kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #162215
[Bug 1486670] Re: using ipsec, many connections result in no buffer space error
This bug was fixed in the package linux - 3.13.0-79.123
---------------
linux (3.13.0-79.123) trusty; urgency=low
[ Seth Forshee ]
* SAUCE: cred: Add clone_cred() interface
- LP: #1534961, #1535150
- CVE-2016-1575 CVE-2016-1576
* SAUCE: overlayfs: Use mounter's credentials instead of full kernel
credentials
- LP: #1534961, #1535150
- CVE-2016-1575 CVE-2016-1576
* SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.*
xattrs
- LP: #1534961, #1535150
- CVE-2016-1575 CVE-2016-1576
* SAUCE: overlayfs: Be more careful about copying up sxid files
- LP: #1534961, #1535150
- CVE-2016-1575 CVE-2016-1576
* SAUCE: overlayfs: Propogate nosuid from lower and upper mounts
- LP: #1534961, #1535150
- CVE-2016-1575 CVE-2016-1576
linux (3.13.0-78.122) trusty; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1540559
[ Eric Dumazet ]
* SAUCE: (no-up) udp: properly support MSG_PEEK with truncated buffers
- LP: #1527902
[ J. R. Okajima ]
* SAUCE: ubuntu: aufs: tiny, extract a new func xino_fwrite_wkq()
- LP: #1533043
* SAUCE: ubuntu: aufs: for 4.3, XINO handles EINTR from the dying process
- LP: #1533043
[ Upstream Kernel Changes ]
* Revert "[stable-only] net: add length argument to
skb_copy_and_csum_datagram_iovec"
- LP: #1538756
* unregister_netdevice : move RTM_DELLINK to until after ndo_uninit
- LP: #1525324
* rtnetlink: delay RTM_DELLINK notification until after ndo_uninit()
- LP: #1525324
* Drivers: hv: Eliminate the channel spinlock in the callback path
- LP: #1519897
* Drivers: hv: vmbus: Implement per-CPU mapping of relid to channel
- LP: #1519897
* Drivers: hv: vmbus: Suport an API to send pagebuffers with additional
control
- LP: #1519897
* Drivers: hv: vmbus: Suport an API to send packet with additional
control
- LP: #1519897
* Drivers: hv: vmbus: Export the vmbus_sendpacket_pagebuffer_ctl()
- LP: #1519897
* Drivers: hv: vmbus: Fix a siganlling host signalling issue
- LP: #1519897
* Drivers: hv: vmbus: Fix a Host signaling bug
- LP: #1519897
* ARC: Fix silly typo in MAINTAINERS file
- LP: #1538756
* ip6mr: call del_timer_sync() in ip6mr_free_table()
- LP: #1538756
* gre6: allow to update all parameters via rtnl
- LP: #1538756
* atl1c: Improve driver not to do order 4 GFP_ATOMIC allocation
- LP: #1538756
* sctp: use the same clock as if sock source timestamps were on
- LP: #1538756
* sctp: update the netstamp_needed counter when copying sockets
- LP: #1538756
* ipv6: sctp: clone options to avoid use after free
- LP: #1538756
* net: add validation for the socket syscall protocol argument
- LP: #1538756
* sh_eth: fix kernel oops in skb_put()
- LP: #1538756
* pptp: verify sockaddr_len in pptp_bind() and pptp_connect()
- LP: #1538756
* bluetooth: Validate socket address length in sco_sock_bind().
- LP: #1538756
* af_unix: Revert 'lock_interruptible' in stream receive code
- LP: #1538756
* KEYS: Fix race between read and revoke
- LP: #1538756
* tools: Add a "make all" rule
- LP: #1538756
* efi: Disable interrupts around EFI calls, not in the epilog/prolog
calls
- LP: #1538756
* net: ipmr: fix static mfc/dev leaks on table destruction
- LP: #1538756
* fuse: break infinite loop in fuse_fill_write_pages()
- LP: #1538756
* usb: gadget: pxa27x: fix suspend callback
- LP: #1538756
* iio: fix some warning messages
- LP: #1538756
* USB: cp210x: Remove CP2110 ID from compatibility list
- LP: #1538756
* USB: cdc_acm: Ignore Infineon Flash Loader utility
- LP: #1538756
* USB: serial: Another Infineon flash loader USB ID
- LP: #1538756
* ext4: Fix handling of extended tv_sec
- LP: #1538756
* jbd2: Fix unreclaimed pages after truncate in data=journal mode
- LP: #1538756
* drm/ttm: Fixed a read/write lock imbalance
- LP: #1538756
* i2c: mv64xxx: The n clockdiv factor is 0 based on sunxi SoCs
- LP: #1538756
* AHCI: Fix softreset failed issue of Port Multiplier
- LP: #1538756
* sata_sil: disable trim
- LP: #1538756
* staging: lustre: echo_copy.._lsm() dereferences userland pointers
directly
- LP: #1538756
* irqchip/versatile-fpga: Fix PCI IRQ mapping on Versatile PB
- LP: #1538756
* usb: core : hub: Fix BOS 'NULL pointer' kernel panic
- LP: #1538756
* USB: whci-hcd: add check for dma mapping error
- LP: #1538756
* usb: Use the USB_SS_MULT() macro to decode burst multiplier for log
message
- LP: #1538756
* dm btree: fix leak of bufio-backed block in btree_split_sibling error
path
- LP: #1538756
* SCSI: Fix NULL pointer dereference in runtime PM
- LP: #1538756
* usb: xhci: fix config fail of FS hub behind a HS hub with MTT
- LP: #1538756
* ALSA: rme96: Fix unexpected volume reset after rate changes
- LP: #1538756
* ALSA: hda - Add inverted dmic for Packard Bell DOTS
- LP: #1523232, #1538756
* virtio: fix memory leak of virtio ida cache layers
- LP: #1538756
* 9p: ->evict_inode() should kick out ->i_data, not ->i_mapping
- LP: #1538756
* radeon/cik: Fix GFX IB test on Big-Endian
- LP: #1538756
* crypto: skcipher - Copy iv from desc even for 0-len walks
- LP: #1538756
* dm thin metadata: fix bug when taking a metadata snapshot
- LP: #1538756
* dm space map metadata: fix ref counting bug when bootstrapping a new
space map
- LP: #1538756
* ipmi: move timer init to before irq is setup
- LP: #1538756
* KVM: PPC: Book3S HV: Prohibit setting illegal transaction state in MSR
- LP: #1538756
* rfkill: copy the name into the rfkill struct
- LP: #1538756
* dm btree: fix bufio buffer leaks in dm_btree_del() error path
- LP: #1538756
* ses: Fix problems with simple enclosures
- LP: #1538756
* vgaarb: fix signal handling in vga_get()
- LP: #1538756
* ses: fix additional element traversal bug
- LP: #1538756
* xhci: fix usb2 resume timing and races.
- LP: #1538756
* USB: add quirk for devices with broken LPM
- LP: #1538756
* powercap / RAPL: fix BIOS lock check
- LP: #1538756
* parisc iommu: fix panic due to trying to allocate too large region
- LP: #1538756
* mm, vmstat: allow WQ concurrency to discover memory reclaim doesn't
make any progress
- LP: #1538756
* mm: hugetlb: call huge_pte_alloc() only if ptep is null
- LP: #1538756
* drivers/base/memory.c: prohibit offlining of memory blocks with missing
sections
- LP: #1538756
* sh64: fix __NR_fgetxattr
- LP: #1538756
* n_tty: Fix poll() after buffer-limited eof push read
- LP: #1538756
* tty: Fix GPF in flush_to_ldisc()
- LP: #1538756
* genirq: Prevent chip buslock deadlock
- LP: #1538756
* ALSA: usb-audio: Add a more accurate volume quirk for AudioQuest
DragonFly
- LP: #1538756
* ARM: 8471/1: need to save/restore arm register(r11) when it is
corrupted
- LP: #1538756
* spi: fix parent-device reference leak
- LP: #1538756
* scripts: recordmcount: break hardlinks
- LP: #1538756
* ftrace/scripts: Have recordmcount copy the object file
- LP: #1538756
* ARC: dw2 unwind: Reinstante unwinding out of modules
- LP: #1538756
* ARC: dw2 unwind: Ignore CIE version !=1 gracefully instead of bailing
- LP: #1538756
* ALSA: hda - Set SKL+ hda controller power at freeze() and thaw()
- LP: #1538756
* s390/dis: Fix handling of format specifiers
- LP: #1538756
* USB: ipaq.c: fix a timeout loop
- LP: #1538756
* USB: fix invalid memory access in hub_activate()
- LP: #1538756
* x86/mce: Ensure offline CPUs don't participate in rendezvous process
- LP: #1538756
* parisc: Fix syscall restarts
- LP: #1538756
* ALSA: hda/realtek - Fix silent headphone output on MacPro 4,1 (v2)
- LP: #1538756
* ASoC: arizona: Fix bclk for sample rates that are multiple of 4kHz
- LP: #1538756
* mm/memory_hotplug.c: check for missing sections in
test_pages_in_a_zone()
- LP: #1538756
* ftrace/scripts: Fix incorrect use of sprintf in recordmcount
- LP: #1538756
* tracing: Fix setting of start_index in find_next()
- LP: #1538756
* async_tx: use GFP_NOWAIT rather than GFP_IO
- LP: #1538756
* dts: vt8500: Add SDHC node to DTS file for WM8650
- LP: #1538756
* ftrace/module: Call clean up function when module init fails early
- LP: #1538756
* vmstat: allocate vmstat_wq before it is used
- LP: #1538756
* firmware: dmi_scan: Fix UUID endianness for SMBIOS >= 2.6
- LP: #1538756
* kvm: x86: only channel 0 of the i8254 is linked to the HPET
- LP: #1538756
* ipv6/addrlabel: fix ip6addrlbl_get()
- LP: #1538756
* net: fix warnings in 'make htmldocs' by moving macro definition out of
field declaration
- LP: #1538756
* ser_gigaset: fix deallocation of platform device structure
- LP: #1538756
* pinctrl: bcm2835: Fix initial value for direction_output
- LP: #1538756
* mISDN: fix a loop count
- LP: #1538756
* sh_eth: fix TX buffer byte-swapping
- LP: #1538756
* qlcnic: fix a timeout loop
- LP: #1538756
* net: phy: mdio-mux: Check return value of mdiobus_alloc()
- LP: #1538756
* include/linux/mmdebug.h: should include linux/bug.h
- LP: #1538756
* net: possible use after free in dst_release
- LP: #1538756
* Linux 3.13.11-ckt33
- LP: #1538756
* xfrm: dst_entries_init() per-net dst_ops
- LP: #1486670
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Fri, 19 Feb 2016
13:14:25 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1486670
Title:
using ipsec, many connections result in no buffer space error
Status in linux package in Ubuntu:
In Progress
Status in linux source package in Precise:
Invalid
Status in linux source package in Trusty:
Fix Released
Status in linux source package in Vivid:
Fix Released
Status in linux source package in Wily:
Fix Released
Bug description:
Reproduction info:
set up two LXC containers (although this probably isn't specific to
LXC containers), and inside each setup ipsec with something similar
to:
conn nodeN
aggressive=yes
authby=secret
auto=start
closeaction=restart
dpdaction=restart
esp=aes256-aes256gmac-modp1024
ike=aes256-sha512-modp1024
keyexchange=ikev2
left=10.0.3.145
leftid=10.0.3.145
lifetime=12h
reauth=no
right=10.0.3.199
type=transport
then repeatedly open connections to the peer, e.g.:
while true; do ping -c1 10.0.3.199 ; sleep 0.1 ; done
eventually, the connections will fail with:
connect: No buffer space available
the reproduction can be sped up by reducing the xfrm4_gc_thresh, e.g.:
echo 5 > /proc/sys/net/ipv4/xfrm4_gc_thresh
Once the error occurs, no more connections can be made to the peer (all fail with no buffer space available), however after a long period (e.g. overnight) the buffers will be cleaned up and connections can be made again.
this happens even on the latest net-next kernel.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1486670/+subscriptions
References