This bug was fixed in the package linux-bluefield - 5.4.0-1064.70
---------------
linux-bluefield (5.4.0-1064.70) focal; urgency=medium
* focal/linux-bluefield: 5.4.0-1064.70 -proposed tracker (LP:
#2019657)
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
[ Ubuntu: 5.4.0-150.167 ]
* focal/linux: 5.4.0-150.167 -proposed tracker (LP: #2019682)
* CVE-2023-32233
- netfilter: nf_tables: deactivate anonymous set from preparation phase
* CVE-2023-2612
- SAUCE: shiftfs: prevent lock unbalance in shiftfs_create_object()
* CVE-2023-31436
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg
* CVE-2023-1380
- wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()
* CVE-2023-30456
- KVM: nVMX: add missing consistency checks for CR0 and CR4
* Packaging resync (LP: #1786013)
- [Packaging] update helper scripts
-- Bartlomiej Zolnierkiewicz <bartlomiej.zolnierkiew...@canonical.com>
Fri, 19 May 2023 16:35:04 +0200
** Changed in: linux-bluefield (Ubuntu Focal)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-1380
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-2612
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-30456
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-31436
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-32233
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-bluefield in Ubuntu.
https://bugs.launchpad.net/bugs/2016829
Title:
Completely support vxlan and erspan for flower
Status in linux-bluefield package in Ubuntu:
Invalid
Status in linux-bluefield source package in Focal:
Fix Released
Bug description:
* Explain the bug(s)
vxlan and erspan are already supported for flower to allow flower to
match vxlan and erspan options. It needs to support vxlan and erspan
to act_tunnel_key and related bug fixes for the sake of completeness
and to avoid bug in the future.
* Brief explanation of fixes
Cherry-pick. No adaptation. Add vxlan/erspan support for act_tunnel_key and
bug fixes.
c96adff95619 cls_flower: call nla_ok() before nla_next()
8e1b3ac47866 net: sched: initialize with 0 before setting erspan md->u
e20d4ff2acd7 net: sched: add erspan option support to act_tunnel_key
fca3f91cc38a net: sched: add vxlan option support to act_tunnel_key
* How to test
For vxlan support:
It is to allow setting vxlan options using the
act_tunnel_key action. Different from geneve options,
only one option can be set. And also, geneve options
and vxlan options can't be set at the same time.
gbp is the only param for vxlan options:
# ip link add name vxlan0 type vxlan dstport 0 external
# tc qdisc add dev eth0 ingress
# tc filter add dev eth0 protocol ip parent ffff: \
flower indev eth0 \
ip_proto udp \
action tunnel_key \
set src_ip 10.0.99.192 \
dst_ip 10.0.99.193 \
dst_port 6081 \
id 11 \
vxlan_opts 01020304 \
action mirred egress redirect dev vxlan0
For erspan support:
It is to allow setting erspan options using the
act_tunnel_key action. Different from geneve options,
only one option can be set. And also, geneve options,
vxlan options or erspan options can't be set at the
same time.
Options are expressed as ver:index:dir:hwid, when ver
is set to 1, index will be applied while dir and hwid
will be ignored, and when ver is set to 2, dir and
hwid will be used while index will be ignored.
# ip link add name erspan1 type erspan external
# tc qdisc add dev eth0 ingress
# tc filter add dev eth0 protocol ip parent ffff: \
flower indev eth0 \
ip_proto udp \
action tunnel_key \
set src_ip 10.0.99.192 \
dst_ip 10.0.99.193 \
dst_port 6081 \
id 11 \
erspan_opts 1:2:0:0 \
action mirred egress redirect dev erspan1
* What it could break.
Nothing.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2016829/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
