StarlingX

CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during migration

Bug #1847817 reported by Bruce Jones
276
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Robin Lu

Bug Description

Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend) [1]
Description : A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

From Victor Rodriguez:
This CVE does not match the StarlingX policy since the Attack Vector (AV)* = Local instead of Network. However I might recommend to apply the patch since it is already in upstream [3] and fix approved by RHEL[2]

[1] https://nvd.nist.gov/vuln/detail/CVE-2019-14835
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835
[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4

See original description

CVE References

Bruce Jones (brucej)
tags: added: stx.security
Revision history for this message
Ghada Khalil (gkhalil) wrote :

This doesn't meet the fix criteria for starlingX. Need to discuss in the security meeting if there is something special for this CVE that would make us deal with it as an exception.

Ghada Khalil (gkhalil)
description: updated
Ghada Khalil (gkhalil)
description: updated
Ghada Khalil (gkhalil)
summary: - CVE-2019-14835
+ CVE-2019-14835: kernel: vhost-net: guest to host kernel escape during
+ migration
Bruce Jones (brucej)
Changed in starlingx:
importance: Undecided → High
tags: added: stx.3.0
tags: removed: stx.3.0
Changed in starlingx:
importance: High → Medium
Ghada Khalil (gkhalil)
Changed in starlingx:
status: New → Triaged
tags: added: stx.3.0
Cindy Xie (xxie1)
Changed in starlingx:
assignee: nobody → Cindy Xie (xxie1)
Revision history for this message
Lin Shuicheng (shuicheng) wrote :

The same as another kernel issue, there is no new srpm available for CentOS 7.6
I prefer to cherry-pick upstream patch to current srpm.

Patch link provided by CVE:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=060423bfdee3f8bc6e2c1bac97de24d5415e2bc4

Issue tracked in RedHat's bug system:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14835

Revision history for this message
Lin Shuicheng (shuicheng) wrote :

This CVE is fixed in below srpm for CentOS 7.7
std kernel: kernel-3.10.0-1062.1.2.el7.src.rpm
https://access.redhat.com/errata/RHSA-2019:2829
rt kernel: kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm
https://access.redhat.com/errata/RHSA-2019:2830

We will upgrade kernel to this version to fix the CVE issue.

Revision history for this message
Victor Manuel Rodriguez Bahena (vm-rod25) wrote :

Sounds like a good plan, let me know if you need help testing the kernel

Robin Lu (robinlu)
Changed in starlingx:
assignee: Cindy Xie (xxie1) → Robin Lu (robinlu)
Ghada Khalil (gkhalil)
information type: Private Security → Public Security
OpenStack Infra (hudson-openstack)
Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
Ghada Khalil (gkhalil) wrote :

Given this CVE fix will be covered by the kernel upversion planned for stx.3.0, raising the priority as only high priority items should be cherry-picked to released branches.

Changed in starlingx:
importance: Medium → High
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/695355
Committed: https://git.openstack.org/cgit/starlingx/tools/commit/?id=c69bc1ef1efb9b784caf0398b9d5b44a52b01d9c
Submitter: Zuul
Branch: master

commit c69bc1ef1efb9b784caf0398b9d5b44a52b01d9c
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 14:41:24 2019 +0800

    Upgrade std/rt kernel to version 1062.1.2 for fixing CVE bug

    To fix below kernel CVE, std/rt kernel will be upgraded to a
    higher version than current version.
    So we will upgrade kernel srpm to below version, which will
    cover this issue.
    std kernel: kernel-3.10.0-1062.1.2.el7.src.rpm
    https://lists.centos.org/pipermail/centos-announce/2019-October/023457.html
    rt kernel: kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm
    https://access.redhat.com/errata/RHSA-2019:2830

    linux-firmware is brought forward due to a kernel spec file
    build dependency.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Ic8c107e4850d0679470a4c8214c85c6d9a800beb
    Signed-off-by: Robin Lu <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (master)

Reviewed: https://review.opendev.org/695359
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=0656fa94dcb9a32a52d2d7757f1b138b88ba9a43
Submitter: Zuul
Branch: master

commit 0656fa94dcb9a32a52d2d7757f1b138b88ba9a43
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:13:50 2019 +0800

    Update kernel-rt patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new rt-kernel source.
    rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch is deleted
    because upstream has fixed this bug, and it is no longer needed.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Iaf5eae5d64b621f44f8faad51d22f9439431911f
    Depends-On: https://review.opendev.org/#/c/695355/
    Signed-off-by: Robin Lu <email address hidden>

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Reviewed: https://review.opendev.org/695358
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=38c184f1b415dbe2eca4a062f9f464a2dca01aa9
Submitter: Zuul
Branch: master

commit 38c184f1b415dbe2eca4a062f9f464a2dca01aa9
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:04:40 2019 +0800

    Update kernel-std patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new kernel source.
    The patch 15 is now included in new version, so I drop it
    in the new patch.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: I217cf8684e31dacea627c33462e5e4b6e089c38f
    Depends-On: https://review.opendev.org/#/c/695355/
    Signed-off-by: Robin Lu <email address hidden>

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (r/stx.3.0)

Fix proposed to branch: r/stx.3.0
Review: https://review.opendev.org/701141

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to integ (r/stx.3.0)

Fix proposed to branch: r/stx.3.0
Review: https://review.opendev.org/701144

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: r/stx.3.0
Review: https://review.opendev.org/701146

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (r/stx.2.0)

Fix proposed to branch: r/stx.2.0
Review: https://review.opendev.org/701650

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to integ (r/stx.2.0)

Fix proposed to branch: r/stx.2.0
Review: https://review.opendev.org/701653

Revision history for this message
OpenStack Infra (hudson-openstack) wrote :

Fix proposed to branch: r/stx.2.0
Review: https://review.opendev.org/701655

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (r/stx.2.0)

Reviewed: https://review.opendev.org/701650
Committed: https://git.openstack.org/cgit/starlingx/tools/commit/?id=5fffe1c5dc1e0839c5213a8d783750e07748c119
Submitter: Zuul
Branch: r/stx.2.0

commit 5fffe1c5dc1e0839c5213a8d783750e07748c119
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 14:41:24 2019 +0800

    Upgrade std/rt kernel to version 1062.1.2 for fixing CVE bug

    To fix below kernel CVE, std/rt kernel will be upgraded to a
    higher version than current version.
    So we will upgrade kernel srpm to below version, which will
    cover this issue.
    std kernel: kernel-3.10.0-1062.1.2.el7.src.rpm
    https://lists.centos.org/pipermail/centos-announce/2019-October/023457.html
    rt kernel: kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm
    https://access.redhat.com/errata/RHSA-2019:2830

    linux-firmware is brought forward due to a kernel spec file
    build dependency.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Ic8c107e4850d0679470a4c8214c85c6d9a800beb
    Signed-off-by: Robin Lu <email address hidden>
    (cherry picked from commit c69bc1ef1efb9b784caf0398b9d5b44a52b01d9c)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (r/stx.2.0)

Reviewed: https://review.opendev.org/701653
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=1d68fd32fd570b6e9c2fd49ddd5058b91f60ea06
Submitter: Zuul
Branch: r/stx.2.0

commit 1d68fd32fd570b6e9c2fd49ddd5058b91f60ea06
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:04:40 2019 +0800

    Update kernel-std patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new kernel source.
    The patch 15 is now included in new version, so I drop it
    in the new patch.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: I217cf8684e31dacea627c33462e5e4b6e089c38f
    Depends-On: https://review.opendev.org/#/c/701650/
    Signed-off-by: Robin Lu <email address hidden>

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (r/stx.3.0)

Reviewed: https://review.opendev.org/701141
Committed: https://git.openstack.org/cgit/starlingx/tools/commit/?id=3fc5a1c4fd3de91657fa36b3922d2c76c90df275
Submitter: Zuul
Branch: r/stx.3.0

commit 3fc5a1c4fd3de91657fa36b3922d2c76c90df275
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 14:41:24 2019 +0800

    Upgrade std/rt kernel to version 1062.1.2 for fixing CVE bug

    To fix below kernel CVE, std/rt kernel will be upgraded to a
    higher version than current version.
    So we will upgrade kernel srpm to below version, which will
    cover this issue.
    std kernel: kernel-3.10.0-1062.1.2.el7.src.rpm
    https://lists.centos.org/pipermail/centos-announce/2019-October/023457.html
    rt kernel: kernel-rt-3.10.0-1062.1.2.rt56.1025.el7.src.rpm
    https://access.redhat.com/errata/RHSA-2019:2830

    linux-firmware is brought forward due to a kernel spec file
    build dependency.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Ic8c107e4850d0679470a4c8214c85c6d9a800beb
    Signed-off-by: Robin Lu <email address hidden>
    (cherry picked from commit c69bc1ef1efb9b784caf0398b9d5b44a52b01d9c)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (r/stx.3.0)

Reviewed: https://review.opendev.org/701146
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=061191d790cba0a59a23fdaa0b797886f78b1979
Submitter: Zuul
Branch: r/stx.3.0

commit 061191d790cba0a59a23fdaa0b797886f78b1979
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:13:50 2019 +0800

    Update kernel-rt patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new rt-kernel source.
    rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch is deleted
    because upstream has fixed this bug, and it is no longer needed.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Iaf5eae5d64b621f44f8faad51d22f9439431911f
    Depends-On: https://review.opendev.org/#/c/701141/
    Signed-off-by: Robin Lu <email address hidden>
    (cherry picked from commit 0656fa94dcb9a32a52d2d7757f1b138b88ba9a43)

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (r/stx.2.0)

Reviewed: https://review.opendev.org/701655
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=de09c063df41fcc22c16e3d0de650ef6f4e9b80f
Submitter: Zuul
Branch: r/stx.2.0

commit de09c063df41fcc22c16e3d0de650ef6f4e9b80f
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:13:50 2019 +0800

    Update kernel-rt patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new rt-kernel source.
    rcu-Don-t-wake-rcuc-X-kthreads-on-NOCB-CPUs.patch is deleted
    because upstream has fixed this bug, and it is no longer needed.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: Iaf5eae5d64b621f44f8faad51d22f9439431911f
    Depends-On: https://review.opendev.org/#/c/701650/
    Signed-off-by: Robin Lu <email address hidden>

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (r/stx.3.0)

Reviewed: https://review.opendev.org/701144
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=80abda46801215a5db6107717fac1ed1abdc7474
Submitter: Zuul
Branch: r/stx.3.0

commit 80abda46801215a5db6107717fac1ed1abdc7474
Author: Robin Lu <email address hidden>
Date: Thu Nov 21 15:04:40 2019 +0800

    Update kernel-std patches for kernel upgrade to version 1062.1.2

    This upgrade fixes the CVEs listed below. We refresh the patches
    against the new kernel source.
    The patch 15 is now included in new version, so I drop it
    in the new patch.

    CVE bug: CVE-2019-11810:kernel: a NULL pointer dereference in
    drivers/scsi/megaraid/megaraid_sas_base.c leading to DoS
    CVE bug: CVE-2019-11811: kernel: use-after-free in IPMI Edit
    CVE bug: CVE-2019-14835: kernel: vhost-net: guest to host kernel
    escape during migration

    Closes-Bug: 1849206
    Closes-Bug: 1849209
    Closes-Bug: 1847817

    Change-Id: I217cf8684e31dacea627c33462e5e4b6e089c38f
    Depends-On: https://review.opendev.org/#/c/701141/
    Signed-off-by: Robin Lu <email address hidden>
    (cherry picked from commit 38c184f1b415dbe2eca4a062f9f464a2dca01aa9)

Ghada Khalil (gkhalil)
tags: added: in-r-stx20 in-r-stx30
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (f/centos8)

Fix proposed to branch: f/centos8
Review: https://review.opendev.org/705825

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to integ (f/centos8)

Fix proposed to branch: f/centos8
Review: https://review.opendev.org/705861

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (f/centos8)
Download full text (8.1 KiB)

Reviewed: https://review.opendev.org/705825
Committed: https://git.openstack.org/cgit/starlingx/tools/commit/?id=43144cbe58278d8a0857cc0fd55df2b6bb921a15
Submitter: Zuul
Branch: f/centos8

commit a3f18007ccad266810d5b02fffe51b7ef3b2463c
Author: Shuicheng Lin <email address hidden>
Date: Sun Jan 19 19:14:55 2020 +0800

    Add Kata Container support

    The patch is based on 431885231ae41256188a7c32f0f5351c4455707b
    And is updated with kata 1.10 repo and 1.10.0-4.1 rpms.

    1. add kata container 1.10 stable repo with kata 1.10.0-4.1 rpms.
       kata-runtime is the main rpm, and other rpms including qemu
       are the rpms required by kata-runtime.
    2. upgrade containerd to 1.3.0
       To support kata container, kubernetes need switch runtime from
       dockershim to containerd. And need use containered with 1.3.0
       in order to support secure private registry.
    3. add crictl as the CLI for containerd.

    Story: 2006145
    Task: 36744
    Task: 36745
    Task: 36746

    Change-Id: I932e0dde0a0b48257e4acd17d6550f9ec5029555
    Signed-off-by: Shuicheng Lin <email address hidden>

commit 0011f51e91a9b98ef4c0150fc0ce608e022deb45
Author: Kristal Dale <email address hidden>
Date: Fri Jan 17 14:18:30 2020 -0800

    Update landing pages for docs and release notes:

    - Use updated project name in titles/text
    - Correct text for link to Storyboard (docs)
    - Correct capitalization in section headings
    - Correct formatting for section headings

    Change-Id: Id116b27f333e038802a706fadb47484e68f837d8
    Signed-off-by: Kristal Dale <email address hidden>

commit ac3e6bfe4aa956816a58cbe13a362e0116776d1f
Author: Saul Wold <email address hidden>
Date: Thu Jan 16 09:59:27 2020 -0800

    ibsh: remove tarball no longer used by cgcs-users

    The cgcs-users package provides a restricted shell ibsh (Iron Bars SHell)
    that is no longer being referenced in StarlingX, so we can remove this
    tarball from the download list.

    Story: 2007102
    Task: 38148
    Depends-On: https://review.opendev.org/702939
    Change-Id: I6e1a25e7318eb3e26150e916335d58c2b60a8f67
    Signed-off-by: Saul Wold <email address hidden>

commit 896fa6b227929bb0b9b28e2a2ca7ead7060963c0
Author: Don Penney <email address hidden>
Date: Wed Jan 15 23:48:42 2020 -0500

    Drop python-smartpm from tarball-dl.lst

    As python-smartpm is no longer required, it can now be dropped from
    the tarball-dl.lst file.

    Depends-On: https://review.opendev.org/702791
    Change-Id: Ifc0a413688151ebb68a71b83a23adb888d1ece08
    Story: 2006227
    Task: 38138
    Signed-off-by: Don Penney <email address hidden>

commit 83709a0a384f92e7042bb9f01e7b52b8a4ba738a
Author: Don Penney <email address hidden>
Date: Tue Jan 14 20:38:59 2020 +0000

    Revert "Add Kata Container support"

    This reverts commit 431885231ae41256188a7c32f0f5351c4455707b.

    Reverting due to https://bugs.launchpad.net/starlingx/+bug/1859686

    Change-Id: Id86981d6b854f5f6f42b99e094b789af263105b7

commit 12c3dc47720bc8d011a746faf42b824caac8faa6
Author: Don Penney <email address hidden>
Date: Tue...

Read more...

tags: added: in-f-centos8
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to integ (f/centos8)
Download full text (8.0 KiB)

Reviewed: https://review.opendev.org/705861
Committed: https://git.openstack.org/cgit/starlingx/integ/commit/?id=a3267c2016e1805f05e72e9063b2db8a227891c2
Submitter: Zuul
Branch: f/centos8

commit 77b632e28f27ab53a840f098fcfbba3db2714a1f
Author: Don Penney <email address hidden>
Date: Wed Feb 5 11:28:32 2020 -0500

    Fix containerd build failure

    The 20200205T023000Z CENGN build failed on containerd due to a build
    ordering issue. In the failed build, containerd was built ahead of
    rpm, and the mock build environment for the containerd build ran with
    the stock CentOS version of RPM. Unfortunately, it appears this
    version of RPM fails when trying to build the debuginfo for a golang
    package. There are currently two other golang packages in StarlingX,
    but these have debuginfo disabled in the spec.

    Adding a version-specific dependency in the containerd spec to ensure
    the newer RPM is installed resolves the issue.

    Change-Id: Ia7c85751012bbd0c3b83a2496bd7424e123eef93
    Closes-Bug: 1862038
    Co-Authored-By: Scott Little <email address hidden>
    Signed-off-by: Don Penney <email address hidden>

commit 7b7959e9b5cc9a68a6fcffba44bca2f84643b133
Author: Al Bailey <email address hidden>
Date: Tue Jan 28 07:49:23 2020 -0600

    Update pylint target for python3 and upper constraints

    This change imposes the upper constraint in tox to protect from
    future releases causing random breakage.

    Ex: A new version of python-libvirt was released Jan 23 2020
    which will not install on python2.

    This change also enables the python3 target for pylint which will
    allow the upper constraint to be changed to a more recent version
    when all the tox files are aligned.

    Change-Id: I9056778085d32b3401df60c20d67cff0a21dfe97
    Story: 2004515
    Task: 38496
    Signed-off-by: Al Bailey <email address hidden>

commit 424ba94a9aa9e64fe1c0d2099b63e7d979b492cd
Author: Jim Somerville <email address hidden>
Date: Fri Jan 24 12:36:06 2020 -0500

    Mellanox Driver: Disable use of kernel page pool functionality

    Problem: The out-of-tree Mellanox driver detects the presence
    of page pool support in the new kernel, and thus wants to use it.
    However, page pools are not configured to be on in the new kernel
    by default (CONFIG_PAGE_POOL), and not only that, the config
    option is hidden ie. it is not user selectable. The built-in
    Mellanox driver selects it, but we don't use the built-in driver.
    The out-of-tree driver does compile but not all pieces of it
    will load properly, specifically the mlx5 pieces which rely on
    page pool functionality being enabled in the kernel.

    Solution: Simply disable kernel page pool use in the
    out-of-tree Mellanox driver, making it work the same way as
    it did with the older kernel.

    Change-Id: If7e7155867d539352fcd0ea3acd5a17dd9d9579f
    Closes-Bug: 1860347
    Signed-off-by: Jim Somerville <email address hidden>

commit 7165b3539c75009311d3d4360a15b6ee4c7a4573
Author: Lin Shuicheng <email address hidden>
Date: Sun Jan 19 01:59:42 2020 +0000

   ...

Read more...

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.