[Kernel-packages] [Bug 1761534] Re: "ip a" command on a guest VM shows UNKNOWN status

[Launchpad Bug Tracker]

This bug was fixed in the package linux - 4.13.0-43.48

---------------
linux (4.13.0-43.48) artful; urgency=medium

  * CVE-2018-3639 (powerpc)
    - SAUCE: rfi-flush: update H_CPU_* macro names to upstream
    - SAUCE: rfi-flush: update plpar_get_cpu_characteristics() signature to
      upstream
    - SAUCE: update pseries_setup_rfi_flush() capitalization to upstream
    - powerpc/pseries: Support firmware disable of RFI flush
    - powerpc/powernv: Support firmware disable of RFI flush
    - powerpc/64s: Allow control of RFI flush via debugfs
    - powerpc/rfi-flush: Move the logic to avoid a redo into the debugfs code
    - powerpc/rfi-flush: Always enable fallback flush on pseries
    - powerpc/rfi-flush: Differentiate enabled and patched flush types
    - powerpc/pseries: Add new H_GET_CPU_CHARACTERISTICS flags
    - powerpc: Add security feature flags for Spectre/Meltdown
    - powerpc/powernv: Set or clear security feature flags
    - powerpc/pseries: Set or clear security feature flags
    - powerpc/powernv: Use the security flags in pnv_setup_rfi_flush()
    - powerpc/pseries: Use the security flags in pseries_setup_rfi_flush()
    - powerpc/pseries: Fix clearing of security feature flags
    - powerpc: Move default security feature flags
    - powerpc/pseries: Restore default security feature flags on setup
    - powerpc/64s: Add support for a store forwarding barrier at kernel 
entry/exit

  * CVE-2018-3639 (x86)
    - SAUCE: Add X86_FEATURE_ARCH_CAPABILITIES
    - SAUCE: x86: Add alternative_msr_write
    - x86/nospec: Simplify alternative_msr_write()
    - x86/pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown
    - x86/bugs: Concentrate bug detection into a separate function
    - x86/bugs: Concentrate bug reporting into a separate function
    - x86/msr: Add definitions for new speculation control MSRs
    - x86/bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits
    - x86/bugs, KVM: Support the combination of guest and host IBRS
    - x86/bugs: Expose /sys/../spec_store_bypass
    - x86/cpufeatures: Add X86_FEATURE_RDS
    - x86/bugs: Provide boot parameters for the spec_store_bypass_disable
      mitigation
    - x86/bugs/intel: Set proper CPU features and setup RDS
    - x86/bugs: Whitelist allowed SPEC_CTRL MSR values
    - x86/bugs/AMD: Add support to disable RDS on Fam[15,16,17]h if requested
    - x86/KVM/VMX: Expose SPEC_CTRL Bit(2) to the guest
    - x86/speculation: Create spec-ctrl.h to avoid include hell
    - prctl: Add speculation control prctls
    - x86/process: Allow runtime control of Speculative Store Bypass
    - x86/speculation: Add prctl for Speculative Store Bypass mitigation
    - nospec: Allow getting/setting on non-current task
    - proc: Provide details on speculation flaw mitigations
    - seccomp: Enable speculation flaw mitigations
    - SAUCE: x86/bugs: Honour SPEC_CTRL default
    - x86/bugs: Make boot modes __ro_after_init
    - prctl: Add force disable speculation
    - seccomp: Use PR_SPEC_FORCE_DISABLE
    - seccomp: Add filter flag to opt-out of SSB mitigation
    - seccomp: Move speculation migitation control to arch code
    - x86/speculation: Make "seccomp" the default mode for Speculative Store
      Bypass
    - x86/bugs: Rename _RDS to _SSBD
    - proc: Use underscores for SSBD in 'status'
    - Documentation/spec_ctrl: Do some minor cleanups
    - x86/bugs: Fix __ssb_select_mitigation() return type
    - x86/bugs: Make cpu_show_common() static

  * LSM Stacking prctl values should be redefined as to not collide with
    upstream prctls (LP: #1769263) // CVE-2018-3639
    - SAUCE: LSM stacking: adjust prctl values

linux (4.13.0-42.47) artful; urgency=medium

  * linux: 4.13.0-42.47 -proposed tracker (LP: #1769993)

  * arm64: fix CONFIG_DEBUG_WX address reporting (LP: #1765850)
    - arm64: fix CONFIG_DEBUG_WX address reporting

  * HiSilicon HNS NIC names are truncated in /proc/interrupts (LP: #1765977)
    - net: hns: Avoid action name truncation

  * CVE-2017-18208
    - mm/madvise.c: fix madvise() infinite loop under special circumstances

  * CVE-2018-8822
    - staging: ncpfs: memory corruption in ncp_read_kernel()

  * CVE-2017-18203
    - dm: fix race between dm_get_from_kobject() and __dm_destroy()

  * CVE-2017-17449
    - netlink: Add netns check on taps

  * CVE-2017-17975
    - media: usbtv: prevent double free in error case

  * [8086:3e92] display becomes blank after S3 (LP: #1763271)
    - drm/i915/edp: Allow alternate fixed mode for eDP if available.
    - drm/i915/dp: rename intel_dp_is_edp to intel_dp_is_port_edp
    - drm/i915/dp: make is_edp non-static and rename to intel_dp_is_edp
    - drm/i915/edp: Do not do link training fallback or prune modes on EDP

  * sky2 gigabit ethernet driver sometimes stops working after lid-open resume
    from sleep (88E8055) (LP: #1758507)
    - sky2: Increase D3 delay to sky2 stops working after suspend

  * perf vendor events arm64: Enable JSON events for ThunderX2 B0 (LP: #1760712)
    - perf vendor events arm64: Enable JSON events for ThunderX2 B0

  * No network with e1000e driver on 4.13.0-38-generic (LP: #1762693)
    - e1000e: Fix e1000_check_for_copper_link_ich8lan return value.

  * /dev/ipmi enumeration flaky on Cavium Sabre nodes (LP: #1762812)
    - i2c: xlp9xx: return ENXIO on slave address NACK
    - i2c: xlp9xx: Handle transactions with I2C_M_RECV_LEN properly
    - i2c: xlp9xx: Check for Bus state before every transfer
    - i2c: xlp9xx: Handle NACK on DATA properly

  * "ip a" command on a guest VM shows UNKNOWN status (LP: #1761534)
    - virtio-net: Fix operstate for virtio when no VIRTIO_NET_F_STATUS

  * fix regression in mm/hotplug, allows NVIDIA driver to work (LP: #1761104)
    - SAUCE: Fix revert "mm, memory_hotplug: do not associate hotadded memory to
      zones until online"

  * ibrs/ibpb fixes result in excessive kernel logging  (LP: #1755627)
    - SAUCE: remove ibrs_dump sysctl interface

 -- Stefan Bader <stefan.ba...@canonical.com>  Tue, 15 May 2018 07:39:26
+0200

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1761534

Title:
  "ip a" command on a guest VM shows UNKNOWN status

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Trusty:
  Fix Released
Status in linux source package in Xenial:
  Fix Released
Status in linux source package in Artful:
  Fix Released
Status in linux source package in Bionic:
  Fix Released

Bug description:
  
  [Impact] 

  "ip a" command on a guest VM shows UNKNOWN status.

  [Test Case]

  * Environment : Running a guest VM with a virtio-net adaptor interface, 
running on DPDK.
  * Perform "ip a" inside the guest VM shows state "UNKNOWN" as follow example:

  2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state 
UNKNOWN group default qlen 1000
  .....

  [Regression Potential]

   * Regression is low, the patch fix the operstate logic for virtio when no 
VIRTIO_NET_F_STATUS.[1]
   * The patch has been first accepted in net-next, then move into Linus's git.

  [1] - VIRTIO_NET_F_STATUS
  Allow the host to inform us that the link is down by adding a 
VIRTIO_NET_F_STATUS which indicates that device status is available in 
virtio_net config.

  [Other Info]
   
   * Linus: 
https://github.com/torvalds/linux/commit/bda7fab54828bbef2164bb23c0f6b1a7d05cc718

   * Net-next:
  
https://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git/commit/?id=bda7fab54828bbe
 

  [Original Description]
  It has been brought to our attention the following bug :

  ------------------------------------------------
  Environment: The guest VM is using a canonical ubuntu image, and the eth0 is 
a virtio-net adaptor, running on DPDK.

  Background: "ip a" command relies on the operstate variable of the
  net_device structure maintained by the kernel. This is based on the
  operational state as defined in the IF MIB (RFC 2863). Device drivers
  are expected to update this member. But many older drivers don’t seem
  to be using this. So in general, IF_OPER_UP and IF_OPER_UNKNOWN are
  treated as equal, in some sense, to maintain backward compatibility.
  Even if we look at https://elixir.free-
  electrons.com/linux/v4.15-rc2/source/include/linux/netdevice.h#L3468,
  the function to check if interface is up, is written as follows, which
  says that OPER_UNKNOWN is not something to be alarmed about, and just
  reflective of a state that some drivers don’t care to update about.

  static inline bool netif_oper_up(const struct net_device *dev)
  {
  return (dev->operstate == IF_OPER_UP ||
  dev->operstate == IF_OPER_UNKNOWN /* backward compat */);
  }

  Code Ref:

  1. 
https://elixir.free-electrons.com/linux/v4.15-rc2/source/include/linux/netdevice.h#L1739
  2. 
https://elixir.free-electrons.com/linux/v4.15-rc2/source/include/linux/netdevice.h#L3468
  3. https://www.kernel.org/doc/Documentation/networking/operstates.txt

  Now, for traditional kernel mode network adapter drivers, this state is 
supposed to be manipulated by the driver. And we can safely assume that most 
current kernel model drivers do keep this updated.
  ------------------------------------------------

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1761534/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp