← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1827916] Re: Enable eBPF JIT in the linux-azure kernels

 

This bug was fixed in the package linux-azure - 4.15.0-1049.54

---------------
linux-azure (4.15.0-1049.54) xenial; urgency=medium

  * linux-azure: 4.15.0-1049.54 -proposed tracker (LP: #1834091)

  * Upstream Commits Needed for DPDK on Azure (LP: #1812123)
    - uio: document uio_hv_generic regions
    - uio_hv_generic: create send and receive buffers
    - uio_hv_generic: add rescind support
    - uio_hv_generic: support sub-channels
    - uio_hv_generic: fix subchannel ring mmap
    - uio_hv_generic: use standard mmap for resources
    - vmbus: keep pointer to ring buffer page
    - uio: introduce UIO_MEM_IOVA
    - hv_uio_generic: map ringbuffer phys addr
    - uio_hv_generic: use ISR callback method
    - uio_hv_generic: use correct channel in isr
    - uio_hv_generic: make ring buffer attribute for primary channel
    - uio_hv_generic: defer opening vmbus until first use
    - uio_hv_generic: set callbacks on open
    - vmbus: pass channel to hv_process_channel_removal
    - vmbus: split ring buffer allocation from open
    - vmbus: fix subchannel removal

  * Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
    - [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m

  * [linux-azure] Please Include Mainline Commit ebaf39e6032f  in the 16.04 and
    18.04 linux-azure kernels (LP: #1830266)
    - ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes

  * [linux-azure] Commits Requested in 16.04 for the Azure Kernel (LP: #1830242)
    - blk-mq: remove the request_list usage
    - nvme-pci: remove cq check after submission
    - nvme-pci: split the nvme queue lock into submission and completion locks

  * [Packaging] Improve config annotations check on custom kernels
    (LP: #1820075)
    - [Config] linux-azure: Include custom annotations files

  [ Ubuntu: 4.15.0-54.58 ]

  * linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
  * Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
    manipulation (LP: #1831638) // CVE-2019-11478
    - tcp: refine memory limit test in tcp_fragment()
  * CVE-2019-11479
    - SAUCE: tcp: add tcp_min_snd_mss sysctl
    - SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()

 -- Marcelo Henrique Cerri <marcelo.cerri@xxxxxxxxxxxxx>  Mon, 24 Jun
2019 17:44:20 -0300

** Changed in: linux-azure (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11478

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11479

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1827916

Title:
  Enable eBPF JIT in the linux-azure kernels

Status in linux-azure package in Ubuntu:
  New
Status in linux-azure source package in Xenial:
  Fix Released
Status in linux-azure source package in Cosmic:
  Fix Committed
Status in linux-azure source package in Disco:
  Fix Committed

Bug description:
  eBPF is available as of kernel version 4.15, which is used on AKS nodes.
  Enabling JIT eBPF (built-in kernel feature) will speed-up execution of eBPF aware tools.
  eBPF JIT is controlled by the file /proc/sys/net/core/bpf_jit_enable.
  More details for eBPF JIT - https://www.kernel.org/doc/Documentation/sysctl/net.txt
   
  The file /proc/sys/net/core/bpf_jit_enable is not present on AKS nodes.  

  Also, to support eBPF in AKS, we are requesting to switch the mlx* and
  ib* drivers to loadable modules instead of static.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1827916/+subscriptions