This bug was fixed in the package linux - 4.10.0-33.37
---------------
linux (4.10.0-33.37) zesty; urgency=low
* linux: 4.10.0-33.37 -proposed tracker (LP: #1709303)
* CVE-2017-1000112
- Revert "udp: consistently apply ufo or fragmentation"
- udp: consistently apply ufo or fragmentation
* CVE-2017-1000111
- Revert "net-packet: fix race in packet_set_ring on PACKET_RESERVE"
- packet: fix tp_reserve race in packet_set_ring
* ThunderX: soft lockup on 4.8+ kernels when running qemu-efi with vhost=on
(LP: #1673564)
- irqchip/gic-v3: Add missing system register definitions
- arm64: KVM: Do not use stack-protector to compile EL2 code
- KVM: arm/arm64: vgic-v3: Use PREbits to infer the number of ICH_APxRn_EL2
registers
- KVM: arm/arm64: vgic-v3: Fix nr_pre_bits bitfield extraction
- arm64: Add a facility to turn an ESR syndrome into a sysreg encoding
- KVM: arm/arm64: vgic-v3: Add accessors for the ICH_APxRn_EL2 registers
- KVM: arm64: Make kvm_condition_valid32() accessible from EL2
- KVM: arm64: vgic-v3: Add hook to handle guest GICv3 sysreg accesses at EL2
- KVM: arm64: vgic-v3: Add ICV_BPR1_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_IGRPEN1_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_IAR1_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_EOIR1_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_AP1Rn_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_HPPIR1_EL1 handler
- KVM: arm64: vgic-v3: Enable trapping of Group-1 system registers
- KVM: arm64: Enable GICv3 Group-1 sysreg trapping via command-line
- KVM: arm64: vgic-v3: Add ICV_BPR0_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_IGNREN0_EL1 handler
- KVM: arm64: vgic-v3: Add misc Group-0 handlers
- KVM: arm64: vgic-v3: Enable trapping of Group-0 system registers
- KVM: arm64: Enable GICv3 Group-0 sysreg trapping via command-line
- arm64: Add MIDR values for Cavium cn83XX SoCs
- [Config] CONFIG_CAVIUM_ERRATUM_30115=y
- arm64: Add workaround for Cavium Thunder erratum 30115
- KVM: arm64: vgic-v3: Add ICV_DIR_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_RPR_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_CTLR_EL1 handler
- KVM: arm64: vgic-v3: Add ICV_PMR_EL1 handler
- KVM: arm64: Enable GICv3 common sysreg trapping via command-line
- KVM: arm64: vgic-v3: Log which GICv3 system registers are trapped
- arm64: KVM: Make unexpected reads from WO registers inject an undef
- KVM: arm64: Log an error if trapping a read-from-write-only GICv3 access
- KVM: arm64: Log an error if trapping a write-to-read-only GICv3 access
* ibmvscsis: Do not send aborted task response (LP: #1689365)
- target: Fix unknown fabric callback queue-full errors
- ibmvscsis: Do not send aborted task response
- ibmvscsis: Clear left-over abort_cmd pointers
- ibmvscsis: Fix the incorrect req_lim_delta
* hisi_sas performance improvements (LP: #1708734)
- scsi: hisi_sas: define hisi_sas_device.device_id as int
- scsi: hisi_sas: optimise the usage of hisi_hba.lock
- scsi: hisi_sas: relocate sata_done_v2_hw()
- scsi: hisi_sas: optimise DMA slot memory
* hisi_sas driver reports mistakes timed out task for internal abort
(LP: #1708730)
- scsi: hisi_sas: fix timeout check in hisi_sas_internal_task_abort()
* scsi: hisi_sas: add null check before indirect pointer dereference
(LP: #1708714)
- scsi: hisi_sas: add null check before indirect pointer dereference
* [LTCTest][Opal][FW860.20] HMI recoverable errors failed to recover and
system goes to dump state. (LP: #1684054)
- powerpc/64: Fix HMI exception on LE with CONFIG_RELOCATABLE=y
* Set CONFIG_SATA_HIGHBANK=y on armhf (LP: #1703430)
- [Config] CONFIG_SATA_HIGHBANK=y
* Adt tests of src:linux time out often on armhf lxc containers (LP: #1705495)
- [Packaging] tests -- reduce rebuild test to one flavour
* support Hip07/08 I2C controller (LP: #1708293)
- ACPI / APD: Add clock frequency for Hisilicon Hip07/08 I2C controller
- i2c: designware: Add ACPI HID for Hisilicon Hip07/08 I2C controller
* Mute key LED does not work on HP ProBook 440 (LP: #1705586)
- ALSA: hda - Add HP ZBook 15u G3 Conexant CX20724 GPIO mute leds
- ALSA: hda - Add mute led support for HP ProBook 440 G4
* Hisilicon D05 onboard fibre NIC link indicator LEDs don't work
(LP: #1704903)
- net: hns: add acpi function of xge led control
* zesty unable to handle kernel NULL pointer dereference (LP: #1680904)
- drm/i915: Do not drop pagetables when empty
* hns: use after free in hns_nic_net_xmit_hw (LP: #1704885)
- net: hns: Fix a skb used after free bug
* [ARM64] config EDAC_GHES=y depends on EDAC_MM_EDAC=y (LP: #1706141)
- [Config] set EDAC_MM_EDAC=y for ARM64
* [Hyper-V] hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
(LP: #1690174)
- hv_netvsc: Exclude non-TCP port numbers from vRSS hashing
* ath10k doesn't report full RSSI information (LP: #1706531)
- ath10k: add per chain RSSI reporting
* ideapad_laptop don't support v310-14isk (LP: #1705378)
- platform/x86: ideapad-laptop: Add several models to no_hw_rfkill
* hns: ethtool selftest crashes system (LP: #1705712)
- net/hns:bugfix of ethtool -t phy self_test
* ath9k freezes suspend resume Ubuntu 17.04 (LP: #1697027)
- ath9k: fix an invalid pointer dereference in ath9k_rng_stop()
* xhci_hcd: ERROR Transfer event TRB DMA ptr not part of current TD ep_index 2
comp_code 13 (LP: #1667750)
- xhci: Bad Ethernet performance plugged in ASM1042A host
* Migrating KSM page causes the VM lock up as the KSM page merging list is too
large (LP: #1680513)
- ksm: introduce ksm_max_page_sharing per page deduplication limit
- ksm: fix use after free with merge_across_nodes = 0
- ksm: cleanup stable_node chain collapse case
- ksm: swap the two output parameters of chain/chain_prune
- ksm: optimize refile of stable_node_dup at the head of the chain
* Change CONFIG_IBMVETH to module (LP: #1704479)
- [Config] CONFIG_IBMVETH=m
* CVE-2017-7487
- ipx: call ipxitf_put() in ioctl error path
* Hotkeys on new Thinkpad systems aren't working (LP: #1705169)
- platform/x86: thinkpad_acpi: guard generic hotkey case
- platform/x86: thinkpad_acpi: add mapping for new hotkeys
* misleading kernel warning skb_warn_bad_offload during checksum calculation
(LP: #1705447)
- net: reduce skb_warn_bad_offload() noise
* Ubuntu 16.04.02: ibmveth: Support to enable LSO/CSO for Trunk VEA
(LP: #1692538)
- ibmveth: Support to enable LSO/CSO for Trunk VEA.
* bonding: stack dump when unregistering a netdev (LP: #1704102)
- bonding: avoid NETDEV_CHANGEMTU event when unregistering slave
* Ubuntu 16.04 IOB Error when the Mustang board rebooted (LP: #1693673)
- drivers: net: xgene: Fix redundant prefetch buffer cleanup
* Ubuntu16.04: NVMe 4K+T10 DIF/DIX format returns I/O error on dd with split
op (LP: #1689946)
- blk-mq: NVMe 512B/4K+T10 DIF/DIX format returns I/O error on dd with split
op
* linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
(LP: #1697892)
- bonding: add 802.3ad support for 25G speeds
- bonding: fix 802.3ad support for 5G and 50G speeds
* [SRU][Zesty] arm64: Add support for handling memory corruption
(LP: #1696852)
- arm64: mm: Update perf accounting to handle poison faults
- arm64: hugetlb: Fix huge_pte_offset to return poisoned page table entries
- arm64: kconfig: allow support for memory failure handling
- arm64: hwpoison: add VM_FAULT_HWPOISON[_LARGE] handling
* [SRU][Zesty] Add UEFI 2.6 and ACPI 6.1 updates for RAS on ARM64
(LP: #1696570)
- acpi: apei: read ack upon ghes record consumption
- ras: acpi/apei: cper: add support for generic data v3 structure
- cper: add timestamp print to CPER status printing
- efi: parse ARM processor error
- arm64: exception: handle Synchronous External Abort
- acpi: apei: handle SEA notification type for ARMv8
- acpi: apei: panic OS with fatal error status block
- efi: print unrecognized CPER section
- ras: acpi / apei: generate trace event for unrecognized CPER section
- trace, ras: add ARM processor error trace event
- ras: mark stub functions as 'inline'
- arm/arm64: KVM: add guest SEA support
- acpi: apei: check for pending errors when probing GHES entries
- [Config] CONFIG_ACPI_APEI_SEA=y
-- Stefan Bader <stefan.ba...@canonical.com> Fri, 11 Aug 2017 11:40:30
+0200
** Changed in: linux (Ubuntu Zesty)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7487
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1692538
Title:
Ubuntu 16.04.02: ibmveth: Support to enable LSO/CSO for Trunk VEA
Status in The Ubuntu-power-systems project:
Confirmed
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
In Progress
Status in linux source package in Zesty:
Fix Released
Status in linux source package in Artful:
Fix Released
Bug description:
== SRU Justification ==
Commit 66aa0678ef is request to fix four issues with the ibmveth driver.
The issues are as follows:
- Issue 1: ibmveth doesn't support largesend and checksum offload features
when configured as "Trunk".
- Issue 2: SYN packet drops seen at destination VM. When the packet
originates, it has CHECKSUM_PARTIAL flag set and as it gets delivered to IO
server's inbound Trunk ibmveth, on validating "checksum good" bits in ibmveth
receive routine, SKB's ip_summed field is set with CHECKSUM_UNNECESSARY flag.
- Issue 3: First packet of a TCP connection will be dropped, if there is
no OVS flow cached in datapath.
- Issue 4: ibmveth driver doesn't have support for SKB's with frag_list.
The details for the fixes to these issues are described in the commits
git log.
== Comment: #0 - BRYANT G. LY <b...@us.ibm.com> - 2017-05-22 08:40:16 ==
---Problem Description---
- Issue 1: ibmveth doesn't support largesend and checksum offload features
when configured as "Trunk". Driver has explicit checks to prevent
enabling these offloads.
- Issue 2: SYN packet drops seen at destination VM. When the packet
originates, it has CHECKSUM_PARTIAL flag set and as it gets delivered to
IO server's inbound Trunk ibmveth, on validating "checksum good" bits
in ibmveth receive routine, SKB's ip_summed field is set with
CHECKSUM_UNNECESSARY flag. This packet is then bridged by OVS (or Linux
Bridge) and delivered to outbound Trunk ibmveth. At this point the
outbound ibmveth transmit routine will not set "no checksum" and
"checksum good" bits in transmit buffer descriptor, as it does so only
when the ip_summed field is CHECKSUM_PARTIAL. When this packet gets
delivered to destination VM, TCP layer receives the packet with checksum
value of 0 and with no checksum related flags in ip_summed field. This
leads to packet drops. So, TCP connections never goes through fine.
- Issue 3: First packet of a TCP connection will be dropped, if there is
no OVS flow cached in datapath. OVS while trying to identify the flow,
computes the checksum. The computed checksum will be invalid at the
receiving end, as ibmveth transmit routine zeroes out the pseudo
checksum value in the packet. This leads to packet drop.
- Issue 4: ibmveth driver doesn't have support for SKB's with frag_list.
When Physical NIC has GRO enabled and when OVS bridges these packets,
OVS vport send code will end up calling dev_queue_xmit, which in turn
calls validate_xmit_skb.
In validate_xmit_skb routine, the larger packets will get segmented into
MSS sized segments, if SKB has a frag_list and if the driver to which
they are delivered to doesn't support NETIF_F_FRAGLIST feature.
Contact Information = Bryant G. Ly/b...@us.ibm.com
---uname output---
4.8.0-51.54
Machine Type = p8
---Debugger---
A debugger is not configured
---Steps to Reproduce---
Increases performance greatly
The patch has been accepted upstream:
https://patchwork.ozlabs.org/patch/764533/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1692538/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
