This bug was fixed in the package linux-oem-5.6 - 5.6.0-1053.57 --------------- linux-oem-5.6 (5.6.0-1053.57) focal; urgency=medium
* focal/linux-oem-5.6: 5.6.0-1053.57 -proposed tracker (LP: #1921042) * Packaging resync (LP: #1786013) - update dkms package versions * LRMv4: switch to signing nvidia modules via the Ubuntu Modules signing key (LP: #1918134) - [Packaging] sync dkms-build et al from LRMv4 * CVE-2021-29154 - SAUCE: bpf, x86: Validate computation of branch displacements for x86-64 - SAUCE: bpf, x86: Validate computation of branch displacements for x86-32 * xfrm_policy.sh in net from ubuntu_kernel_selftests passed with failed sub- cases (LP: #1909647) - selftests: xfrm: fix test return value override issue in xfrm_policy.sh * ip_defrag.sh in net from ubuntu_kernel_selftests failed with exit code 255 on F-oem-5.6 (LP: #1919147) - selftests: net: ip_defrag: modprobe missing nf_defrag_ipv6 support * l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 (LP: #1919277) - l2tp: remove skb_dst_set() from l2tp_xmit_skb() * CVE-2020-0466 - epoll: Keep a reference on files added to the check list - do_epoll_ctl(): clean the failure exits up a bit - fix regression in "epoll: Keep a reference on files added to the check list" * CVE-2021-3178 - nfsd4: readdirplus shouldn't return parent of export * CVE-2020-25285 - mm/hugetlb: fix a race between hugetlb sysctl handlers * CVE-020-10781 - Revert "zram: convert remaining CLASS_ATTR() to CLASS_ATTR_RO()" * CVE-2020-14351 - perf/core: Fix race in the perf_mmap_close() function * CVE-2020-25669 - Input: sunkbd - avoid use-after-free in teardown paths * CVE-2020-14390 - fbcon: remove soft scrollback code * CVE-2021-3411 - x86/kprobes: Fix optprobe to detect INT3 padding correctly * CVE-2020-0423 - binder: fix UAF when releasing todo list * CVE-2020-27830 - speakup: Reject setting the speakup line discipline outside of speakup * CVE-2020-0465 - HID: core: Correctly handle ReportSize being zero - HID: core: Sanitize event code and type when mapping input * CVE-2020-25645 - geneve: add transport ports in route lookup for geneve * CVE-2021-20194 - bpf, cgroup: Fix optlen WARN_ON_ONCE toctou - bpf, cgroup: Fix problematic bounds check * CVE-2020-36158 - mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start -- Stefan Bader <stefan.ba...@canonical.com> Fri, 09 Apr 2021 16:43:44 +0200 ** Changed in: linux-oem-5.6 (Ubuntu Focal) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0423 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0465 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-0466 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14351 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14390 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25285 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25645 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-25669 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-27830 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-36158 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20194 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-29154 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3178 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3411 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-oem-5.6 in Ubuntu. https://bugs.launchpad.net/bugs/1919277 Title: l2tp.sh from net in ubuntu_kernel_selftests cause dmesg flooded with "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" on F-OEM-5.6 Status in ubuntu-kernel-tests: In Progress Status in linux-oem-5.6 package in Ubuntu: Invalid Status in linux-oem-5.6 source package in Focal: Fix Released Bug description: [Impact] While debugging bug 1880631, I found that this l2tp.sh test from kselftest/net will cause the dmesg output on Focal OEM 5.6 kernel flooded with: "unregister_netdevice: waiting for eth0 to become free. Usage count = 1" for about every 10 seconds. Test log: $ sudo ./l2tp.sh TEST: IPv4 basic L2TP tunnel [ OK ] TEST: IPv4 route through L2TP tunnel [ OK ] TEST: IPv6 basic L2TP tunnel [ OK ] TEST: IPv6 route through L2TP tunnel [ OK ] TEST: IPv4 basic L2TP tunnel - with IPsec [ OK ] TEST: IPv4 route through L2TP tunnel - with IPsec [ OK ] TEST: IPv6 basic L2TP tunnel - with IPsec [ OK ] TEST: IPv6 route through L2TP tunnel - with IPsec [ OK ] TEST: IPv4 basic L2TP tunnel [ OK ] TEST: IPv4 route through L2TP tunnel [ OK ] TEST: IPv6 basic L2TP tunnel - with IPsec [ OK ] TEST: IPv6 route through L2TP tunnel - with IPsec [ OK ] TEST: IPv4 basic L2TP tunnel - after IPsec teardown [ OK ] TEST: IPv4 route through L2TP tunnel - after IPsec teardown [ OK ] TEST: IPv6 basic L2TP tunnel - after IPsec teardown [ OK ] TEST: IPv6 route through L2TP tunnel - after IPsec teardown [ OK ] Tests passed: 16 Tests failed: 0 dmesg output: $ dmesg [ 708.560589] eth1: renamed from tmp [ 708.587396] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready [ 708.587472] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 708.616950] eth2: renamed from tmp [ 708.643341] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready [ 708.687057] l2tp_core: L2TP core driver, V2.0 [ 708.689380] l2tp_netlink: L2TP netlink interface [ 708.695479] l2tp_ip: L2TP IP encapsulation support (L2TPv3) [ 708.700061] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3) [ 708.726295] l2tp_ip6: L2TP IP encapsulation support for IPv6 (L2TPv3) [ 708.788973] Initializing XFRM netlink socket [ 719.448364] unregister_netdevice: waiting for eth0 to become free. Usage count = 1 [ 729.528359] unregister_netdevice: waiting for eth0 to become free. Usage count = 1 [ 739.608359] unregister_netdevice: waiting for eth0 to become free. Usage count = 1 [Fix] * 27d53323664c54 ("l2tp: remove skb_dst_set() from l2tp_xmit_skb()") We have this patch in all of our generic kernels and OEM-5.10, thus for now I can see just OEM-5.6 is affected. For which this patch can be cherry-picked. [Test Case] This can tested with the l2tp.sh script in the kernel tree: # sh ./tools/testing/selftests/net/l2tp.sh With the patched kernel, it won't get flooded with that unregister_netdevice message anymore. Also, I have it tested with ubuntu_stress_smoke_tests as well, to ensure the sctp stressor won't trigger any issue like in bug 1854968. A test kernel can be found here: https://people.canonical.com/~phlin/kernel/lp-1919277-l2tp/ [Where problems could occur] This change is testable. A quick search didn't show any know issue regarding this patch. And with the same fix running in different generic kernel for a while I think the regression potential can be considered as low. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: linux-image-5.6.0-1048-oem 5.6.0-1048.52 ProcVersionSignature: User Name 5.6.0-1048.52-oem 5.6.19 Uname: Linux 5.6.0-1048-oem x86_64 ApportVersion: 2.20.11-0ubuntu27.16 Architecture: amd64 CasperMD5CheckResult: skip Date: Tue Mar 16 05:20:45 2021 SourcePackage: linux-signed-oem-5.6 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1919277/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp