[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
This bug was fixed in the package linux-kvm - 5.4.0-1020.20 --- linux-kvm (5.4.0-1020.20) focal; urgency=medium * focal/linux-kvm: 5.4.0-1020.20 -proposed tracker (LP: #1887063) [ Ubuntu: 5.4.0-42.46 ] * focal/linux: 5.4.0-42.46 -proposed tracker (LP: #1887069) * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668) - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups" linux-kvm (5.4.0-1019.19) focal; urgency=medium * focal/linux-kvm: 5.4.0-1019.19 -proposed tracker (LP: #1885848) [ Ubuntu: 5.4.0-41.45 ] * focal/linux: 5.4.0-41.45 -proposed tracker (LP: #1885855) * Packaging resync (LP: #1786013) - update dkms package versions * CVE-2019-19642 - kernel/relay.c: handle alloc_percpu returning NULL in relay_open * CVE-2019-16089 - SAUCE: nbd_genl_status: null check for nla_nest_start * CVE-2020-11935 - aufs: do not call i_readcount_inc() * ip_defrag.sh in net from ubuntu_kernel_selftests failed with 5.0 / 5.3 / 5.4 kernel (LP: #1826848) - selftests: net: ip_defrag: ignore EPERM * Update lockdown patches (LP: #1884159) - SAUCE: acpi: disallow loading configfs acpi tables when locked down * seccomp_bpf fails on powerpc (LP: #1885757) - SAUCE: selftests/seccomp: fix ptrace tests on powerpc * Introduce the new NVIDIA 418-server and 440-server series, and update the current NVIDIA drivers (LP: #1881137) - [packaging] add signed modules for the 418-server and the 440-server flavours [ Ubuntu: 5.4.0-40.44 ] * linux-oem-5.6-tools-common and -tools-host should be dropped (LP: #1881120) - [Packaging] Add Conflicts/Replaces to remove linux-oem-5.6-tools-common and -tools-host * Packaging resync (LP: #1786013) - [Packaging] update helper scripts * Slow send speed with Intel I219-V on Ubuntu 18.04.1 (LP: #1802691) - e1000e: Disable TSO for buffer overrun workaround * CVE-2020-0543 - UBUNTU/SAUCE: x86/speculation/srbds: do not try to turn mitigation off when not supported * Realtek 8723DE [10ec:d723] subsystem [10ec:d738] disconnects unsolicitedly when Bluetooth is paired: Reason: 23=IEEE8021X_FAILED (LP: #1878147) - SAUCE: Revert "UBUNTU: SAUCE: rtw88: Move driver IQK to set channel before association for 11N chip" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: fix rate for a while after being connected" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: No retry and report for auth and assoc" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: 8723d: Add coex support" - rtw88: add a debugfs entry to dump coex's info - rtw88: add a debugfs entry to enable/disable coex mechanism - rtw88: 8723d: Add coex support - SAUCE: rtw88: coex: 8723d: set antanna control owner - SAUCE: rtw88: coex: 8723d: handle BT inquiry cases - SAUCE: rtw88: fix EAPOL 4-way failure by finish IQK earlier * CPU stress test fails with focal kernel (LP: #1867900) - [Config] Disable hisi_sec2 temporarily * Enforce all config annotations (LP: #1879327) - [Config]: do not enforce CONFIG_VERSION_SIGNATURE - [Config]: prepare to enforce all - [Config]: enforce all config options * Focal update: v5.4.44 upstream stable release (LP: #1881927) - ax25: fix setsockopt(SO_BINDTODEVICE) - dpaa_eth: fix usage as DSA master, try 3 - net: don't return invalid table id error when we fall back to PF_UNSPEC - net: dsa: mt7530: fix roaming from DSA user ports - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: mvpp2: fix RX hashing for non-10G ports - net: nlmsg_cancel() if put fails for nhmsg - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - net/tls: fix race condition causing kernel panic - nexthop: Fix attribute checking for groups - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - tipc: block BH before using dst_cache - net/mlx5e: kTLS, Destroy key object after destroying the TIS - net/mlx5e: Fix inner tirs handling - net/mlx5: Fix memory leak in mlx5_events_init - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Fix error flow in case of function_setup failure - net/mlx5: Annotate mutex destroy for root ns - net/tls: fix encryption error checking - net/tls: free record only on encryption error - net: sun: fix missing release
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
This bug was fixed in the package linux-kvm - 5.3.0-1026.28
---
linux-kvm (5.3.0-1026.28) eoan; urgency=medium
* eoan/linux-kvm: 5.3.0-1026.28 -proposed tracker (LP: #1887084)
[ Ubuntu: 5.3.0-64.58 ]
* eoan/linux: 5.3.0-64.58 -proposed tracker (LP: #1887088)
* linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668)
- SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups"
linux-kvm (5.3.0-1025.27) eoan; urgency=medium
* eoan/linux-kvm: 5.3.0-1025.27 -proposed tracker (LP: #1885490)
* LXD 4.2 broken on linux-kvm due to missing VLAN filtering (LP: #1882955)
- [Config] VLAN_8021Q=m && BRIDGE_VLAN_FILTERING=y
[ Ubuntu: 5.3.0-63.57 ]
* eoan/linux: 5.3.0-63.57 -proposed tracker (LP: #1885495)
* seccomp_bpf fails on powerpc (LP: #1885757)
- SAUCE: selftests/seccomp: fix ptrace tests on powerpc
* The thread level parallelism would be a bottleneck when searching for the
shared pmd by using hugetlbfs (LP: #1882039)
- hugetlbfs: take read_lock on i_mmap for PMD sharing
* Eoan update: upstream stable patchset 2020-06-30 (LP: #1885775)
- ipv6: fix IPV6_ADDRFORM operation logic
- net_failover: fixed rollback in net_failover_open()
- bridge: Avoid infinite loop when suppressing NS messages with invalid
options
- vxlan: Avoid infinite loop when suppressing NS messages with invalid
options
- tun: correct header offsets in napi frags mode
- Input: mms114 - fix handling of mms345l
- ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook
- sched/fair: Don't NUMA balance for kthreads
- Input: synaptics - add a second working PNP_ID for Lenovo T470s
- drivers/net/ibmvnic: Update VNIC protocol version reporting
- powerpc/xive: Clear the page tables for the ESB IO mapping
- ath9k_htc: Silence undersized packet warnings
- RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated
- x86/cpu/amd: Make erratum #1054 a legacy erratum
- perf probe: Accept the instance number of kretprobe event
- mm: add kvfree_sensitive() for freeing sensitive data objects
- aio: fix async fsync creds
- x86_64: Fix jiffies ODR violation
- x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs
- x86/speculation: Prevent rogue cross-process SSBD shutdown
- x86/reboot/quirks: Add MacBook6,1 reboot quirk
- efi/efivars: Add missing kobject_put() in sysfs entry creation error path
- ALSA: es1688: Add the missed snd_card_free()
- ALSA: hda/realtek - add a pintbl quirk for several Lenovo machines
- ALSA: usb-audio: Fix inconsistent card PM state after resume
- ALSA: usb-audio: Add vendor, product and profile name for HP Thunderbolt
Dock
- ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile()
- ACPI: CPPC: Fix reference count leak in acpi_cppc_processor_probe()
- ACPI: GED: add support for _Exx / _Lxx handler methods
- ACPI: PM: Avoid using power resources if there are none for D0
- nilfs2: fix null pointer dereference at nilfs_segctor_do_construct()
- spi: dw: Fix controller unregister order
- spi: bcm2835aux: Fix controller unregister order
- spi: bcm-qspi: when tx/rx buffer is NULL set to 0
- PM: runtime: clk: Fix clk_pm_runtime_get() error path
- crypto: cavium/nitrox - Fix 'nitrox_get_first_device()' when ndevlist is
fully iterated
- ALSA: pcm: disallow linking stream to itself
- x86/{mce,mm}: Unmap the entire page if the whole page is affected and
poisoned
- KVM: x86: Fix APIC page invalidation race
- KVM: x86/mmu: Consolidate "is MMIO SPTE" code
- KVM: x86: only do L1TF workaround on affected processors
- x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced
IBRS.
- x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches.
- spi: Fix controller unregister order
- spi: pxa2xx: Fix controller unregister order
- spi: bcm2835: Fix controller unregister order
- spi: pxa2xx: Fix runtime PM ref imbalance on probe error
- crypto: virtio: Fix use-after-free in
virtio_crypto_skcipher_finalize_req()
- crypto: virtio: Fix src/dst scatterlist calculation in
__virtio_crypto_skcipher_do_req()
- crypto: virtio: Fix dest length calculation in
__virtio_crypto_skcipher_do_req()
- selftests/net: in rxtimestamp getopt_long needs terminating null entry
- ovl: initialize error in ovl_copy_xattr
- proc: Use new_inode not new_inode_pseudo
- video: fbdev: w100fb: Fix a potential double free.
- KVM: nSVM: fix condition for filtering async PF
- KVM: nSVM: leave ASID aside in copy_vmcb_control_area
- KVM: nVMX: Consult only the "basic" exit reason when routing nested exit
- KVM: MIPS: Define KVM_ENTRYHI_ASID to cpu_asid_mask(_cpu_data)
- KVM: MIPS: Fix VPN2_MASK definition for variable cpu_vmbits
- KVM: arm64: Make vcpu_cp1x() work on Big
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
This bug was fixed in the package linux-kvm - 4.4.0-1077.84 --- linux-kvm (4.4.0-1077.84) xenial; urgency=medium * xenial/linux-kvm: 4.4.0-1077.84 -proposed tracker (LP: #1885506) * LXD 4.2 broken on linux-kvm due to missing VLAN filtering (LP: #1882955) - [Config] VLAN_8021Q=m && BRIDGE_VLAN_FILTERING=y [ Ubuntu: 4.4.0-186.216 ] * xenial/linux: 4.4.0-186.216 -proposed tracker (LP: #1885514) * Xenial update: v4.4.228 upstream stable release (LP: #1884564) - ipv6: fix IPV6_ADDRFORM operation logic - vxlan: Avoid infinite loop when suppressing NS messages with invalid options - scsi: return correct blkprep status code in case scsi_init_io() fails. - net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well. - pwm: fsl-ftm: Use flat regmap cache - ARM: 8977/1: ptrace: Fix mask for thumb breakpoint hook - sched/fair: Don't NUMA balance for kthreads - ath9k_htc: Silence undersized packet warnings - x86_64: Fix jiffies ODR violation - x86/speculation: Prevent rogue cross-process SSBD shutdown - x86/reboot/quirks: Add MacBook6,1 reboot quirk - efi/efivars: Add missing kobject_put() in sysfs entry creation error path - ALSA: es1688: Add the missed snd_card_free() - ALSA: usb-audio: Fix inconsistent card PM state after resume - ACPI: sysfs: Fix reference count leak in acpi_sysfs_add_hotplug_profile() - ACPI: PM: Avoid using power resources if there are none for D0 - cgroup, blkcg: Prepare some symbols for module and !CONFIG_CGROUP usages - nilfs2: fix null pointer dereference at nilfs_segctor_do_construct() - spi: bcm2835aux: Fix controller unregister order - ALSA: pcm: disallow linking stream to itself - x86/speculation: Change misspelled STIPB to STIBP - x86/speculation: Add support for STIBP always-on preferred mode - x86/speculation: Avoid force-disabling IBPB based on STIBP and enhanced IBRS. - x86/speculation: PR_SPEC_FORCE_DISABLE enforcement for indirect branches. - spi: dw: fix possible race condition - spi: dw: Fix controller unregister order - spi: No need to assign dummy value in spi_unregister_controller() - spi: Fix controller unregister order - spi: pxa2xx: Fix controller unregister order - spi: bcm2835: Fix controller unregister order - ovl: initialize error in ovl_copy_xattr - proc: Use new_inode not new_inode_pseudo - video: fbdev: w100fb: Fix a potential double free. - KVM: nSVM: leave ASID aside in copy_vmcb_control_area - KVM: nVMX: Consult only the "basic" exit reason when routing nested exit - KVM: arm64: Make vcpu_cp1x() work on Big Endian hosts - ath9k: Fix use-after-free Read in ath9k_wmi_ctrl_rx - ath9k: Fix use-after-free Write in ath9k_htc_rx_msg - ath9x: Fix stack-out-of-bounds Write in ath9k_hif_usb_rx_cb - ath9k: Fix general protection fault in ath9k_hif_usb_rx_cb - Smack: slab-out-of-bounds in vsscanf - mm/slub: fix a memory leak in sysfs_slab_add() - fat: don't allow to mount if the FAT length == 0 - can: kvaser_usb: kvaser_usb_leaf: Fix some info-leaks to USB devices - spi: dw: Zero DMA Tx and Rx configurations on stack - Bluetooth: Add SCO fallback for invalid LMP parameters error - kgdb: Prevent infinite recursive entries to the debugger - spi: dw: Enable interrupts in accordance with DMA xfer mode - clocksource: dw_apb_timer_of: Fix missing clockevent timers - btrfs: do not ignore error from btrfs_next_leaf() when inserting checksums - ARM: 8978/1: mm: make act_mm() respect THREAD_SIZE - net: vmxnet3: fix possible buffer overflow caused by bad DMA value in vmxnet3_get_rss() - staging: android: ion: use vmap instead of vm_map_ram - e1000: Distribute switch variables for initialization - media: dvb: return -EREMOTEIO on i2c transfer failure. - MIPS: Make sparse_init() using top-down allocation - netfilter: nft_nat: return EOPNOTSUPP if type or flags are not supported - lib/mpi: Fix 64-bit MIPS build with Clang - net: lpc-enet: fix error return code in lpc_mii_init() - net: allwinner: Fix use correct return type for ndo_start_xmit() - powerpc/spufs: fix copy_to_user while atomic - mips: cm: Fix an invalid error code of INTVN_*_ERR - kgdb: Fix spurious true from in_dbg_master() - md: don't flush workqueue unconditionally in md_open - mwifiex: Fix memory corruption in dump_station - mips: Add udelay lpj numbers adjustment - x86/mm: Stop printing BRK addresses - m68k: mac: Don't call via_flush_cache() on Mac IIfx - macvlan: Skip loopback packets in RX handler - PCI: Don't disable decoding when mmio_always_on is set - MIPS: Fix IRQ tracing when call handle_fpe() and handle_msa_fpe() - ixgbe: fix signed-integer-overflow warning - spi: dw: Return any value retrieved from the dma_transfer callback - cpuidle: Fix three reference count leaks
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
This bug was fixed in the package linux-kvm - 4.15.0-1071.72 --- linux-kvm (4.15.0-1071.72) bionic; urgency=medium * bionic/linux-kvm: 4.15.0-1071.72 -proposed tracker (LP: #1887041) [ Ubuntu: 4.15.0-112.113 ] * bionic/linux: 4.15.0-112.113 -proposed tracker (LP: #1887048) * Packaging resync (LP: #1786013) - update dkms package versions * CVE-2020-11935 - SAUCE: aufs: do not call i_readcount_inc() - SAUCE: aufs: bugfix, IMA i_readcount * CVE-2020-10757 - mm: Fix mremap not considering huge pmd devmap * Update lockdown patches (LP: #1884159) - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN - efi: Restrict efivar_ssdt_load when the kernel is locked down - powerpc/xmon: add read-only mode - powerpc/xmon: Restrict when kernel is locked down - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y - SAUCE: acpi: disallow loading configfs acpi tables when locked down * seccomp_bpf fails on powerpc (LP: #1885757) - SAUCE: selftests/seccomp: fix ptrace tests on powerpc * Introduce the new NVIDIA 418-server and 440-server series, and update the current NVIDIA drivers (LP: #1881137) - [packaging] add signed modules for the 418-server and the 440-server flavours [ Ubuntu: 4.15.0-111.112 ] * bionic/linux: 4.15.0-111.112 -proposed tracker (LP: #1886999) * Bionic update: upstream stable patchset 2020-05-07 (LP: #1877461) - SAUCE: mlxsw: Add missmerged ERR_PTR hunk * linux 4.15.0-109-generic network DoS regression vs -108 (LP: #1886668) - SAUCE: Revert "netprio_cgroup: Fix unlimited memory leak of v2 cgroups" linux-kvm (4.15.0-1070.71) bionic; urgency=medium * bionic/linux-kvm: 4.15.0-1070.71 -proposed tracker (LP: #1885807) * Build and ship a signed wireguard.ko (LP: #1861284) - [Config] kvm: wireguard -- enable on all architectures * LXD 4.2 broken on linux-kvm due to missing VLAN filtering (LP: #1882955) - [Config] VLAN_8021Q=m && BRIDGE_VLAN_FILTERING=y [ Ubuntu: 4.15.0-110.111 ] * bionic/linux: 4.15.0-110.111 -proposed tracker (LP: #1885814) * Packaging resync (LP: #1786013) - update dkms package versions * CVE-2020-11935 - SAUCE: aufs: do not call i_readcount_inc() - SAUCE: aufs: bugfix, IMA i_readcount * CVE-2020-10757 - mm: Fix mremap not considering huge pmd devmap * Update lockdown patches (LP: #1884159) - efi/efi_test: Lock down /dev/efi_test and require CAP_SYS_ADMIN - efi: Restrict efivar_ssdt_load when the kernel is locked down - powerpc/xmon: add read-only mode - powerpc/xmon: Restrict when kernel is locked down - [Config] CONFIG_XMON_DEFAULT_RO_MODE=y - SAUCE: acpi: disallow loading configfs acpi tables when locked down * seccomp_bpf fails on powerpc (LP: #1885757) - SAUCE: selftests/seccomp: fix ptrace tests on powerpc * Introduce the new NVIDIA 418-server and 440-server series, and update the current NVIDIA drivers (LP: #1881137) - [packaging] add signed modules for the 418-server and the 440-server flavours -- Khalid Elmously Thu, 09 Jul 2020 22:13:34 -0400 ** Changed in: linux-kvm (Ubuntu Bionic) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-10757 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-11935 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Invalid Status in linux-kvm source package in Xenial: Fix Released Status in linux-kvm source package in Bionic: Fix Released Status in linux-kvm source package in Eoan: Fix Committed Status in linux-kvm source package in Focal: Fix Released Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
This bug was fixed in the package linux-kvm - 5.4.0-1018.18 --- linux-kvm (5.4.0-1018.18) focal; urgency=medium * focal/linux-kvm: 5.4.0-1018.18 -proposed tracker (LP: #1885099) * LXD 4.2 broken on linux-kvm due to missing VLAN filtering (LP: #1882955) - [Config] kvm: VLAN_8021Q=m && BRIDGE_VLAN_FILTERING=y * Make linux-kvm bootable in LXD VMs (LP: #1873809) - [Config] kvm: Match ramdisk config with master - [Config] kvm: Build-in EFI framebuffer linux-kvm (5.4.0-1017.17) focal; urgency=medium * focal/linux-kvm: 5.4.0-1017.17 -proposed tracker (LP: #1883517) * Make linux-kvm bootable in LXD VMs (LP: #1873809) - [Packaging] Start to sign the KVM kernel linux-kvm (5.4.0-1016.16) focal; urgency=medium * focal/linux-kvm: 5.4.0-1016.16 -proposed tracker (LP: #1882691) * Focal update: v5.4.42 upstream stable release (LP: #1879759) - [Config] kvm: Record CC_HAS_WARN_MAYBE_UNINITIALIZED drop * Packaging resync (LP: #1786013) - [Packaging] update helper scripts [ Ubuntu: 5.4.0-38.42 ] * CVE-2020-0543 - UBUNTU/SAUCE: x86/speculation/srbds: do not try to turn mitigation off when not supported * Realtek 8723DE [10ec:d723] subsystem [10ec:d738] disconnects unsolicitedly when Bluetooth is paired: Reason: 23=IEEE8021X_FAILED (LP: #1878147) - SAUCE: Revert "UBUNTU: SAUCE: rtw88: Move driver IQK to set channel before association for 11N chip" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: fix rate for a while after being connected" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: No retry and report for auth and assoc" - SAUCE: Revert "UBUNTU: SAUCE: rtw88: 8723d: Add coex support" - rtw88: add a debugfs entry to dump coex's info - rtw88: add a debugfs entry to enable/disable coex mechanism - rtw88: 8723d: Add coex support - SAUCE: rtw88: coex: 8723d: set antanna control owner - SAUCE: rtw88: coex: 8723d: handle BT inquiry cases - SAUCE: rtw88: fix EAPOL 4-way failure by finish IQK earlier * CPU stress test fails with focal kernel (LP: #1867900) - [Config] Disable hisi_sec2 temporarily * Enforce all config annotations (LP: #1879327) - [Config]: do not enforce CONFIG_VERSION_SIGNATURE - [Config]: prepare to enforce all - [Config]: enforce all config options * Focal update: v5.4.44 upstream stable release (LP: #1881927) - ax25: fix setsockopt(SO_BINDTODEVICE) - dpaa_eth: fix usage as DSA master, try 3 - net: don't return invalid table id error when we fall back to PF_UNSPEC - net: dsa: mt7530: fix roaming from DSA user ports - net: ethernet: ti: cpsw: fix ASSERT_RTNL() warning during suspend - __netif_receive_skb_core: pass skb by reference - net: inet_csk: Fix so_reuseport bind-address cache in tb->fast* - net: ipip: fix wrong address family in init error path - net/mlx5: Add command entry handling completion - net: mvpp2: fix RX hashing for non-10G ports - net: nlmsg_cancel() if put fails for nhmsg - net: qrtr: Fix passing invalid reference to qrtr_local_enqueue() - net: revert "net: get rid of an signed integer overflow in ip_idents_reserve()" - net sched: fix reporting the first-time use timestamp - net/tls: fix race condition causing kernel panic - nexthop: Fix attribute checking for groups - r8152: support additional Microsoft Surface Ethernet Adapter variant - sctp: Don't add the shutdown timer if its already been added - sctp: Start shutdown on association restart if in SHUTDOWN-SENT state and socket is closed - tipc: block BH before using dst_cache - net/mlx5e: kTLS, Destroy key object after destroying the TIS - net/mlx5e: Fix inner tirs handling - net/mlx5: Fix memory leak in mlx5_events_init - net/mlx5e: Update netdev txq on completions during closure - net/mlx5: Fix error flow in case of function_setup failure - net/mlx5: Annotate mutex destroy for root ns - net/tls: fix encryption error checking - net/tls: free record only on encryption error - net: sun: fix missing release regions in cas_init_one(). - net/mlx4_core: fix a memory leak bug. - mlxsw: spectrum: Fix use-after-free of split/unsplit/type_set in case reload fails - ARM: dts: rockchip: fix phy nodename for rk3228-evb - ARM: dts: rockchip: fix phy nodename for rk3229-xms6 - arm64: dts: rockchip: fix status for in rk3328-evb.dts - arm64: dts: rockchip: swap interrupts interrupt-names rk3399 gpu node - ARM: dts: rockchip: swap clock-names of gpu nodes - ARM: dts: rockchip: fix pinctrl sub nodename for spi in rk322x.dtsi - gpio: tegra: mask GPIO IRQs during IRQ shutdown - ALSA: usb-audio: add mapping for ASRock TRX40 Creator - net: microchip: encx24j600: add missed kthread_stop - gfs2: move privileged user check to gfs2_quota_lock_check - gfs2: Grab glock reference sooner in gfs2_add_revoke - drm/amdgpu: drop unnecessary
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Changed in: linux-kvm (Ubuntu Eoan) Status: Triaged => Fix Committed ** Changed in: linux-kvm (Ubuntu Bionic) Status: Triaged => Fix Committed ** Changed in: linux-kvm (Ubuntu Xenial) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Invalid Status in linux-kvm source package in Xenial: Fix Committed Status in linux-kvm source package in Bionic: Fix Committed Status in linux-kvm source package in Eoan: Fix Committed Status in linux-kvm source package in Focal: Fix Committed Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Changed in: linux-kvm (Ubuntu Focal) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Invalid Status in linux-kvm source package in Xenial: Triaged Status in linux-kvm source package in Bionic: Triaged Status in linux-kvm source package in Eoan: Triaged Status in linux-kvm source package in Focal: Fix Committed Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Also affects: linux-kvm (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: linux-kvm (Ubuntu Eoan) Importance: Undecided Status: New ** Changed in: linux-kvm (Ubuntu Focal) Importance: Undecided => Low ** Changed in: linux-kvm (Ubuntu Focal) Status: New => In Progress ** Changed in: linux-kvm (Ubuntu Focal) Importance: Low => Medium ** Changed in: linux-kvm (Ubuntu Eoan) Importance: Undecided => Medium ** Changed in: linux-kvm (Ubuntu Eoan) Status: New => Triaged ** Changed in: linux-kvm (Ubuntu Bionic) Status: New => Triaged ** Changed in: linux-kvm (Ubuntu Xenial) Status: New => Triaged ** Changed in: linux-kvm (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: linux-kvm (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: linux-kvm (Ubuntu) Status: Triaged => Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Invalid Status in linux-kvm source package in Xenial: Triaged Status in linux-kvm source package in Bionic: Triaged Status in linux-kvm source package in Eoan: Triaged Status in linux-kvm source package in Focal: In Progress Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Tags added: patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Triaged Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Description changed: - This is another case of linux-kvm having unexplained differences - compared to linux-generic in areas that aren't related to hardware - drivers (see other bug we filed for missing nft). + [Description] + + Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies + VLAN_8021Q*) were in a different state in Focal/kvm compared to + Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this + discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning + the config with Focal/generic + + [Fix] + + Apply the attached config patch + + [Regression potential] + + Low, just some config changes already present in generic. + + --- + This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. ** Patch added: "0001-UBUNTU-Config-VLAN_8021Q-m-BRIDGE_VLAN_FILTERING-y.patch" https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+attachment/5386465/+files/0001-UBUNTU-Config-VLAN_8021Q-m-BRIDGE_VLAN_FILTERING-y.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Triaged Bug description: [Description] Some VLAN options (BRIDGE_VLAN_FILTERING, and its dependencies VLAN_8021Q*) were in a different state in Focal/kvm compared to Focal/generic: LXD now depends on BRIDGE_VLAN_FILTERING and due to this discrepancy it fails to work on the Focal/kvm kernel: fix it by aligning the config with Focal/generic [Fix] Apply the attached config patch [Regression potential] Low, just some config changes already present in generic. --- This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
CPC are seeing this issue in _all_ minimal cloud images testing with LXD snap version 4.2 or greater. This blocks promotion of all minimal cloud download images and blocks build and publication of both daily and release cloud images. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Triaged Bug description: This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1882955] Re: LXD 4.2 broken on linux-kvm due to missing VLAN filtering
** Tags added: id-5ee11405ec50180f6deea614 -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux-kvm in Ubuntu. https://bugs.launchpad.net/bugs/1882955 Title: LXD 4.2 broken on linux-kvm due to missing VLAN filtering Status in linux-kvm package in Ubuntu: Triaged Bug description: This is another case of linux-kvm having unexplained differences compared to linux-generic in areas that aren't related to hardware drivers (see other bug we filed for missing nft). This time, CPC is reporting that LXD no longer works on linux-kvm as we now set vlan filtering on our bridges to prevent containers from escaping firewalling through custom vlan tags. This relies on CONFIG_BRIDGE_VLAN_FILTERING which is a built-in on the generic kernel but is apparently missing on linux-kvm (I don't have any system running that kernel to confirm its config, but the behavior certainly matches that). We need this fixed in focal and groovy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-kvm/+bug/1882955/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
