| 2024-07-24 11:40:41 |
Thomas Parrott |
bug |
|
|
added bug |
| 2024-07-24 12:23:36 |
Thibf |
bug task added |
|
linux-kvm (Ubuntu) |
|
| 2024-07-24 12:23:43 |
Thibf |
nominated for series |
|
Ubuntu Jammy |
|
| 2024-07-24 12:23:43 |
Thibf |
bug task added |
|
linux-kvm (Ubuntu Jammy) |
|
| 2024-07-24 12:23:50 |
Thibf |
linux-kvm (Ubuntu Jammy): assignee |
|
Thibf (thibf) |
|
| 2024-07-24 12:50:22 |
Jon Seager |
bug |
|
|
added subscriber Jon Seager |
| 2024-07-26 12:48:24 |
Thibf |
linux-kvm (Ubuntu Jammy): status |
New |
In Progress |
|
| 2024-07-26 15:55:23 |
Thibf |
description |
We are trying to get eBPF to work for microk8s in the LXD's `ubuntu:22.04` images which use the `-kvm` variant.
With this kernel we are getting this error:
level=warning msg="Unable to ensure that BPF JIT compilation is enabled. This can be ignored when Cilium is running inside non-host network namespace (e.g. with kin
d or minikube)" error="could not open the sysctl file /host/proc/sys/net/core/bpf_jit_enable: open /host/proc/sys/net/core/bpf_jit_enable: no such file or directory
" subsys=sysctl sysParamName=net.core.bpf_jit_enable sysParamValue=1
We've confirmed this works fine in the 22.04 generic kernel, so please can we have similar eBPF support in the `-kvm` variant kernel.
Suspect we need these config options enabled:
```
CONFIG_BPF_SYSCALL=y
CONFIG_BPF_JIT=y
```
It would also be useful to ensure that the kernel config is available in /proc/config.gz or /boot/config (if not already) so that applications can discover which config options are enabled. |
[ Impact ]
Unable to run k8s and other software relying on Cilium.
[ Fix ]
Enable required configs and prerequisite.
Which consist of:
CONFIG_BPF_JIT
CONFIG_BPF_JIT_DEFAULT_ON
CONFIG_NET_EGRESS
CONFIG_NET_SCHED
CONFIG_NET_SCH_INGRESS
CONFIG_NET_CLS
CONFIG_NET_CLS_CGROUP
CONFIG_NET_CLS_BPF
CONFIG_NET_CLS_ACT
CONFIG_NET_SCH_FIFO
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_SCHEDSTATS
These configs are already enabled in generic kernel.
[ Test Plan ]
Tested with Cilium.
[ Where problems could occur ]
eBPF misbehavior.
Network regression due to enable network configuration. |
|
| 2024-07-26 15:56:41 |
Thibf |
description |
[ Impact ]
Unable to run k8s and other software relying on Cilium.
[ Fix ]
Enable required configs and prerequisite.
Which consist of:
CONFIG_BPF_JIT
CONFIG_BPF_JIT_DEFAULT_ON
CONFIG_NET_EGRESS
CONFIG_NET_SCHED
CONFIG_NET_SCH_INGRESS
CONFIG_NET_CLS
CONFIG_NET_CLS_CGROUP
CONFIG_NET_CLS_BPF
CONFIG_NET_CLS_ACT
CONFIG_NET_SCH_FIFO
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_SCHEDSTATS
These configs are already enabled in generic kernel.
[ Test Plan ]
Tested with Cilium.
[ Where problems could occur ]
eBPF misbehavior.
Network regression due to enable network configuration. |
[ Impact ]
Unable to run k8s and other software relying on Cilium.
[ Fix ]
Enable required configs and prerequisite.
Which consist of:
CONFIG_BPF_JIT
CONFIG_BPF_JIT_DEFAULT_ON
CONFIG_NET_EGRESS
CONFIG_NET_SCHED
CONFIG_NET_SCH_INGRESS
CONFIG_NET_CLS
CONFIG_NET_CLS_CGROUP
CONFIG_NET_CLS_BPF
CONFIG_NET_CLS_ACT
CONFIG_NET_SCH_FIFO
CONFIG_CRYPTO_USER_API
CONFIG_CRYPTO_USER_API_HASH
CONFIG_SCHEDSTATS
These configs are already enabled in generic kernel.
[ Test Plan ]
Tested with Cilium successfully.
[ Where problems could occur ]
eBPF misbehavior.
Network regression due to enable network configuration. |
|
| 2024-07-31 09:40:49 |
Stefan Bader |
linux-kvm (Ubuntu Jammy): importance |
Undecided |
Low |
|
| 2024-07-31 09:40:55 |
Stefan Bader |
linux-kvm (Ubuntu Jammy): status |
In Progress |
Fix Committed |
|
| 2024-08-19 17:36:52 |
Ubuntu Kernel Bot |
tags |
|
kernel-spammed-jammy-linux-kvm-v2 verification-needed-jammy-linux-kvm |
|
| 2024-08-30 13:17:52 |
Thibf |
tags |
kernel-spammed-jammy-linux-kvm-v2 verification-needed-jammy-linux-kvm |
kernel-spammed-jammy-linux-kvm-v2 verification-done-jammy-linux-kvm |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
linux-kvm (Ubuntu Jammy): status |
Fix Committed |
Fix Released |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2023-52629 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2023-52760 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-26680 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-26830 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-26921 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-36901 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-39292 |
|
| 2024-09-12 21:17:17 |
Launchpad Janitor |
cve linked |
|
2024-39484 |
|
