This bug was fixed in the package linux-azure - 4.15.0-1049.54
---------------
linux-azure (4.15.0-1049.54) xenial; urgency=medium
* linux-azure: 4.15.0-1049.54 -proposed tracker (LP: #1834091)
* Upstream Commits Needed for DPDK on Azure (LP: #1812123)
- uio: document uio_hv_generic regions
- uio_hv_generic: create send and receive buffers
- uio_hv_generic: add rescind support
- uio_hv_generic: support sub-channels
- uio_hv_generic: fix subchannel ring mmap
- uio_hv_generic: use standard mmap for resources
- vmbus: keep pointer to ring buffer page
- uio: introduce UIO_MEM_IOVA
- hv_uio_generic: map ringbuffer phys addr
- uio_hv_generic: use ISR callback method
- uio_hv_generic: use correct channel in isr
- uio_hv_generic: make ring buffer attribute for primary channel
- uio_hv_generic: defer opening vmbus until first use
- uio_hv_generic: set callbacks on open
- vmbus: pass channel to hv_process_channel_removal
- vmbus: split ring buffer allocation from open
- vmbus: fix subchannel removal
* Enable eBPF JIT in the linux-azure kernels (LP: #1827916)
- [Config] linux-azure: CONFIG_MLX{4,5}_INFINIBAND=m
* [linux-azure] Please Include Mainline Commit ebaf39e6032f in the 16.04 and
18.04 linux-azure kernels (LP: #1830266)
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes
* [linux-azure] Commits Requested in 16.04 for the Azure Kernel (LP: #1830242)
- blk-mq: remove the request_list usage
- nvme-pci: remove cq check after submission
- nvme-pci: split the nvme queue lock into submission and completion locks
* [Packaging] Improve config annotations check on custom kernels
(LP: #1820075)
- [Config] linux-azure: Include custom annotations files
[ Ubuntu: 4.15.0-54.58 ]
* linux: 4.15.0-54.58 -proposed tracker (LP: #1833987)
* Remote denial of service (resource exhaustion) caused by TCP SACK scoreboard
manipulation (LP: #1831638) // CVE-2019-11478
- tcp: refine memory limit test in tcp_fragment()
* CVE-2019-11479
- SAUCE: tcp: add tcp_min_snd_mss sysctl
- SAUCE: tcp: enforce tcp_min_snd_mss in tcp_mtu_probing()
-- Marcelo Henrique Cerri <marcelo.ce...@canonical.com> Mon, 24 Jun
2019 17:44:20 -0300
** Changed in: linux-azure (Ubuntu Xenial)
Status: Fix Committed => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11478
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11479
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-azure in Ubuntu.
https://bugs.launchpad.net/bugs/1827916
Title:
Enable eBPF JIT in the linux-azure kernels
Status in linux-azure package in Ubuntu:
New
Status in linux-azure source package in Xenial:
Fix Released
Status in linux-azure source package in Cosmic:
Fix Committed
Status in linux-azure source package in Disco:
Fix Committed
Bug description:
eBPF is available as of kernel version 4.15, which is used on AKS nodes.
Enabling JIT eBPF (built-in kernel feature) will speed-up execution of eBPF
aware tools.
eBPF JIT is controlled by the file /proc/sys/net/core/bpf_jit_enable.
More details for eBPF JIT -
https://www.kernel.org/doc/Documentation/sysctl/net.txt
The file /proc/sys/net/core/bpf_jit_enable is not present on AKS nodes.
Also, to support eBPF in AKS, we are requesting to switch the mlx* and
ib* drivers to loadable modules instead of static.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/1827916/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
