from:"Jason A. Donenfeld"

[Kernel-packages] [Bug 1861284] Re: Build and ship a signed wireguard.ko

2020-06-25 Thread Jason A. Donenfeld

** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1861284

Title:
  Build and ship a signed wireguard.ko

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  In Progress
Status in linux source package in Eoan:
  Fix Released

Bug description:
  ..

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1861284/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

2020-04-30 Thread Jason A. Donenfeld

All set now!

zx2c4@thinkpad ~ $ curl -s 
http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/binary-amd64/Packages.xz
 | unxz | grep -B11 Provides:.*wireguard | grep ^Package:
Package: linux-image-aws
Package: linux-image-azure
Package: linux-image-gcp
Package: linux-image-generic
Package: linux-image-generic-hwe-20.04
Package: linux-image-gke
Package: linux-image-kvm
Package: linux-image-lowlatency
Package: linux-image-lowlatency-hwe-20.04
Package: linux-image-oracle
Package: linux-image-virtual
Package: linux-image-virtual-hwe-20.04

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1873288

Title:
  wireguard-tools should NOT recommend wireguard-dkms

Status in linux-meta package in Ubuntu:
  Fix Released
Status in wireguard package in Ubuntu:
  Confirmed

Bug description:
  With 20.04, the wireguard-dkms is not strictly needed as the
  wireguard.ko is now shipped with kernel packages.

  # apt-cache show wireguard-tools | grep Recommends
  Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) | 
wireguard-modules (>= 0.0.20171001)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1873288/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

2020-04-30 Thread Jason A. Donenfeld

Looks like it's still in -proposed, not -updates:

zx2c4@thinkpad ~ $ curl -s 
http://archive.ubuntu.com/ubuntu/dists/focal-proposed/main/binary-amd64/Packages.xz
 | unxz | grep -B11 Provides:.*wireguard | grep ^Package:
Package: linux-image-aws
Package: linux-image-azure
Package: linux-image-gcp
Package: linux-image-generic
Package: linux-image-generic-hwe-20.04
Package: linux-image-gke
Package: linux-image-kvm
Package: linux-image-lowlatency
Package: linux-image-lowlatency-hwe-20.04
Package: linux-image-oracle
Package: linux-image-virtual
Package: linux-image-virtual-hwe-20.04

zx2c4@thinkpad ~ $ curl -s 
http://archive.ubuntu.com/ubuntu/dists/focal-updates/main/binary-amd64/Packages.xz
 | unxz | grep -B11 Provides:.*wireguard | grep ^Package:
Package: linux-image-generic
Package: linux-image-generic-hwe-20.04
Package: linux-image-lowlatency
Package: linux-image-lowlatency-hwe-20.04
Package: linux-image-virtual
Package: linux-image-virtual-hwe-20.04

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1873288

Title:
  wireguard-tools should NOT recommend wireguard-dkms

Status in linux-meta package in Ubuntu:
  Fix Released
Status in wireguard package in Ubuntu:
  Confirmed

Bug description:
  With 20.04, the wireguard-dkms is not strictly needed as the
  wireguard.ko is now shipped with kernel packages.

  # apt-cache show wireguard-tools | grep Recommends
  Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) | 
wireguard-modules (>= 0.0.20171001)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1873288/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

2020-04-17 Thread Jason A. Donenfeld

Reopening this until we have some conclusion on (2) and (3) of #9.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1873288

Title:
  wireguard-tools should NOT recommend wireguard-dkms

Status in linux-meta package in Ubuntu:
  Fix Released
Status in wireguard package in Ubuntu:
  Confirmed

Bug description:
  With 20.04, the wireguard-dkms is not strictly needed as the
  wireguard.ko is now shipped with kernel packages.

  # apt-cache show wireguard-tools | grep Recommends
  Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) | 
wireguard-modules (>= 0.0.20171001)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1873288/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

2020-04-17 Thread Jason A. Donenfeld

Ah, looks like I can't.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1873288

Title:
  wireguard-tools should NOT recommend wireguard-dkms

Status in linux-meta package in Ubuntu:
  Fix Released
Status in wireguard package in Ubuntu:
  Confirmed

Bug description:
  With 20.04, the wireguard-dkms is not strictly needed as the
  wireguard.ko is now shipped with kernel packages.

  # apt-cache show wireguard-tools | grep Recommends
  Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) | 
wireguard-modules (>= 0.0.20171001)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1873288/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

2020-04-17 Thread Jason A. Donenfeld

Simon - to keep you updated on the bug you reported, this fixes issue
(1), as described in comment #9: https://git.launchpad.net/~ubuntu-
kernel/ubuntu/+source/linux-
meta/+git/focal/commit/?id=204fb3b2ae6b0c8c41c339f47949b45d571c4953

We'll keep this open until there's a decision/fix on (2) and (3), as
described in comment #9.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1873288

Title:
  wireguard-tools should NOT recommend wireguard-dkms

Status in linux-meta package in Ubuntu:
  In Progress
Status in wireguard package in Ubuntu:
  Confirmed

Bug description:
  With 20.04, the wireguard-dkms is not strictly needed as the
  wireguard.ko is now shipped with kernel packages.

  # apt-cache show wireguard-tools | grep Recommends
  Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) | 
wireguard-modules (>= 0.0.20171001)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-meta/+bug/1873288/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1856539] Re: wireguard package doesn't work on ubuntu eon

2020-02-19 Thread Jason A. Donenfeld

The Ubuntu kernel team seems to be behind in deploying a fix for this.
In the interim you can solve this by using the WireGuard project's PPA,
which now has backports for 19.10. Run this command to fix your issue:

sudo add-apt-repository ppa:wireguard/wireguard && sudo apt-get update
&& sudo apt-get upgrade

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1856539

Title:
  wireguard package doesn't work on ubuntu eon

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  After upgrading to ubuntu eon, i've tried to install wireguard.
  Install went well but wireguard module can't be loaded and so wireguard can't 
be used.

  Ubuntu version: 19.10
  Wireguard version: 0.0.20190913-1ubuntu1

  When trying to use wireguard:
  > sudo systemctl start wg-quick@wg0.service
  Job for wg-quick@wg0.service failed because the control process exited with 
error code.
  See "systemctl status wg-quick@wg0.service" and "journalctl -xe" for details.
  10:19:32 ~/ (feat/start-vm-choose-power-state u=)
  > systemctl status wg-quick@wg0.service
  ● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor 
preset: enabled)
 Active: failed (Result: exit-code) since Mon 2019-12-16 10:19:32 CET; 5s 
ago
   Docs: man:wg-quick(8)
 man:wg(8)
 https://www.wireguard.com/
 https://www.wireguard.com/quickstart/
 https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8
 https://git.zx2c4.com/WireGuard/about/src/tools/man/wg.8
Process: 31063 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, 
status=1/FAILURE)
   Main PID: 31063 (code=exited, status=1/FAILURE)

  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: Starting WireGuard via 
wg-quick(8) for wg0...
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Warning: 
`/etc/wireguard/wg0.conf' is world accessible
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: [#] ip link add wg0 
type wireguard
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: RTNETLINK answers: 
Operation not supported
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Unable to access 
interface: Protocol not supported
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: [#] ip link delete dev 
wg0
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Cannot find device 
"wg0"
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: wg-quick@wg0.service: Main 
process exited, code=exited, status=1/FAILURE
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: wg-quick@wg0.service: 
Failed with result 'exit-code'.
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: Failed to start WireGuard 
via wg-quick(8) for wg0.

  
  When trying to load wireguard module:
  > sudo modprobe wireguard
  modprobe: ERROR: could not insert 'wireguard': Exec format error

  I'm happy to provide more info if needed.
  Any help would be greatly appreciated!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1856539/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1851295] Re: dkms error with wireguard on upgrafe to 19.10

2020-02-07 Thread Jason A. Donenfeld

Seems dkms related.

** Package changed: wireguard (Ubuntu) => linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1851295

Title:
  dkms error with wireguard on upgrafe to 19.10

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  Loading new wireguard-0.0.20190913 DKMS files...
  Building for 5.0.0-27-generic 5.3.0-19-generic
  Building initial module for 5.0.0-27-generic
  ERROR (dkms apport): kernel package linux-headers-5.0.0-27-generic is not 
supported
  Error! Bad return status for module build on kernel: 5.0.0-27-generic (x86_64)
  Consult /var/lib/dkms/wireguard/0.0.20190913/build/make.log for more 
information.
  dpkg: error processing package wireguard-dkms (--configure):
   installed wireguard-dkms package post-installation script subprocess 
returned error exit status 10
  dpkg: dependency problems prevent configuration of wireguard:
   wireguard depends on wireguard-dkms (= 0.0.20190913-1ubuntu1) | 
wireguard-modules (= 0.0.20190913); however:
Package wireguard-dkms is not configured yet.
Package wireguard-modules is not installed.

  dpkg: error processing package wireguard (--configure):
   dependency problems - leaving unconfigured
  Errors were encountered while processing:
   wireguard-dkms
   wireguard

  ProblemType: Package
  DistroRelease: Ubuntu 19.10
  Package: wireguard-dkms 0.0.20190913-1ubuntu1
  ProcVersionSignature: Ubuntu 5.0.0-27.28-generic 5.0.21
  Uname: Linux 5.0.0-27-generic x86_64
  NonfreeKernelModules: wireguard
  ApportVersion: 2.20.11-0ubuntu8.1
  Architecture: amd64
  Date: Mon Nov  4 23:58:10 2019
  ErrorMessage: installed wireguard-dkms package post-installation script 
subprocess returned error exit status 10
  InstallationDate: Installed on 2018-10-12 (388 days ago)
  InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 
(20180725)
  PackageArchitecture: all
  Python3Details: /usr/bin/python3.7, Python 3.7.5rc1, python3-minimal, 3.7.5-1
  PythonDetails: /usr/bin/python2.7, Python 2.7.17rc1, python-minimal, 2.7.17-1
  RelatedPackageVersions:
   dpkg 1.19.7ubuntu2
   apt  1.9.4
  SourcePackage: wireguard
  Title: package wireguard-dkms 0.0.20190913-1ubuntu1 failed to 
install/upgrade: installed wireguard-dkms package post-installation script 
subprocess returned error exit status 10
  UpgradeStatus: Upgraded to eoan on 2019-11-04 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1851295/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1856539] Re: wireguard package doesn't work on ubuntu eon

2020-02-07 Thread Jason A. Donenfeld

[   15.589541] module: x86/modules: Skipping invalid relocation target,
existing value is nonzero for type 1, loc f4677a21, val
c1171b82

Looks like a dkms issue? Thankfully we won't need that for 20.04 and
also earlier kernels once things are backported. I'll reassign this to
the canonical kernel people.

** Package changed: wireguard (Ubuntu) => linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1856539

Title:
  wireguard package doesn't work on ubuntu eon

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  After upgrading to ubuntu eon, i've tried to install wireguard.
  Install went well but wireguard module can't be loaded and so wireguard can't 
be used.

  Ubuntu version: 19.10
  Wireguard version: 0.0.20190913-1ubuntu1

  When trying to use wireguard:
  > sudo systemctl start wg-quick@wg0.service
  Job for wg-quick@wg0.service failed because the control process exited with 
error code.
  See "systemctl status wg-quick@wg0.service" and "journalctl -xe" for details.
  10:19:32 ~/ (feat/start-vm-choose-power-state u=)
  > systemctl status wg-quick@wg0.service
  ● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor 
preset: enabled)
 Active: failed (Result: exit-code) since Mon 2019-12-16 10:19:32 CET; 5s 
ago
   Docs: man:wg-quick(8)
 man:wg(8)
 https://www.wireguard.com/
 https://www.wireguard.com/quickstart/
 https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8
 https://git.zx2c4.com/WireGuard/about/src/tools/man/wg.8
Process: 31063 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, 
status=1/FAILURE)
   Main PID: 31063 (code=exited, status=1/FAILURE)

  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: Starting WireGuard via 
wg-quick(8) for wg0...
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Warning: 
`/etc/wireguard/wg0.conf' is world accessible
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: [#] ip link add wg0 
type wireguard
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: RTNETLINK answers: 
Operation not supported
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Unable to access 
interface: Protocol not supported
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: [#] ip link delete dev 
wg0
  déc. 16 10:19:32 benjamin-XPS-13-9370 wg-quick[31063]: Cannot find device 
"wg0"
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: wg-quick@wg0.service: Main 
process exited, code=exited, status=1/FAILURE
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: wg-quick@wg0.service: 
Failed with result 'exit-code'.
  déc. 16 10:19:32 benjamin-XPS-13-9370 systemd[1]: Failed to start WireGuard 
via wg-quick(8) for wg0.

  
  When trying to load wireguard module:
  > sudo modprobe wireguard
  modprobe: ERROR: could not insert 'wireguard': Exec format error

  I'm happy to provide more info if needed.
  Any help would be greatly appreciated!

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1856539/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1854225] Re: Kernel oops and system lock up when invoking wg-quick up

2020-02-07 Thread Jason A. Donenfeld

Doesn't look like a WireGuard bug.

** Package changed: wireguard (Ubuntu) => linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1854225

Title:
  Kernel oops and system lock up when invoking wg-quick up

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  On 2 occasions over the past week I have had full system crashes after
  running "wg-quick up wg0". On the terminal, the command does not
  complete (i.e. it does not return to the prompt), the fans on my
  laptop start whirring and the system gradually becomes unresponsive
  before my desktop crashes and the system becomes completely
  unresponsive. On both occasions I opened another window to run "top"
  to see what process was consuming resources but "top" never actually
  runs. On the second occasion I managed to run "dmesg" before the
  system crashed completely and saw multiple lines of text about a
  kernel oops and red-highlighted text about a null-pointer dereference.

  I could reboot with "Alt-PrtScr_REISUB". On reboot I was confronted
  with the "system problem detected" dialog, but selecting the "report"
  option didn't seem to do anything. I have 2 reports in /var/crash from
  the last oops which I will attach to this report.

  I cannot reproduce this on demand. Most of the time, wg-quick performs
  normally. On both occasions the laptop had recently woken from
  suspend, but invoking "wg-quick" after waking from suspend doesn't
  trigger it on demand. On the first occasion I was running with stock
  boot options. On the second, I was running with "mitigations=off" as
  an experiment.

  
  $ lsb_release -rd
  Description:  Ubuntu 19.10
  Release:  19.10

  $ apt policy wireguard
  wireguard:
Installed: 0.0.20190913-1ubuntu1
Candidate: 0.0.20190913-1ubuntu1
Version table:
   *** 0.0.20190913-1ubuntu1 500
  500 http://gb.archive.ubuntu.com/ubuntu eoan/universe amd64 Packages
  500 http://gb.archive.ubuntu.com/ubuntu eoan/universe i386 Packages
  100 /var/lib/dpkg/status

  $ apt policy wireguard-tools 
  wireguard-tools:
Installed: 0.0.20190913-1ubuntu1
Candidate: 0.0.20190913-1ubuntu1
Version table:
   *** 0.0.20190913-1ubuntu1 500
  500 http://gb.archive.ubuntu.com/ubuntu eoan/universe amd64 Packages
  100 /var/lib/dpkg/status

  
  $ uname -a
  Linux padbeast 5.3.0-23-generic #25-Ubuntu SMP Tue Nov 12 09:22:33 UTC 2019 
x86_64 x86_64 x86_64 GNU/Linux

  # cat /etc/wireguard/wg0.conf 
  [Interface]
  PrivateKey = MyPrivateKey=
  Address = 10.66.66.5/24,fd42:42:42::5/64
  DNS = 8.8.8.8,1.1.1.1

  [Peer]
  PublicKey = MyPublicKey=
  Endpoint = my.domain.com:1195
  AllowedIPs = 0.0.0.0/0,::/0


  I'm reporting this as a security bug due to the "Null pointer
  dereference" in the kernel, but don't know if that is relevant. I
  don't know how to access or send the old dmesg information, so please
  let me know how to access this or how to collect it if the crash
  recurs.

  ProblemType: Bug
  DistroRelease: Ubuntu 19.10
  Package: wireguard 0.0.20190913-1ubuntu1
  ProcVersionSignature: Ubuntu 5.3.0-23.25-generic 5.3.7
  Uname: Linux 5.3.0-23-generic x86_64
  ApportVersion: 2.20.11-0ubuntu8.2
  Architecture: amd64
  CurrentDesktop: MATE
  Date: Wed Nov 27 20:44:24 2019
  InstallationDate: Installed on 2019-10-11 (47 days ago)
  InstallationMedia: Ubuntu-MATE 19.10 "Eoan Ermine" - Beta amd64 (20190926.2)
  PackageArchitecture: all
  SourcePackage: wireguard
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1854225/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1858807] Re: Wireguard install fails on 19.10

2020-02-07 Thread Jason A. Donenfeld

The kernel team can backport things need be.

** Package changed: wireguard (Ubuntu) => linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1858807

Title:
  Wireguard install fails on 19.10

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  
  # apt install wireguard-tools
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  The following additional packages will be installed:
wireguard-dkms
  The following NEW packages will be installed:
wireguard-dkms wireguard-tools
  0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
  Need to get 0 B/330 kB of archives.
  After this operation, 2,126 kB of additional disk space will be used.
  Do you want to continue? [Y/n] Y
  Selecting previously unselected package wireguard-dkms.
  (Reading database ... 298438 files and directories currently installed.)
  Preparing to unpack .../wireguard-dkms_0.0.20190913-1ubuntu1_all.deb ...
  Unpacking wireguard-dkms (0.0.20190913-1ubuntu1) ...
  Selecting previously unselected package wireguard-tools.
  Preparing to unpack .../wireguard-tools_0.0.20190913-1ubuntu1_amd64.deb ...
  Unpacking wireguard-tools (0.0.20190913-1ubuntu1) ...
  Setting up wireguard-dkms (0.0.20190913-1ubuntu1) ...
  Loading new wireguard-0.0.20190913 DKMS files...
  Building for 5.5.0-050500rc5-generic
  Building initial module for 5.5.0-050500rc5-generic
  ERROR (dkms apport): kernel package linux-headers-5.5.0-050500rc5-generic is 
not supported
  Error! Bad return status for module build on kernel: 5.5.0-050500rc5-generic 
(x86_64)
  Consult /var/lib/dkms/wireguard/0.0.20190913/build/make.log for more 
information.
  dpkg: error processing package wireguard-dkms (--configure):
   installed wireguard-dkms package post-installation script subprocess 
returned error exit status 10
  Setting up wireguard-tools (0.0.20190913-1ubuntu1) ...
  Processing triggers for man-db (2.8.7-3) ...
  Errors were encountered while processing:
   wireguard-dkms
  E: Sub-process /usr/bin/dpkg returned an error code (1)
  

  make.log:
  -
  KMS make.log for wireguard-0.0.20190913 for kernel 5.5.0-050500rc5-generic 
(x86_64)
  Wed 08 Jan 2020 03:43:59 PM CET
  make: Entering directory '/usr/src/linux-headers-5.5.0-050500rc5-generic'
AR  /var/lib/dkms/wireguard/0.0.20190913/build/built-in.a
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/main.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/noise.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/device.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/peer.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/timers.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/queueing.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/send.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/receive.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/socket.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/peerlookup.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/allowedips.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/ratelimiter.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/cookie.o
CC [M]  /var/lib/dkms/wireguard/0.0.20190913/build/netlink.o
CC [M]  
/var/lib/dkms/wireguard/0.0.20190913/build/crypto/zinc/chacha20/chacha20.o
PERLASM 
/var/lib/dkms/wireguard/0.0.20190913/build/crypto/zinc/chacha20/chacha20-x86_64.S
CC [M]  
/var/lib/dkms/wireguard/0.0.20190913/build/crypto/zinc/poly1305/poly1305.o
  /var/lib/dkms/wireguard/0.0.20190913/build/socket.c: In function ‘send6’:
  /var/lib/dkms/wireguard/0.0.20190913/build/socket.c:145:20: error: ‘const 
struct ipv6_stub’ has no member named ‘ipv6_dst_lookup’; did you mean 
‘ipv6_dst_lookup_flow’?
145 |   ret = ipv6_stub->ipv6_dst_lookup(sock_net(sock), sock, ,
|^~~
|ipv6_dst_lookup_flow
  make[1]: *** [scripts/Makefile.build:266: 
/var/lib/dkms/wireguard/0.0.20190913/build/socket.o] Error 1
  make[1]: *** Waiting for unfinished jobs
  /var/lib/dkms/wireguard/0.0.20190913/build/netlink.c: In function 
‘wg_get_device_start’:
  /var/lib/dkms/wireguard/0.0.20190913/build/netlink.c:199:26: error: implicit 
declaration of function ‘genl_family_attrbuf’ 
[-Werror=implicit-function-declaration]
199 |  struct nlattr **attrs = genl_family_attrbuf(_family);
|  ^~~
  /var/lib/dkms/wireguard/0.0.20190913/build/netlink.c:199:26: warning: 
initialization of ‘struct nlattr **’ from ‘int’ makes pointer from integer 
without a cast [-Wint-conversion]
  cc1: some warnings being treated as errors
  make[1]: *** [scripts/Makefile.build:265:

[Kernel-packages] [Bug 1847478] Re: eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule"

2019-10-09 Thread Jason A. Donenfeld

** Summary changed:

- wireguard crashes system shortly after wg-quick down wg0
+ eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF is set 
on suppress rule"

** Package changed: wireguard (Ubuntu) => linux-meta (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1847478

Title:
  eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF
  is set on suppress rule"

Status in linux package in Ubuntu:
  In Progress
Status in linux-meta package in Ubuntu:
  Invalid

Bug description:
  [Impact]

  An unprivileged local attacker could cause a denial of service, or
  possibly execute arbitrary code due to an ipv6 regression.

  [Test Case]

  An unpatched system will crash with the following command:

  $ unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set
  dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add
  table main suppress_prefixlength 0 && ping -f 1234::1'

  [Regression Potential]

  Low. The change could theoretically introduce a memory leak but that
  would still be an improvement over immediate loss of system
  availability.

  [Original Description]

  Having recently upgraded to Eoan Ermine from Disco Dingo, my
  previously rock-solid wireguard now locks the system up shortly after
  I take the connection down with wg-quick down wg0.

  Package:

  wireguard:
    Installed: 0.0.20190913-1ubuntu1
    Candidate: 0.0.20190913-1ubuntu1
    Version table:
   *** 0.0.20190913-1ubuntu1 500
  500 http://gb.archive.ubuntu.com/ubuntu eoan/universe amd64 Packages
  500 http://gb.archive.ubuntu.com/ubuntu eoan/universe i386 Packages
  100 /var/lib/dpkg/status

  Kernel:
  5.3.0-13-generic

  Snipped from /var/log/syslog:

  kernel: [  776.930804] BUG: unable to handle page fault for address: 
1070
  kernel: [  776.930807] #PF: supervisor read access in kernel mode
  kernel: [  776.930808] #PF: error_code(0x) - not-present page
  kernel: [  776.930809] PGD 0 P4D 0
  kernel: [  776.930811] Oops:  [#1] SMP NOPTI
  kernel: [  776.930813] CPU: 3 PID: 2598 Comm: Chrome_ChildIOT Tainted: G  
 OE 5.3.0-13-generic #14-Ubuntu
  kernel: [  776.930813] Hardware name: Dell Inc. XPS 13 9380/0KTW76, BIOS 
1.7.0 08/05/2019
  kernel: [  776.930817] RIP: 0010:ip6_sk_dst_store_flow+0x80/0xc0
  kernel: [  776.930819] Code: 48 8b 42 30 48 33 47 40 48 09 c1 0f b6 4f 12 b8 
01 00 00 00 4d 0f 45 e9 31 db d3 e0 a9 bf ef ff ff 74 07 48 8b 9f f8 02 00 00 
<48> 8b 46 70 31 d2 48 85 c0 74 0c 48 8b 40 10 48 85 c0 74 03 8b 50
  kernel: [  776.930820] RSP: 0018:beb841a9fcd8 EFLAGS: 00010202
  kernel: [  776.930821] RAX: 0080 RBX: a0933c829360 RCX: 
0007
  kernel: [  776.930822] RDX: beb841a9fd20 RSI: 1000 RDI: 
a0933c828f00
  kernel: [  776.930823] RBP: beb841a9fcf0 R08:  R09: 

  kernel: [  776.930823] R10:  R11: a093948fd800 R12: 
a0933c829360
  kernel: [  776.930824] R13: a0933c828f38 R14: 0001 R15: 
a0933c829360
  kernel: [  776.930825] FS:  7fbcd8a82700() GS:a0939e4c() 
knlGS:
  kernel: [  776.930826] CS:  0010 DS:  ES:  CR0: 80050033
  kernel: [  776.930827] CR2: 1070 CR3: 00049172a004 CR4: 
003606e0
  kernel: [  776.930828] Call Trace:
  kernel: [  776.930832]  ip6_datagram_dst_update+0x15e/0x280
  kernel: [  776.930835]  ? _raw_read_unlock_bh+0x20/0x30
  kernel: [  776.930837]  __ip6_datagram_connect+0x1da/0x380
  kernel: [  776.930839]  ip6_datagram_connect+0x2d/0x50
  kernel: [  776.930841]  inet_dgram_connect+0x3f/0xc0
  kernel: [  776.930843]  __sys_connect+0xf1/0x130
  kernel: [  776.930846]  ? do_fcntl+0xe4/0x550
  kernel: [  776.930848]  ? fput+0x13/0x15
  kernel: [  776.930849]  __x64_sys_connect+0x1a/0x20
  kernel: [  776.930852]  do_syscall_64+0x5a/0x130
  kernel: [  776.930854]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
  kernel: [  776.930855] RIP: 0033:0x7fbcde6324eb
  kernel: [  776.930856] Code: 83 ec 18 89 54 24 0c 48 89 34 24 89 7c 24 08 e8 
ab fa ff ff 8b 54 24 0c 48 8b 34 24 41 89 c0 8b 7c 24 08 b8 2a 00 00 00 0f 05 
<48> 3d 00 f0 ff ff 77 2f 44 89 c7 89 44 24 08 e8 e1 fa ff ff 8b 44
  kernel: [  776.930857] RSP: 002b:7fbcd8a7ec90 EFLAGS: 0293 ORIG_RAX: 
002a
  kernel: [  776.930859] RAX: ffda RBX: ff94 RCX: 
7fbcde6324eb
  kernel: [  776.930859] RDX: 001c RSI: 7fbcd8a7ecf0 RDI: 
0022
  kernel: [  776.930860] RBP: 7fbcd8a7edb0 R08:  R09: 
7fbcd8a7edf8
  kernel: [  776.930861] R10: 7fbcd8a7edf0 R11: 0293 R12: 
250e77c19710
  kernel: [  776.930862] R13: 250e77c19900 R14: 7fbcd8a7edc8 R15: 
7fbcd8a7edc8
  kernel: [  776.930863] Modules linked in:

[Kernel-packages] [Bug 1842447] Re: Kernel Panic with linux-image-4.15.0-60-generic when specifying nameserver in docker-compose

2019-09-06 Thread Jason A. Donenfeld

It's possible this same issue is responsible for this crash in
WireGuard:
https://lists.zx2c4.com/pipermail/wireguard/2019-September/004495.html

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1842447

Title:
  Kernel Panic with linux-image-4.15.0-60-generic when specifying
  nameserver in docker-compose

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Bionic:
  Fix Committed

Bug description:
  [Impact]
  Some fragmentation+NAT workloads will cause kernel BUG/Ooops.

  [Test case]
  sudo iptables -t nat -I POSTROUTING -j MASQUERADE
  sudo hping3 192.168.122.1 -s 1000 -p 2000 -d 6

  [Regression potential]
  This could make fragmented packets stop flowing. So, make sure fragmented 
pings still work.
  ping 192.168.122.1 -s 6 still works, even with the above nat rule.

  

  Hello,

  there are multiple inquries in the mailcow GitHub issues over at
  https://github.com/mailcow/mailcow-dockerized/issues/2904 that the
  latest kernel linux-image-4.15.0-60-generic causes kernel panics when
  "- dns" setting is used within the docker-compose.yml file, for yet
  some unclear reasons.

  Multiple users on different systems (e.g. virtualized ones on VMware
  ESXi and KVM) were able to reproduce the same issue. I was also able
  to reproduce this constantly on a completely new deployed Ubuntu 18.04
  VM (KVM) with a fresh mailcow installation.

  Steps to reproduce:
  1. Install a clean Ubuntu 18.04(.03) machine
  2. Upgrade the installation to linux-image-4.15.0-60-generic
  3. Setup mailcow as instructed at 
https://mailcow.github.io/mailcow-dockerized-docs/i_u_m_install/ (just takes 
less than a minute, easy to reproduce)
  4. Start mailcow with "dns"-settings specified in docker-compose file (Make 
sure using the older docker-compose version with dns settings: 
https://raw.githubusercontent.com/mailcow/mailcow-dockerized/a1403b7a5969637df23001d05c59c2a20774fbb5/docker-compose.yml)
  5. Wait a few minutes, then kernel crash appears

  Using this workaround it appears to be stable again:
  https://github.com/mailcow/mailcow-
  dockerized/commit/dc6eea5142c063e26408a685b66fbb7754408ec2

  I've attached the apport file to this bug. Please let me know if you
  need any kind of further information. (As this is my first bug report
  here, I hope I have included all required information helping you
  finding the cause.)

  Kind regards,
  Patrik

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1842447/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1413440] Re: USB stops working after a while (xhci_hcd 0000:00:14.0: Timeout while waiting for setup device command)

2017-05-19 Thread Jason A. Donenfeld

I'm having this issue on kernel 4.11.1.

[48112.422418] [ cut here ]
[48112.422441] WARNING: CPU: 0 PID: 14420 at drivers/usb/host/xhci-ring.c:1390 
handle_cmd_completion+0xb17/0xc00 [xhci_hcd]
[48112.422446] Modules linked in: xt_hashlimit ip6_udp_tunnel udp_tunnel rfcomm 
pl2303 hid_lenovo bnep cdc_mbim cdc_ncm qcserial cdc_wdm usb_wwan usbnet 
usbserial mii uvcvideo videobuf2_vmalloc videobuf2_memops
[48112.422480] xhci_hcd :00:14.0: Timeout while waiting for setup device 
command
[48112.422481]  videobuf2_v4l2 videobuf2_core cdc_acm videodev btusb btintel 
usbhid bluetooth af_packet nf_conntrack_ipv4 nf_defrag_ipv4 iptable_filter 
xt_hl nf_conntrack_ipv6 nf_defrag_ipv6 xt_multiport 8021q xt_conntrack 
nf_conntrack ip6table_filter ip6_tables algif_skcipher joydev mousedev 
snd_hda_codec_realtek snd_hda_codec_generic arc4 iwlmvm mac80211 rtsx_pci_sdmmc 
mmc_core intel_rapl iosf_mbi x86_pkg_temp_thermal intel_powerclamp coretemp 
kvm_intel kvm iwlwifi snd_hda_intel ahci irqbypass snd_hda_codec crc32_pclmul 
snd_hwdep xhci_pci xhci_hcd libahci crc32c_intel snd_hda_core mei_me cfg80211 
usbcore snd_pcm rtsx_pci ie31200_edac input_leds mfd_core e1000e libata 
usb_common mei snd_timer psmouse edac_core intel_pch_thermal thinkpad_acpi snd 
soundcore led_class rfkill tpm_tis tpm_tis_core evdev
[48112.422556]  tpm sch_fq_codel
[48112.422565] CPU: 0 PID: 14420 Comm: kworker/0:7 Tainted: PW  O
4.11.1-gentoo #1
[48112.422567] Hardware name: LENOVO 20ENCTO1WW/20ENCTO1WW, BIOS N1EET65W (1.38 
) 02/09/2017
[48112.422577] Workqueue: events xhci_handle_command_timeout [xhci_hcd]
[48112.422580] Call Trace:
[48112.422583]  
[48112.422589]  ? dump_stack+0x46/0x5e
[48112.422595]  ? __warn+0xb9/0xe0
[48112.422603]  ? handle_cmd_completion+0xb17/0xc00 [xhci_hcd]
[48112.422609]  ? try_to_wake_up+0x22e/0x390
[48112.422617]  ? xhci_irq+0x38f/0x1460 [xhci_hcd]
[48112.422624]  ? run_timer_softirq.part.2+0x4c/0xa0
[48112.422629]  ? expire_timers+0x6e/0xe0
[48112.422634]  ? __handle_irq_event_percpu+0x36/0x190
[48112.422637]  ? handle_irq_event_percpu+0x1b/0x50
[48112.422640]  ? handle_irq_event+0x22/0x40
[48112.422644]  ? handle_edge_irq+0x65/0x120
[48112.422649]  ? handle_irq+0x11/0x20
[48112.422653]  ? do_IRQ+0x3c/0xc0
[48112.422658]  ? common_interrupt+0x7f/0x7f
[48112.422660]  
[48112.422664]  ? _raw_spin_unlock_irqrestore+0x5/0x10
[48112.422671]  ? xhci_handle_command_timeout+0xf4/0x1b0 [xhci_hcd]
[48112.422684]  ? process_one_work+0x1d9/0x450
[48112.422689]  ? worker_thread+0x42/0x4b0
[48112.422695]  ? process_one_work+0x450/0x450
[48112.422698]  ? kthread+0x112/0x130
[48112.422702]  ? kthread_create_on_node+0x40/0x40
[48112.422705]  ? ret_from_fork+0x23/0x30
[48112.422709] ---[ end trace eb9505885b6e349e ]---
[48113.446247] xhci_hcd :00:14.0: xHCI host not responding to stop endpoint 
command.
[48113.446250] xhci_hcd :00:14.0: Assuming host is dying, halting host.
[48113.446348] xhci_hcd :00:14.0: HC died; cleaning up

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1413440

Title:
  USB stops working after a while (xhci_hcd :00:14.0: Timeout while
  waiting for setup device command)

Status in System76:
  Triaged
Status in linux package in Ubuntu:
  Triaged

Bug description:
  On my laptop the kernel will sometimes drop the USB hub. After this,
  the laptop doesn't recognise any device plugged in to the USB ports -
  plugging and unplugging any device I've tried into any of the USB
  ports produces no response, not even dmesg entries.

  Strangely this also applies to bluetooth - it no longer works once USB
  has dropped (possibly the module is hung of the bus internally).

  Once this has happened only a reboot fixes it; I've not managed to
  find any combination of module unload/reload or suspend cycles to
  reinitialise things correctly.

  Relevant snippet of dmesg:
  [48830.625057] xhci_hcd :00:14.0: Timeout while waiting for setup device 
command
  [48838.079718] xhci_hcd :00:14.0: Stopped the command ring failed, maybe 
the host is dead
  [48838.079742] xhci_hcd :00:14.0: Abort command ring failed
  [48838.079746] xhci_hcd :00:14.0: HC died; cleaning up
  [48838.079770] xhci_hcd :00:14.0: Timeout while waiting for setup device 
command
  [48838.079806] sched: RT throttling activated
  [48838.079981] usb 1-1: USB disconnect, device number 16
  [48838.079985] usb 1-1.2: USB disconnect, device number 18
  [48838.079987] usb 1-1.2.3: USB disconnect, device number 19
  [48838.080285] usb 1-1.2.4: USB disconnect, device number 20
  [48838.111892] usb 1-1.4: USB disconnect, device number 17
  [48838.191292] usb 1-4: USB disconnect, device number 6
  [48838.267550] usb 1-10: USB disconnect, device number 8
  [48838.282968] usb 2-1: device not accepting address 8, error -62
  [48838.282983] usb 2-1: USB disconnect, device number 8

[Kernel-packages] [Bug 1683947] Re: ubuntu 4.8 kernel, virtio_net error causes NAT packets to be lost

2017-04-24 Thread Jason A. Donenfeld

Hey Jay,

I found this same issue here --
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685416 -- when
debugging WireGuard issues on GCE. I'm curious how you found it and what
your debugging was like. Do you work for Google and could debug their
virtio implementation? I spent a really long time just rebuilding things
and tweaking stuff and following the skb all the way down to the output
path. When I had nearly given up, I thought, "you know, maybe I really
_should_ take a look at this virtio header stuff." After setting that
flag back to zero, and seeing what other successful packets were doing,
I had figured it out. At first I thought it was a real kernel bug, and
then later saw it was a backporting issue and hence reported it. Anyway,
really traumatic debugging blitz that extended through the night. I'm
curious about your story...

Jason

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1683947

Title:
  ubuntu 4.8 kernel, virtio_net error causes NAT packets to be lost

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Yakkety:
  New

Bug description:
  
  SRU Justification:

  Impact:

  Configuring the 4.8 kernel with iptables MASQUERADE over virtio_net
  causes packets to be dropped by the hypervisor (host) due to improper
  flags being set based on the IP checksum state of the packet.  The
  host performing MASQUERADE is affected by the bug.

  Issue was introduced by

  commit fd2a0437dc33b6425cabf74cc7fc7fdba6d5903b
  Author: Mike Rapoport 
  Date: Wed Jun 8 16:09:18 2016 +0300

  virtio_net: introduce virtio_net_hdr_{from,to}_skb

  which first appears in v4.8-rc1

  Fix:

  Fixed upstream by

  3e9e40e74753 virtio_net: Simplify call sites for virtio_net_hdr_{from, 
to}_skb().
  501db511397f virtio: don't set VIRTIO_NET_HDR_F_DATA_VALID on xmit
  6391a4481ba0 virtio-net: restore VIRTIO_HDR_F_DATA_VALID on receiving

  3e9e40e74753 first appears in v4.9-rc5 (and is a prerequisite only),
  the others in v4.10-rc4.

  Testcase:

  Reproduction to date has been on GCE, although in principle it should
  manifest on any suitable topology using virtio_net.  There is a
  dependency on the forwarded packets having skb->ip_summed ==
  CHECKSUM_UNNECESSARY; not all incoming devices will have this
  property.

  On GCE, the following steps will induce the issue on an affected
  kernel:

  Setup a network:

  % gcloud compute networks create nat-network --mode legacy --range 
10.240.0.0/16
  % gcloud compute firewall-rules create nat-network-allow-ssh --allow tcp:22 
--network nat-network
  % gcloud compute firewall-rules create nat-network-allow-internal --allow 
tcp:1-65535,udp:1-65535,icmp --source-ranges 10.240.0.0/16 --network nat-network

  Setup an Ubuntu 16.04 NAT VM:

  % gcloud compute instances create nat-gateway-16 --zone us-central1-a
  --network nat-network --can-ip-forward --image-family ubuntu-1604-lts
  --image-project ubuntu-os-cloud --tags nat --metadata startup-
  script='sysctl -w net.ipv4.ip_forward=1 ; iptables -t nat -A
  POSTROUTING -o ens4 -j MASQUERADE'

  Setup a route to use the 16.04 NAT:

  % gcloud compute routes create no-ip-internet-route --network nat-
  network --destination-range 0.0.0.0/0 --next-hop-instance nat-
  gateway-16 --next-hop-instance-zone us-central1-a --tags no-ip
  --priority 800

  Setup a simple test VM without any external network:

  % gcloud compute instances create nat-client --zone us-central1-a
  --network nat-network --no-address --image-family ubuntu-1604-lts
  --image-project ubuntu-os-cloud --tags no-ip --metadata startup-
  script='wget --timeout=5 https://github.com/GoogleCloudPlatform
  /compute-image-packages/archive/20170327.tar.gz'

  Wait for it to boot... maybe 30 seconds or so.

  Look for serial port output:

  % gcloud compute instances get-serial-port-output nat-client --zone
  us-central1-a | grep startup-script

  You will see that the connection to github never succeeds - it just
  gets stuck on "Resolving github.com (github.com)... 192.30.253.112,
  192.30.253.113" and will timeout. (ignore the previous attempt from
  the successful 14.04 based NAT).

  Repeat the test by resettting the test client instance and watch for
  serial output:

  % gcloud compute instances reset nat-client --zone us-central1-a

  Wait a minute or so for new boot, then check the serial-port-output as
  above.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1683947/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

2017-04-24 Thread Jason A. Donenfeld

Hi Stefan -- thanks for taking ownership of this bug. Could you give a
rough timeline on when you expect to roll out the next kernel update
that contains these commits?

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685416

Title:
  Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Status in linux package in Ubuntu:
  Confirmed
Status in linux-hwe package in Ubuntu:
  Confirmed
Status in linux source package in Yakkety:
  In Progress
Status in linux-hwe source package in Yakkety:
  New

Bug description:
  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on
  received packets so that the CPU doesn't have to checksum packets that
  have already been verified by hardware. In the initial implementation
  of this, the kernel erroneously set this flag too for transmitted
  packets, which is explicitly forbidden by the virtio spec. It was
  rectified in these two commits:

  501db511397fd6efff3aa5b4e8de415b9550
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

  6391a4481ba0796805d6581e42f9f0418c099e34
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

  Both of these must be backported into your HWE kernel and perhaps
  other Ubuntu kernels too. (They were both backported into the
  kernel.org stable kernels.) While mostly nobody cares about this
  "correctness" issue, it turns out that Google Cloud Platform -- which
  uses the HWE kernel by default -- does care and will silently and
  mysteriously drop packets. This leads to packets being dropped
  entirely when being forwarded between various types of network
  drivers.

  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685416/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

2017-04-22 Thread Jason A. Donenfeld

** Also affects: linux-hwe (Ubuntu)
   Importance: Undecided
   Status: New

** Changed in: linux-hwe (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685416

Title:
  Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Status in linux package in Ubuntu:
  Confirmed
Status in linux-hwe package in Ubuntu:
  Confirmed

Bug description:
  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on
  received packets so that the CPU doesn't have to checksum packets that
  have already been verified by hardware. In the initial implementation
  of this, the kernel erroneously set this flag too for transmitted
  packets, which is explicitly forbidden by the virtio spec. It was
  rectified in these two commits:

  501db511397fd6efff3aa5b4e8de415b9550
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

  6391a4481ba0796805d6581e42f9f0418c099e34
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

  Both of these must be backported into your HWE kernel and perhaps
  other Ubuntu kernels too. (They were both backported into the
  kernel.org stable kernels.) While mostly nobody cares about this
  "correctness" issue, it turns out that Google Cloud Platform -- which
  uses the HWE kernel by default -- does care and will silently and
  mysteriously drop packets. This leads to packets being dropped
  entirely when being forwarded between various types of network
  drivers.

  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685416/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

2017-04-22 Thread Jason A. Donenfeld

No such log is necessary. You simply forgot to backport two critical
patches.

** Changed in: linux (Ubuntu)
   Status: Incomplete => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685416

Title:
  Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on
  received packets so that the CPU doesn't have to checksum packets that
  have already been verified by hardware. In the initial implementation
  of this, the kernel erroneously set this flag too for transmitted
  packets, which is explicitly forbidden by the virtio spec. It was
  rectified in these two commits:

  501db511397fd6efff3aa5b4e8de415b9550
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

  6391a4481ba0796805d6581e42f9f0418c099e34
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

  Both of these must be backported into your HWE kernel and perhaps
  other Ubuntu kernels too. (They were both backported into the
  kernel.org stable kernels.) While mostly nobody cares about this
  "correctness" issue, it turns out that Google Cloud Platform -- which
  uses the HWE kernel by default -- does care and will silently and
  mysteriously drop packets. This leads to packets being dropped
  entirely when being forwarded between various types of network
  drivers.

  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685416/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

2017-04-21 Thread Jason A. Donenfeld

** Description changed:

  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on received
  packets so that the CPU doesn't have to checksum packets that have
  already been verified by hardware. In the initial implementation of
  this, the kernel erroneously set this flag too for transmitted packets,
  which is explicitly forbidden by the virtio spec. It was rectified in
  these two commits:
  
  501db511397fd6efff3aa5b4e8de415b9550
+ 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550
+ 
  6391a4481ba0796805d6581e42f9f0418c099e34
+ 
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34
  
- Both of these must be backported into your HWE kernel, and perhaps other
- Ubuntu kernels too. While mostly nobody cares about this "correctness"
+ Both of these must be backported into your HWE kernel and perhaps other
+ Ubuntu kernels too. (They were both backported into the kernel.org
+ stable kernels.) While mostly nobody cares about this "correctness"
  issue, it turns out that Google Cloud Platform -- which uses the HWE
  kernel by default -- does care and will silently and mysteriously drop
  packets. This leads to packets being dropped entirely when being
  forwarded between various types of network drivers.
  
  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685416

Title:
  Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on
  received packets so that the CPU doesn't have to checksum packets that
  have already been verified by hardware. In the initial implementation
  of this, the kernel erroneously set this flag too for transmitted
  packets, which is explicitly forbidden by the virtio spec. It was
  rectified in these two commits:

  501db511397fd6efff3aa5b4e8de415b9550
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

  6391a4481ba0796805d6581e42f9f0418c099e34
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

  Both of these must be backported into your HWE kernel and perhaps
  other Ubuntu kernels too. (They were both backported into the
  kernel.org stable kernels.) While mostly nobody cares about this
  "correctness" issue, it turns out that Google Cloud Platform -- which
  uses the HWE kernel by default -- does care and will silently and
  mysteriously drop packets. This leads to packets being dropped
  entirely when being forwarded between various types of network
  drivers.

  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1685416/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1685416] [NEW] Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

2017-04-21 Thread Jason A. Donenfeld

Public bug reported:

The HWE kernel, and possibly others too, backport some virtio
improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on received
packets so that the CPU doesn't have to checksum packets that have
already been verified by hardware. In the initial implementation of
this, the kernel erroneously set this flag too for transmitted packets,
which is explicitly forbidden by the virtio spec. It was rectified in
these two commits:

501db511397fd6efff3aa5b4e8de415b9550
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

6391a4481ba0796805d6581e42f9f0418c099e34
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

Both of these must be backported into your HWE kernel and perhaps other
Ubuntu kernels too. (They were both backported into the kernel.org
stable kernels.) While mostly nobody cares about this "correctness"
issue, it turns out that Google Cloud Platform -- which uses the HWE
kernel by default -- does care and will silently and mysteriously drop
packets. This leads to packets being dropped entirely when being
forwarded between various types of network drivers.

This issue must be fixed in order to use Ubuntu on Google Cloud
Platform.

** Affects: linux (Ubuntu)
 Importance: Undecided
 Status: Incomplete

** Description changed:

  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on received
  packets so that the CPU doesn't have to checksum packets that have
  already been verified by hardware. In the initial implementation of
- this, the kernel erroneously set this flag too for transmitted flags,
+ this, the kernel erroneously set this flag too for transmitted packets,
  which is explicitly forbidden by the virtio spec. It was rectified in
  these two commits:
  
  501db511397fd6efff3aa5b4e8de415b9550
  6391a4481ba0796805d6581e42f9f0418c099e34
  
  Both of these must be backported into your HWE kernel, and others too.
  While mostly nobody cares about this "correctness" issue, it turns out
  that Google Cloud Platform -- which uses the HWE kernel by default --
  does care and will silently and mysteriously drop packets. This leads to
  packets being dropped entirely when being forwarded between various
  types of network drivers.
  
  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

** Description changed:

  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on received
  packets so that the CPU doesn't have to checksum packets that have
  already been verified by hardware. In the initial implementation of
  this, the kernel erroneously set this flag too for transmitted packets,
  which is explicitly forbidden by the virtio spec. It was rectified in
  these two commits:
  
  501db511397fd6efff3aa5b4e8de415b9550
  6391a4481ba0796805d6581e42f9f0418c099e34
  
- Both of these must be backported into your HWE kernel, and others too.
- While mostly nobody cares about this "correctness" issue, it turns out
- that Google Cloud Platform -- which uses the HWE kernel by default --
- does care and will silently and mysteriously drop packets. This leads to
- packets being dropped entirely when being forwarded between various
- types of network drivers.
+ Both of these must be backported into your HWE kernel, and perhaps other
+ Ubuntu kernels too. While mostly nobody cares about this "correctness"
+ issue, it turns out that Google Cloud Platform -- which uses the HWE
+ kernel by default -- does care and will silently and mysteriously drop
+ packets. This leads to packets being dropped entirely when being
+ forwarded between various types of network drivers.
  
  This issue must be fixed in order to use Ubuntu on Google Cloud
  Platform.

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1685416

Title:
  Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  The HWE kernel, and possibly others too, backport some virtio
  improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on
  received packets so that the CPU doesn't have to checksum packets that
  have already been verified by hardware. In the initial implementation
  of this, the kernel erroneously set this flag too for transmitted
  packets, which is explicitly forbidden by the virtio spec. It was
  rectified in these two commits:

  501db511397fd6efff3aa5b4e8de415b9550
  
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b9550

  6391a4481ba0796805d6581e42f9f0418c099e34

[Kernel-packages] [Bug 1861284] Re: Build and ship a signed wireguard.ko

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

[Kernel-packages] [Bug 1873288] Re: wireguard-tools should NOT recommend wireguard-dkms

[Kernel-packages] [Bug 1856539] Re: wireguard package doesn't work on ubuntu eon

[Kernel-packages] [Bug 1851295] Re: dkms error with wireguard on upgrafe to 19.10

[Kernel-packages] [Bug 1856539] Re: wireguard package doesn't work on ubuntu eon

[Kernel-packages] [Bug 1854225] Re: Kernel oops and system lock up when invoking wg-quick up

[Kernel-packages] [Bug 1858807] Re: Wireguard install fails on 19.10

[Kernel-packages] [Bug 1847478] Re: eoan kernel does not contain "ipv6: do not free rt if FIB_LOOKUP_NOREF is set on suppress rule"

[Kernel-packages] [Bug 1842447] Re: Kernel Panic with linux-image-4.15.0-60-generic when specifying nameserver in docker-compose

[Kernel-packages] [Bug 1413440] Re: USB stops working after a while (xhci_hcd 0000:00:14.0: Timeout while waiting for setup device command)

[Kernel-packages] [Bug 1683947] Re: ubuntu 4.8 kernel, virtio_net error causes NAT packets to be lost

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

[Kernel-packages] [Bug 1685416] Re: Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

[Kernel-packages] [Bug 1685416] [NEW] Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

20 matches

Site Navigation

Mail list logo

Footer information