Ubuntu
linux package

linux 4.15 currupts ipsec packets over non ethernet devices

  1. Bionic (18.04)
  2. Bug #1771276
Bug #1771276 reported by msaxl
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Triaged
Medium
Unassigned
Bionic
Confirmed
Medium
Unassigned

Bug Description

Linux 4.15 has a bug that currupts ipsec packets if they are received over a non ethernet interface.
This is a serve showstopper bug for me since it breaks my VPN setup and locks me out of my server.

see https://wiki.strongswan.org/issues/2571 and https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=87cdf3148b11

since 4.15 is already EOL, the only possibility is backporting the linked patch

Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1771276

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
msaxl (saxl) wrote :

There is no crash. All needed information is on https://wiki.strongswan.org/issues/2571 #6
The reason is explained https://wiki.strongswan.org/issues/2571 #17, so the issue is already resolved in 4.16, but since 4.15 is EOL and 4.14 did non have this issue and Ubuntu 18.04 is a LTS release you might consider applying https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=87cdf3148b11

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.17 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.17-rc5

Changed in linux (Ubuntu):
importance: Undecided → Medium
Changed in linux (Ubuntu Bionic):
status: New → Triaged
importance: Undecided → Medium
Changed in linux (Ubuntu):
status: Confirmed → Triaged
tags: added: kernel-da-key
tags: added: bionic
Revision history for this message
msaxl (saxl) wrote :

upstream works

it was included upstream here: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=87cdf3148b11d46382dbce2754ae7036aba96380

somehow they did non backport it to 4.15 (the only version that is affected)

tags: added: kernel-fixed-upstream
msaxl (saxl)
Changed in linux (Ubuntu Bionic):
status: Triaged → Confirmed
Revision history for this message
Michael Wingender (mwingender) wrote :

Will this bug be fixed? As 18.04 is an LTS release this might make sense!?

Revision history for this message
CalderCoalson (ccoal) wrote :

Any movement on this?

Brad Figg (brad-figg)
tags: added: cscc
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.