This bug was fixed in the package linux - 4.10.0-15.17
---------------
linux (4.10.0-15.17) zesty; urgency=low
[ Tim Gardner ]
* Release Tracking Bug
- LP: #1675868
* In ZZ-BML (POWER9):ubuntu17.04 installation Fails (LP: #1675771)
- powerpc/64s: fix handling of non-synchronous machine checks
- powerpc/64s: allow machine check handler to set severity and initiator
- powerpc/64s: POWER9 machine check handler
* [Feature] R3 mwait support for Knights Mill (LP: #1637550)
- x86/cpufeature: Enable RING3MWAIT for Knights Landing
- x86/cpufeature: Enable RING3MWAIT for Knights Mill
- x86/msr: Add MSR_MISC_FEATURE_ENABLES and RING3MWAIT bit
- x86/elf: Add HWCAP2 to expose ring 3 MONITOR/MWAIT
- x86/cpufeature: Add RING3MWAIT to CPU features
* [Feature] GLK:New device IDs (LP: #1645951)
- mfd: intel-lpss: Add Intel Gemini Lake PCI IDs
- pwm: lpss: Add Intel Gemini Lake PCI ID
- i2c: i801: Add support for Intel Gemini Lake
- spi: pxa2xx: Add support for Intel Gemini Lake
- [Config] CONFIG_PINCTRL_GEMINILAKE=m
- pinctrl: intel: Add Intel Gemini Lake pin controller support
* Zesty update to v4.10.5 stable release (LP: #1675032)
- net/mlx5e: Register/unregister vport representors on interface
attach/detach
- net/mlx5e: Do not reduce LRO WQE size when not using build_skb
- net/mlx5e: Fix broken CQE compression initialization
- net/mlx5e: Update MPWQE stride size when modifying CQE compress state
- net/mlx5e: Fix wrong CQE decompression
- vxlan: correctly validate VXLAN ID against VXLAN_N_VID
- vti6: return GRE_KEY for vti6
- vxlan: don't allow overwrite of config src addr
- ipv4: add missing initialization for flowi4_uid
- ipv4: mask tos for input route
- sctp: set sin_port for addr param when checking duplicate address
- net sched actions: decrement module reference count after table flush.
- l2tp: avoid use-after-free caused by l2tp_ip_backlog_recv
- vxlan: lock RCU on TX path
- geneve: lock RCU on TX path
- mlxsw: spectrum_router: Avoid potential packets loss
- net: bridge: allow IPv6 when multicast flood is disabled
- net: don't call strlen() on the user buffer in packet_bind_spkt()
- net: net_enable_timestamp() can be called from irq contexts
- ipv6: orphan skbs in reassembly unit
- dccp: Unlock sock before calling sk_free()
- amd-xgbe: Stop the PHY before releasing interrupts
- amd-xgbe: Be sure to set MDIO modes on device (re)start
- amd-xgbe: Don't overwrite SFP PHY mod_absent settings
- bonding: use ETH_MAX_MTU as max mtu
- strparser: destroy workqueue on module exit
- tcp: fix various issues for sockets morphing to listen state
- net: fix socket refcounting in skb_complete_wifi_ack()
- net: fix socket refcounting in skb_complete_tx_timestamp()
- net/sched: act_skbmod: remove unneeded rcu_read_unlock in tcf_skbmod_dump
- dccp: fix use-after-free in dccp_feat_activate_values
- team: use ETH_MAX_MTU as max mtu
- vrf: Fix use-after-free in vrf_xmit
- net/tunnel: set inner protocol in network gro hooks
- uapi: fix linux/packet_diag.h userspace compilation error
- amd-xgbe: Enable IRQs only if napi_complete_done() is true
- act_connmark: avoid crashing on malformed nlattrs with null parms
- mpls: Send route delete notifications when router module is unloaded
- mpls: Do not decrement alive counter for unregister events
- ipv6: make ECMP route replacement less greedy
- ipv6: avoid write to a possibly cloned skb
- net: use net->count to check whether a netns is alive or not
- dccp/tcp: fix routing redirect race
- tun: fix premature POLLOUT notification on tun devices
- dccp: fix memory leak during tear-down of unsuccessful connection request
- arm64: KVM: VHE: Clear HCR_TGE when invalidating guest TLBs
- drm/i915/lspcon: Enable AUX interrupts for resume time initialization
- drm/i915/gen9+: Enable hotplug detection early
- drm/i915/lspcon: Fix resume time initialization due to unasserted HPD
- x86/unwind: Fix last frame check for aligned function stacks
- x86/tsc: Fix ART for TSC_KNOWN_FREQ
- x86/kasan: Fix boot with KASAN=y and PROFILE_ANNOTATED_BRANCHES=y
- x86/intel_rdt: Put group node in rdtgroup_kn_unlock
- x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
- futex: Fix potential use-after-free in FUTEX_REQUEUE_PI
- futex: Add missing error handling to FUTEX_REQUEUE_PI
- locking/rwsem: Fix down_write_killable() for
CONFIG_RWSEM_GENERIC_SPINLOCK=y
- crypto: powerpc - Fix initialisation of crc32c context
- crypto: s5p-sss - Fix spinlock recursion on LRW(AES)
- Linux 4.10.5
* Ubuntu server enables screenblanking, concealing crashdumps (DPMS is not
used) (LP: #869017)
- SAUCE: Disable default console blanking interval
* CVE-CVE-2017-5986
- sctp: deny peeloff operation on asocs with threads sleeping on it
* tty: acpi/spcr: QDF2400 E44 checks for wrong OEM revision (LP: #1674466)
- tty: acpi/spcr: QDF2400 E44 checks for wrong OEM revision
* Ubuntu 17.04: machine crashes with Oops in dccp_v4_ctl_send_reset while
running stress-ng. (LP: #1654073)
- tcp/dccp: block BH for SYN processing
* POWER9: Additional patches for TTY and CPU_IDLE (LP: #1674325)
- tty: Fix ldisc crash on reopened tty
- SAUCE: powerpc/powernv/cpuidle: Pass correct drv->cpumask for registration
* Fix MODULE_FIRMWARE for intel 6030 wireless (LP: #1674334)
- iwlwifi: fix MODULE_FIRMWARE for 6030
* [zesty] net sched actions - Adding support for user cookies (LP: #1674087)
- net sched actions: Add support for user cookies
- net sched actions: do not overwrite status of action creation.
* Zesty update to v4.10.4 stable release (LP: #1674288)
- iio: 104-quad-8: Fix off-by-one error when addressing flag register
- ARM: qcom_defconfig: Enable RPM/RPM-SMD clocks
- USB: serial: digi_acceleport: fix OOB data sanity check
- USB: serial: digi_acceleport: fix OOB-event processing
- crypto: improve gcc optimization flags for serpent and wp512
- MIPS: Update defconfigs for NF_CT_PROTO_DCCP/UDPLITE change
- MIPS: VDSO: avoid duplicate CAC_BASE definition
- MIPS: ip27: Disable qlge driver in defconfig
- MIPS: Update ip27_defconfig for SCSI_DH change
- MIPS: ip22: Fix ip28 build for modern gcc
- MIPS: Update lemote2f_defconfig for CPU_FREQ_STAT change
- mtd: pmcmsp: use kstrndup instead of kmalloc+strncpy
- MIPS: ralink: Cosmetic change to prom_init().
- MIPS: ralink: Remove unused timer functions
- MIPS: ralink: Remove unused rt*_wdt_reset functions
- i2c: bcm2835: Avoid possible NULL ptr dereference
- tracing: Add #undef to fix compile error
- ucount: Remove the atomicity from ucount->count
- efi/arm: Fix boot crash with CONFIG_CPUMASK_OFFSTACK=y
- dw2102: don't do DMA on stack
- i2c: add missing of_node_put in i2c_mux_del_adapters
- powerpc: Emulation support for load/store instructions on LE
- powerpc/booke: Fix boot crash due to null hugepd
- powerpc/xics: Work around limitations of OPAL XICS priority handling
- PCI: Prevent VPD access for QLogic ISP2722
- usb: gadget: dummy_hcd: clear usb_gadget region before registration
- usb: dwc3: gadget: make Set Endpoint Configuration macros safe
- usb: dwc3-omap: Fix missing break in dwc3_omap_set_mailbox()
- usb: ohci-at91: Do not drop unhandled USB suspend control requests
- usb: gadget: function: f_fs: pass companion descriptor along
- Revert "usb: gadget: uvc: Add missing call for additional setup data"
- usb: host: xhci-dbg: HCIVERSION should be a binary number
- usb: host: xhci-plat: Fix timeout on removal of hot pluggable xhci
controllers
- USB: serial: safe_serial: fix information leak in completion handler
- USB: serial: omninet: fix reference leaks at open
- USB: iowarrior: fix NULL-deref at probe
- USB: iowarrior: fix NULL-deref in write
- USB: serial: io_ti: fix NULL-deref in interrupt callback
- USB: serial: io_ti: fix information leak in completion handler
- serial: samsung: Continue to work if DMA request fails
- KVM: s390: Fix guest migration for huge guests resulting in panic
- KVM: arm/arm64: Let vcpu thread modify its own active state
- drm/i915/gvt: Fix superfluous newline in GVT_DISPLAY_READY env var
- serial_ir: ensure we're ready to receive interrupts
- dm: flush queued bios when process blocks to avoid deadlock
- rc: raw decoder for keymap protocol is not loaded on register
- ext4: don't BUG when truncating encrypted inodes on the orphan list
- IB/mlx5: Verify that Q counters are supported
- Linux 4.10.4
* ip_rcv_finish() NULL pointer kernel panic (LP: #1672470)
- bridge: drop netfilter fake rtable unconditionally
* Miscellaneous Ubuntu changes
- [Config] Remove powerpc architecture build
- [Config] updateconfigs after removing powerpc builds
- [Config] Update annotations after removing powerpc configs
-- Tim Gardner <tim.gard...@canonical.com> Mon, 20 Mar 2017 05:15:32
-0600
** Changed in: linux (Ubuntu Zesty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-5986
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1674087
Title:
[zesty] net sched actions - Adding support for user cookies
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Zesty:
Fix Released
Status in linux source package in aa-series:
Fix Released
Bug description:
Adding optional 128-bit action cookie.
The idea is to save user state that when retrieved serves as a correlator.
The kernel _should not_ interpret it. The user can store whatever they wish in
the 128 bits like persistent data, http or existing kernel fib protocol field,
etc.
Sample exercise(showing variable length use of cookie)
.. create an accept action with cookie a1b2c3d4
sudo $TC actions add action ok index 1 cookie a1b2c3d4
.. dump all gact actions..
sudo $TC -s actions ls action gact
action order 0: gact action pass
random type none pass val 0
index 1 ref 1 bind 0 installed 5 sec used 5 sec
Action statistics:
Sent 0 bytes 0 pkt (dropped 0, overlimits 0 requeues 0)
backlog 0b 0p requeues 0
cookie a1b2c3d4
.. bind the accept action to a filter..
sudo $TC filter add dev lo parent ffff: protocol ip prio 1 \
u32 match ip dst 127.0.0.1/32 flowid 1:1 action gact index 1
... send some traffic..
$ ping 127.0.0.1 -c 3
PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.020 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.027 ms
64 bytes from 127.0.0.1: icmp_seq=3 ttl=64 time=0.038 ms
upstream Commits
1045ba7 net sched actions: Add support for user cookies
37f1c63 net sched actions: do not overwrite status of action creation.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1674087/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
