Ubuntu
linux package

Virtio Fixes Not Backported --> Google Cloud Platform Drops Packets

Bug #1685416 reported by Jason A. Donenfeld on 2017-04-22

This bug report is a duplicate of: Bug #1683947: ubuntu 4.8 kernel, virtio_net error causes NAT packets to be lost. Edit Remove

This bug affects 3 people

	Status	Importance	Assigned to
linux (Ubuntu)	Confirmed	Undecided	Unassigned
Yakkety	In Progress	Medium	Stefan Bader
linux-hwe (Ubuntu)	Confirmed	Undecided	Unassigned
Yakkety	New	Undecided	Unassigned

Bug Description

The HWE kernel, and possibly others too, backport some virtio improvements related to setting VIRTIO_NET_HDR_F_DATA_VALID on received packets so that the CPU doesn't have to checksum packets that have already been verified by hardware. In the initial implementation of this, the kernel erroneously set this flag too for transmitted packets, which is explicitly forbidden by the virtio spec. It was rectified in these two commits:

501db511397fd6efff3aa5b4e8de415b55559550
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=501db511397fd6efff3aa5b4e8de415b55559550

6391a4481ba0796805d6581e42f9f0418c099e34
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6391a4481ba0796805d6581e42f9f0418c099e34

Both of these must be backported into your HWE kernel and perhaps other Ubuntu kernels too. (They were both backported into the kernel.org stable kernels.) While mostly nobody cares about this "correctness" issue, it turns out that Google Cloud Platform -- which uses the HWE kernel by default -- does care and will silently and mysteriously drop packets. This leads to packets being dropped entirely when being forwarded between various types of network drivers.

This issue must be fixed in order to use Ubuntu on Google Cloud Platform.

See original description

Jason A. Donenfeld (zx2c4) on 2017-04-22

description:	updated
description:	updated

Jason A. Donenfeld (zx2c4) on 2017-04-22

description:

updated

Revision history for this message

Brad Figg (brad-figg) wrote on 2017-04-22: Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1685416

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Revision history for this message

Jason A. Donenfeld (zx2c4) wrote on 2017-04-22:

No such log is necessary. You simply forgot to backport two critical patches.

Changed in linux (Ubuntu):
status:	Incomplete → Confirmed

Jason A. Donenfeld (zx2c4) on 2017-04-22

Changed in linux-hwe (Ubuntu):
status:	New → Confirmed

Stefan Bader (smb) on 2017-04-24

Changed in linux (Ubuntu Yakkety):
assignee:	nobody → Stefan Bader (smb)
importance:	Undecided → Medium
status:	New → In Progress

Revision history for this message

Jason A. Donenfeld (zx2c4) wrote on 2017-04-24:

Hi Stefan -- thanks for taking ownership of this bug. Could you give a rough timeline on when you expect to roll out the next kernel update that contains these commits?

Revision history for this message

Stefan Bader (smb) wrote on 2017-04-24:

SRU Justification:

Impact: Currently we carry changes to virtio in Yakkety (Xenial/HWE) which got fixed in 4.9.y upstream. However 4.8.y went out of support before that. This causes packets accidentally be dropped when forwarded between various KVM instances (which affects all KVM based Yakkety kernels but also GCE instances as they use the hwe kernel for xenial installations, too).

Fix: Cherry picked the two requested patches from 4.9.y upstream

Testcase: TBD

Revision history for this message

Stefan Bader (smb) wrote on 2017-04-24:

Hi Jason, actually we found out that someone else already had been requesting those changes last week. It was decided that it is better to get these changes out quickly so it should be in the next few days. I will mark your report as a duplicate to the older age report.