xfrm: ipsec crash when updating spd thresholds

Bug #1613787 reported by Nicolas Dichtel on 2016-08-16
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Joseph Salisbury
Vivid
Undecided
Unassigned
Xenial
Medium
Joseph Salisbury

Bug Description

Fixed upstream by this commit (only in IPsec tree for now):

https://git.kernel.org/cgit/linux/kernel/git/klassert/ipsec.git/commit/?id=6916fb3b10b3cbe3b1f9f5b680675f53e4e299eb
http://patchwork.ozlabs.org/patch/654026/

To update the thresholds: 'ip xfrm policy set hthresh4 24 32'

CVE References

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1613787

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Incomplete → Triaged
tags: added: kernel-da-key
Changed in linux (Ubuntu):
status: Triaged → In Progress
Changed in linux (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Medium
Changed in linux (Ubuntu):
assignee: nobody → Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu Xenial):
assignee: nobody → Joseph Salisbury (jsalisbury)
tags: added: patch xenial
Joseph Salisbury (jsalisbury) wrote :

I built a Xenial test kernel with the patch from:
http://patchwork.ozlabs.org/patch/654026/

The test kernel can be downloaded from:
http://kernel.ubuntu.com/~jsalisbury/lp1613787/

Can you test this kernel and confirm it resolves this bug?

Also, do any other releases besides Xenial and Yakkety require this patch?

This kernel solves the crash.
This patch is needed for all kernel >= 3.19: vivid and wily are EoL if I'm not wrong, thus only xenial and yakkety.

Thank you for the quick answer.

Changed in linux (Ubuntu Xenial):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Yakkety):
status: In Progress → Fix Committed
status: Fix Committed → In Progress
Changed in linux (Ubuntu Vivid):
status: New → Fix Committed
Tim Gardner (timg-tpi) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-xenial
Tim Gardner (timg-tpi) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-vivid' to 'verification-done-vivid'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-vivid
Vincent JARDIN (vincent-jardin) wrote :

Please, wait a bit, some people were on holidays.

tags: added: verification-done-xenial
removed: verification-needed-xenial

Test done on ubuntu-16.04 (Linux ubuntu1604 4.4.0-37-generic #56-Ubuntu) and ubuntu-14.04 (Linux ubuntu1404 3.19.0-69-generic #77~14.04.1-Ubuntu).

tags: added: verification-done-vivid
removed: verification-needed-vivid
Launchpad Janitor (janitor) wrote :
Download full text (22.8 KiB)

This bug was fixed in the package linux - 4.4.0-38.57

---------------
linux (4.4.0-38.57) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1620658

  * CIFS client: access problems after updating to kernel 4.4.0-29-generic
    (LP: #1612135)
    - Revert "UBUNTU: SAUCE: (namespace) Bypass sget() capability check for nfs"
    - fs: Call d_automount with the filesystems creds

  * apt-key add fails in overlayfs (LP: #1618572)
    - SAUCE: overlayfs: fix regression in whiteout detection

linux (4.4.0-37.56) xenial; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1618040

  * [Feature] Instruction decoder support for new SKX instructions- AVX512
    (LP: #1591655)
    - x86/insn: perf tools: Fix vcvtph2ps instruction decoding
    - x86/insn: Add AVX-512 support to the instruction decoder
    - perf tools: Add AVX-512 support to the instruction decoder used by Intel PT
    - perf tools: Add AVX-512 instructions to the new instructions test

  * [Ubuntu 16.04] FCoE Lun not visible in OS with inbox driver - Issue with
    ioremap() call on 32bit kernel (LP: #1608652)
    - lpfc: Correct issue with ioremap() call on 32bit kernel

  * [Feature] turbostat support for Skylake-SP server (LP: #1591802)
    - tools/power turbostat: decode more CPUID fields
    - tools/power turbostat: CPUID(0x16) leaf shows base, max, and bus frequency
    - tools/power turbostat: decode HWP registers
    - tools/power turbostat: Decode MSR_MISC_PWR_MGMT
    - tools/power turbostat: allow sub-sec intervals
    - tools/power turbostat: Intel Xeon x200: fix erroneous bclk value
    - tools/power turbostat: Intel Xeon x200: fix turbo-ratio decoding
    - tools/power turbostat: re-name "%Busy" field to "Busy%"
    - tools/power turbostat: add --out option for saving output in a file
    - tools/power turbostat: fix compiler warnings
    - tools/power turbostat: make fewer systems calls
    - tools/power turbostat: show IRQs per CPU
    - tools/power turbostat: show GFXMHz
    - tools/power turbostat: show GFX%rc6
    - tools/power turbostat: detect and work around syscall jitter
    - tools/power turbostat: indicate SMX and SGX support
    - tools/power turbostat: call __cpuid() instead of __get_cpuid()
    - tools/power turbostat: correct output for MSR_NHM_SNB_PKG_CST_CFG_CTL dump
    - tools/power turbostat: bugfix: TDP MSRs print bits fixing
    - tools/power turbostat: SGX state should print only if --debug
    - tools/power turbostat: print IRTL MSRs
    - tools/power turbostat: initial BXT support
    - tools/power turbostat: decode BXT TSC frequency via CPUID
    - tools/power turbostat: initial SKX support

  * [BYT] display hotplug doesn't work on console (LP: #1616894)
    - drm/i915/vlv: Make intel_crt_reset() per-encoder
    - drm/i915/vlv: Reset the ADPA in vlv_display_power_well_init()
    - drm/i915/vlv: Disable HPD in valleyview_crt_detect_hotplug()
    - drm/i915: Enable polling when we don't have hpd

  * [Feature]intel_idle enabling on Broxton-P (LP: #1520446)
    - intel_idle: add BXT support

  * [Feature] EDAC: Update driver for SKX-SP (LP: #1591815)
    - [Config] CONFIG_EDAC_SKX=m
    - EDAC, skx_edac: Ad...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.19.0-69.77

---------------
linux (3.19.0-69.77) vivid; urgency=low

  [ Tim Gardner ]

  * Release Tracking Bug
    - LP: #1618167

  * MacBookPro11,4 fails to poweroff or suspend (LP: #1587714)
    - SAUCE: PCI: Workaround to enable poweroff on Mac Pro 11

  * xfrm: ipsec crash when updating spd thresholds (LP: #1613787)
    - xfrm: Ignore socket policies when rebuilding hash tables

  * CVE-2016-3841
    - ipv6: add complete rcu protection around np->opt

 -- Kamal Mostafa <email address hidden> Tue, 16 Aug 2016 10:19:30 -0700

Changed in linux (Ubuntu Vivid):
status: Fix Committed → Fix Released

The official sha1 (from linus tree) is:
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6916fb3b10b3

$ git describe --contains 6916fb3b10b3
v4.8-rc7~35^2~11^2~2

=> Included in 4.8, thus there is nothing to do for Yakkety.

Joseph: since it is not needed for Yakkety, please can you change the status of this LP ? , so it'll appear to be closed. Thank you.

Joseph Salisbury (jsalisbury) wrote :

Yakkety bug task removed per comment #11

no longer affects: linux (Ubuntu Yakkety)
Changed in linux (Ubuntu):
status: In Progress → Fix Released
Brad Figg (brad-figg) on 2019-07-24
tags: added: cscc
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers