This bug was fixed in the package linux - 4.8.0-58.63
---------------
linux (4.8.0-58.63) yakkety; urgency=low
* linux: 4.8.0-58.63 -proposed tracker (LP: #1700533)
* CVE-2017-1000364
- Revert "UBUNTU: SAUCE: mm: Only expand stack if guard area is hit"
- Revert "mm: do not collapse stack gap into THP"
- Revert "mm: enlarge stack guard gap"
- mm: vma_adjust: remove superfluous confusing update in remove_next == 1
case
- mm: larger stack guard gap, between vmas
- mm: fix new crash in unmapped_area_topdown()
- Allow stack to grow up to address space limit
linux (4.8.0-57.62) yakkety; urgency=low
* linux: 4.8.0-57.62 -proposed tracker (LP: #1699035)
* CVE-2017-1000364
- SAUCE: mm: Only expand stack if guard area is hit
* CVE-2017-7374
- fscrypt: remove broken support for detecting keyring key revocation
* CVE-2017-100363
- char: lp: fix possible integer overflow in lp_setup()
* CVE-2017-9242
- ipv6: fix out of bound writes in __ip6_append_data()
* CVE-2017-9075
- sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
* CVE-2017-9074
- ipv6: Prevent overrun when parsing v6 header options
* CVE-2017-9076
- ipv6/dccp: do not inherit ipv6_mc_list from parent
* CVE-2017-9077
- ipv6/dccp: do not inherit ipv6_mc_list from parent
* CVE-2017-8890
- dccp/tcp: do not inherit mc_list from parent
* extend-diff-ignore should use exact matches (LP: #1693504)
- [Packaging] exact extend-diff-ignore matches
* APST quirk needed for Intel NVMe (LP: #1686592)
- nvme: Quirk APST on Intel 600P/P3100 devices
* regression: the 4.8 hwe kernel does not create the
/sys/block/*/device/enclosure_device:* symlinks (LP: #1691899)
- scsi: ses: Fix SAS device detection in enclosure
* datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD (LP: #1676679)
- openvswitch: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
* connection flood to port 445 on mounting cifs volume under kernel
(LP: #1686099)
- cifs: Do not send echoes before Negotiate is complete
* Support IPMI system interface on Cavium ThunderX (LP: #1688132)
- i2c: octeon: Rename driver to prepare for split
- i2c: octeon: Split the driver into two parts
- [Config] CONFIG_I2C_THUNDERX=m
- i2c: thunderx: Add i2c driver for ThunderX SOC
- i2c: thunderx: Add SMBUS alert support
- i2c: octeon,thunderx: Move register offsets to struct
- i2c: octeon: Sort include files alphabetically
- i2c: octeon: Use booleon values for booleon variables
- i2c: octeon: thunderx: Add MAINTAINERS entry
- i2c: octeon: Fix set SCL recovery function
- i2c: octeon: Avoid sending STOP during recovery
- i2c: octeon: Fix high-level controller status check
- i2c: octeon: thunderx: TWSI software reset in recovery
- i2c: octeon: thunderx: Remove double-check after interrupt
- i2c: octeon: thunderx: Limit register access retries
- i2c: thunderx: Enable HWMON class probing
* CVE-2017-5577
- drm/vc4: Return -EINVAL on the overflow checks failing.
* Merlin SGMII fail on Ubuntu Xenial HWE kernel (LP: #1686305)
- net: phy: marvell: fix Marvell 88E1512 used in SGMII mode
- drivers: net: phy: xgene: Fix mdio write
* Keyboard backlight control does not work on some dell laptops.
(LP: #1693126)
- platform/x86: dell-laptop: Add Latitude 7480 and others to the DMI
whitelist
- platform/x86: dell-laptop: Add keyboard backlight timeout AC settings
* exec'ing a setuid binary from a threaded program sometimes fails to setuid
(LP: #1672819)
- SAUCE: exec: ensure file system accounting in check_unsafe_exec is correct
* CVE-2017-7294
- drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
-- Stefan Bader <stefan.ba...@canonical.com> Mon, 26 Jun 2017 17:31:13
+0200
** Changed in: linux (Ubuntu Yakkety)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000364
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-100363
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-5577
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7294
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-7374
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-8890
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9074
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9075
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9076
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9077
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-9242
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1676679
Title:
datapath: Add missing case OVS_TUNNEL_KEY_ATTR_PAD
Status in The Ubuntu-power-systems project:
Fix Released
Status in linux package in Ubuntu:
Fix Released
Status in openvswitch package in Ubuntu:
Invalid
Status in linux source package in Yakkety:
Fix Released
Status in openvswitch source package in Yakkety:
Invalid
Status in linux source package in Zesty:
Fix Released
Status in openvswitch source package in Zesty:
Invalid
Bug description:
---Problem Description---
Recreate and error info:
Hit a new issue with OVS after updating to the Ubuntu 4.8 kernel from
the Ubuntu 4.4 kernel.
Iperf was used to send traffic between client VMs over VXLAN. The
traffic did still flow, but every packet had to go to user space due to
the flow creation failures, which drastically impacted performance and
cpu utilization.
When using VXLAN, the following error is showing up in dmesg
openvswitch: netlink: Unknown IP tunnel attribute 14
Also there are tons of these errors in the openvswitch log
2017-03-01T15:50:47.860Z|00018|dpif(handler164)|WARN|system@ovs-system:
failed to put[create] (Invalid argument)
ufid:2d1a9aeb-7b24-4235-a208-a01f98237e60 recirc_id(0),dp_hash(0/0),skb_pri
Debug showed that this attribute, OVS_TUNNEL_KEY_ATTR_PAD, was being
seen in the switch statement in method, static int ip_tun_from_nlattr,
in flow_netlink.c . Because there is no case for this attribute, the
default is hit and returns an error.
The issue was first seen using the packages in the Ubuntu 4.8 kernel,
which is OVS 2.5. OVS 2.6 and 2.6.1 were also tried with the kernel
packages and the same issue was seen. Tried building OVS 2.7 and
loading the openvswitch-datapath-dkms_2.7.0-1_all.deb that got built but
the issue persisted. The proposed patch seems to eliminate the error
messages and also fixed the segmentation and performance issues that
were seen.
---uname output---
stock 4.8 kernel
Machine Type = p8
---Debugger---
A debugger is not configured
---Steps to Reproduce---
Hit a new issue with OVS after updating to the Ubuntu 4.8 kernel from
the Ubuntu 4.4 kernel.
Iperf was used to send traffic between client VMs over VXLAN. The
traffic did still flow, but every packet had to go to user space due to
the flow creation failures, which drastically impacted performance and
cpu utilization.
When using VXLAN, the following error is showing up in dmesg
openvswitch: netlink: Unknown IP tunnel attribute 14
Link to the patch is https://patchwork.ozlabs.org/patch/738856/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-power-systems/+bug/1676679/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
