bonded interfaces in bridge do not have LRO turned off
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Undecided
|
Dan Streetman | ||
Trusty |
Fix Released
|
Undecided
|
Dan Streetman | ||
linux-lts-utopic (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
The "large receive offload" functionality of some NICs is not compatible with packet forwarding, because it modifies incoming packets in an irreversible way so the packets can't be correctly forwarded across the bridge. When an interface is added to a bridge, the kernel automatically disables LRO via dev_disable_lro(), however in trusty this only works for normal interfaces (or vlan/macvlan) added to a bridge. When interfaces belong to a bond, and the bond is added to a bridge, the interfaces' LRO is not disabled, and (some) incoming packets are modified by LRO and then lost when passing through the bridge.
Commit fbe168ba91f7c32
CVE References
Changed in linux (Ubuntu): | |
assignee: | nobody → Dan Streetman (ddstreet) |
status: | New → Fix Released |
status: | Fix Released → In Progress |
Changed in linux (Ubuntu Trusty): | |
assignee: | nobody → Dan Streetman (ddstreet) |
status: | New → In Progress |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
Changed in linux (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | New → Fix Committed |
Changed in linux-lts-utopic (Ubuntu): | |
status: | New → Won't Fix |
status: | Won't Fix → Fix Released |
tags: | added: cscc |
This can be reproduced on any system with a nic that supports lro. For example:
$ sudo ethtool -k eth5 | grep large-receive- offload offload: on
large-receive-
$ sudo modprobe bonding
$ sudo ifenslave bond0 eth5
$ sudo brctl addbr br0
$ sudo brctl addif br0 bond0
without the patch, lro will still be on:
$ sudo ethtool -k eth5 | grep large-receive- offload offload: on
large-receive-
with the patch, lro will automatically get disabled when the bond is added to the bridge:
$ sudo ethtool -k eth5 | grep large-receive- offload offload: off
large-receive-