WARNING: CPU: 28 PID: 34085 at /build/linux-90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()

Bug #1771480 reported by Gavin Guo on 2018-05-16
14
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Medium
Unassigned
Trusty
Medium
Unassigned

Bug Description

[impact]

with a specific network configuration, a kernel WARNING is issued.

[test case]

configure a trusty system with e/n/i like this:

auto bond0.2004
iface bond0.2004 inet manual
mtu 9100
vlan-raw-device bond0

auto bond0
iface bond0 inet manual
mtu 9100
bond-slaves eth1 eth2
bond-mode 802.3ad
bond-miimon 100
bond-use-carrier 1
bond-lacp-rate fast
bond-updelay 3000
bond-downdelay 1000
bond-ad-select bandwidth
bond-xmit-hash-policy layer3+4
post-up sleep 45

auto br-mesh
iface br-mesh inet static
bridge_ports bond0.2004
address 192.168.210.3/24

auto eth1
iface eth1 inet manual
mtu 9100
bond-master bond0

auto eth2
iface eth2 inet manual
mtu 9100
bond-master bond0

adjusting the interface names as needed, of course. then reboot, and the kernel WARNING will appear in the dmesg.

[regression potential]

the kernel patch has the potential to incorrectly set, or incorrectly not set, features on devices.

[other info]

previous bug description:

I have multiple instances of this dev_disable_lro error in kern.log. Also seeing this:
systemd-udevd[1452]: timeout: killing 'bridge-network-interface' [2765]
<4>May 1 22:56:42 xxx kernel: [ 404.520990] bonding: bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond
<4>May 1 22:56:44 xxx kernel: [ 406.926429] bonding: bond0: Warning: No 802.3ad response from the link partner for any adapters in the bond
<4>May 1 22:56:45 xxx kernel: [ 407.569020] ------------[ cut here ]------------
<4>May 1 22:56:45 xxx kernel: [ 407.569029] WARNING: CPU: 28 PID: 34085 at /build/linux-90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
<4>May 1 22:56:45 xxx kernel: [ 407.569032] netdevice: bond0.2004
<4>May 1 22:56:45 xxx kernel: [ 407.569032] failed to disable LRO!
<4>May 1 22:56:45 xxx kernel: [ 407.569035] Modules linked in: 8021q garp mrp bridge stp llc bonding iptable_filter ip_tables x_tables nf_conntrack_proto_gre nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack ipmi_devintf mxm_wmi dcdbas x86_pkg_temp_thermal coretemp kvm_intel kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd lpc_ich mei_me mei ipmi_si shpchp wmi acpi_power_meter mac_hid xfs libcrc32c raid10 usb_storage raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq raid1 raid0 igb ixgbe i2c_algo_bit multipath ahci dca ptp libahci pps_core linear megaraid_sas mdio dm_multipath scsi_dh
<4>May 1 22:56:45 xxx kernel: [ 407.569112] CPU: 28 PID: 34085 Comm: brctl Not tainted 3.13.0-142-generic #191-Ubuntu
<4>May 1 22:56:45 xxx kernel: [ 407.569115] Hardware name: Dell Inc. PowerEdge R730xd/072T6D, BIOS 2.7.1 001/22/2018
<4>May 1 22:56:45 xxx kernel: [ 407.569118] 0000000000000000 ffff881fcc753c70 ffffffff8172e7fc ffff881fcc753cb8
<4>May 1 22:56:45 xxx kernel: [ 407.569129] 0000000000000009 ffff881fcc753ca8 ffffffff8106afad ffff883fcc6f8000
<4>May 1 22:56:45 xxx kernel: [ 407.569139] ffff883fcc696880 ffff883fcc6f8000 0000000000000000 ffff881fce82dd40
<4>May 1 22:56:45 xxx kernel: [ 407.569150] Call Trace:
<4>May 1 22:56:45 xxx kernel: [ 407.569160] [<ffffffff8172e7fc>] dump_stack+0x64/0x82
<4>May 1 22:56:45 xxx kernel: [ 407.569168] [<ffffffff8106afad>] warn_slowpath_common+0x7d/0xa0
<4>May 1 22:56:45 xxx kernel: [ 407.569175] [<ffffffff8106b01c>] warn_slowpath_fmt+0x4c/0x50
<4>May 1 22:56:45 xxx kernel: [ 407.569183] [<ffffffff816342f7>] dev_disable_lro+0x87/0x90
<4>May 1 22:56:45 xxx kernel: [ 407.569195] [<ffffffffa03f2213>] br_add_if+0x1f3/0x430 [bridge]
<4>May 1 22:56:45 xxx kernel: [ 407.569205] [<ffffffffa03f2c4d>] add_del_if+0x5d/0x90 [bridge]
<4>May 1 22:56:45 xxx kernel: [ 407.569215] [<ffffffffa03f353b>] br_dev_ioctl+0x5b/0x90 [bridge]
<4>May 1 22:56:45 xxx kernel: [ 407.569223] [<ffffffff81646853>] dev_ifsioc+0x313/0x360
<4>May 1 22:56:45 xxx kernel: [ 407.569230] [<ffffffff8162dac9>] ? dev_get_by_name_rcu+0x69/0x90
<4>May 1 22:56:45 xxx kernel: [ 407.569237] [<ffffffff81646989>] dev_ioctl+0xe9/0x590
<4>May 1 22:56:45 xxx kernel: [ 407.569245] [<ffffffff81614b25>] sock_do_ioctl+0x45/0x50
<4>May 1 22:56:45 xxx kernel: [ 407.569252] [<ffffffff81615050>] sock_ioctl+0x1f0/0x2c0
<4>May 1 22:56:45 xxx kernel: [ 407.569260] [<ffffffff811d6670>] do_vfs_ioctl+0x2e0/0x4c0
<4>May 1 22:56:45 xxx kernel: [ 407.569267] [<ffffffff811c4e2e>] ? ____fput+0xe/0x10
<4>May 1 22:56:45 xxx kernel: [ 407.569273] [<ffffffff811d68d1>] SyS_ioctl+0x81/0xa0
<4>May 1 22:56:45 xxx kernel: [ 407.569283] [<ffffffff8173f8a5>] system_call_fastpath+0x2f/0x34
<4>May 1 22:56:45 xxx kernel: [ 407.569287] ---[ end trace df5aa31d75a7e2b1 ]---
<4>May 1 22:56:54 xxx kernel: [ 416.320138] bonding: bond1: Warning: the permanent HWaddr of enp131s0f0 - a0:36:9f:c1:25:d0 - is still in use by bond1. Set the HWaddr of enp131s0f0 to a different address to avoid conflicts.
<4>May 1 22:57:00 xxx kernel: [ 422.362677] bonding: bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
<4>May 1 22:57:07 xxx kernel: [ 429.522843] ------------[ cut here ]------------
And here:

<4>May 1 22:57:07 xxx kernel: [ 429.522843] ------------[ cut here ]------------
<4>May 1 22:57:07 xxx kernel: [ 429.522853] WARNING: CPU: 0 PID: 34191 at /build/linux-90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
<4>May 1 22:57:07 xxx kernel: [ 429.522857] netdevice: bond1.2001
<4>May 1 22:57:07 xxx kernel: [ 429.522857] failed to disable LRO!
<4>May 1 22:57:07 xxx kernel: [ 429.522861] Modules linked in: 8021q garp mrp bridge stp llc bonding iptable_filter ip_tables x_tables nf_conntrack_proto_gre nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack ipmi_devintf mxm_wmi dcdbas x86_pkg_temp_thermal coretemp kvm_intel kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd lpc_ich mei_me mei ipmi_si shpchp wmi acpi_power_meter mac_hid xfs libcrc32c raid10 usb_storage raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq raid1 raid0 igb ixgbe i2c_algo_bit multipath ahci dca ptp libahci pps_core linear megaraid_sas mdio dm_multipath scsi_dh
<4>May 1 22:57:07 xxx kernel: [ 429.522933] CPU: 0 PID: 34191 Comm: brctl Tainted: G W 3.13.0-142-generic #191-Ubuntu
<4>May 1 22:57:07 xxx kernel: [ 429.522937] Hardware name: Dell Inc. PowerEdge R730xd/072T6D, BIOS 2.7.1 001/22/2018
<4>May 1 22:57:07 xxx kernel: [ 429.522940] 0000000000000000 ffff88056ca57c70 ffffffff8172e7fc ffff88056ca57cb8
<4>May 1 22:57:07 xxx kernel: [ 429.522951] 0000000000000009 ffff88056ca57ca8 ffffffff8106afad ffff883fcc9a3000
<4>May 1 22:57:07 xxx kernel: [ 429.522961] ffff881fce800880 ffff883fcc9a3000 0000000000000000 ffff883fcdb93d40
<4>May 1 22:57:07 xxx kernel: [ 429.522972] Call Trace:
<4>May 1 22:57:07 xxx kernel: [ 429.522981] [<ffffffff8172e7fc>] dump_stack+0x64/0x82
<4>May 1 22:57:07 xxx kernel: [ 429.522989] [<ffffffff8106afad>] warn_slowpath_common+0x7d/0xa0
<4>May 1 22:57:07 xxx kernel: [ 429.522996] [<ffffffff8106b01c>] warn_slowpath_fmt+0x4c/0x50
<4>May 1 22:57:07 xxx kernel: [ 429.523004] [<ffffffff816342f7>] dev_disable_lro+0x87/0x90
<4>May 1 22:57:07 xxx kernel: [ 429.523016] [<ffffffffa03f2213>] br_add_if+0x1f3/0x430 [bridge]
<4>May 1 22:57:07 xxx kernel: [ 429.523027] [<ffffffffa03f2c4d>] add_del_if+0x5d/0x90 [bridge]
<4>May 1 22:57:07 xxx kernel: [ 429.523038] [<ffffffffa03f353b>] br_dev_ioctl+0x5b/0x90 [bridge]
<4>May 1 22:57:07 xxx kernel: [ 429.523047] [<ffffffff81646853>] dev_ifsioc+0x313/0x360
<4>May 1 22:57:07 xxx kernel: [ 429.523054] [<ffffffff8162dac9>] ? dev_get_by_name_rcu+0x69/0x90
<4>May 1 22:57:07 xxx kernel: [ 429.523061] [<ffffffff81646989>] dev_ioctl+0xe9/0x590
<4>May 1 22:57:07 xxx kernel: [ 429.523070] [<ffffffff81614b25>] sock_do_ioctl+0x45/0x50
<4>May 1 22:57:07 xxx kernel: [ 429.523076] [<ffffffff81615050>] sock_ioctl+0x1f0/0x2c0
<4>May 1 22:57:07 xxx kernel: [ 429.523084] [<ffffffff811d6670>] do_vfs_ioctl+0x2e0/0x4c0
<4>May 1 22:57:07 xxx kernel: [ 429.523091] [<ffffffff811c4e2e>] ? ____fput+0xe/0x10
<4>May 1 22:57:07 xxx kernel: [ 429.523098] [<ffffffff811d68d1>] SyS_ioctl+0x81/0xa0
<4>May 1 22:57:07 xxx kernel: [ 429.523107] [<ffffffff8173f8a5>] system_call_fastpath+0x2f/0x34
<4>May 1 22:57:07 xxx kernel: [ 429.523111] ---[ end trace df5aa31d75a7e2b2 ]---

root@xxx:/var/log# ip link|grep enp
6: enp3s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 9100 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000
7: enp3s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 9100 qdisc mq master bond1 state UP mode DEFAULT group default qlen 1000
8: enp131s0f0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 9100 qdisc mq master bond1 state UP mode DEFAULT group default qlen 1000
9: enp131s0f1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 9100 qdisc mq master bond0 state UP mode DEFAULT group default qlen 1000
root@xxx:/ar/log# ethtool -i enp3s0f0
driver: ixgbe
version: 3.15.1-k
firmware-version: 0x800008bd
bus-info: 0000:03:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no
root@xxx:/var/log# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 14.04.5 LTS
Release: 14.04
Codename: trusty
root@xxx:/var/log# cat /proc/version
Linux version 3.13.0-142-generic (buildd@lcy01-amd64-014) (gcc version 4.8.4 (Ubuntu 4.8.4-2ubuntu1~14.04.3) ) #191-Ubuntu SMP Fri Feb 2 12:13:35 UTC 2018

Gavin Guo (mimi0213kimo) wrote :
Download full text (9.3 KiB)

This occurred during the deployment of the DPDK compute. The DPDK was not deployed. The bond0 and bond1 configuration appears to have failed.

-----------8<-----------
Preliminary analysis: the LRO appears to be off after the kernel traces, despite the message. I am inquiring as to the nature of the failure.

This bug appears to be relevant:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1660146

All NICs involved:
driver: ixgbe
version: 3.15.1-k
firmware-version: 0x800008bd
bus-info: 0000:03:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: no

Bonds:
bond0: Adding slave enp131s0f1.
bond0: Adding slave enp3s0f0.

bond1: Adding slave enp131s0f0.
bond1: Adding slave enp3s0f1.

Overview of dmesg:

[ 27.423698] bonding: bond0: link status definitely up for interface enp131s0f1, 10000 Mbps full duplex.
[ 27.423704] bonding: bond0: link status definitely up for interface enp3s0f0, 10000 Mbps full duplex.
[ 27.423711] bonding: bond1: link status definitely up for interface enp3s0f1, 10000 Mbps full duplex.
[ 27.423716] bonding: bond1: link status definitely up for interface enp131s0f0, 10000 Mbps full duplex.

[ 27.434165] device bond0.2004 entered promiscuous mode
[ 27.434692] ------------[ cut here ]------------
[ 27.434704] WARNING: CPU: 1 PID: 3942 at /build/linux-90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
[ 27.434708] netdevice: bond0.2004
[ 27.434708] failed to disable LRO!

[ 27.523777] bonding: bond0: link status down for interface enp131s0f1, disabling it in 1000 ms.
[ 28.916892] ixgbe 0000:83:00.1 enp131s0f1: NIC Link is Up 10 Gbps, Flow Control: RX/TX
[ 28.920854] bonding: bond0: link status up again after 1000 ms for interface enp131s0f1.
[ 29.020935] bonding: bond0: link status down for interface enp3s0f0, disabling it in 1000 ms.
[ 29.401337] ixgbe 0000:03:00.0 enp3s0f0: detected SFP+: 3
[ 29.541388] ixgbe 0000:03:00.0 enp3s0f0: NIC Link is Up 10 Gbps, Flow Control: RX/TX
[ 29.621400] bonding: bond0: link status up again after 600 ms for interface enp3s0f0.

[ 29.338269] device bond1.2001 entered promiscuous mode
[ 29.338689] ------------[ cut here ]------------
[ 29.338699] WARNING: CPU: 0 PID: 3944 at /build/linux-90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
[ 29.338702] netdevice: bond1.2001
[ 29.338702] failed to disable LRO!

[ 29.429252] bonding: bond1: link status down for interface enp3s0f1, disabling it in 1000 ms.
[ 29.824836] ixgbe 0000:03:00.1 enp3s0f1: detected SFP+: 4
[ 29.829564] bonding: bond1: link status down for interface enp131s0f0, disabling it in 1000 ms.
[ 30.069790] ixgbe 0000:03:00.1 enp3s0f1: NIC Link is Up 10 Gbps, Flow Control: RX/TX
[ 30.129796] bonding: bond1: link status up again after 700 ms for interface enp3s0f1.
[ 31.244068] IPv6: ADDRCONF(NETDEV_UP): br-mesh: link is not ready
[ 31.246724] ixgbe 0000:83:00.0 enp131s0f0: NIC Link is Up 10 Gbps, Flow Control: RX/TX
[ 31.250679] bonding: bond1: link status up again after 1000 ms for interface enp131s0f0.
[ 33.324580] device bond0 entered promiscuous mode
[ 33.324585] device enp131s0f1 entered promiscuous mode
[ 33.324995] de...

Read more...

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1771480

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: trusty
Gavin Guo (mimi0213kimo) wrote :

The warning message:

"failed to disable LRO!"

is coming from the function dev_disable_lro():

/**
 * dev_disable_lro - disable Large Receive Offload on a device
 * @dev: device
 *
 * Disable Large Receive Offload (LRO) on a net device. Must be
 * called under RTNL. This is needed if received packets may be
 * forwarded to another interface.
 */

dev_disable_lro()
        ...
        if (unlikely(dev->features & NETIF_F_LRO))
                netdev_WARN(dev, "failed to disable LRO!\n");
        ...

Likely relevant callers here:
bond_enslave()
        if (!(bond_dev->features & NETIF_F_LRO))
                dev_disable_lro(slave_dev);
br_add_if()
        dev_disable_lro(dev);

...
Looking like the second, from the trace.

I'd say if you can repro then turn on debug and also
dynamic debug on the files br_if.c and dev.c.

Possibly another issue with the device name? Is bond1.2001
a vlan interface?

Jay Vosburgh (jvosburgh) wrote :

The dev_disable_lro warning is happening due to some logic issues in the features code. The LRO on the VLAN (bond0.200, e.g.) that's being warned about does end up being disabled by a NETDEV_FEAT_CHANGE callback when the underlying bond0's features are updated, so the warning is spurious.

Tracing the dev_disable_lro -> netdev_update_features for the bond0.2004 VLAN, I see:

name="bond0" feat=219db89 hw_feat=20219cbe9 want_feat=20219cbe9 vlan_feat=198069

NETIF_F_LRO = 0x8000

dev_disable_lro
        wanted_features &= ~NETIF_F_LRO
        bond0.2004 wanted_features = 0x200194869 # no LRO

__netdev_update_features
        features = netdev_get_wanted_features
return (dev->features & ~dev->hw_features) | dev->wanted_features;
        (0x19d809 & ~0x23839487b) | 0x200194869
             ^LRO ^no LRO ^no LRO
        0x9000 | 0x200194869
$2 = 0x20019d869
            ^ LRO

vlan_dev_fix_features(dev, 0x20019d869) # has LRO

        struct net_device *real_dev = vlan_dev_priv(dev)->real_dev;
        netdev_features_t old_features = features;

        features &= real_dev->vlan_features; # 0x198069 has LRO
        features |= NETIF_F_RXCSUM; # 0x100198069 has LRO
        features &= real_dev->features; # 0x198009 has LRO

        features |= old_features & NETIF_F_SOFT_FEATURES; # save GSO / GRO
        features |= NETIF_F_LLTX;

        return features; # will have LRO

So, basically, LRO is set in the underlying bond0's features, so it ends up being kept in the VLAN device's features even though it wasn't in wanted_features. Later, dev_disable_lro will call dev_disable_lro on all the lower devices (the bond0 in this case), and the update of features for the bond0 will issue a NETDEV_FEAT_CHANGE callback to the bond0.2004 VLAN, which will then set the features correctly.

The Ubuntu 3.13 __netdev_update_features (called by dev_disable_lro via netdev_update_features) lacks additional logic found in later kernels to sync the features to lower devices. That presumably triggers the NETDEV_FEAT_CHANGE within the call to __netdev_update_features so that the bond0.2004 VLAN is updated before we return back to dev_disable_lro (but I haven't verified this).

I suspect the fix to eliminate the warning is to apply the "sync_lower:" block from a later kernel __netdev_update_features to 3.13, along with the netdev_sync_lower_features function it uses.

Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Incomplete → Triaged
Dan Streetman (ddstreet) on 2018-05-24
description: updated
Stefan Bader (smb) on 2018-06-04
Changed in linux (Ubuntu Trusty):
importance: Undecided → Medium
status: New → Triaged
Changed in linux (Ubuntu Trusty):
status: Triaged → Fix Committed
Brad Figg (brad-figg) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'. If the problem still exists, change the tag 'verification-needed-trusty' to 'verification-failed-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-trusty
Dan Streetman (ddstreet) wrote :

ubuntu@lp1771480:~$ uname -a
Linux lp1771480 3.13.0-151-generic #201-Ubuntu SMP Wed May 30 14:22:13 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@lp1771480:~$ dmesg | grep -m 1 -A 2 dev_disable_lro
[ 3.811702] WARNING: CPU: 2 PID: 1209 at /build/linux-qbUwJB/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
[ 3.811704] netdevice: bond0.2004
[ 3.811704] failed to disable LRO!

ubuntu@lp1771480:~$ uname -a
Linux lp1771480 3.13.0-153-generic #203-Ubuntu SMP Thu Jun 14 08:52:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
ubuntu@lp1771480:~$ dmesg | grep -m 1 -A 2 dev_disable_lro
ubuntu@lp1771480:~$

tags: added: verification-done-trusty
removed: verification-needed-trusty
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.13.0-153.203

---------------
linux (3.13.0-153.203) trusty; urgency=medium

  * linux: 3.13.0-153.203 -proposed tracker (LP: #1776819)

  * CVE-2018-3665 (x86)
    - x86/fpu: Print out whether we are doing lazy/eager FPU context switches
    - x86/fpu: Default eagerfpu=on on all CPUs
    - x86/fpu: Fix math emulation in eager fpu mode

linux (3.13.0-152.202) trusty; urgency=medium

  * linux: 3.13.0-152.202 -proposed tracker (LP: #1776350)

  * CVE-2017-15265
    - ALSA: seq: Fix use-after-free at creating a port

  * register on binfmt_misc may overflow and crash the system (LP: #1775856)
    - fs/binfmt_misc.c: do not allow offset overflow

  * CVE-2018-1130
    - dccp: check sk for closed state in dccp_sendmsg()
    - ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped

  * add_key04 in LTP syscall test cause kernel oops (NULL pointer dereference)
    with T kernel (LP: #1775316) // CVE-2017-12193
    - assoc_array: Fix a buggy node-splitting case

  * CVE-2017-12154
    - kvm: nVMX: Don't allow L2 to access the hardware CR8

  * CVE-2018-7757
    - scsi: libsas: fix memory leak in sas_smp_get_phy_events()

  * CVE-2018-6927
    - futex: Prevent overflow by strengthen input validation

  * FS-Cache: Assertion failed: FS-Cache: 6 == 5 is false (LP: #1774336)
    - SAUCE: CacheFiles: fix a read_waiter/read_copier race

  * CVE-2018-5803
    - sctp: verify size of a new chunk in _sctp_make_chunk()

  * WARNING: CPU: 28 PID: 34085 at /build/linux-
    90Gc2C/linux-3.13.0/net/core/dev.c:1433 dev_disable_lro+0x87/0x90()
    (LP: #1771480)
    - net/core: generic support for disabling netdev features down stack
    - SAUCE: Backport helper function netdev_upper_get_next_dev_rcu

  * CVE-2018-7755
    - SAUCE: floppy: Do not copy a kernel pointer to user memory in FDGETPRM ioctl

  * CVE-2018-5750
    - ACPI: sbshc: remove raw pointer from printk() message

 -- Stefan Bader <email address hidden> Thu, 14 Jun 2018 07:00:42 +0200

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments