunction-return=keep Save the file and run mmbuildgpl again.
Problem summary
Running mmbuildgpl on x86_64 with Linux kernels that include fixes for the retbleed vulnerability (CVE-2022-29900) results in an error. As a result, GPFS is not usable with these kernel versions. Specifically, this problem is hit with: SLES 15 SP3 kernel update 5.3.18-150300.59.87.1 or higher SLES 15 SP4 kernel update 5.14.21-150400.24.11.1 Ubuntu 22.04 kernel update 5.15.0-45.48 It is expected that the same changes will also be backported to RHEL, but no RHEL kernel updates with retbleed fixes have been released yet. The same applies to Ubuntu 20.04; no kernel updates have been released yet with this changes, but this should happen eventually. The information provided by the Linux distributions are useful references: https://www.suse.com/security/cve/CVE-2022-29900.html https://ubuntu.com/security/CVE-2022-29900 https://access.redhat.com/security/cve/CVE-2022-29900
Problem conclusion
This problem is fixed in 5.1.2 PTF 7 To see all Spectrum Scale APARs and their respective fix solutions refer to page https://public.dhe.ibm.com/storage/spectrumscale/spectrum_scale_ apars.html Benefits of the solution: Fix the mmbuildgpl compile process, so that modules can be compiled and GPFS can be started with these kernel updates. Work Around: The required change can also be applied manually: Edit the file /usr/lpp/mmfs/src/gpl-linux/Kbuild Around line 100 there is a line: $(KBHOSTPROGS) := lxtrace Before that line, add a new one with: CFLAGS_kdump-kern.o += -mfunction-return=keep Save the file and run mmbuildgpl again. Problem trigger: This problem occurs when updating the Linux kernel to a version with retbleed patches included. Symptom: Component Level Outage (GPFS will be unusable on the node) Platforms affected: x86_64-linux only Functional Area affected: All Scale Users Customer Impact: High Importance
Temporary fix
Comments
APAR Information
APAR number
IJ41620
Reported component name
SPEC SCALE STD
Reported component ID
5737F33AP
Reported release
512
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-08-17
Closed date
2022-08-17
Last modified date
2022-08-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SPEC SCALE STD
Fixed component ID
5737F33AP
Applicable component levels
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"STXKQY"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"512","Line of Business":{"code":"LOB26","label":"Storage"}}]
Document Information
Modified date:
17 August 2022