> On 22/09/2022 15:51, Michael Phelan wrote:
> > Update OVS CLI and relevant documentation to use DPDK 19.11.13.
> >
> > DPDK 19.11.13 contains fixes for the CVEs listed below:
> > CVE-2022-28199 [1]
> > CVE-2022-2132 [2]
> >
> > A bug was introduced in DPDK 19.11.12 by the commit 1e68fe334ff0 ("vhost:
> fix unsafe vring addresses modifications").
> > This bug can cause a deadlock when vIOMMU is enabled and NUMA
> reallocation of the virtqueues happen.
> > A fix [3] has been posted and is due to be included in the DPDK 19.11.14
> release.
> > If a user wishes to avoid the issue then it is recommended to use DPDK
> 19.11.11 until the release of DPDK 19.11.14.
> > It should be noted that DPDK 19.11.11 does not benefit from the numerous
> bug and CVE fixes addressed since its release.
> > If a user wishes to benefit from these fixes it is recommended to use DPDK
> 19.11.13.
> >
> > [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
> > [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
> > [3] https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-
> [email protected]/
> >
> > Signed-off-by: Michael Phelan <[email protected]>
>
> branch-2.13, reviewed and ran github actions.
>
> Acked-by: Kevin Traynor <[email protected]>
Thanks Kevin, applied.
Thanks
Ian
>
> > ---
> > .ci/linux-build.sh | 2 +-
> > Documentation/faq/releases.rst | 2 +-
> > Documentation/intro/install/dpdk.rst | 8 ++++----
> > NEWS | 18 ++++++++++++++++++
> > 4 files changed, 24 insertions(+), 6 deletions(-)
> >
> > diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh
> > index 17ce6961f..776148cfd 100755
> > --- a/.ci/linux-build.sh
> > +++ b/.ci/linux-build.sh
> > @@ -182,7 +182,7 @@ fi
> >
> > if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then
> > if [ -z "$DPDK_VER" ]; then
> > - DPDK_VER="19.11.10"
> > + DPDK_VER="19.11.13"
> > fi
> > install_dpdk $DPDK_VER
> > # Enable pdump support in OVS.
> > diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst
> > index 0df2e4163..73542a70b 100644
> > --- a/Documentation/faq/releases.rst
> > +++ b/Documentation/faq/releases.rst
> > @@ -192,7 +192,7 @@ Q: What DPDK version does each Open vSwitch
> release work with?
> > 2.10.x 17.11.10
> > 2.11.x 18.11.11
> > 2.12.x 18.11.11
> > - 2.13.x 19.11.10
> > + 2.13.x 19.11.13
> > ============ ========
> >
> > Q: Are all the DPDK releases that OVS versions work with maintained?
> > diff --git a/Documentation/intro/install/dpdk.rst
> b/Documentation/intro/install/dpdk.rst
> > index 7acdaac06..4c63856b8 100644
> > --- a/Documentation/intro/install/dpdk.rst
> > +++ b/Documentation/intro/install/dpdk.rst
> > @@ -42,7 +42,7 @@ Build requirements
> > In addition to the requirements described in :doc:`general`, building Open
> > vSwitch with DPDK will require the following:
> >
> > -- DPDK 19.11.10
> > +- DPDK 19.11.13
> >
> > - A `DPDK supported NIC`_
> >
> > @@ -71,9 +71,9 @@ Install DPDK
> > #. Download the `DPDK sources`_, extract the file and set ``DPDK_DIR``::
> >
> > $ cd /usr/src/
> > - $ wget https://fast.dpdk.org/rel/dpdk-19.11.10.tar.xz
> > - $ tar xf dpdk-19.11.10.tar.xz
> > - $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.10
> > + $ wget https://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz
> > + $ tar xf dpdk-19.11.13.tar.xz
> > + $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.13
> > $ cd $DPDK_DIR
> >
> > #. (Optional) Configure DPDK as a shared library
> > diff --git a/NEWS b/NEWS
> > index a3b745fc7..8e2553901 100644
> > --- a/NEWS
> > +++ b/NEWS
> > @@ -1,5 +1,23 @@
> > v2.13.9 - xx xxx xxxx
> > ---------------------
> > + - DPDK:
> > + * OVS validated with DPDK 19.11.13.
> > + DPDK 19.11.13 contains fixes for the following CVEs:
> > + CVE-2022-28199 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-
> 28199
> > + CVE-2022-2132 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-
> 2132
> > + A bug was introduced in DPDK 19.11.12 by the commit
> > + 1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
> > + This bug can cause a deadlock when vIOMMU is enabled and NUMA
> > + reallocation of the virtqueues happen.
> > + A fix has been posted and is due to be included in the DPDK 19.11.14
> release.
> > + It can be found here:
> > + https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-
> [email protected]/.
> > + If a user wishes to avoid the issue then it is recommended to use
> > + DPDK 19.11.11 until the release of DPDK 19.11.14.
> > + It should be noted that DPDK 19.11.11 does not benefit from the
> numerous
> > + bug and CVE fixes addressed since its release.
> > + If a user wishes to benefit from these fixes it is recommended to
> > use
> > + DPDK 19.11.13.
> >
> > v2.13.8 - 15 Jun 2022
> > ---------------------
>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
