[Kernel-packages] [Bug 2024187] Re: xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector
For the record, the patch has been backported in Lunar/Jammy/Focal: https://lists.ubuntu.com/archives/kernel-team/2023-August/141562.html -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2024187 Title: xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector Status in linux package in Ubuntu: Expired Bug description: [Impact] When a userland application sends packets through an IPv4 or IPv6 raw socket, these packets don't match ipsec policies that are configured with a protocol selector. The problem has been fixed in linux v6.4 with commit 3632679d9e4f ("ipv{4,6}/raw: fix output xfrm lookup wrt protocol"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3632679d9e4f This commit has been backported in linux 5.15.115: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=395d846c61c5 [Test Case] Configure an ipsec policy with a protocol selector and send ip packets that match this policy through an IP raw socket. Example to match the proto icmp: ip xfrm policy add src 10.100.0.0/24 dst 10.200.0.0/24 proto icmp dir out tmpl src 10.125.0.1 dst 10.125.0.2 proto esp mode tunnel reqid 1 [Regression Potential] The patch introduces a new API to fix this problem, thus the regression potential is low for existing applications. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2024187/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2024187] Re: xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector
Any news? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2024187 Title: xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector Status in linux package in Ubuntu: Incomplete Bug description: [Impact] When a userland application sends packets through an IPv4 or IPv6 raw socket, these packets don't match ipsec policies that are configured with a protocol selector. The problem has been fixed in linux v6.4 with commit 3632679d9e4f ("ipv{4,6}/raw: fix output xfrm lookup wrt protocol"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3632679d9e4f This commit has been backported in linux 5.15.115: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=395d846c61c5 [Test Case] Configure an ipsec policy with a protocol selector and send ip packets that match this policy through an IP raw socket. Example to match the proto icmp: ip xfrm policy add src 10.100.0.0/24 dst 10.200.0.0/24 proto icmp dir out tmpl src 10.125.0.1 dst 10.125.0.2 proto esp mode tunnel reqid 1 [Regression Potential] The patch introduces a new API to fix this problem, thus the regression potential is low for existing applications. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2024187/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2016269] Re: conntrack mark is not advertised via netlink
Tests with linux-image-unsigned-5.15.0-1033-intel-iotg are ok. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: Fix Released Status in linux source package in Kinetic: Fix Released Bug description: SRU justification sent to ML: [Impact] There was a commit 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark") that introduces a regression where the "mark" variable is no longer dumped in netlink netfilter conntrack messages, which userspace tools use to mark and track connections. [Fix] Introduce the upstream fix 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type") that always dumps the 'mark' variable for conntrack entries. This fix has also landed in 5.15 upstream stable. [Test] Run 'conntrack -E' and check the output of connection entries. The 'mark' variable should now be present in connection entries after the fix. before fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 after fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 [Where problems could occur] The fixes are pretty straight forward so regression potential should be minimal. [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2024187] [NEW] xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector
Public bug reported: [Impact] When a userland application sends packets through an IPv4 or IPv6 raw socket, these packets don't match ipsec policies that are configured with a protocol selector. The problem has been fixed in linux v6.4 with commit 3632679d9e4f ("ipv{4,6}/raw: fix output xfrm lookup wrt protocol"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3632679d9e4f This commit has been backported in linux 5.15.115: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=395d846c61c5 [Test Case] Configure an ipsec policy with a protocol selector and send ip packets that match this policy through an IP raw socket. Example to match the proto icmp: ip xfrm policy add src 10.100.0.0/24 dst 10.200.0.0/24 proto icmp dir out tmpl src 10.125.0.1 dst 10.125.0.2 proto esp mode tunnel reqid 1 [Regression Potential] The patch introduces a new API to fix this problem, thus the regression potential is low for existing applications. ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2024187 Title: xfrm: packets sent trough a raw socket don't match ipsec policies with proto selector Status in linux package in Ubuntu: Incomplete Bug description: [Impact] When a userland application sends packets through an IPv4 or IPv6 raw socket, these packets don't match ipsec policies that are configured with a protocol selector. The problem has been fixed in linux v6.4 with commit 3632679d9e4f ("ipv{4,6}/raw: fix output xfrm lookup wrt protocol"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3632679d9e4f This commit has been backported in linux 5.15.115: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=395d846c61c5 [Test Case] Configure an ipsec policy with a protocol selector and send ip packets that match this policy through an IP raw socket. Example to match the proto icmp: ip xfrm policy add src 10.100.0.0/24 dst 10.200.0.0/24 proto icmp dir out tmpl src 10.125.0.1 dst 10.125.0.2 proto esp mode tunnel reqid 1 [Regression Potential] The patch introduces a new API to fix this problem, thus the regression potential is low for existing applications. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2024187/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2016269] Re: conntrack mark is not advertised via netlink
Test with linux-nvidia-5.19/5.19.0-1014.14 are ok. ** Tags removed: verification-needed-jammy ** Tags added: verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: Fix Committed Status in linux source package in Kinetic: Fix Committed Bug description: SRU justification sent to ML: [Impact] There was a commit 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark") that introduces a regression where the "mark" variable is no longer dumped in netlink netfilter conntrack messages, which userspace tools use to mark and track connections. [Fix] Introduce the upstream fix 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type") that always dumps the 'mark' variable for conntrack entries. This fix has also landed in 5.15 upstream stable. [Test] Run 'conntrack -E' and check the output of connection entries. The 'mark' variable should now be present in connection entries after the fix. before fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 after fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 [Where problems could occur] The fixes are pretty straight forward so regression potential should be minimal. [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2019543] Re: crypto / qat: unable to init GEN4 device
In fact, those patches are not enough, a lot more are needed: - ba79a32acfde ("crypto: qat - replace deprecated MSI API") - 0e64dcd7c94b ("crypto: qat - remove unmatched CPU affinity to cluster IRQ") - 9832fdc917de ("crypto: qat - free irqs only if allocated") - 70fead3adb4e ("crypto: qat - free irq in case of failure") - 40da865381ad ("crypto: qat - remove unneeded packed attribute") - ca605f97dae4 ("crypto: qat - power up 4xxx device") - 9b768e8a3909 ("crypto: qat - detect PFVF collision after ACK") - 18fcba469ba5 ("crypto: qat - disregard spurious PFVF interrupts") - e17f49bb244a ("crypto: qat - remove unnecessary collision prevention step in PFVF") - 993161d36ab5 ("crypto: qat - fix handling of VF to PF interrupts") - b79c7532dc33 ("crypto: qat - remove duplicated logic across GEN2 drivers") - c3878a786be0 ("crypto: qat - use hweight for bit counting") - 6e680f94bc31 ("crypto: qat - make pfvf send message direction agnostic") - 21db65edb6a5 ("crypto: qat - move pfvf collision detection values") - 71b5f2ab5e52 ("crypto: qat - rename pfvf collision constants") - 7a73c4622aaa ("crypto: qat - add VF and PF wrappers to common send function") - aa3c68634df8 ("crypto: qat - extract send and wait from adf_vf2pf_request_version()") - 32dfef6f92dd ("crypto: qat - share adf_enable_pf2vf_comms() from adf_pf2vf_msg.c") - 8f5c335e34b5 ("crypto: qat - simplify adf_enable_aer()") - c79391c696da ("crypto: qat - do not handle PFVF sources for qat_4xxx") - 5002200b4fed ("crypto: qat - fix undetected PFVF timeout in ACK loop") - 95b4d40ed256 ("crypto: qat - refactor PF top half for PFVF") - 08ea97f48883 ("crypto: qat - move vf2pf interrupt helpers") - b7c13ee46ceb ("crypto: qat - move VF message handler to adf_vf2pf_msg.c") - 720aa72a77f4 ("crypto: qat - move interrupt code out of the PFVF handler") - 956125e21f46 ("crypto: qat - change PFVF ACK behaviour") - 04cf47872c7e ("crypto: qat - re-enable interrupts for legacy PFVF messages") - bd59b769ddac ("crypto: qat - split PFVF message decoding from handling") - 1d6133123fb2 ("crypto: qat - handle retries due to collisions in adf_iov_putmsg()") - b85bd9457dc3 ("crypto: qat - relocate PFVF PF related logic") - 7e00fb3f162c ("crypto: qat - relocate PFVF VF related logic") - 6f2e28015bac ("crypto: qat - relocate PFVF disabled function") - bc63dabe5254 ("crypto: qat - add pfvf_ops") - 9baf2de7ee4e ("crypto: qat - differentiate between pf2vf and vf2pf offset") - 49c43538ce05 ("crypto: qat - abstract PFVF send function") - 1ea7c2beca5b ("crypto: qat - abstract PFVF receive logic") - 09ce899a592f ("crypto: qat - reorganize PFVF code") - f6aff914989e ("crypto: qat - reorganize PFVF protocol definitions") - 1d4fde6c4e80 ("crypto: qat - use enums for PFVF protocol codes") - 25110fd2e346 ("crypto: qat - pass the PF2VF responses back to the callers") - c35c76c6919e ("crypto: qat - refactor pfvf version request messages") - e669b4dedd89 ("crypto: qat - do not rely on min version") - 1d9a915fafab ("crypto: qat - fix VF IDs in PFVF log messages") - 8616b628ef69 ("crypto: qat - improve logging of PFVF messages") - e0441e2be155 ("crypto: qat - get compression extended capabilities") - 547bde7bd4ec ("crypto: qat - set CIPHER capability for QAT GEN2") - cfe4894eccdc ("crypto: qat - set COMPRESSION capability for QAT GEN2") - 4b44d28c715d ("crypto: qat - extend crypto capability detection for 4xxx") - 03125541ca29 ("crypto: qat - support the reset of ring pairs on PF") - 448588adcdf4 ("crypto: qat - add the adf_get_pmisc_base() helper function") - 6ed942ed3c47 ("crypto: qat - make PFVF message construction direction agnostic") - 028042856802 ("crypto: qat - make PFVF send and receive direction agnostic") - 0aeda694f187 ("crypto: qat - set PFVF_MSGORIGIN just before sending") - db1c034801c4 ("crypto: qat - abstract PFVF messages with struct pfvf_message") - 952f4e812741 ("crypto: qat - leverage bitfield.h utils for PFVF messages") - 1c94d8035905 ("crypto: qat - leverage read_poll_timeout in PFVF send") - 6f87979129d1 ("crypto: qat - improve the ACK timings in PFVF send") - 4d03135faa05 ("crypto: qat - store the PFVF protocol version of the endpoints") - 3a5b2a088328 ("crypto: qat - store the ring-to-service mapping") - 673184a2a58f ("crypto: qat - introduce support for PFVF block messages") - 851ed498dba1 ("crypto: qat - exchange device capabilities over PFVF") - 73ef8f3382d1 ("crypto: qat - support fast ACKs in the PFVF protocol") - e1b176af3d7e ("crypto: qat - exchange ring-to-service mappings over PFVF") - 925b3069cf6e ("crypto: qat - config VFs based on ring-to-svc mapping") - a9dc0d966605 ("crypto: qat - add PFVF support to the GEN4 host driver") - 0bba03ce9739 ("crypto: qat - add PFVF support to enable the reset of ring pairs") - beb1e6d71f0e ("crypto: qat - allow detection of dc capabilities for 4xxx") - 0cec19c761e5 ("crypto: qat - add support for compression for 4xxx") - 4cab5dfd15b7 ("crypto: qat - fix
[Kernel-packages] [Bug 2016269] Re: conntrack mark is not advertised via netlink
Tests are ok. ** Tags removed: verification-needed-kinetic ** Tags added: verification-done-kinetic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: Fix Committed Status in linux source package in Kinetic: Fix Committed Bug description: SRU justification sent to ML: [Impact] There was a commit 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark") that introduces a regression where the "mark" variable is no longer dumped in netlink netfilter conntrack messages, which userspace tools use to mark and track connections. [Fix] Introduce the upstream fix 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type") that always dumps the 'mark' variable for conntrack entries. This fix has also landed in 5.15 upstream stable. [Test] Run 'conntrack -E' and check the output of connection entries. The 'mark' variable should now be present in connection entries after the fix. before fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 after fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 [Where problems could occur] The fixes are pretty straight forward so regression potential should be minimal. [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2016269] Re: conntrack mark is not advertised via netlink
Tests are ok. ** Tags removed: verification-needed-jammy ** Tags added: verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: Invalid Status in linux source package in Jammy: Fix Committed Status in linux source package in Kinetic: Fix Committed Bug description: SRU justification sent to ML: [Impact] There was a commit 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark") that introduces a regression where the "mark" variable is no longer dumped in netlink netfilter conntrack messages, which userspace tools use to mark and track connections. [Fix] Introduce the upstream fix 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type") that always dumps the 'mark' variable for conntrack entries. This fix has also landed in 5.15 upstream stable. [Test] Run 'conntrack -E' and check the output of connection entries. The 'mark' variable should now be present in connection entries after the fix. before fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 after fix: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 [Where problems could occur] The fixes are pretty straight forward so regression potential should be minimal. [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2019543] [NEW] crypto / qat: unable to init GEN4 device
Public bug reported: [Target] Jammy kernel. [Impact] The PCI device cannot be initialized. This has been fixed in linux v5.18 with the below commits: - a9dc0d966605 ("crypto: qat - add PFVF support to the GEN4 host driver") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a9dc0d966605 - 642a7d49c249 ("crypto: qat - fix access to PFVF interrupt registers for GEN4") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=642a7d49c249 [Test Case] Boot a machine with this device. Before the patches, the following errors are logged: > EAL: Probe PCI driver: qat (8086:4941) device: :00:08.0 (socket -1) > qat_pf2vf_exch_msg(): ACK not received from remote [Regression Potential] The patches enable new code for this kind of device only. It is living in linux for more than 1 years. The potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2019543 Title: crypto / qat: unable to init GEN4 device Status in linux package in Ubuntu: New Bug description: [Target] Jammy kernel. [Impact] The PCI device cannot be initialized. This has been fixed in linux v5.18 with the below commits: - a9dc0d966605 ("crypto: qat - add PFVF support to the GEN4 host driver") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a9dc0d966605 - 642a7d49c249 ("crypto: qat - fix access to PFVF interrupt registers for GEN4") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=642a7d49c249 [Test Case] Boot a machine with this device. Before the patches, the following errors are logged: > EAL: Probe PCI driver: qat (8086:4941) device: :00:08.0 (socket -1) > qat_pf2vf_exch_msg(): ACK not received from remote [Regression Potential] The patches enable new code for this kind of device only. It is living in linux for more than 1 years. The potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2019543/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2016269] Re: conntrack mark is not advertised via netlink
** Description changed: [Impact] - after the last merge of the v5.15 stable (see + The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: Incomplete Bug description: [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 2016269] [NEW] conntrack mark is not advertised via netlink
Public bug reported: [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 > src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 > src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/2016269 Title: conntrack mark is not advertised via netlink Status in linux package in Ubuntu: New Bug description: [Impact] The last merge of the v5.15 stable (see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2003134) has introduced a bug on netlink netfilter conntrack messages. The problematic commit is 95fcb42e5f20 ("netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark"): https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/jammy/commit/?id=95fcb42e5f20 This bug has been fixed in upstream commit 9f7dd42f0db1 ("netfilter: ctnetlink: revert to dumping mark regardless of event type"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9f7dd42f0db1 which has been backported in v5.15.103: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=bef8cf77e21c [Test Case] Run 'conntrack -E' and check the output. Before the problematic commit: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] mark=0 use=1 'mark=' is seen on connrtack event after: > tcp 6 2 ESTABLISHED src=10.100.0.1 dst=10.200.0.1 sport=6789 dport=12345 src=10.200.0.1 dst=10.100.0.1 sport=12345 dport=6789 [ASSURED] use=1 => 'mark=' is not seen. [Regression Potential] The patch is quite simple. It has been backported in the official 5.15 stable. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2016269/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988809] Re: ip/nexthop: fix default address selection for connected nexthop
I cannot test this kernel. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988809 Title: ip/nexthop: fix default address selection for connected nexthop Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Released Status in linux source package in Jammy: Fix Released Bug description: [Impact] Packets sent by userland apps are rejected/dropped if the source address is not specified and the corresponding route is using a connected nexthop object. This bug exists since linux v5.3 and has been fixed in v5.19 by the following upstream commits: - 747c14307214 ("ip: fix dflt addr selection for connected nexthop") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=747c14307214 - cd72e61bad14 ("selftests/net: test nexthop without gw") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cd72e61bad14 - eb55dc09b5dd ("ip: fix triggering of 'icmp redirect'") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb55dc09b5dd The last commit (v6.0) fixes a regression introduced by the first commit. [Test Case] A detailed test case is explained in the first commit and a self-test is added in the second commit. [Regression Potential] The patch modifies some internal routing states. It has been living in the upstream trees for 2 months and the reported regression about icmp redirects has been fixed. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988809/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988584] Re: cgroup: all controllers mounted when using 'cgroup_no_v1='
** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988584 Title: cgroup: all controllers mounted when using 'cgroup_no_v1=' Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Bug description: [Impact] When mounting a cgroup hierarchy with disabled controller in cgroup v1, all available controllers will be attached. For example, boot with cgroup_no_v1=cpu or cgroup_disable=cpu, and then mount with "mount -t cgroup -ocpu cpu /sys/fs/cgroup/cpu", then all enabled controllers will be attached except cpu. This exists since linux v5.1 and fixed in linux v5.11 with this commit: 61e960b07b63 cgroup-v1: add disabled controller check in cgroup1_parse_param() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61e960b07b637 [Test Case] root@dut-vm:~# kexec -l /boot/vmlinuz-5.4.0-122-generic --initrd=/boot/initrd.img-5.4.0-122-generic --command-line="$(cat /proc/cmdline) cgroup_no_v1=net_prio,net_cls" root@dut-vm:~# systemctl kexec root@dut-vm:~# mount | grep cgroup tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,perf_event,hugetlb,pids,rdma) => All controllers are associated to /sys/fs/cgroup/net_cls,net_prio. Note that several reboots may be needed to reproduce the problem (it fails only when systemd tries to mount 'net_cls,net_prio' first, but the order is random). [Regression Potential] The patch is located in cgroup1_parse_param(), the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988584/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988809] Re: ip/nexthop: fix default address selection for connected nexthop
Before the update: ++ root@ubuntu2004:~/linux# uname -a Linux ubuntu2004 5.4.0-124-generic #140-Ubuntu SMP Thu Aug 4 02:23:37 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@ubuntu2004:~/linux# tools/testing/selftests/net/fib_nexthop_nongw.sh TEST: nexthop: get route with nexthop without gw[FAIL] TEST: nexthop: ping through nexthop without gw [FAIL] With the new focal kernel: ++ root@ubuntu2004:~/linux# uname -a Linux ubuntu2004 5.4.0-128-generic #144-Ubuntu SMP Tue Sep 20 11:00:04 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@ubuntu2004:~/linux# tools/testing/selftests/net/fib_nexthop_nongw.sh TEST: nexthop: get route with nexthop without gw[ OK ] TEST: nexthop: ping through nexthop without gw [ OK ] With the new jammy kernel: ++ root@ubuntu2004:~/linux# uname -a Linux ubuntu2004 5.15.0-50-generic #56-Ubuntu SMP Tue Sep 20 13:23:26 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@ubuntu2004:~/linux# tools/testing/selftests/net/fib_nexthop_nongw.sh TEST: nexthop: get route with nexthop without gw[ OK ] TEST: nexthop: ping through nexthop without gw [ OK ] -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988809 Title: ip/nexthop: fix default address selection for connected nexthop Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Status in linux source package in Jammy: Fix Committed Bug description: [Impact] Packets sent by userland apps are rejected/dropped if the source address is not specified and the corresponding route is using a connected nexthop object. This bug exists since linux v5.3 and has been fixed in v5.19 by the following upstream commits: - 747c14307214 ("ip: fix dflt addr selection for connected nexthop") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=747c14307214 - cd72e61bad14 ("selftests/net: test nexthop without gw") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cd72e61bad14 - eb55dc09b5dd ("ip: fix triggering of 'icmp redirect'") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb55dc09b5dd The last commit (v6.0) fixes a regression introduced by the first commit. [Test Case] A detailed test case is explained in the first commit and a self-test is added in the second commit. [Regression Potential] The patch modifies some internal routing states. It has been living in the upstream trees for 2 months and the reported regression about icmp redirects has been fixed. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988809/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988809] Re: ip/nexthop: fix default address selection for connected nexthop
** Tags added: verification-done-focal verification-done-jammy -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988809 Title: ip/nexthop: fix default address selection for connected nexthop Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Status in linux source package in Jammy: Fix Committed Bug description: [Impact] Packets sent by userland apps are rejected/dropped if the source address is not specified and the corresponding route is using a connected nexthop object. This bug exists since linux v5.3 and has been fixed in v5.19 by the following upstream commits: - 747c14307214 ("ip: fix dflt addr selection for connected nexthop") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=747c14307214 - cd72e61bad14 ("selftests/net: test nexthop without gw") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cd72e61bad14 - eb55dc09b5dd ("ip: fix triggering of 'icmp redirect'") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb55dc09b5dd The last commit (v6.0) fixes a regression introduced by the first commit. [Test Case] A detailed test case is explained in the first commit and a self-test is added in the second commit. [Regression Potential] The patch modifies some internal routing states. It has been living in the upstream trees for 2 months and the reported regression about icmp redirects has been fixed. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988809/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988809] [NEW] ip/nexthop: fix default address selection for connected nexthop
Public bug reported: [Impact] Packets sent by userland apps are rejected/dropped if the source address is not specified and the corresponding route is using a connected nexthop object. This bug exists since linux v5.3 and has been fixed in v5.19 by the following upstream commits: - 747c14307214 ("ip: fix dflt addr selection for connected nexthop") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=747c14307214 - cd72e61bad14 ("selftests/net: test nexthop without gw") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cd72e61bad14 - eb55dc09b5dd ("ip: fix triggering of 'icmp redirect'") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb55dc09b5dd The last commit (v6.0) fixes a regression introduced by the first commit. [Test Case] A detailed test case is explained in the first commit and a self-test is added in the second commit. [Regression Potential] The patch modifies some internal routing states. It has been living in the upstream trees for 2 months and the reported regression about icmp redirects has been fixed. The risk of regression should be contained. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988809 Title: ip/nexthop: fix default address selection for connected nexthop Status in linux package in Ubuntu: New Bug description: [Impact] Packets sent by userland apps are rejected/dropped if the source address is not specified and the corresponding route is using a connected nexthop object. This bug exists since linux v5.3 and has been fixed in v5.19 by the following upstream commits: - 747c14307214 ("ip: fix dflt addr selection for connected nexthop") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=747c14307214 - cd72e61bad14 ("selftests/net: test nexthop without gw") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cd72e61bad14 - eb55dc09b5dd ("ip: fix triggering of 'icmp redirect'") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=eb55dc09b5dd The last commit (v6.0) fixes a regression introduced by the first commit. [Test Case] A detailed test case is explained in the first commit and a self-test is added in the second commit. [Regression Potential] The patch modifies some internal routing states. It has been living in the upstream trees for 2 months and the reported regression about icmp redirects has been fixed. The risk of regression should be contained. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988809/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988584] Re: cgroup: all controllers mounted when using 'cgroup_no_v1='
** Summary changed: - cgroup: all controller mounted when using 'cgroup_no_v1=' + cgroup: all controllers mounted when using 'cgroup_no_v1=' -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988584 Title: cgroup: all controllers mounted when using 'cgroup_no_v1=' Status in linux package in Ubuntu: Incomplete Bug description: [Impact] When mounting a cgroup hierarchy with disabled controller in cgroup v1, all available controllers will be attached. For example, boot with cgroup_no_v1=cpu or cgroup_disable=cpu, and then mount with "mount -t cgroup -ocpu cpu /sys/fs/cgroup/cpu", then all enabled controllers will be attached except cpu. This exists since linux v5.1 and fixed in linux v5.11 with this commit: 61e960b07b63 cgroup-v1: add disabled controller check in cgroup1_parse_param() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61e960b07b637 [Test Case] root@dut-vm:~# kexec -l /boot/vmlinuz-5.4.0-122-generic --initrd=/boot/initrd.img-5.4.0-122-generic --command-line="$(cat /proc/cmdline) cgroup_no_v1=net_prio,net_cls" root@dut-vm:~# systemctl kexec root@dut-vm:~# mount | grep cgroup tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,perf_event,hugetlb,pids,rdma) => All controllers are associated to /sys/fs/cgroup/net_cls,net_prio. Note that several reboots may be needed to reproduce the problem (it fails only when systemd tries to mount 'net_cls,net_prio' first, but the order is random). [Regression Potential] The patch is located in cgroup1_parse_param(), the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988584/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1988584] [NEW] cgroup: all controller mounted when using 'cgroup_no_v1='
Public bug reported: [Impact] When mounting a cgroup hierarchy with disabled controller in cgroup v1, all available controllers will be attached. For example, boot with cgroup_no_v1=cpu or cgroup_disable=cpu, and then mount with "mount -t cgroup -ocpu cpu /sys/fs/cgroup/cpu", then all enabled controllers will be attached except cpu. This exists since linux v5.1 and fixed in linux v5.11 with this commit: 61e960b07b63 cgroup-v1: add disabled controller check in cgroup1_parse_param() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61e960b07b637 [Test Case] root@dut-vm:~# kexec -l /boot/vmlinuz-5.4.0-122-generic --initrd=/boot/initrd.img-5.4.0-122-generic --command-line="$(cat /proc/cmdline) cgroup_no_v1=net_prio,net_cls" root@dut-vm:~# systemctl kexec root@dut-vm:~# mount | grep cgroup tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,perf_event,hugetlb,pids,rdma) => All controllers are associated to /sys/fs/cgroup/net_cls,net_prio. Note that several reboots may be needed to reproduce the problem (it fails only when systemd tries to mount 'net_cls,net_prio' first, but the order is random). [Regression Potential] The patch is located in cgroup1_parse_param(), the potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1988584 Title: cgroup: all controller mounted when using 'cgroup_no_v1=' Status in linux package in Ubuntu: Incomplete Bug description: [Impact] When mounting a cgroup hierarchy with disabled controller in cgroup v1, all available controllers will be attached. For example, boot with cgroup_no_v1=cpu or cgroup_disable=cpu, and then mount with "mount -t cgroup -ocpu cpu /sys/fs/cgroup/cpu", then all enabled controllers will be attached except cpu. This exists since linux v5.1 and fixed in linux v5.11 with this commit: 61e960b07b63 cgroup-v1: add disabled controller check in cgroup1_parse_param() https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=61e960b07b637 [Test Case] root@dut-vm:~# kexec -l /boot/vmlinuz-5.4.0-122-generic --initrd=/boot/initrd.img-5.4.0-122-generic --command-line="$(cat /proc/cmdline) cgroup_no_v1=net_prio,net_cls" root@dut-vm:~# systemctl kexec root@dut-vm:~# mount | grep cgroup tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755) cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd) cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,cpu,cpuacct,blkio,memory,devices,freezer,perf_event,hugetlb,pids,rdma) => All controllers are associated to /sys/fs/cgroup/net_cls,net_prio. Note that several reboots may be needed to reproduce the problem (it fails only when systemd tries to mount 'net_cls,net_prio' first, but the order is random). [Regression Potential] The patch is located in cgroup1_parse_param(), the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1988584/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1968591] Re: xfrm interface cannot be changed anymore
** Tags removed: verification-needed-impish ** Tags added: verification-done-impish -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1968591 Title: xfrm interface cannot be changed anymore Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 5678 dev lo Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1968591/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1968591] Re: xfrm interface cannot be changed anymore
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1968591 Title: xfrm interface cannot be changed anymore Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 5678 dev lo Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1968591/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1968591] Re: xfrm interface cannot be changed anymore
** Description changed: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo - root@dut-vm:~# ip link change foo type xfrm if_id 1234 dev ntfp1 + root@dut-vm:~# ip link change foo type xfrm if_id 5678 dev lo Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1968591 Title: xfrm interface cannot be changed anymore Status in linux package in Ubuntu: Fix Released Status in linux source package in Focal: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 5678 dev lo Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1968591/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1968591] [NEW] xfrm interface cannot be changed anymore
Public bug reported: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 1234 dev ntfp1 Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Description changed: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 + + It has been fixed upstream by this commit: + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 1234 dev ntfp1 Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1968591 Title: xfrm interface cannot be changed anymore Status in linux package in Ubuntu: New Bug description: [Impact] An xfrm interface cannot be changed any more since Ubuntu-hwe-5.4-5.4.0-105. In fact, the regression has been introduced by this backport: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=13a02539b135 It has been fixed upstream by this commit: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d0d95a1c2b0 [Test Case] root@dut-vm:~# ip link add foo type xfrm if_id 1234 dev lo root@dut-vm:~# ip link change foo type xfrm if_id 1234 dev ntfp1 Error: if_id must be non zero. root@dut-vm:~# uname -a Linux dut-vm 5.4.0-107-generic #121~18.04.1-Ubuntu SMP Thu Mar 24 17:21:33 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1968591/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1951606] Re: bonding: arp monitoring is failing with tuntap interfaces
The patch has been merged in ubuntu focal: https://kernel.ubuntu.com/git/ubuntu/ubuntu-focal.git/commit/?id=fa748ace5184 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1951606 Title: bonding: arp monitoring is failing with tuntap interfaces Status in linux package in Ubuntu: Expired Bug description: [Impact] When tuntap interfaces are slaves of a bonding interface, arp monitoring is unusable. This is fixed upstream with commit a31d27fbed5d ("tun: fix bonding active backup with arp monitoring"). It will be included in linux v5.16. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a31d27fbed5d [Test Case] Create a bonding with two tuntap interfaces and arp monitoring configured. Before the patch, slave interfaces are flapping continuously. Example: Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:28 dut-vm kernel: bond0: active interface up! Nov 19 16:12:31 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:31 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:32 dut-vm kernel: bond0: active interface up! Nov 19 16:12:35 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:35 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:36 dut-vm kernel: bond0: active interface up! Nov 19 16:12:37 dut-vm kernel: bond0: (slave ntfp3): link status definitely up Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp3): making interface the new active one [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1951606/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1951606] Re: bonding: arp monitoring is failing with tuntap interfaces
This patch has been backported in the official linux stable 5.4: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.4.y=01a7ecd36d1e -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1951606 Title: bonding: arp monitoring is failing with tuntap interfaces Status in linux package in Ubuntu: Incomplete Bug description: [Impact] When tuntap interfaces are slaves of a bonding interface, arp monitoring is unusable. This is fixed upstream with commit a31d27fbed5d ("tun: fix bonding active backup with arp monitoring"). It will be included in linux v5.16. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a31d27fbed5d [Test Case] Create a bonding with two tuntap interfaces and arp monitoring configured. Before the patch, slave interfaces are flapping continuously. Example: Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:28 dut-vm kernel: bond0: active interface up! Nov 19 16:12:31 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:31 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:32 dut-vm kernel: bond0: active interface up! Nov 19 16:12:35 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:35 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:36 dut-vm kernel: bond0: active interface up! Nov 19 16:12:37 dut-vm kernel: bond0: (slave ntfp3): link status definitely up Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp3): making interface the new active one [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1951606/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1951606] [NEW] bonding: arp monitoring is failing with tuntap interfaces
Public bug reported: [Impact] When tuntap interfaces are slaves of a bonding interface, arp monitoring is unusable. This is fixed upstream with commit a31d27fbed5d ("tun: fix bonding active backup with arp monitoring"). It will be included in linux v5.16. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a31d27fbed5d [Test Case] Create a bonding with two tuntap interfaces and arp monitoring configured. Before the patch, slave interfaces are flapping continuously. Example: Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:28 dut-vm kernel: bond0: active interface up! Nov 19 16:12:31 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:31 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:32 dut-vm kernel: bond0: active interface up! Nov 19 16:12:35 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:35 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:36 dut-vm kernel: bond0: active interface up! Nov 19 16:12:37 dut-vm kernel: bond0: (slave ntfp3): link status definitely up Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp3): making interface the new active one [Regression Potential] The patch is trivial, the potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Description changed: [Impact] When tuntap interfaces are slaves of a bonding interface, arp monitoring - is fails + is unusable. This is fixed upstream with commit a31d27fbed5d ("tun: fix bonding active backup with arp monitoring"). It will be included in linux v5.16. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a31d27fbed5d [Test Case] Create a bonding with two tuntap interfaces and arp monitoring configured. Before the patch, slave interfaces are flapping continuously. Example: Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:28 dut-vm kernel: bond0: active interface up! Nov 19 16:12:31 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:31 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:32 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:32 dut-vm kernel: bond0: active interface up! Nov 19 16:12:35 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:35 dut-vm kernel: bond0: now running without any active interface! Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): link status definitely up Nov 19 16:12:36 dut-vm kernel: bond0: (slave ntfp2): making interface the new active one Nov 19 16:12:36 dut-vm kernel: bond0: active interface up! Nov 19 16:12:37 dut-vm kernel: bond0: (slave ntfp3): link status definitely up Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp2): link status definitely down, disabling slave Nov 19 16:12:39 dut-vm kernel: bond0: (slave ntfp3): making interface the new active one [Regression Potential] The patch is trivial, the potential regressions are low. ** Summary changed: - bondig: arp monitoring is failing with tuntap interfaces + bonding: arp monitoring is failing with tuntap interfaces -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1951606 Title: bonding: arp monitoring is failing with tuntap interfaces Status in linux package in Ubuntu: New Bug description: [Impact] When tuntap interfaces are slaves of a bonding interface, arp monitoring is unusable. This is fixed upstream with commit a31d27fbed5d ("tun: fix bonding active backup with arp monitoring"). It will be included in linux v5.16. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a31d27fbed5d [Test Case] Create a bonding with two tuntap interfaces and arp monitoring configured. Before the patch, slave interfaces are flapping continuously. Example: Nov 19 16:12:28 dut-vm kernel: bond0: (slave ntfp2): link status
[Kernel-packages] [Bug 1947164] Re: ebpf: bpf_redirect fails with ip6 gre interfaces
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1947164 Title: ebpf: bpf_redirect fails with ip6 gre interfaces Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1947164/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1947164] Re: ebpf: bpf_redirect fails with ip6 gre interfaces
** Tags removed: verification-needed-impish ** Tags added: verification-done-impish -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1947164 Title: ebpf: bpf_redirect fails with ip6 gre interfaces Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1947164/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1947164] Re: ebpf: bpf_redirect fails with ip6 gre interfaces
** Tags removed: verification-needed-hirsute ** Tags added: verification-done-hirsute -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1947164 Title: ebpf: bpf_redirect fails with ip6 gre interfaces Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1947164/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1947164] Re: ebpf: bpf_redirect fails with ip6 gre interfaces
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1947164 Title: ebpf: bpf_redirect fails with ip6 gre interfaces Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: Fix Committed Bug description: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1947164/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1947164] [NEW] ebpf: bpf_redirect fails with ip6 gre interfaces
Public bug reported: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1947164 Title: ebpf: bpf_redirect fails with ip6 gre interfaces Status in linux package in Ubuntu: New Bug description: [Impact] The tc ebpf bpf_redirect() function cannot be used with ipv6 gre interface. This is fixed upstream with commit a3fa449ffcf5 ("net: handle ARPHRD_IP6GRE in dev_is_mac_header_xmit()"), included in linux v5.14. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a3fa449ffcf5 It would probably be good to also backport this one: 3b707c3008ca ("net: dev_is_mac_header_xmit() true for ARPHRD_RAWIP"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3b707c3008ca [Test Case] Create an ebpf program that redirect packets to an ipv6 gre interface and load it with tc. [Regression Potential] The patches are trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1947164/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1945180] [NEW] vrf: fix refcnt leak with vxlan slaves
Public bug reported: [Impact] There are cases, where deleting a VRF device can hang waiting for the refcnt to drop to 0, with the message: unregister_netdevice: waiting for vrf1 to become free. Usage count = 1 This is fixed upstream with commit b87b04f5019e ("ipv4: Fix device used for dst_alloc with local routes"), included in linux v5.13. The original patch, which has introduced the bug, is included in linux v4.10. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b87b04f5019e [Test Case] The upstream patch includes a test case, which describe how to reproduce the bug. [Regression Potential] The patch affects ipv4 routing. It is straightforward, it links new dst to a vrf device instead of the loopback if needed. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Patch added: "Backport of the upstream patch on Ubuntu-hwe-5.4-5.4.0-87.98_18.04.1" https://bugs.launchpad.net/bugs/1945180/+attachment/5528350/+files/0001-ipv4-Fix-device-used-for-dst_alloc-with-local-routes.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1945180 Title: vrf: fix refcnt leak with vxlan slaves Status in linux package in Ubuntu: New Bug description: [Impact] There are cases, where deleting a VRF device can hang waiting for the refcnt to drop to 0, with the message: unregister_netdevice: waiting for vrf1 to become free. Usage count = 1 This is fixed upstream with commit b87b04f5019e ("ipv4: Fix device used for dst_alloc with local routes"), included in linux v5.13. The original patch, which has introduced the bug, is included in linux v4.10. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b87b04f5019e [Test Case] The upstream patch includes a test case, which describe how to reproduce the bug. [Regression Potential] The patch affects ipv4 routing. It is straightforward, it links new dst to a vrf device instead of the loopback if needed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1945180/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1935040] Re: dev_forward_skb: do not scrub skb mark within the same name space
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1935040 Title: dev_forward_skb: do not scrub skb mark within the same name space Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: In Progress Bug description: [Impact] The ebpf function 'bpf_redirect' reset the mark when used with the flag BPF_F_INGRESS. There are two main problems with that: - it's not consistent between legacy tunnels and ebpf; - it's not consistent between ingress and egress. In fact, the eBPF program can easily reset the mark, but it cannot preserve it. This kind of patch was already done in the past, see commit 963a88b31ddb ("tunnels: harmonize cleanup done on skb on xmit path"), commit ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") and commit 213dd74aee76 ("skbuff: Do not scrub skb mark within the same name space"). This is fixed upstream with commit ff70202b2d1a ("dev_forward_skb: do not scrub skb mark within the same name space"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff70202b2d1a [Test Case] Mark a packet in the POSTROUTING hook, redirect it to another interface and display it with a netfilter log rule to check the mark. [Regression Potential] A user could expect that the mark is reset after a call to bpf_redirect(BPF_F_INGRESS), but he could easily reset it in the eBPF program himself. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1935040/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1935040] Re: dev_forward_skb: do not scrub skb mark within the same name space
** Tags removed: verification-needed-hirsute ** Tags added: verification-done-hirsute -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1935040 Title: dev_forward_skb: do not scrub skb mark within the same name space Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: In Progress Bug description: [Impact] The ebpf function 'bpf_redirect' reset the mark when used with the flag BPF_F_INGRESS. There are two main problems with that: - it's not consistent between legacy tunnels and ebpf; - it's not consistent between ingress and egress. In fact, the eBPF program can easily reset the mark, but it cannot preserve it. This kind of patch was already done in the past, see commit 963a88b31ddb ("tunnels: harmonize cleanup done on skb on xmit path"), commit ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") and commit 213dd74aee76 ("skbuff: Do not scrub skb mark within the same name space"). This is fixed upstream with commit ff70202b2d1a ("dev_forward_skb: do not scrub skb mark within the same name space"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff70202b2d1a [Test Case] Mark a packet in the POSTROUTING hook, redirect it to another interface and display it with a netfilter log rule to check the mark. [Regression Potential] A user could expect that the mark is reset after a call to bpf_redirect(BPF_F_INGRESS), but he could easily reset it in the eBPF program himself. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1935040/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1935040] Re: dev_forward_skb: do not scrub skb mark within the same name space
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1935040 Title: dev_forward_skb: do not scrub skb mark within the same name space Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: Fix Committed Status in linux source package in Focal: Fix Committed Status in linux source package in Hirsute: Fix Committed Status in linux source package in Impish: In Progress Bug description: [Impact] The ebpf function 'bpf_redirect' reset the mark when used with the flag BPF_F_INGRESS. There are two main problems with that: - it's not consistent between legacy tunnels and ebpf; - it's not consistent between ingress and egress. In fact, the eBPF program can easily reset the mark, but it cannot preserve it. This kind of patch was already done in the past, see commit 963a88b31ddb ("tunnels: harmonize cleanup done on skb on xmit path"), commit ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") and commit 213dd74aee76 ("skbuff: Do not scrub skb mark within the same name space"). This is fixed upstream with commit ff70202b2d1a ("dev_forward_skb: do not scrub skb mark within the same name space"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff70202b2d1a [Test Case] Mark a packet in the POSTROUTING hook, redirect it to another interface and display it with a netfilter log rule to check the mark. [Regression Potential] A user could expect that the mark is reset after a call to bpf_redirect(BPF_F_INGRESS), but he could easily reset it in the eBPF program himself. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1935040/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1936475] [NEW] ipv6: fix 'disable_policy' for forwarded packets
Public bug reported: [Impact] The ipv6 sysctl entry 'disable_policy' has effect for local packets only (while the ipv4 version is for all packets coming from the specified interface). This is fixed upstream with commit ccd27f05ae7b ("ipv6: fix 'disable_policy' for fwd packets"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ccd27f05ae7b [Test Case] Enable 'disable_policy' for an interface: sysctl -w net.ipv6.conf.eth0.disable_policy=1 Add an ipsec policy: ip xfrm policy add src fd00:100::/64 dst fd00:200::/64 dir out tmpl src fd00:125::1 dst fd00:125::2 proto esp mode tunnel Try a ping from subnet fd00:100::/64 to subnet fd00:200::/64. [Regression Potential] The patch is small and located in ip6_forward(), thus only this function is affected. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1936475 Title: ipv6: fix 'disable_policy' for forwarded packets Status in linux package in Ubuntu: New Bug description: [Impact] The ipv6 sysctl entry 'disable_policy' has effect for local packets only (while the ipv4 version is for all packets coming from the specified interface). This is fixed upstream with commit ccd27f05ae7b ("ipv6: fix 'disable_policy' for fwd packets"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ccd27f05ae7b [Test Case] Enable 'disable_policy' for an interface: sysctl -w net.ipv6.conf.eth0.disable_policy=1 Add an ipsec policy: ip xfrm policy add src fd00:100::/64 dst fd00:200::/64 dir out tmpl src fd00:125::1 dst fd00:125::2 proto esp mode tunnel Try a ping from subnet fd00:100::/64 to subnet fd00:200::/64. [Regression Potential] The patch is small and located in ip6_forward(), thus only this function is affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1936475/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1935040] [NEW] dev_forward_skb: do not scrub skb mark within the same name space
Public bug reported: [Impact] The ebpf function 'bpf_redirect' reset the mark when used with the flag BPF_F_INGRESS. There are two main problems with that: - it's not consistent between legacy tunnels and ebpf; - it's not consistent between ingress and egress. In fact, the eBPF program can easily reset the mark, but it cannot preserve it. This kind of patch was already done in the past, see commit 963a88b31ddb ("tunnels: harmonize cleanup done on skb on xmit path"), commit ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") and commit 213dd74aee76 ("skbuff: Do not scrub skb mark within the same name space"). This is fixed upstream with commit ff70202b2d1a ("dev_forward_skb: do not scrub skb mark within the same name space"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff70202b2d1a [Test Case] Mark a packet in the POSTROUTING hook, redirect it to another interface and display it with a netfilter log rule to check the mark. [Regression Potential] A user could expect that the mark is reset after a call to bpf_redirect(BPF_F_INGRESS), but he could easily reset it in the eBPF program himself. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1935040 Title: dev_forward_skb: do not scrub skb mark within the same name space Status in linux package in Ubuntu: New Bug description: [Impact] The ebpf function 'bpf_redirect' reset the mark when used with the flag BPF_F_INGRESS. There are two main problems with that: - it's not consistent between legacy tunnels and ebpf; - it's not consistent between ingress and egress. In fact, the eBPF program can easily reset the mark, but it cannot preserve it. This kind of patch was already done in the past, see commit 963a88b31ddb ("tunnels: harmonize cleanup done on skb on xmit path"), commit ea23192e8e57 ("tunnels: harmonize cleanup done on skb on rx path") and commit 213dd74aee76 ("skbuff: Do not scrub skb mark within the same name space"). This is fixed upstream with commit ff70202b2d1a ("dev_forward_skb: do not scrub skb mark within the same name space"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ff70202b2d1a [Test Case] Mark a packet in the POSTROUTING hook, redirect it to another interface and display it with a netfilter log rule to check the mark. [Regression Potential] A user could expect that the mark is reset after a call to bpf_redirect(BPF_F_INGRESS), but he could easily reset it in the eBPF program himself. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1935040/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1896504] Re: tc/ebpf: unable to use BPF_FUNC_skb_change_head
** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1896504 Title: tc/ebpf: unable to use BPF_FUNC_skb_change_head Status in linux package in Ubuntu: Incomplete Status in linux source package in Focal: Fix Committed Status in linux source package in Groovy: Incomplete Bug description: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1896504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1896504] Re: tc/ebpf: unable to use BPF_FUNC_skb_change_head
Here is an example: root@ubuntu1804hwe:~# uname -a Linux ubuntu1804hwe 5.4.0-47-generic #51~18.04.1-Ubuntu SMP Sat Sep 5 14:35:50 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@ubuntu1804hwe:~# cat test.c #include #include #ifndef __section # define __section(NAME) __attribute__((section(NAME), used)) #endif static int (*bpf_skb_change_head)(void *ctx, int headroom, int flags) = (void *) BPF_FUNC_skb_change_head; __section("test") int _test(struct __sk_buff *skb) { bpf_skb_change_head(skb, 14, 0); return TC_ACT_OK; } char _license[] __section("license") = "GPL"; root@ubuntu1804hwe:~# clang -target bpf -I/usr/include/x86_64-linux-gnu/ -O2 -o test.o -c test.c root@ubuntu1804hwe:~# ip link add name dummy1 type dummy root@ubuntu1804hwe:~# ip link set dummy1 up root@ubuntu1804hwe:~# tc qdisc add dev dummy1 clsact root@ubuntu1804hwe:~# tc filter add dev dummy1 egress matchall action bpf obj ./test.o sec test Prog section 'test' rejected: Invalid argument (22)! - Type: 4 - Instructions: 5 (0 over limit) - License: GPL Verifier analysis: 0: (b7) r2 = 14 1: (b7) r3 = 0 2: (85) call bpf_skb_change_head#43 unknown func bpf_skb_change_head#43 processed 3 insns (limit 100) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 Error fetching program/map! bad action parsing parse_action: bad value (5:bpf)! Illegal "action" root@ubuntu1804hwe:~# -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1896504 Title: tc/ebpf: unable to use BPF_FUNC_skb_change_head Status in linux package in Ubuntu: Incomplete Bug description: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1896504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1896504] Re: tc/ebpf: unable to use BPF_FUNC_skb_change_head
With a newer kernel, the last command succeeds (not output): root@ubuntu1804hwe:~# uname -a Linux ubuntu1804hwe 5.9.0-rc3-ge1b81391421b+6wind-net #1 SMP Mon Sep 21 19:31:31 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@ubuntu1804hwe:~# tc filter add dev dummy1 egress matchall action bpf obj ./test.o sec test root@ubuntu1804hwe:~# -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1896504 Title: tc/ebpf: unable to use BPF_FUNC_skb_change_head Status in linux package in Ubuntu: Incomplete Bug description: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1896504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1896504] Re: tc/ebpf: unable to use BPF_FUNC_skb_change_head
I forget to explain how to check that the tc command was accepted: root@ubuntu1804hwe:~# tc filter show dev dummy1 egress filter protocol all pref 49152 matchall chain 0 filter protocol all pref 49152 matchall chain 0 handle 0x1 not_in_hw action order 1: bpf test.o:[test] id 9 tag 26af4b090d2d67ee jited default-action pipe index 1 ref 1 bind 1 root@ubuntu1804hwe:~# -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1896504 Title: tc/ebpf: unable to use BPF_FUNC_skb_change_head Status in linux package in Ubuntu: Incomplete Bug description: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1896504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1896504] [NEW] tc/ebpf: unable to use BPF_FUNC_skb_change_head
Public bug reported: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Description changed: - [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. - This helper exists since linux v4.10, but it cannot be used until the the upstream commit f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): + This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1896504 Title: tc/ebpf: unable to use BPF_FUNC_skb_change_head Status in linux package in Ubuntu: New Bug description: [Impact] tc ebpf program that uses BPF_FUNC_skb_change_head are rejected. This helper exists since linux v4.10, but it cannot be used until the the upstream commit 6f3f65d80dac ("net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6f3f65d80dac [Test Case] Create a, ebpf program that uses this helper and load it with tc. [Regression Potential] The patch is trivial, the potential regressions are low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1896504/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1894605] [NEW] gtp: unable to associate contextes to interfaces
Public bug reported: [Impact] When a user dump pdp contextes, it cannot associate them with existing gtp interfaces. Thus, the dump is unusable. This problem has been fixed in the upstream commit b274e47d9e3f ("gtp: add GTPA_LINK info to msg sent to userspace"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b274e47d9e3f [Test Case] Create several gtp interfaces and setup PDP contextes on them. Perform a dump with the genl command GTP_CMD_GETPDP. [Regression Potential] The patch affects only the gtp driver and is quite trivial. Thus, the potential regressions are limited to this area and low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1894605 Title: gtp: unable to associate contextes to interfaces Status in linux package in Ubuntu: New Bug description: [Impact] When a user dump pdp contextes, it cannot associate them with existing gtp interfaces. Thus, the dump is unusable. This problem has been fixed in the upstream commit b274e47d9e3f ("gtp: add GTPA_LINK info to msg sent to userspace"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b274e47d9e3f [Test Case] Create several gtp interfaces and setup PDP contextes on them. Perform a dump with the genl command GTP_CMD_GETPDP. [Regression Potential] The patch affects only the gtp driver and is quite trivial. Thus, the potential regressions are limited to this area and low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1894605/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1890796] Re: ipsec: policy priority management is broken
I don't understand which kernel should be tested on xenial. The kernel 4.15.0-112-generic does not have the bug. ** Tags removed: verification-needed-bionic verification-needed-focal ** Tags added: verification-done-bionic verification-done-focal -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-oem-5.6 in Ubuntu. https://bugs.launchpad.net/bugs/1890796 Title: ipsec: policy priority management is broken Status in linux package in Ubuntu: Fix Released Status in linux-hwe package in Ubuntu: Invalid Status in linux-oem-5.6 package in Ubuntu: Invalid Status in linux source package in Xenial: Fix Committed Status in linux-hwe source package in Xenial: Invalid Status in linux-oem-5.6 source package in Xenial: Invalid Status in linux source package in Bionic: Fix Committed Status in linux-hwe source package in Bionic: Fix Committed Status in linux-oem-5.6 source package in Bionic: Invalid Status in linux source package in Focal: Fix Committed Status in linux-hwe source package in Focal: Invalid Status in linux-oem-5.6 source package in Focal: Confirmed Bug description: [Impact] When the user tries to update the priority field of a SP, the SP is not updated *AND* a new SP is created. This results to a broken IPsec configuration. This problem has been fixed in the upstream commit 4f47e8ab6ab7 ("xfrm: policy: match with both mark and mask on user interfaces"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f47e8ab6ab7 [Test Case] root@dut-vm:~# uname -a Linux dut-vm 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# ip xfrm policy flush root@dut-vm:~# ip xfrm policy root@dut-vm:~# ip xfrm policy add src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in action allow priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# ip xfrm policy update src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# => Now, there is 2 SP instead of 1. [Regression Potential] The patch affects the xfrm stack only. Thus, the potential regressions are limited to this area. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1890796/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1890796] [NEW] ipsec: policy priority management is broken
Public bug reported: [Impact] When the user tries to update the priority field of a SP, the SP is not updated *AND* a new SP is created. This results to a broken IPsec configuration. This problem has been fixed in the upstream commit 4f47e8ab6ab7 ("xfrm: policy: match with both mark and mask on user interfaces"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f47e8ab6ab7 [Test Case] root@dut-vm:~# uname -a Linux dut-vm 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# ip xfrm policy flush root@dut-vm:~# ip xfrm policy root@dut-vm:~# ip xfrm policy add src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in action allow priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# ip xfrm policy update src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# => Now, there is 2 SP instead of 1. [Regression Potential] The patch affects the xfrm stack only. Thus, the potential regressions are limited to this area. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1890796 Title: ipsec: policy priority management is broken Status in linux package in Ubuntu: New Bug description: [Impact] When the user tries to update the priority field of a SP, the SP is not updated *AND* a new SP is created. This results to a broken IPsec configuration. This problem has been fixed in the upstream commit 4f47e8ab6ab7 ("xfrm: policy: match with both mark and mask on user interfaces"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4f47e8ab6ab7 [Test Case] root@dut-vm:~# uname -a Linux dut-vm 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux root@dut-vm:~# ip xfrm policy flush root@dut-vm:~# ip xfrm policy root@dut-vm:~# ip xfrm policy add src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in action allow priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# ip xfrm policy update src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp mode tunnel reqid 1 root@dut-vm:~# ip xfrm policy src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 5 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel src 1.1.1.1/24 dst 2.2.2.2/24 proto tcp dir in priority 9 tmpl src 3.3.3.3 dst 4.4.4.4 proto esp reqid 1 mode tunnel root@dut-vm:~# => Now, there is 2 SP instead of 1. [Regression Potential] The patch affects the xfrm stack only. Thus, the potential regressions are limited to this area. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1890796/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1881907] [NEW] xfrm interface: fix oops when deleting a x-netns interface
Public bug reported: [Impact] When a netns is removed, it may corrupt x-netns xfrm interfaces that have their link part in this netns. It will later trigger an oops when those interfaces are removed. This problem has been fixed in the upstream commit c95c5f58b35e ("xfrm interface: fix oops when deleting a x-netns interface"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c95c5f58b35e [Test Case] The steps to reproduce the oops is explained in the commit log of the upstream patch. [Regression Potential] The patch affects only the xfrm interface driver, more precisely, the deletion part. Thus, the potential regressions are limited to this area. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1881907 Title: xfrm interface: fix oops when deleting a x-netns interface Status in linux package in Ubuntu: New Bug description: [Impact] When a netns is removed, it may corrupt x-netns xfrm interfaces that have their link part in this netns. It will later trigger an oops when those interfaces are removed. This problem has been fixed in the upstream commit c95c5f58b35e ("xfrm interface: fix oops when deleting a x-netns interface"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c95c5f58b35e [Test Case] The steps to reproduce the oops is explained in the commit log of the upstream patch. [Regression Potential] The patch affects only the xfrm interface driver, more precisely, the deletion part. Thus, the potential regressions are limited to this area. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1881907/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1860969] Re: ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets
** Tags removed: verification-needed-eoan ** Tags added: verification-done-eoan -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1860969 Title: ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets Status in linux package in Ubuntu: Fix Committed Status in linux source package in Xenial: New Status in linux source package in Bionic: New Status in linux source package in Eoan: Fix Committed Status in linux source package in Focal: Fix Committed Bug description: [SRU Justification] [Impact] Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier). This has been fixed in v5.5 by the following upstream commits - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe The bug exists since the beginning of each driver. == Fix == Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1860969/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1860969] Re: ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets
** Description changed: [SRU Justification] [Impact] Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier). This has been fixed in v5.5 by the following upstream commits - - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") - - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") + - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") + - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe The bug exists since the beginning of each driver. - == Fix == - Backport the requested patches to Focal (5.4), Disco (5.0), Bionic (4.15) and + Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1860969 Title: ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets Status in linux package in Ubuntu: Incomplete Bug description: [SRU Justification] [Impact] Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier). This has been fixed in v5.5 by the following upstream commits - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe The bug exists since the beginning of each driver. == Fix == Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1860969/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1860986] Re: openvswitch: same tcp session encapsulated with different udp src port for ovs vxlan tunnel
** Description changed: [SRU Justification] [Impact] Packets encapsulated into a vxlan tunnel with openvswitch don't have the same udp source port for the first packet and the following ones of the same TCP flow in a DOCKER scenario usecase. In fact, when using the kernel datapath, the upcall don't include skb hash info relatived. As VXLAN module uses the skb hash to select UDP src port, the source port is different for the first packet. More information can be found here: https://mail.openvswitch.org/pipermail/ovs-dev/2019-October/364062.html This has been fixed in v5.5 by the following upstream commit: bd1903b7c4596 ("net: openvswitch: add hash info to upcall") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/openvswitch?id=bd1903b7c4596ba6f7677d0dfefd05ba5876707d The bug exists since the beginning of vxlan support in openvswitch. - + == Fix == - - Backport the requested patches to Focal (5.4), Disco (5.0), Bionic (4.15) and + Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and Xenial (4.4). - == Risk of Regression == This patch only add hash information when we do upcall, thus the risk should be low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1860986 Title: openvswitch: same tcp session encapsulated with different udp src port for ovs vxlan tunnel Status in linux package in Ubuntu: Incomplete Bug description: [SRU Justification] [Impact] Packets encapsulated into a vxlan tunnel with openvswitch don't have the same udp source port for the first packet and the following ones of the same TCP flow in a DOCKER scenario usecase. In fact, when using the kernel datapath, the upcall don't include skb hash info relatived. As VXLAN module uses the skb hash to select UDP src port, the source port is different for the first packet. More information can be found here: https://mail.openvswitch.org/pipermail/ovs-dev/2019-October/364062.html This has been fixed in v5.5 by the following upstream commit: bd1903b7c4596 ("net: openvswitch: add hash info to upcall") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/openvswitch?id=bd1903b7c4596ba6f7677d0dfefd05ba5876707d The bug exists since the beginning of vxlan support in openvswitch. == Fix == Backport the requested patches to Focal (5.4), Eoan (5.3), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch only add hash information when we do upcall, thus the risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1860986/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1860969] [NEW] ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets
Public bug reported: [SRU Justification] [Impact] Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier). This has been fixed in v5.5 by the following upstream commits - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe The bug exists since the beginning of each driver. == Fix == Backport the requested patches to Focal (5.4), Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low. ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1860969 Title: ipsec interfaces: fix sending with bpf_redirect() / AF_PACKET sockets Status in linux package in Ubuntu: New Bug description: [SRU Justification] [Impact] Packets sent to a vti[6]/xfrm interface via bpf_redirect() or via an AF_PACKET socket are dropped (no carrier). This has been fixed in v5.5 by the following upstream commits - 95224166a903 ("vti[6]: fix packet tx through bpf_redirect()") - f042365dbffe ("xfrm interface: fix packet tx through bpf_redirect()") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95224166a903 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f042365dbffe The bug exists since the beginning of each driver. == Fix == Backport the requested patches to Focal (5.4), Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regression == This patch affects only the cases described above (when no dst is attached to the skb), thus the risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1860969/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1849085] Re: netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID
** Description changed: - The following upstream patch is missing: + [SRU Justification] - - 993e4c929a07 netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID + [Impact] + + The netlink flag NLM_F_ECHO has no effect with the rtnetlink command + RTM_NEWNSID. This has been fixed in v5.4 by the upstream commit + 993e4c929a07 ("netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID"). The + bug is here since v4.0. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993e4c929a07 + + == Fix == + + Backport the requested patches to Disco (5.0), Bionic (4.15) and + Xenial (4.4). + + == Risk of Regregression == + + This patch is quite trivial and limited to the code that manage + RTM_[NEW|GET]NSID commands. Risk should be low. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1849085 Title: netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID Status in linux package in Ubuntu: Incomplete Bug description: [SRU Justification] [Impact] The netlink flag NLM_F_ECHO has no effect with the rtnetlink command RTM_NEWNSID. This has been fixed in v5.4 by the upstream commit 993e4c929a07 ("netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID"). The bug is here since v4.0. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993e4c929a07 == Fix == Backport the requested patches to Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regregression == This patch is quite trivial and limited to the code that manage RTM_[NEW|GET]NSID commands. Risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1849085/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1849085] [NEW] netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID
Public bug reported: The following upstream patch is missing: - 993e4c929a07 netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993e4c929a07 ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1849085 Title: netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID Status in linux package in Ubuntu: New Bug description: The following upstream patch is missing: - 993e4c929a07 netns: fix NLM_F_ECHO mechanism for RTM_NEWNSID https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993e4c929a07 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1849085/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1836261] Re: xfrm interface: several kernel panic
root@dut-vm:~# ip netns add foo root@dut-vm:~# ip netns add bar root@dut-vm:~# ip -n foo netns set bar 0 root@dut-vm:~# ip -n foo link add xfrmi0 link-netnsid 0 type xfrm dev lo if_id 23 root@dut-vm:~# ip -n bar link ls xfrmi0 Device "xfrmi0" does not exist. root@dut-vm:~# ip -n foo link ls xfrmi0 2: xfrmi0@if1: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/none 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff link-netns bar => interface is correctly created and there is no backtrace in dmesg, OK root@dut-vm:~# ip netns del foo root@dut-vm:~# ip netns del bar root@dut-vm:~# ip link add xfrm1 type xfrm dev lo if_id 1 root@dut-vm:~# ip link add xfrm2 type xfrm dev lo if_id 2 root@dut-vm:~# ip link set xfrm1 type xfrm dev lo if_id 2 RTNETLINK answers: File exists root@dut-vm:~# ip -d link list dev xfrm1 7: xfrm1@lo: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/none 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 1500 xfrm if_id 0x1 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 => if_id 0x1 and no backtrace in dmesg, OK root@dut-vm:~# ip link add dummy type dummy root@dut-vm:~# ip link add xfrm1 type xfrm dev dummy if_id 1 root@dut-vm:~# ip l d dummy root@dut-vm:~# ip -d l ls xfrm1 10: xfrm1@if9: mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000 link/none 3a:90:dc:59:76:c6 brd ff:ff:ff:ff:ff:ff promiscuity 0 minmtu 68 maxmtu 1500 xfrm if_id 0x1 addrgenmode eui64 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535 root@dut-vm:~# => no refcnt pb, OK Our internal tests suite is also OK. ** Tags removed: verification-needed-disco ** Tags added: verification-done-disco -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1836261 Title: xfrm interface: several kernel panic Status in linux package in Ubuntu: Incomplete Status in linux source package in Disco: Fix Committed Bug description: BugLink: https://bugs.launchpad.net/bugs/1836261 [Impact] Upstream has recently received a number of bug fixes that resolve kernel panics, memory leaks, and list handling for virtual xfrm interfaces that were debuted in 4.19. [Test Case] 3 of the 5 patches have test cases in their commit message for reproducing the fault they address. Another patch prevents including a stale name in the log files. And the other patch that doesn't have an explicit test case improves list handling. [Regression Potential] This patchset contains a nontrivial amount of changes. However, the heavier patches contain test cases that they resolve the regressions they were created for. They've been upstream since July and I don't see any follow up Fixes commits targeting these. The blast radius is "only" the xfrm interface but this is smoke tested and if any dependents rely on it for core functionality they might exercise it and would possibly notice any issues by now as well. Original bug description follows: There was several problems reported upstream: 1/ 56c5ee1a5823: xfrm interface: fix memory leak on creation https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=56c5ee1a5823 2/ xfrm interface: avoid corruption on changelink http://patchwork.ozlabs.org/patch/1130240/ 3/ xfrm interface: ifname may be wrong in logs http://patchwork.ozlabs.org/patch/1130241/ 4/ xfrm interface: fix list corruption for x-netns http://patchwork.ozlabs.org/patch/1130385/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836261/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1834465] Re: ipv6: fix neighbour resolution with raw socket
Tests are ok here. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1834465 Title: ipv6: fix neighbour resolution with raw socket Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: Fix Committed Status in linux source package in Disco: Fix Committed Bug description: [SRU Justification] == Impact == IPv6 packets may be dropped during the neighbor resolution when a userspace program uses IPv6 raw sockets. The commit that introduces this bug has not been identified, but it's here at least from Xenial (4.4). This was fixed in the requested backport (from 5.2). == Fix == Backport the requested patches to Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regregression == The change slightly modifies the target IPv6 address in neighbor resolution engine. Risk should be low and limited to ipv6. --- With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1834465/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1830756] Re: tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1830756 Title: tuntap: correctly set SOCKWQ_ASYNC_NOSPACE Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: Fix Committed Bug description: [SRU Justification] == Impact == 1bd4978a88ac2 ("tun: honor IFF_UP in tun_get_user()") which is part of kernel v4.5 introduced an issue where userspace processes might not get notified if a link comes up after initially being down. This was fixed in the requested backport (from 4.17). == Fix == Backport the requested patch to Bionic (4.15). Xenial (4.4) is not affected and Disco and later already contain that fix. == Risk of Regregression == The change only slightly modifies a very specific protocol function. Risk should be low and limited to tuntap. --- The upstream commit 2f3ab6221e4c ("tuntap: correctly set SOCKWQ_ASYNC_NOSPACE") is missing. Without this patch, userspace apps that use tuntap may be blocked. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2f3ab6221e4c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1830756/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1836261] Re: xfrm interface: several kernel panic
Here are the official commits from Linus tree: 56c5ee1a5823 ("xfrm interface: fix memory leak on creation") e9e7e85d75f3 ("xfrm interface: avoid corruption on changelink") e0aaa332e6a9 ("xfrm interface: ifname may be wrong in logs") c5d1030f2300 ("xfrm interface: fix list corruption for x-netns") 22d6552f827e ("xfrm interface: fix management of phydev") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=56c5ee1a5823 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e9e7e85d75f3 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e0aaa332e6a9 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5d1030f2300 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=22d6552f827e The bugs have been introduced in v4.19 by commit f203b76d7809 ("xfrm: Add virtual xfrm interfaces"): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f203b76d7809 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1836261 Title: xfrm interface: several kernel panic Status in linux package in Ubuntu: Incomplete Bug description: There was several problems reported upstream: 1/ 56c5ee1a5823: xfrm interface: fix memory leak on creation https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=56c5ee1a5823 2/ xfrm interface: avoid corruption on changelink http://patchwork.ozlabs.org/patch/1130240/ 3/ xfrm interface: ifname may be wrong in logs http://patchwork.ozlabs.org/patch/1130241/ 4/ xfrm interface: fix list corruption for x-netns http://patchwork.ozlabs.org/patch/1130385/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836261/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1834465] Re: ipv6: fix neighbour resolution with raw socket
Tests are ok for us. ** Tags removed: verification-needed-disco ** Tags added: verification-done-disco -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1834465 Title: ipv6: fix neighbour resolution with raw socket Status in linux package in Ubuntu: In Progress Status in linux source package in Disco: Fix Committed Bug description: [SRU Justification] == Impact == IPv6 packets may be dropped during the neighbor resolution when a userspace program uses IPv6 raw sockets. The commit that introduces this bug has not been identified, but it's here at least from Xenial (4.4). This was fixed in the requested backport (from 5.2). == Fix == Backport the requested patches to Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regregression == The change slightly modifies the target IPv6 address in neighbor resolution engine. Risk should be low and limited to ipv6. --- With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1834465/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1834465] Re: ipv6: fix neighbour resolution with raw socket
** Description changed: + [SRU Justification] + + == Impact == + + IPv6 packets may be dropped during the neighbor resolution when a + userspace program uses IPv6 raw sockets. The commit that introduces + this bug has not been identified, but it's here at least from Xenial (4.4). + This was fixed in the requested backport (from 5.2). + + == Fix == + + Backport the requested patches to Disco (5.0), Bionic (4.15) and + Xenial (4.4). + + == Risk of Regregression == + + The change slightly modifies the target IPv6 address in neighbor + resolution engine. Risk should be low and limited to ipv6. + + --- + With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1834465 Title: ipv6: fix neighbour resolution with raw socket Status in linux package in Ubuntu: In Progress Status in linux source package in Disco: In Progress Bug description: [SRU Justification] == Impact == IPv6 packets may be dropped during the neighbor resolution when a userspace program uses IPv6 raw sockets. The commit that introduces this bug has not been identified, but it's here at least from Xenial (4.4). This was fixed in the requested backport (from 5.2). == Fix == Backport the requested patches to Disco (5.0), Bionic (4.15) and Xenial (4.4). == Risk of Regregression == The change slightly modifies the target IPv6 address in neighbor resolution engine. Risk should be low and limited to ipv6. --- With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1834465/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1823725] Re: packet: reset network header if packet shorter than ll reserved space
** Changed in: linux (Ubuntu) Status: Expired => New ** Description changed: After backport of linux upstream commit 9ed988cd5915 ("packet: validate variable length ll headers") (https://kernel.ubuntu.com/git/ubuntu /ubuntu-bionic.git/commit/?id=c6026847a0a1) the following upstream patch is missing : - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9ed988cd5915 + https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993675a3100b - 9ed988cd5915 ("packet: validate variable length ll headers") + 993675a3100b ("packet: reset network header if packet shorter than ll + reserved space") ** Description changed: - After backport of linux upstream commit 9ed988cd5915 ("packet: validate - variable length ll headers") (https://kernel.ubuntu.com/git/ubuntu - /ubuntu-bionic.git/commit/?id=c6026847a0a1) the following upstream patch - is missing : + After backport of linux upstream commit b84bbaf7a6c8 ("packet: in + packet_snd start writing at link layer allocation") + (https://kernel.ubuntu.com/git/ubuntu/ubuntu- + bionic.git/commit/?id=c6026847a0a1) the following upstream patch is + missing : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993675a3100b 993675a3100b ("packet: reset network header if packet shorter than ll reserved space") -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1823725 Title: packet: reset network header if packet shorter than ll reserved space Status in linux package in Ubuntu: New Bug description: After backport of linux upstream commit b84bbaf7a6c8 ("packet: in packet_snd start writing at link layer allocation") (https://kernel.ubuntu.com/git/ubuntu/ubuntu- bionic.git/commit/?id=c6026847a0a1) the following upstream patch is missing : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=993675a3100b 993675a3100b ("packet: reset network header if packet shorter than ll reserved space") To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823725/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1830756] Re: tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
** Changed in: linux (Ubuntu) Status: Expired => New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1830756 Title: tuntap: correctly set SOCKWQ_ASYNC_NOSPACE Status in linux package in Ubuntu: Incomplete Bug description: The upstream commit 2f3ab6221e4c ("tuntap: correctly set SOCKWQ_ASYNC_NOSPACE") is missing. Without this patch, userspace apps that use tuntap may be blocked. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2f3ab6221e4c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1830756/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1836261] Re: xfrm interface: several kernel panic
The series has been included in the ipsec tree: https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/log/?h=22d6552f827e It will hit linus tree soon. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1836261 Title: xfrm interface: several kernel panic Status in linux package in Ubuntu: Incomplete Bug description: There was several problems reported upstream: 1/ 56c5ee1a5823: xfrm interface: fix memory leak on creation https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=56c5ee1a5823 2/ xfrm interface: avoid corruption on changelink http://patchwork.ozlabs.org/patch/1130240/ 3/ xfrm interface: ifname may be wrong in logs http://patchwork.ozlabs.org/patch/1130241/ 4/ xfrm interface: fix list corruption for x-netns http://patchwork.ozlabs.org/patch/1130385/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836261/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1836261] [NEW] xfrm interface: several kernel panic
Public bug reported: There was several problems reported upstream: 1/ 56c5ee1a5823: xfrm interface: fix memory leak on creation https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=56c5ee1a5823 2/ xfrm interface: avoid corruption on changelink http://patchwork.ozlabs.org/patch/1130240/ 3/ xfrm interface: ifname may be wrong in logs http://patchwork.ozlabs.org/patch/1130241/ 4/ xfrm interface: fix list corruption for x-netns http://patchwork.ozlabs.org/patch/1130385/ ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1836261 Title: xfrm interface: several kernel panic Status in linux package in Ubuntu: New Bug description: There was several problems reported upstream: 1/ 56c5ee1a5823: xfrm interface: fix memory leak on creation https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=56c5ee1a5823 2/ xfrm interface: avoid corruption on changelink http://patchwork.ozlabs.org/patch/1130240/ 3/ xfrm interface: ifname may be wrong in logs http://patchwork.ozlabs.org/patch/1130241/ 4/ xfrm interface: fix list corruption for x-netns http://patchwork.ozlabs.org/patch/1130385/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1836261/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1834465] [NEW] ipv6: fix neighbour resolution with raw socket
Public bug reported: With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1834465 Title: ipv6: fix neighbour resolution with raw socket Status in linux package in Ubuntu: Incomplete Bug description: With an IPv6 raw socket, packets may be dropped during the neighbour resolution. It is fixed upstream by these patches: 9b1c1ef13b35 ipv6: constify rt6_nexthop() 2c6b55f45d53 ipv6: fix neighbour resolution with raw socket https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=9b1c1ef13b35fa35051b635ca9fbda39fe6bbc70 https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=2c6b55f45d53420d8310d41310e0e2cd41fe073f The detail of the bug is explained in the second patch. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1834465/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1825985] Re: macvlan: add ndo_change_proto_down support
Can I do something to help? ** Changed in: linux (Ubuntu) Status: Expired => New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1825985 Title: macvlan: add ndo_change_proto_down support Status in linux package in Ubuntu: New Bug description: The following linux upstream patches are missing to support vrrp with frr: - b58996795dc4 ("net: dev: add generic protodown handler") - 2e8b4ba64676 ("macvlan: add ndo_change_proto_down support") - 8f1af75df3a7 ("vxlan: add ndo_change_proto_down support") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b58996795dc4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e8b4ba64676 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f1af75df3a7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1825985/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1823725] Re: packet: reset network header if packet shorter than ll reserved space
This bug is still there, valid packets may be dropped with variable length protocols like IP tunnels for example. Any actions expected on my side? ** Changed in: linux (Ubuntu) Status: Expired => New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1823725 Title: packet: reset network header if packet shorter than ll reserved space Status in linux package in Ubuntu: New Bug description: After backport of linux upstream commit 9ed988cd5915 ("packet: validate variable length ll headers") (https://kernel.ubuntu.com/git/ubuntu/ubuntu- bionic.git/commit/?id=c6026847a0a1) the following upstream patch is missing : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9ed988cd5915 9ed988cd5915 ("packet: validate variable length ll headers") To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823725/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1830756] [NEW] tuntap: correctly set SOCKWQ_ASYNC_NOSPACE
Public bug reported: The upstream commit 2f3ab6221e4c ("tuntap: correctly set SOCKWQ_ASYNC_NOSPACE") is missing. Without this patch, userspace apps that use tuntap may be blocked. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2f3ab6221e4c ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1830756 Title: tuntap: correctly set SOCKWQ_ASYNC_NOSPACE Status in linux package in Ubuntu: Incomplete Bug description: The upstream commit 2f3ab6221e4c ("tuntap: correctly set SOCKWQ_ASYNC_NOSPACE") is missing. Without this patch, userspace apps that use tuntap may be blocked. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2f3ab6221e4c To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1830756/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1825985] [NEW] macvlan: add ndo_change_proto_down support
Public bug reported: The following linux upstream patches are missing to support vrrp with frr: - b58996795dc4 ("net: dev: add generic protodown handler") - 2e8b4ba64676 ("macvlan: add ndo_change_proto_down support") - 8f1af75df3a7 ("vxlan: add ndo_change_proto_down support") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b58996795dc4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e8b4ba64676 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f1af75df3a7 ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1825985 Title: macvlan: add ndo_change_proto_down support Status in linux package in Ubuntu: New Bug description: The following linux upstream patches are missing to support vrrp with frr: - b58996795dc4 ("net: dev: add generic protodown handler") - 2e8b4ba64676 ("macvlan: add ndo_change_proto_down support") - 8f1af75df3a7 ("vxlan: add ndo_change_proto_down support") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b58996795dc4 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2e8b4ba64676 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=8f1af75df3a7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1825985/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1642514] Re: sched: Match-all classifier is missing in xenial
root@ubuntu1604:~# dpkg --list | grep iproute2 ii iproute2 4.3.0-1ubuntu3.16.04.4 amd64networking and traffic control tools root@ubuntu1604:~# apt-get install iproute2/xenial-proposed Reading package lists... Done Building dependency tree Reading state information... Done Selected version '4.3.0-1ubuntu3.16.04.5' (Ubuntu:16.04/xenial-proposed [amd64]) for 'iproute2' Suggested packages: iproute2-doc The following packages will be upgraded: iproute2 1 upgraded, 0 newly installed, 0 to remove and 38 not upgraded. Need to get 523 kB of archives. After this operation, 1,024 B of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 iproute2 amd64 4.3.0-1ubuntu3.16.04.5 [523 kB] Fetched 523 kB in 0s (6,782 kB/s) (Reading database ... 85262 files and directories currently installed.) Preparing to unpack .../iproute2_4.3.0-1ubuntu3.16.04.5_amd64.deb ... Unpacking iproute2 (4.3.0-1ubuntu3.16.04.5) over (4.3.0-1ubuntu3.16.04.4) ... Processing triggers for man-db (2.7.5-1) ... Setting up iproute2 (4.3.0-1ubuntu3.16.04.5) ... root@ubuntu1604:~# dpkg --list | grep iproute2 ii iproute2 4.3.0-1ubuntu3.16.04.5 amd64networking and traffic control tools root@ubuntu1604:~# ip link add dev dummy0 type dummy RTNETLINK answers: File exists root@ubuntu1604:~# ip link add dev dummy1 type dummy root@ubuntu1604:~# ip link set dev dummy0 up root@ubuntu1604:~# ip link set dev dummy1 up root@ubuntu1604:~# tc qdisc add dev dummy0 handle 1: root prio root@ubuntu1604:~# tc filter add dev dummy0 parent 1: matchall skip_hw action mirred egress mirror dev dummy1 root@ubuntu1604:~# tc filter show dev dummy0 filter parent 1: protocol all pref 49152 matchall filter parent 1: protocol all pref 49152 matchall handle 0x1 action order 1: mirred (Egress Mirror to device dummy1) pipe index 1 ref 1 bind 1 root@ubuntu1604:~# => test is OK. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1642514 Title: sched: Match-all classifier is missing in xenial Status in iproute2 package in Ubuntu: Fix Released Status in linux package in Ubuntu: Fix Released Status in iproute2 source package in Xenial: Fix Committed Status in linux source package in Xenial: Fix Released Bug description: [SRU Justification] == Impact == The Xenial 4.4 kernel already has a patch applied which implements the matchall filter. But in order to actually use it, iproute2 needs to pick up the user-space side of the implementation. == Fix == Backported a patch from iproute2 upstream which adds the missing support. Tested against the standard 4.4 and the HWE kernel in 16.04 (see testcase). == Risk of Regression == This adds a new filter type which has to be actively selected. This should not impact existing uses. So low. == Testcase == ip link add dev dummy0 type dummy ip link add dev dummy1 type dummy ip link set dev dummy0 up ip link set dev dummy1 up tc qdisc add dev dummy0 handle 1: root prio tc filter add dev dummy0 parent 1: matchall skip_hw action mirred egress mirror dev dummy1 at this point, "tc filter show dev dummy0" should spit out something like: filter parent 1: protocol all pref 49152 matchall filter parent 1: protocol all pref 49152 matchall handle 0x1 action order 1: mirred (Egress Mirror to device dummy1) pipe index 1 ref 1 bind 1 and the functionality can be tested via tcpdump -n -i dummy1 & ping -I dummy0 1.2.3.4 --- This is implemented in linux v4.8 by the following upstream patch: bf3994d2ed31 ("net/sched: introduce Match-all classifier") http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf3994d2ed31 The backport is straightforward. It's useful in combination with clsact qdisc (see bug #1642510). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1642514/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1823725] [NEW] packet: reset network header if packet shorter than ll reserved space
Public bug reported: After backport of linux upstream commit 9ed988cd5915 ("packet: validate variable length ll headers") (https://kernel.ubuntu.com/git/ubuntu /ubuntu-bionic.git/commit/?id=c6026847a0a1) the following upstream patch is missing : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9ed988cd5915 9ed988cd5915 ("packet: validate variable length ll headers") ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1823725 Title: packet: reset network header if packet shorter than ll reserved space Status in linux package in Ubuntu: Incomplete Bug description: After backport of linux upstream commit 9ed988cd5915 ("packet: validate variable length ll headers") (https://kernel.ubuntu.com/git/ubuntu/ubuntu- bionic.git/commit/?id=c6026847a0a1) the following upstream patch is missing : https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9ed988cd5915 9ed988cd5915 ("packet: validate variable length ll headers") To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1823725/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1806392] Re: tun/tap: unable to manage carrier state from userland
** Tags removed: verification-needed-bionic verification-needed-cosmic ** Tags added: verification-done-bionic verification-done-cosmic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1806392 Title: tun/tap: unable to manage carrier state from userland Status in linux package in Ubuntu: Invalid Status in linux source package in Bionic: Fix Committed Status in linux source package in Cosmic: Fix Committed Bug description: === SRU Justification === [Impact] Userspace cannot change tun's carrier state. [Fix] Add .ndo_change_carrier callback for tun. [Test] User confirm the backport works. [Regression Potential] Low. It add a new function and a new case switch for ioctl, but the new code doesn't affect existing behavior. === Original Bug Report === This upstream patch is missing: 26d31925cd5e ("tun: implement carrier change"). https://git.kernel.org/pub/scm/linux/kernel/git/davem/net- next.git/commit/?id=26d31925cd5e To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1806392/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774815] Re: Add bpftool to linux-tools-common
Any news on this topic? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774815 Title: Add bpftool to linux-tools-common Status in linux package in Ubuntu: Triaged Status in linux source package in Cosmic: Triaged Bug description: bpftool is a debugging and introspection tool actively developed by the BPF kernel community. It's developed as part of the kernel source tree under tools/: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/bpf/bpftool It would be really great and appreciated if Ubuntu folks could package this as part of linux-tools-common. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774815/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1806392] Re: tun/tap: unable to manage carrier state from userland
Tests are ok on my side, thanks. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1806392 Title: tun/tap: unable to manage carrier state from userland Status in linux package in Ubuntu: Triaged Bug description: This upstream patch is missing: 26d31925cd5e ("tun: implement carrier change"). https://git.kernel.org/pub/scm/linux/kernel/git/davem/net- next.git/commit/?id=26d31925cd5e To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1806392/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1806392] Re: tun/tap: unable to manage carrier state from userland
Any news for this patch? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1806392 Title: tun/tap: unable to manage carrier state from userland Status in linux package in Ubuntu: Triaged Bug description: This upstream patch is missing: 26d31925cd5e ("tun: implement carrier change"). https://git.kernel.org/pub/scm/linux/kernel/git/davem/net- next.git/commit/?id=26d31925cd5e To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1806392/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1812875] Re: ip6_gre: fix tunnel list corruption for x-netns
I reported this bug on behalf of a colleague. He is off this week and will not be able to test this patch before next week. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1812875 Title: ip6_gre: fix tunnel list corruption for x-netns Status in linux package in Ubuntu: Fix Committed Status in linux source package in Bionic: Fix Committed Status in linux source package in Cosmic: Fix Committed Bug description: == SRU Justification == Impact: A kernel panic is seen when using some third-party software. Fix: Upstream commit ab5098fa25b9 ("ip6_gre: fix tunnel list corruption for x-netns"). Test Case: Confirm that the panic no longer happens with the patch. Regression Potential: This is a simple fix and suitable for upstream stable, regressions are unlikely. --- The following upstream patch is missing in ubuntu-18.04: ab5098fa25b9 ("ip6_gre: fix tunnel list corruption for x-netns"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ab5098fa25b9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1812875/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1812875] Re: ip6_gre: fix tunnel list corruption for x-netns
This issue is a kernel panic ... We reproduce it on ubuntu-18.04 with a third party software -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1812875 Title: ip6_gre: fix tunnel list corruption for x-netns Status in linux package in Ubuntu: Incomplete Bug description: The following upstream patch is missing in ubuntu-18.04: ab5098fa25b9 ("ip6_gre: fix tunnel list corruption for x-netns"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ab5098fa25b9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1812875/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1812875] [NEW] ip6_gre: fix tunnel list corruption for x-netns
Public bug reported: The following upstream patch is missing in ubuntu-18.04: ab5098fa25b9 ("ip6_gre: fix tunnel list corruption for x-netns"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ab5098fa25b9 ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1812875 Title: ip6_gre: fix tunnel list corruption for x-netns Status in linux package in Ubuntu: Incomplete Bug description: The following upstream patch is missing in ubuntu-18.04: ab5098fa25b9 ("ip6_gre: fix tunnel list corruption for x-netns"). https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ab5098fa25b9 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1812875/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1806392] [NEW] tun/tap: unable to manage carrier state from userland
Public bug reported: This upstream patch is missing: 26d31925cd5e ("tun: implement carrier change"). https://git.kernel.org/pub/scm/linux/kernel/git/davem/net- next.git/commit/?id=26d31925cd5e ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1806392 Title: tun/tap: unable to manage carrier state from userland Status in linux package in Ubuntu: New Bug description: This upstream patch is missing: 26d31925cd5e ("tun: implement carrier change"). https://git.kernel.org/pub/scm/linux/kernel/git/davem/net- next.git/commit/?id=26d31925cd5e To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1806392/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1642514] Re: sched: Match-all classifier is missing in xenial
> Note that the iproute2 patch will be needed to use this filter: > > https://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?id=d5cbf3ff0561 > (embedded headers must be updated also). This link is dead, here is another one: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=d5cbf3ff0561 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1642514 Title: sched: Match-all classifier is missing in xenial Status in iproute2 package in Ubuntu: New Status in linux package in Ubuntu: Fix Released Status in iproute2 source package in Xenial: New Status in linux source package in Xenial: Fix Released Bug description: This is implemented in linux v4.8 by the following upstream patch: bf3994d2ed31 ("net/sched: introduce Match-all classifier") http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf3994d2ed31 The backport is straightforward. It's useful in combination with clsact qdisc (see bug #1642510). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1642514/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771783] Re: iproute2: frr route protocols are not converted to string on xenial
It works on my side: $ ./ip/ip r a 2.2.2.0/24 via 10.0.2.123 dev mgmt0 proto 188 metric 20 $ ./ip/ip r | grep 2.2.2 2.2.2.0/24 via 10.0.2.123 dev mgmt0 proto 188 metric 20 $ mkdir -p /etc/iproute2/rt_protos.d $ echo "188 foo" > /etc/iproute2/rt_protos.d/bar.conf $ ./ip/ip r | grep 2.2.2 2.2.2.0/24 via 10.0.2.123 dev mgmt0 proto foo metric 20 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1771783 Title: iproute2: frr route protocols are not converted to string on xenial Status in iproute2 package in Ubuntu: New Bug description: FRR puts its own proto numbers when inserting a route, example: $ ip route [snip] 2.2.2.0/24 via 3.3.3.2 dev eth2 proto 188 metric 20 iproute2 defines some protocols, but not all: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/etc/iproute2/rt_protos A patch has been pushed upstream so that external applications can define their protocols numbers: 719e331ff619 ("Add support for rt_protos.d") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=719e331ff619 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1771783/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771764] Re: iproute2: unable to add ip lwt mpls route on xenial
I tested the patch, it works. Thank you. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1771764 Title: iproute2: unable to add ip lwt mpls route on xenial Status in iproute2 package in Ubuntu: Triaged Bug description: The following command does not work: $ ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 Error: "nexthop" or end of line is expected instead of "encap" In fact, iproute2 version points to v4.3.0, but the xenial kernel is a 4.4. $ ip -V ip utility, iproute2-ss151103 => https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=6720eceff7b4 With an iproute2 v4.4.0 (iproute2-ss160111), that command works: $ modprobe mpls_iptunnel $ ./ip/ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 $ ./ip/ip r [snip] 10.201.0.0/24 encap mpls 300 via 10.200.0.1 dev ntfp2 At least, this patch is missing: 1e5293056a02 ("lwtunnel: Add encapsulation support to ip route") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1e5293056a02 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1771764/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Bionic: Fix Committed Bug description: == SRU Justification == 6Wind is requesting these three patches. The patches fix a bug that prevents a user from following an interface that moves to another netns. These commits are also needed in Xenial. However, they will be sent in a separate SRU request due to additional prereq commits being needed for Xenial. == Fixes == b2d3bcfa26a7 ("net: core: Expose number of link up/down transitions") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") == Regression Potential == Medium due to three patches needed and the changes to core networking. == Test Case == A test kernel was built with these patches and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug. The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
Well, it could be a workaround but it would be great to have it in the 4.4 if it's not too complicated for you. What do you think? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Bionic: In Progress Bug description: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1779830] [NEW] vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci
Public bug reported: The following upstream patch (v4.7) is missing in xenial: 450744051d20 ("vfio/pci: Hide broken INTx support from user") http://scm/kernels/linux-upstream/commit/?id=450744051d20 ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1779830 Title: vfio/pci: cannot assign a i40e pf device to a vm using vfio-pci Status in linux package in Ubuntu: New Bug description: The following upstream patch (v4.7) is missing in xenial: 450744051d20 ("vfio/pci: Hide broken INTx support from user") http://scm/kernels/linux-upstream/commit/?id=450744051d20 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1779830/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
It works for me, thanks! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Bionic: In Progress Bug description: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
The test fails because the attribute IFLA_CARRIER_UP_COUNT and IFLA_CARRIER_DOWN_COUNT are not declared in this kernel. In this kernel, IFLA_NEW_IFINDEX has the numeric value of IFLA_CARRIER_UP_COUNT in an upstream kernel (if I patch iproute2 to use IFLA_CARRIER_UP_COUNT instead of IFLA_NEW_IFINDEX, I can get the new ifindex). iproute2 (like a lot of others tools) has a local copy of linux uapi headers, thus the numeric value of netlink attributes must be the same than upstream. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Bionic: In Progress Bug description: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] Re: netns: unable to follow an interface that moves to another netns
Hi Joseph, we also expect to have those commits in xenial. The test fails with the patched kernel, only IFLA_NEW_NETNSID seems there. With the head of the iproute2 (patches to display those attributes have been merged this week-end): root@ubuntu1604:~# ./iproute2/ip/ip monitor link& [1] 859 root@ubuntu1604:~# ip netns add foo root@ubuntu1604:~# ip l a type dummy root@ubuntu1604:~# 3: dummy0: mtu 1500 qdisc noop state DOWN group default link/ether 5e:cb:ae:4a:69:f8 brd ff:ff:ff:ff:ff:ff 4: dummy1: mtu 1500 qdisc noop state DOWN group default link/ether 06:de:2b:94:20:78 brd ff:ff:ff:ff:ff:ff root@ubuntu1604:~# ip l s dummy1 netns foo Deleted 4: dummy1: mtu 1500 qdisc noop state DOWN group default link/ether 06:de:2b:94:20:78 brd ff:ff:ff:ff:ff:ff new-nsid 0 => only new-nsid is displayed. With an upstream kernel, you have: Deleted 5: dummy0: mtu 1500 qdisc noop state DOWN group default link/ether 72:33:30:ba:4c:eb brd ff:ff:ff:ff:ff:ff new-nsid 0 new-ifindex 5 'new-ifindex' is also displayed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1774225] [NEW] netns: unable to follow an interface that moves to another netns
Public bug reported: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1774225 Title: netns: unable to follow an interface that moves to another netns Status in linux package in Ubuntu: Incomplete Bug description: The following upstream patches are missing (v4.16): 6621dd29eb9b ("dev: advertise the new nsid when the netns iface changes") c36ac8e23073 ("dev: always advertise the new nsid when the netns iface changes") 38e01b30563a ("dev: advertise the new ifindex when the netns iface changes") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6621dd29eb9b https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c36ac8e23073 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=38e01b30563a To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1774225/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1766573] Re: linux < 4.11: unable to use netfilter logging from non-init namespaces
** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1766573 Title: linux < 4.11: unable to use netfilter logging from non-init namespaces Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: Fix Committed Bug description: Was disabled by the following patch (linux 3.10): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69b34fb996b2 netfilter: xt_LOG: add net namespace support for xt_LOG And fixed in linux 4.11: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2851940ffee3 netfilter: allow logging from non-init namespaces To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1766573/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1642510] Re: sched: clsact qdisc is missing in xenial
Still in progress? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1642510 Title: sched: clsact qdisc is missing in xenial Status in linux package in Ubuntu: Fix Released Status in linux source package in Xenial: In Progress Bug description: This is implemented in linux v4.5 by the following upstream patch: 1f211a1b929c ("net, sched: add clsact qdisc") http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f211a1b929c The backport is straightforward. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1642510/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1642514] Re: sched: Match-all classifier is missing in xenial
Any news for the iproute2 part? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1642514 Title: sched: Match-all classifier is missing in xenial Status in iproute2 package in Ubuntu: New Status in linux package in Ubuntu: Fix Released Status in iproute2 source package in Xenial: New Status in linux source package in Xenial: Fix Released Bug description: This is implemented in linux v4.8 by the following upstream patch: bf3994d2ed31 ("net/sched: introduce Match-all classifier") http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf3994d2ed31 The backport is straightforward. It's useful in combination with clsact qdisc (see bug #1642510). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1642514/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771764] Re: iproute2: unable to add ip lwt mpls route on xenial
** Package changed: linux (Ubuntu) => iproute2 (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to iproute2 in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1771764 Title: iproute2: unable to add ip lwt mpls route on xenial Status in iproute2 package in Ubuntu: Incomplete Bug description: The following command does not work: $ ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 Error: "nexthop" or end of line is expected instead of "encap" In fact, iproute2 version points to v4.3.0, but the xenial kernel is a 4.4. $ ip -V ip utility, iproute2-ss151103 => https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=6720eceff7b4 With an iproute2 v4.4.0 (iproute2-ss160111), that command works: $ modprobe mpls_iptunnel $ ./ip/ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 $ ./ip/ip r [snip] 10.201.0.0/24 encap mpls 300 via 10.200.0.1 dev ntfp2 At least, this patch is missing: 1e5293056a02 ("lwtunnel: Add encapsulation support to ip route") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1e5293056a02 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1771764/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771783] [NEW] iproute2: frr route protocols are not converted to string on xenial
Public bug reported: FRR puts its own proto numbers when inserting a route, example: $ ip route [snip] 2.2.2.0/24 via 3.3.3.2 dev eth2 proto 188 metric 20 iproute2 defines some protocols, but not all: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/etc/iproute2/rt_protos A patch has been pushed upstream so that external applications can define their protocols numbers: 719e331ff619 ("Add support for rt_protos.d") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=719e331ff619 ** Affects: iproute2 (Ubuntu) Importance: Undecided Status: New ** Package changed: linux (Ubuntu) => iproute2 (Ubuntu) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. Matching subscriptions: iproute2 https://bugs.launchpad.net/bugs/1771783 Title: iproute2: frr route protocols are not converted to string on xenial Status in iproute2 package in Ubuntu: New Bug description: FRR puts its own proto numbers when inserting a route, example: $ ip route [snip] 2.2.2.0/24 via 3.3.3.2 dev eth2 proto 188 metric 20 iproute2 defines some protocols, but not all: https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/tree/etc/iproute2/rt_protos A patch has been pushed upstream so that external applications can define their protocols numbers: 719e331ff619 ("Add support for rt_protos.d") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=719e331ff619 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iproute2/+bug/1771783/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1771764] [NEW] iproute2: unable to add ip lwt mpls route on xenial
Public bug reported: The following command does not work: $ ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 Error: "nexthop" or end of line is expected instead of "encap" In fact, iproute2 version points to v4.3.0, but the xenial kernel is a 4.4. $ ip -V ip utility, iproute2-ss151103 => https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=6720eceff7b4 With an iproute2 v4.4.0 (iproute2-ss160111), that command works: $ modprobe mpls_iptunnel $ ./ip/ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 $ ./ip/ip r [snip] 10.201.0.0/24 encap mpls 300 via 10.200.0.1 dev ntfp2 At least, this patch is missing: 1e5293056a02 ("lwtunnel: Add encapsulation support to ip route") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1e5293056a02 ** Affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1771764 Title: iproute2: unable to add ip lwt mpls route on xenial Status in linux package in Ubuntu: New Bug description: The following command does not work: $ ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 Error: "nexthop" or end of line is expected instead of "encap" In fact, iproute2 version points to v4.3.0, but the xenial kernel is a 4.4. $ ip -V ip utility, iproute2-ss151103 => https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=6720eceff7b4 With an iproute2 v4.4.0 (iproute2-ss160111), that command works: $ modprobe mpls_iptunnel $ ./ip/ip route add 10.201.0.0/24 nexthop encap mpls 300 via 10.200.0.1 dev ntfp2 $ ./ip/ip r [snip] 10.201.0.0/24 encap mpls 300 via 10.200.0.1 dev ntfp2 At least, this patch is missing: 1e5293056a02 ("lwtunnel: Add encapsulation support to ip route") https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=1e5293056a02 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1771764/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1766573] Re: linux < 4.11: unable to use netfilter logging from non-init namespaces
Test is ok on my side. Thank you for the quick fix! -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1766573 Title: linux < 4.11: unable to use netfilter logging from non-init namespaces Status in linux package in Ubuntu: Triaged Status in linux source package in Xenial: Triaged Bug description: Was disabled by the following patch (linux 3.10): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69b34fb996b2 netfilter: xt_LOG: add net namespace support for xt_LOG And fixed in linux 4.11: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2851940ffee3 netfilter: allow logging from non-init namespaces To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1766573/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1766573] [NEW] linux < 4.11: unable to use netfilter logging from non-init namespaces
Public bug reported: Was disabled by the following patch (linux 3.10): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69b34fb996b2 netfilter: xt_LOG: add net namespace support for xt_LOG And fixed in linux 4.11: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2851940ffee3 netfilter: allow logging from non-init namespaces ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1766573 Title: linux < 4.11: unable to use netfilter logging from non-init namespaces Status in linux package in Ubuntu: Incomplete Bug description: Was disabled by the following patch (linux 3.10): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=69b34fb996b2 netfilter: xt_LOG: add net namespace support for xt_LOG And fixed in linux 4.11: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2851940ffee3 netfilter: allow logging from non-init namespaces To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1766573/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1704102] Re: bonding: stack dump when unregistering a netdev
This bug was found on ubuntu 16.04. I don't reproduce the bug with your Artful kernel. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1704102 Title: bonding: stack dump when unregistering a netdev Status in linux package in Ubuntu: In Progress Status in linux source package in Artful: In Progress Bug description: Here is the reproducer: ip netns add foo ip -n foo link add dummy1 type dummy ip -n foo link add dummy2 type dummy modprobe bonding ip -n foo link add bond1 type bond ip -n foo link set dev bond1 down ip -n foo addr add 10.10.10.1/24 dev bond1 ip -n foo link set dev bond1 up ip -n foo link set dummy1 master bond1 ip -n foo link set dummy2 master bond1 ip -n foo link set bond1 mtu 1540 # Move slaves to init_net ip -n foo link set dummy1 netns 1 ip -n foo link set dummy2 netns 1 # idev are still in netns foo for dummy interfaces: ip netns exec foo ls /proc/sys/net/ipv4/conf/ ip netns exec foo ls /proc/net/dev_snmp6/ ip netns del foo dmesg The bug has been fixed upstream by this patch: f51048c3e07b ("bonding: avoid NETDEV_CHANGEMTU event when unregistering slave") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/bonding?id=f51048c3e07b To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1704102/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1704102] [NEW] bonding: stack dump when unregistering a netdev
Public bug reported: Here is the reproducer: ip netns add foo ip -n foo link add dummy1 type dummy ip -n foo link add dummy2 type dummy modprobe bonding ip -n foo link add bond1 type bond ip -n foo link set dev bond1 down ip -n foo addr add 10.10.10.1/24 dev bond1 ip -n foo link set dev bond1 up ip -n foo link set dummy1 master bond1 ip -n foo link set dummy2 master bond1 ip -n foo link set bond1 mtu 1540 # Move slaves to init_net ip -n foo link set dummy1 netns 1 ip -n foo link set dummy2 netns 1 # idev are still in netns foo for dummy interfaces: ip netns exec foo ls /proc/sys/net/ipv4/conf/ ip netns exec foo ls /proc/net/dev_snmp6/ ip netns del foo dmesg The bug has been fixed upstream by this patch: f51048c3e07b ("bonding: avoid NETDEV_CHANGEMTU event when unregistering slave") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/bonding?id=f51048c3e07b ** Affects: linux (Ubuntu) Importance: Undecided Status: Incomplete -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1704102 Title: bonding: stack dump when unregistering a netdev Status in linux package in Ubuntu: Incomplete Bug description: Here is the reproducer: ip netns add foo ip -n foo link add dummy1 type dummy ip -n foo link add dummy2 type dummy modprobe bonding ip -n foo link add bond1 type bond ip -n foo link set dev bond1 down ip -n foo addr add 10.10.10.1/24 dev bond1 ip -n foo link set dev bond1 up ip -n foo link set dummy1 master bond1 ip -n foo link set dummy2 master bond1 ip -n foo link set bond1 mtu 1540 # Move slaves to init_net ip -n foo link set dummy1 netns 1 ip -n foo link set dummy2 netns 1 # idev are still in netns foo for dummy interfaces: ip netns exec foo ls /proc/sys/net/ipv4/conf/ ip netns exec foo ls /proc/net/dev_snmp6/ ip netns del foo dmesg The bug has been fixed upstream by this patch: f51048c3e07b ("bonding: avoid NETDEV_CHANGEMTU event when unregistering slave") https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/net/bonding?id=f51048c3e07b To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1704102/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1690094] Re: linux <3.18: netlink notification is missing when an interface is modified
What is the plan? Those patches will be applied again when bug #1703401 will be fixed? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1690094 Title: linux <3.18: netlink notification is missing when an interface is modified Status in linux package in Ubuntu: In Progress Status in linux source package in Trusty: In Progress Bug description: The following upstream patches are missing: ba9989069f4e rtnl/do_setlink(): notify when a netdev is modified 90c325e3bfe1 rtnl/do_setlink(): last arg is now a set of flags 1889b0e7efe8 rtnl/do_setlink(): set modified when IFLA_LINKMODE is updated 5d1180fcacc5 rtnl/do_setlink(): set modified when IFLA_TXQLEN is updated https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ba9989069f4e https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=90c325e3bfe1 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1889b0e7efe8 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d1180fcacc5 There is several ways to reproduce the problem. Here is an example: ip monitor link& ip link set eth1 txqueuelen 18 => no notification To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1690094/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1697892] Re: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
Thibaut confirms that the bug is resolved for 100G (xenial). -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1697892 Title: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: In Progress Status in linux source package in Artful: In Progress Bug description: These upstream patches are needed to correctly handle 5G, 25G and 50G speeds in 802.3ad: 19ddde1eeca1 bonding: add 802.3ad support for 25G speeds https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19ddde1eeca1e c7c550670afd bonding: fix 802.3ad support for 5G and 50G speeds https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=c7c550670af To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1697892/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1697892] Re: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
Thibaut will test the xenial kernel next week. Is it ok? -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1697892 Title: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: In Progress Status in linux source package in Artful: In Progress Bug description: These upstream patches are needed to correctly handle 5G, 25G and 50G speeds in 802.3ad: 19ddde1eeca1 bonding: add 802.3ad support for 25G speeds https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19ddde1eeca1e c7c550670afd bonding: fix 802.3ad support for 5G and 50G speeds https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=c7c550670af To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1697892/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1697892] Re: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds
And you said, you had already backport it :D -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1697892 Title: linux >= 4.2: bonding 802.3ad does not work with 5G, 25G and 50G link speeds Status in linux package in Ubuntu: In Progress Status in linux source package in Xenial: In Progress Status in linux source package in Yakkety: In Progress Status in linux source package in Zesty: In Progress Status in linux source package in Artful: In Progress Bug description: These upstream patches are needed to correctly handle 5G, 25G and 50G speeds in 802.3ad: 19ddde1eeca1 bonding: add 802.3ad support for 25G speeds https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19ddde1eeca1e c7c550670afd bonding: fix 802.3ad support for 5G and 50G speeds https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=c7c550670af To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1697892/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp