kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #86953
[Bug 1349768] Re: kernel 3.13.0-32 ipvs "IPv6 header not found" related to UDP socket sendto() EPERM errors
This bug was fixed in the package linux - 3.13.0-39.66
---------------
linux (3.13.0-39.66) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1386629
[ Upstream Kernel Changes ]
* KVM: x86: Check non-canonical addresses upon WRMSR
- LP: #1384539
- CVE-2014-3610
* KVM: x86: Prevent host from panicking on shared MSR writes.
- LP: #1384539
- CVE-2014-3610
* KVM: x86: Improve thread safety in pit
- LP: #1384540
- CVE-2014-3611
* KVM: x86: Fix wrong masking on relative jump/call
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Warn if guest virtual address space is not 48-bits
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Emulator fixes for eip canonical checks on near branches
- LP: #1384545
- CVE-2014-3647
* KVM: x86: emulating descriptor load misses long-mode case
- LP: #1384545
- CVE-2014-3647
* KVM: x86: Handle errors when RIP is set during far jumps
- LP: #1384545
- CVE-2014-3647
* kvm: vmx: handle invvpid vm exit gracefully
- LP: #1384544
- CVE-2014-3646
* Input: synaptics - gate forcepad support by DMI check
- LP: #1381815
linux (3.13.0-38.65) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1379244
[ Andy Whitcroft ]
* Revert "SAUCE: scsi: hyper-v storsvc switch up to SPC-3"
- LP: #1354397
* [Config] linux-image-extra is additive to linux-image
- LP: #1375310
* [Config] linux-image-extra postrm is not needed on purge
- LP: #1375310
[ Upstream Kernel Changes ]
* Revert "KVM: x86: Increase the number of fixed MTRR regs to 10"
- LP: #1377564
* Revert "USB: option,zte_ev: move most ZTE CDMA devices to zte_ev"
- LP: #1377564
* aufs: bugfix, stop calling security_mmap_file() again
- LP: #1371316
* ipvs: fix ipv6 hook registration for local replies
- LP: #1349768
* Drivers: add blist flags
- LP: #1354397
* sd: fix a bug in deriving the FLUSH_TIMEOUT from the basic I/O timeout
- LP: #1354397
* drm/i915/bdw: Add 42ms delay for IPS disable
- LP: #1374389
* drm/i915: add null render states for gen6, gen7 and gen8
- LP: #1374389
* drm/i915/bdw: 3D_CHICKEN3 has write mask bits
- LP: #1374389
* drm/i915/bdw: Disable idle DOP clock gating
- LP: #1374389
* drm/i915: call lpt_init_clock_gating on BDW too
- LP: #1374389
* drm/i915: shuffle panel code
- LP: #1374389
* drm/i915: extract backlight minimum brightness from VBT
- LP: #1374389
* drm/i915: respect the VBT minimum backlight brightness
- LP: #1374389
* drm/i915/bdw: Apply workarounds in render ring init function
- LP: #1374389
* drm/i915/bdw: Cleanup pre prod workarounds
- LP: #1374389
* drm/i915: Replace hardcoded cacheline size with macro
- LP: #1374389
* drm/i915: Refactor Broadwell PIPE_CONTROL emission into a helper.
- LP: #1374389
* drm/i915: Add the WaCsStallBeforeStateCacheInvalidate:bdw workaround.
- LP: #1374389
* drm/i915/bdw: Remove BDW preproduction W/As until C stepping.
- LP: #1374389
* mptfusion: enable no_write_same for vmware scsi disks
- LP: #1371591
* iommu/amd: Fix cleanup_domain for mass device removal
- LP: #1375266
* cifs: mask off top byte in get_rfc1002_length()
- LP: #1372482
* Input: synaptics - add support for ForcePads
- LP: #1377564
* ASoC: pxa-ssp: drop SNDRV_PCM_FMTBIT_S24_LE
- LP: #1377564
* drm/radeon: add bapm module parameter
- LP: #1377564
* drm/radeon: Add missing lines to ci_set_thermal_temperature_range
- LP: #1377564
* drm/radeon: Add ability to get and change dpm state when radeon PX card
is turned off
- LP: #1377564
* ALSA: hda/realtek - Avoid setting wrong COEF on ALC269 & co
- LP: #1377564
* of/irq: Fix lookup to use 'interrupts-extended' property first
- LP: #1377564
* Possible null ptr deref in SMB2_tcon
- LP: #1377564
* CIFS: Fix SMB2 readdir error handling
- LP: #1377564
* CIFS: Fix wrong directory attributes after rename
- LP: #1377564
* md/raid6: avoid data corruption during recovery of double-degraded
RAID6
- LP: #1377564
* ARM: dts: i.MX53: fix apparent bug in VPU clks
- LP: #1377564
* pata_scc: propagate return value of scc_wait_after_reset
- LP: #1377564
* libata: widen Crucial M550 blacklist matching
- LP: #1377564
* ALSA: hda - restore the gpio led after resume
- LP: #1358116, #1377564
* md/raid10: fix memory leak when reshaping a RAID10.
- LP: #1377564
* md/raid10: Fix memory leak when raid10 reshape completes.
- LP: #1377564
* MIPS: OCTEON: make get_system_type() thread-safe
- LP: #1377564
* can: c_can: checking IS_ERR() instead of NULL
- LP: #1377564
* HID: logitech: perform bounds checking on device_id early enough
- LP: #1377564
* firmware: Do not use WARN_ON(!spin_is_locked())
- LP: #1377564
* drm/radeon: add new KV pci id
- LP: #1377564
* drm/radeon: add new bonaire pci ids
- LP: #1377564
* drm/radeon: add additional SI pci ids
- LP: #1377564
* ibmveth: Fix endian issues with rx_no_buffer statistic
- LP: #1377564
* spi/omap-mcspi: Fix the spi task hangs waiting dma_rx
- LP: #1377564
* xtensa: replace IOCTL code definitions with constants
- LP: #1377564
* xtensa: fix address checks in dma_{alloc,free}_coherent
- LP: #1377564
* xtensa: fix access to THREAD_RA/THREAD_SP/THREAD_DS
- LP: #1377564
* xtensa: fix TLBTEMP_BASE_2 region handling in fast_second_level_miss
- LP: #1377564
* xtensa: fix a6 and a7 handling in fast_syscall_xtensa
- LP: #1377564
* staging: lustre: Remove circular dependency on header
- LP: #1377564
* USB: option: reduce interrupt-urb logging verbosity
- LP: #1377564
* USB: option: add VIA Telecom CDS7 chipset device id
- LP: #1377564
* USB: zte_ev: remove duplicate Gobi PID
- LP: #1377564
* USB: zte_ev: remove duplicate Qualcom PID
- LP: #1377564
* USB: ftdi_sio: add Basic Micro ATOM Nano USB2Serial PID
- LP: #1377564
* USB: serial: pl2303: add device id for ztek device
- LP: #1377564
* USB: ftdi_sio: Added PID for new ekey device
- LP: #1377564
* xhci: Treat not finding the event_seg on COMP_STOP the same as
COMP_STOP_INVAL
- LP: #1377564
* usb: xhci: amd chipset also needs short TX quirk
- LP: #1377564
* xhci: rework cycle bit checking for new dequeue pointers
- LP: #1377564
* spi/pxa2xx: Add ACPI ID for Intel Braswell
- LP: #1377564
* ALSA: core: fix buffer overflow in snd_info_get_line()
- LP: #1377564
* HID: logitech-dj: prevent false errors to be shown
- LP: #1377564
* usb: ehci: using wIndex + 1 for hub port
- LP: #1377564
* staging/rtl8188eu: add 0df6:0076 Sitecom Europe B.V.
- LP: #1377564
* staging: r8188eu: Add new USB ID
- LP: #1377564
* mtd: nand: omap: Fix 1-bit Hamming code scheme, omap_calculate_ecc()
- LP: #1377564
* trace: Fix epoll hang when we race with new entries
- LP: #1377564
* cfq-iosched: Fix wrong children_weight calculation
- LP: #1377564
* USB: sisusb: add device id for Magic Control USB video
- LP: #1377564
* NFSv4: Fix problems with close in the presence of a delegation
- LP: #1377564
* usb: hub: Prevent hub autosuspend if usbcore.autosuspend is -1
- LP: #1377564
* ARM: 8128/1: abort: don't clear the exclusive monitors
- LP: #1377564
* ARM: 8129/1: errata: work around Cortex-A15 erratum 830321 using dummy
strex
- LP: #1377564
* USB: serial: fix potential stack buffer overflow
- LP: #1377564
* USB: serial: fix potential heap buffer overflow
- LP: #1377564
* ext4: update i_disksize coherently with block allocation on error path
- LP: #1377564
* jbd2: fix infinite loop when recovering corrupt journal blocks
- LP: #1377564
* jbd2: fix descriptor block size handling errors with journal_csum
- LP: #1377564
* memblock, memhotplug: fix wrong type in memblock_find_in_range_node().
- LP: #1377564
* xattr: fix check for simultaneous glibc header inclusion
- LP: #1377564
* KVM: s390: Fix user triggerable bug in dead code
- LP: #1377564
* KVM: s390/mm: try a cow on read only pages for key ops
- LP: #1377564
* regmap: Fix regcache debugfs initialization
- LP: #1377564
* regmap: Fix handling of volatile registers for format_write() chips
- LP: #1377564
* ASoC: rt5640: Do not allow regmap to use bulk read-write operations
- LP: #1377564
* drm/i915: Remove bogus __init annotation from DMI callbacks
- LP: #1377564
* hwmon: (ds1621) Update zbits after conversion rate change
- LP: #1377564
* arm64: ptrace: fix compat hardware watchpoint reporting
- LP: #1377564
* ARM/ARM64: KVM: Nuke Hyp-mode tlbs before enabling MMU
- LP: #1377564
* arm/arm64: KVM: Complete WFI/WFE instructions
- LP: #1377564
* get rid of propagate_umount() mistakenly treating slaves as busy.
- LP: #1377564
* fix EBUSY on umount() from MNT_SHRINKABLE
- LP: #1377564
* regmap: Don't attempt block writes when syncing cache on single_rw
devices
- LP: #1377564
* drm/vmwgfx: Fix a potential infinite spin waiting for fifo idle
- LP: #1377564
* ALSA: hda - Fix digital mic on Acer Aspire 3830TG
- LP: #1377564
* xfs: don't dirty buffers beyond EOF
- LP: #1377564
* xfs: don't zero partial page cache pages during O_DIRECT writes
- LP: #1377564
* xfs: don't zero partial page cache pages during O_DIRECT writes
- LP: #1377564
* ALSA: hda - Fix COEF setups for ALC1150 codec
- LP: #1377564
* i2c: rcar: fix MNR interrupt handling
- LP: #1377564
* i2c: mv64xxx: continue probe when clock-frequency is missing
- LP: #1377564
* i2c: at91: Fix a race condition during signal handling in
at91_do_twi_xfer.
- LP: #1377564
* i2c: at91: add bound checking on SMBus block length bytes
- LP: #1377564
* aio: add missing smp_rmb() in read_events_ring
- LP: #1377564
* KEYS: Fix use-after-free in assoc_array_gc()
- LP: #1377564
* ACPI / cpuidle: fix deadlock between cpuidle_lock and cpu_hotplug.lock
- LP: #1377564
* USB: fix build error with CONFIG_PM_RUNTIME disabled
- LP: #1377564
* Linux 3.13.11.8
- LP: #1377564
* powerpc: Fix kdump hang issue on p8 with relocation on exception
enabled.
- LP: #1352056
* net-gre-gro: Fix a bug that breaks the forwarding path
- LP: #1377851
-- Luis Henriques <luis.henriques@xxxxxxxxxxxxx> Tue, 28 Oct 2014 10:29:51 +0000
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3610
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3611
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3646
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-3647
** Changed in: linux (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1349768
Title:
kernel 3.13.0-32 ipvs "IPv6 header not found" related to UDP socket
sendto() EPERM errors
Status in “linux” package in Ubuntu:
Fix Released
Status in “linux” source package in Trusty:
Fix Released
Status in “linux” source package in Utopic:
Fix Released
Bug description:
SRU Justificaton:
[Impact]
Users of ipvs may encounter dropped packets and message such as:
[70325.516724] IPv6 header not found
[Fix]
Commit eb90b0c734ad793d5f5bf230a9e9a4dcc48df8aa.
[Regression Potential]
This changes NFPROTO_IPV4 to NFPROTO_IPV6 as we'd expect this nf_hook_ops struct to be in the code.
--
I have an Ubuntu 14.04 host that I am using as both a keepalived/ipvs
loadbalancer and dnsmasq server for pxebooting servers.
After updating linux-image 3.13.0-29.53 -> 3.13.0-32.57 I noticed that
dnsmasq-tftp stopped working. pxeboot clients would hang on the
"Loading ..../linux" TFTP transfer, with the transfer stalling roughly
~1000 blocks into the transfer:
10:30:51.011728 IP 10.1.1.2.43540 > 10.1.12.1.49165: UDP, length 1412
10:30:51.011924 IP 10.1.12.1.49165 > 10.1.1.2.43540: UDP, length 4
10:30:51.012012 IP 10.1.1.2.43540 > 10.1.12.1.49165: UDP, length 1412
10:30:51.012183 IP 10.1.12.1.49165 > 10.1.1.2.43540: UDP, length 4
stracing dnsmasq I noticed something very odd: sendto() on the
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) would suddenly start
persistently returning EPERM in mid-transfer, even when dnsmasq
continued to periodically retry:
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 1 (in [17], left {0, 249834})
recvfrom(17, "\0\4\3\352", 4096, 0, NULL, NULL) = 4
lseek(16, 1410816, SEEK_SET) = 1410816
read(16, "\25\306\345f\2{\r\4)W\276\32\336q\252_\230q\213\341U\354\25\374k7\243\32\221X+\v"..., 1408) = 1408
sendto(17, "\0\3\3\353\25\306\345f\2{\r\4)W\276\32\336q\252_\230q\213\341U\354\25\374k7\243\32"..., 1412, 0, {sa_family=AF_INET, sin_port=htons(49165), sin_addr=inet_addr("10.1.11.3")}, 16) = 1412
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 1 (in [17], left {0, 249839})
recvfrom(17, "\0\4\3\353", 4096, 0, NULL, NULL) = 4
lseek(16, 1412224, SEEK_SET) = 1412224
read(16, "*\360 <C\363l\320:\256~\307\236\26P\323\274%\260\362\341&\232\r\243\370\224\277\221\\\307\372"..., 1408) = 1408
sendto(17, "\0\3\3\354*\360 <C\363l\320:\256~\307\236\26P\323\274%\260\362\341&\232\r\243\370\224\277"..., 1412, 0, {sa_family=AF_INET, sin_port=htons(49165), sin_addr=inet_addr("10.1.11.3")}, 16) = -1 EPERM (Operation not permitted)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
select(18, [4 5 6 7 8 9 10 11 12 15 17], [], [], {0, 250000}) = 0 (Timeout)
lseek(16, 1412224, SEEK_SET) = 1412224
read(16, "*\360 <C\363l\320:\256~\307\236\26P\323\274%\260\362\341&\232\r\243\370\224\277\221\\\307\372"..., 1408) = 1408
sendto(17, "\0\3\3\354*\360 <C\363l\320:\256~\307\236\26P\323\274%\260\362\341&\232\r\243\370\224\277"..., 1412, 0, {sa_family=AF_INET, sin_port=htons(49165), sin_addr=inet_addr("10.1.11.3")}, 16) = -1 EPERM (Operation not permitted)
This was with all iptables rules unloaded (so no OUTPUT -j DENY) and
apparmor profiles torn down.
I also noticed the following dmesgs appearing at roughly similar times
to the tftp transfers getting stuck (although not coinciding exactly
with the stall):
[70325.516724] IPv6 header not found
The error pointed to ipvs (which I am using on the same host as an IPv4 NAT loadbalancer):
http://archive.linuxvirtualserver.org/html/lvs-devel/2012-08/msg00018.html
http://comments.gmane.org/gmane.comp.linux.lvs.devel/3614
I then tore down the ipvs rules (service keepalived stop) and unloaded
the modules (rmmod ip_vs_rr ip_vs), and the issue resolved itself -
the stalled dnsmasq-tftp transfer resumed!
This seems to be reproducible, i.e. modprobing ip_vs and starting
keepalived will cause dnsmasq-tftp to stall again, and
stopping/unloading will resume.
This seems to happen reproducibly on boot with -32 and -30. This does NOT seem to happen with 3.13.0-29 which I was using up until now.
---
AlsaDevices:
total 0
crw-rw---- 1 root audio 116, 1 Jul 29 13:43 seq
crw-rw---- 1 root audio 116, 33 Jul 29 13:43 timer
AplayDevices: Error: [Errno 2] No such file or directory
ApportVersion: 2.14.1-0ubuntu3.2
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
CRDA: Error: [Errno 2] No such file or directory
DistroRelease: Ubuntu 14.04
HibernationDevice: RESUME=/dev/mapper/catcp2-swap
InstallationDate: Installed on 2014-06-03 (56 days ago)
InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2)
MachineType: Dell Inc. PowerEdge R410
Package: linux-image-3.13.0-32-generic 3.13.0-32.57
PackageArchitecture: amd64
PciMultimedia:
ProcEnviron:
TERM=xterm
PATH=(custom, no user)
LANG=C.UTF-8
SHELL=/bin/bash
ProcFB:
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.13.0-32-generic root=/dev/mapper/hostname-root ro console=ttyS1,115200n8 console=tty0 nomdmonddf nomdmonisw
ProcVersionSignature: Ubuntu 3.13.0-32.57-generic 3.13.11.4
RelatedPackageVersions:
linux-restricted-modules-3.13.0-32-generic N/A
linux-backports-modules-3.13.0-32-generic N/A
linux-firmware 1.127.5
RfKill: Error: [Errno 2] No such file or directory
Tags: trusty
Uname: Linux 3.13.0-32-generic x86_64
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups:
_MarkForUpload: True
dmi.bios.date: 07/30/2013
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.12.0
dmi.board.name: 01V648
dmi.board.vendor: Dell Inc.
dmi.board.version: A03
dmi.chassis.type: 23
dmi.chassis.vendor: Dell Inc.
dmi.modalias: dmi:bvnDellInc.:bvr1.12.0:bd07/30/2013:svnDellInc.:pnPowerEdgeR410:pvr:rvnDellInc.:rn01V648:rvrA03:cvnDellInc.:ct23:cvr:
dmi.product.name: PowerEdge R410
dmi.sys.vendor: Dell Inc.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1349768/+subscriptions
References
