Between v6.3 and v6.4 some algorithms has been replaced.
commit cb43c60e64ca67fcc9d23bd08f51d2ab8209d9d7
Author: Magali Lemes <magali.le...@canonical.com>
Date: Tue Jun 13 09:32:21 2023 -0300
selftests: net: vrf-xfrm-tests: change authentication and encryption algos
The vrf-xfrm-tests tests use the hmac(md5) and cbc(des3_ede)
algorithms for performing authentication and encryption, respectively.
This causes the tests to fail when fips=1 is set, since these algorithms
are not allowed in FIPS mode. Therefore, switch from hmac(md5) and
cbc(des3_ede) to hmac(sha1) and cbc(aes), which are FIPS compliant.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2039816
Title:
Regression for net:vrf-xfrm-tests.sh with 5.15 kernel on ARM64 node
scobee-kernel
Status in ubuntu-kernel-tests:
New
Status in linux package in Ubuntu:
Incomplete
Status in linux source package in Jammy:
Incomplete
Bug description:
Issue found on ARM64 node scobee-kernel with:
* J-5.15.0-86.95 lowlatency
* 5.15.0-85.95~20.04.2 generic
* F-5.15.0-86.95~20.04.1 lowlatency
* F-5.15.0-87.96~20.04.1 lowlatency-64k
Test failed with:
$ sudo ./vrf-xfrm-tests.sh
No qdisc on VRF device
TEST: IPv4 no xfrm policy [ OK ]
TEST: IPv6 no xfrm policy [ OK ]
TEST: IPv4 xfrm policy based on address [FAIL]
TEST: IPv6 xfrm policy based on address [FAIL]
TEST: IPv6 xfrm policy with VRF in selector [ OK ]
TEST: IPv4 xfrm policy with xfrm device [FAIL]
TEST: IPv6 xfrm policy with xfrm device [FAIL]
netem qdisc on VRF device
TEST: IPv4 no xfrm policy [ OK ]
TEST: IPv6 no xfrm policy [ OK ]
TEST: IPv4 xfrm policy based on address [FAIL]
TEST: IPv6 xfrm policy based on address [FAIL]
TEST: IPv6 xfrm policy with VRF in selector [ OK ]
TEST: IPv4 xfrm policy with xfrm device [FAIL]
TEST: IPv6 xfrm policy with xfrm device [FAIL]
Tests passed: 6
Tests failed: 8
And this issue does not exist with the following combination:
* F-generic-5.15.0-86.96~20.04.1 howzit-kernel
* F-generic-5.15.0-86.96~20.04.1 wright-kernel
* F-generic-64k-5.15.0-85.95~20.04.2 kopter-kernel
* F-lowlatency-5.15.0-88.98~20.04.1 howzit-kernel
* F-lowlatency-5.15.0-85.94 starmie-kernel
* F-lowlatency-64k-5.15.0-85.94~20.04.1 howzit-kernel
* J-lowlatency-64k-5.15.0-85.94 starmie-kernel
* J-lowlatency-64k-5.15.0-86.95 howzit-kernel
So it looks like this is hardware related.
And the cause seems to be commit cb43c60 (" selftests: net: vrf-xfrm-tests:
change authentication and encryption algos"), which lands on the Jammy tree
since:
* Ubuntu-5.15.0-85.95
* Ubuntu-lowlatency-5.15.0-85.94
With this commit reverted, this test can pass on node scobee-kernel
with 5.15.0-87-lowlatency-64k
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2039816/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
