[Kernel-packages] [Bug 2013422] Re: net: sched: allow flower to match vxlan options

[Launchpad Bug Tracker]

This bug was fixed in the package linux-bluefield - 5.4.0-1062.68

---------------
linux-bluefield (5.4.0-1062.68) focal; urgency=medium

  * focal/linux-bluefield: 5.4.0-1062.68 -proposed tracker (LP:
#2016751)

  * CVE-2023-1829
    - [Config] bluefield: Make sure CONFIG_NET_CLS_TCINDEX is not available

  * net/sched: cls_api: Support hardware miss to tc action (LP: #2012571)
    - Revert "net/sched: flower: fix fl_change() error recovery path"
    - Revert "net/sched: flower: Support hardware miss to tc action"
    - Revert "net/sched: flower: Move filter handle initialization earlier"
    - Revert "net/sched: cls_api: Support hardware miss to tc action"
    - Revert "UBUNTU: SAUCE: net/sched: Provide act to offload action"

  [ Ubuntu: 5.4.0-148.165 ]

  * focal/linux: 5.4.0-148.165 -proposed tracker (LP: #2016777)
  * CVE-2023-1829
    - net/sched: Retire tcindex classifier
    - [Config]: Make sure CONFIG_NET_CLS_TCINDEX is not available

 -- Bartlomiej Zolnierkiewicz <bartlomiej.zolnierkiew...@canonical.com>
Thu, 27 Apr 2023 16:48:23 +0200

** Changed in: linux-bluefield (Ubuntu Focal)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2023-1829

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-bluefield in Ubuntu.
https://bugs.launchpad.net/bugs/2013422

Title:
  net: sched: allow flower to match vxlan options

Status in linux-bluefield package in Ubuntu:
  Invalid
Status in linux-bluefield source package in Focal:
  Fix Released

Bug description:
  * Explain the bug(s)

  In upstream, TCA_POLICE_PKTRATE64 was introduced after
  TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP. linux-bluefiled only has
  TCA_POLICE_PKTRATE64 related support and does not have VXLAN support
  which will cause "ovs" project compile error because of lacking of
  VXALN GBP related support.

  * Brief explanation of fixes

  Cherry-pick. No adaptation. Add VXLAN support for flower to allow flower to 
match vxlan options
  d8f9dfae49ce net: sched: allow flower to match vxlan options

  * How to test

  1) Compile "ovs" project, build succesfully.
  2) VXLAN option can be used as match condition in tc. eg:
        # ip link add name vxlan0 type vxlan dstport 0 external
        # tc qdisc add dev vxlan0 ingress
        # tc filter add dev vxlan0 protocol ip parent ffff: \
            flower \
              enc_src_ip 10.0.99.192 \
              enc_dst_ip 10.0.99.193 \
              enc_key_id 11 \
              vxlan_opts 01020304/ffffffff \
              ip_proto udp \
              action mirred egress redirect dev eth0

  * What it could break.

  Nothing.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-bluefield/+bug/2013422/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp