This bug was fixed in the package linux - 4.15.0-10.11
---------------
linux (4.15.0-10.11) bionic; urgency=medium
* linux: 4.15.0-10.11 -proposed tracker (LP: #1749250)
* "swiotlb: coherent allocation failed" dmesg spam with linux 4.15.0-9.10
(LP: #1749202)
- swiotlb: suppress warning when __GFP_NOWARN is set
- drm/ttm: specify DMA_ATTR_NO_WARN for huge page pools
* linux-tools: perf incorrectly linking libbfd (LP: #1748922)
- SAUCE: tools -- add ability to disable libbfd
- [Packaging] correct disablement of libbfd
* [Artful] Realtek ALC225: 2 secs noise when a headset plugged in
(LP: #1744058)
- ALSA: hda/realtek - update ALC225 depop optimize
* [Artful] Support headset mode for DELL WYSE (LP: #1723913)
- SAUCE: ALSA: hda/realtek - Add support headset mode for DELL WYSE
* headset mic can't be detected on two Dell machines (LP: #1748807)
- ALSA: hda/realtek - Support headset mode for ALC215/ALC285/ALC289
- ALSA: hda - Fix headset mic detection problem for two Dell machines
* Bionic update to v4.15.3 stable release (LP: #1749191)
- ip6mr: fix stale iterator
- net: igmp: add a missing rcu locking section
- qlcnic: fix deadlock bug
- qmi_wwan: Add support for Quectel EP06
- r8169: fix RTL8168EP take too long to complete driver initialization.
- tcp: release sk_frag.page in tcp_disconnect
- vhost_net: stop device during reset owner
- ipv6: addrconf: break critical section in addrconf_verify_rtnl()
- ipv6: change route cache aging logic
- Revert "defer call to mem_cgroup_sk_alloc()"
- net: ipv6: send unsolicited NA after DAD
- rocker: fix possible null pointer dereference in
rocker_router_fib_event_work
- tcp_bbr: fix pacing_gain to always be unity when using lt_bw
- cls_u32: add missing RCU annotation.
- ipv6: Fix SO_REUSEPORT UDP socket with implicit sk_ipv6only
- soreuseport: fix mem leak in reuseport_add_sock()
- net_sched: get rid of rcu_barrier() in tcf_block_put_ext()
- net: sched: fix use-after-free in tcf_block_put_ext
- media: mtk-vcodec: add missing MODULE_LICENSE/DESCRIPTION
- media: soc_camera: soc_scale_crop: add missing
MODULE_DESCRIPTION/AUTHOR/LICENSE
- media: tegra-cec: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE
- gpio: uniphier: fix mismatch between license text and MODULE_LICENSE
- crypto: tcrypt - fix S/G table for test_aead_speed()
- Linux 4.15.3
* bnx2x_attn_int_deasserted3:4323 MC assert! (LP: #1715519) //
CVE-2018-1000026
- net: create skb_gso_validate_mac_len()
- bnx2x: disable GSO where gso_size is too big for hardware
* ethtool -p fails to light NIC LED on HiSilicon D05 systems (LP: #1748567)
- net: hns: add ACPI mode support for ethtool -p
* CVE-2017-5715 (Spectre v2 Intel)
- [Packaging] retpoline files must be sorted
- [Packaging] pull in retpoline files
* [Feature] PXE boot with Intel Omni-Path (LP: #1712031)
- d-i: Add hfi1 to nic-modules
* CVE-2017-5715 (Spectre v2 retpoline)
- [Packaging] retpoline -- add call site validation
- [Config] disable retpoline checks for first upload
* Do not duplicate changelog entries assigned to more than one bug or CVE
(LP: #1743383)
- [Packaging] git-ubuntu-log -- handle multiple bugs/cves better
-- Seth Forshee <seth.fors...@canonical.com> Tue, 13 Feb 2018 11:33:58
-0600
** Changed in: linux (Ubuntu)
Status: Confirmed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5715
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1715519
Title:
bnx2x_attn_int_deasserted3:4323 MC assert!
Status in linux package in Ubuntu:
Fix Released
Bug description:
SRU Justification
=================
A ppc64le system runs as a guest under PowerVM. This guest has a bnx2x
card attached, and uses openvswitch to bridge an ibmveth interface for
traffic from other LPARs.
We see the following crash sometimes when running netperf:
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_attn_int_deasserted3:4323(enP24p1s0f2)]MC assert!
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_mc_assert:720(enP24p1s0f2)]XSTORM_ASSERT_LIST_INDEX 0x2
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_mc_assert:736(enP24p1s0f2)]XSTORM_ASSERT_INDEX 0x0 = 0x00000000
0x25e42a7e 0x00462a38 0x00010052
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_mc_assert:750(enP24p1s0f2)]Chip Revision: everest3, FW Version: 7_13_1
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_attn_int_deasserted3:4329(enP24p1s0f2)]driver assert
May 10 17:16:32 tuk6r1phn2 kernel: bnx2x:
[bnx2x_panic_dump:923(enP24p1s0f2)]begin crash dump -----------------
... (dump of registers follows) ...
Subsequent debugging reveals that the packets causing the issue come
through the ibmveth interface - from the AIX LPAR. The veth protocol
is 'special' - communication between LPARs on the same chassis can use
very large (64k) frames to reduce overhead. Normal networks cannot
handle such large packets, so traditionally, the VIOS partition would
signal to the AIX partitions that it was 'special', and AIX would send
regular, ethernet-sized packets to VIOS, which VIOS would then send
out.
This signalling between VIOS and AIX is done in a way that is not
standards-compliant, and so was never made part of Linux. Instead, the
Linux driver has always understood large frames and passed them up the
network stack.
In some cases (e.g. with TCP), multiple TCP segments are coalesced
into one large packet. In Linux, this goes through the generic receive
offload code, using a similar mechanism to GSO. These segments can be
very large which presents as a very large MSS (maximum segment size)
or gso_size.
Normally, the large packet is simply passed to whatever network
application on Linux is going to consume it, and everything is OK.
However, in this case, the packets go through Open vSwitch, and are
then passed to the bnx2x driver. The bnx2x driver/hardware supports
TSO and GSO, but with a restriction: the maximum segment size is
limited to around 9700 bytes. Normally this is more than adequate.
However, if a large packet with very large (>9700 byte) TCP segments
arrives through ibmveth, and is passed to bnx2x, the hardware will
panic.
[Impact]
bnx2x card panics, requiring power cycle to restore functionality.
The workaround is turning off TSO, which prevents the crash as the
kernel resegments *all* packets in software, not just ones that are
too big. This has a performance cost.
[Fix]
Test packet size in bnx2x feature check path and disable GSO if it is
too large. To do this we move a function from one file to another and
add another in the networking core.
[Regression Potential]
A/B/X: The changes to the network core are easily reviewed. The changes to
behaviour are limited to the bnx2x card driver.
The most likely failure case is a false-positive on the size check, which
would lead to a performance regression only.
T: This also involves a different change to the networking core to add
the old-style GSO checking, which is more invasive. However the
changes are simple and easily reviewed.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1715519/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
