group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1715812] Re: Neighbour confirmation broken, breaks ARP cache aging

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1715812@xxxxxxxxxxxxxxxxxx>
Date: Tue, 10 Oct 2017 08:22:22 -0000
Reply-to: Bug 1715812 <1715812@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug was fixed in the package linux - 4.10.0-37.41

---------------
linux (4.10.0-37.41) zesty; urgency=low

  * CVE-2017-1000255
    - SAUCE: powerpc/64s: Use emergency stack for kernel TM Bad Thing program
      checks
    - SAUCE: powerpc/tm: Fix illegal TM state in signal handler

linux (4.10.0-36.40) zesty; urgency=low

  * linux: 4.10.0-36.40 -proposed tracker (LP: #1718143)

  * Neighbour confirmation broken, breaks ARP cache aging (LP: #1715812)
    - sock: add sk_dst_pending_confirm flag
    - net: add dst_pending_confirm flag to skbuff
    - sctp: add dst_pending_confirm flag
    - tcp: replace dst_confirm with sk_dst_confirm
    - net: add confirm_neigh method to dst_ops
    - net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP
    - net: pending_confirm is not used anymore

  * SRIOV: warning if unload VFs (LP: #1715073)
    - PCI: Lock each enable/disable num_vfs operation in sysfs
    - PCI: Disable VF decoding before pcibios_sriov_disable() updates resources

  * Kernel has troule recognizing Corsair Strafe RGB keyboard (LP: #1678477)
    - usb: quirks: add delay init quirk for Corsair Strafe RGB keyboard

  * CVE-2017-14106
    - tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0

  * [CIFS] Fix maximum SMB2 header size (LP: #1713884)
    - CIFS: Fix maximum SMB2 header size

  * Middle button of trackpoint doesn't work (LP: #1715271)
    - Input: trackpoint - assume 3 buttons when buttons detection fails

  * Drop GPL from of_node_to_nid() export to match other arches (LP: #1709179)
    - powerpc: Drop GPL from of_node_to_nid() export to match other arches

  * vhost guest network randomly drops under stress (kvm) (LP: #1711251)
    - Revert "vhost: cache used event for better performance"

  * arm64 arch_timer fixes (LP: #1713821)
    - Revert "UBUNTU: SAUCE: arm64: arch_timer: Enable CNTVCT_EL0 trap if
      workaround is enabled"
    - arm64: arch_timer: Enable CNTVCT_EL0 trap if workaround is enabled
    - clocksource/arm_arch_timer: Fix arch_timer_mem_find_best_frame()
    - clocksource/drivers/arm_arch_timer: Fix read and iounmap of incorrect
      variable
    - clocksource/drivers/arm_arch_timer: Fix mem frame loop initialization
    - clocksource/drivers/arm_arch_timer: Avoid infinite recursion when ftrace is
      enabled

  * Touchpad not detected (LP: #1708852)
    - Input: elan_i2c - add ELAN0608 to the ACPI table

 -- Thadeu Lima de Souza Cascardo <cascardo@xxxxxxxxxxxxx>  Fri, 06 Oct
2017 16:45:48 -0300

** Changed in: linux (Ubuntu Zesty)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-1000255

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14106

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1715812

Title:
  Neighbour confirmation broken, breaks ARP cache aging

Status in linux package in Ubuntu:
  Confirmed
Status in linux source package in Xenial:
  Fix Committed
Status in linux source package in Zesty:
  Fix Released

Bug description:
  [SRU Justification]

  [Impact]
  A host can lose access to another host whose MAC address changes if they have active connections to other hosts that share a route. The ARP cache does not time out as expected - instead the old MAC address is continuously reconfirmed.

  [Fix]
  Apply series [1], which changes the algorithm for neighbour confirmation.
  That is, from upstream:
  51ce8bd4d17a net: pending_confirm is not used anymore 
  0dec879f636f net: use dst_confirm_neigh for UDP, RAW, ICMP, L2TP 
  63fca65d0863 net: add confirm_neigh method to dst_ops 
  c3a2e8370534 tcp: replace dst_confirm with sk_dst_confirm 
  c86a773c7802 sctp: add dst_pending_confirm flag 
  4ff0620354f2 net: add dst_pending_confirm flag to skbuff 
  9b8805a32559 sock: add sk_dst_pending_confirm flag 

  [Test case]
  Create 3 real or virtual systems, all hooked up to a switch.
  One system needs an active-backup bond with fail_over_mac=1 num_grat_arp=0.

  Put all the systems in the same subnet, e.g. 192.168.200.0/24

  Call the system with the bond A, and the other two systems B and C.

  On B, run in 3 shells:
   - netperf -t TCP_RR to C
   - ping -f A
   - watch 'ip -s neigh show 192.168.200.0/24'

  On A, cause the bond to fail over.

  Observe that:

   - without the patches, B intermittently fails to notice the change in
  A's MAC address. This presents as the ping failing and not recovering,
  and the arp table showing the old mac address never timing out and
  never being replace with a new mac address.

   - with the patches, the arp cache times out and B sends another mac
  probe and detects A's new address.

  It helps to use taskset to put ping and netperf on the same CPU, or
  use single-CPU vms.

  See [2] for more details.

  [References]
  [2] Original report: https://www.mail-archive.com/netdev@xxxxxxxxxxxxxxx/msg138762.html
  [1]: https://www.spinics.net/lists/linux-rdma/msg45907.html

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1715812/+subscriptions