[Kernel-packages] [Bug 2096976] Re: ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J

Launchpad Bug Tracker Wed, 16 Apr 2025 12:24:24 -0700

This bug was fixed in the package linux - 5.15.0-138.148

---------------
linux (5.15.0-138.148) jammy; urgency=medium


  * jammy/linux: 5.15.0-138.148 -proposed tracker (LP: #2102587)

  * ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J
    (LP: #2096976)
    - SAUCE: selftest: netfilter: fix null IP field in kci_test_ipsec_offload

  * CVE-2025-21756
    - vsock: Keep the binding until socket destruction
    - vsock: Orphan socket after transport release

  * CVE-2024-50256
    - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6()

  * CVE-2025-21702
    - pfifo_tail_enqueue: Drop new packet when sch->limit == 0

  * CVE-2025-21703
    - netem: Update sch->q.qlen before qdisc_tree_reduce_backlog()

  * CVE-2025-21700
    - net: sched: Disallow replacing of child qdisc from one parent to another

  * CVE-2024-46826
    - ELF: fix kernel.randomize_va_space double read

  * CVE-2024-56651
    - can: hi311x: hi3110_can_ist(): fix potential use-after-free

  * iBFT iSCSI out-of-bounds shift UBSAN warning (LP: #2097824)
    - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()

  * CVE-2024-50248
    - ntfs3: Add bounds checking to mi_enum_attr()
    - fs/ntfs3: Sequential field availability check in mi_enum_attr()

  * CVE-2022-0995
    - watch_queue: Use the bitmap API when applicable

  * CVE-2024-26837
    - net: bridge: switchdev: Skip MDB replays of deferred events on offload

  * CVE-2025-21701
    - net: avoid race between device unregistration and ethnl ops

  * CVE-2024-57798
    - drm/dp_mst: Skip CSN if topology probing is not done yet
    - drm/dp_mst: Ensure mst_primary pointer is valid in
      drm_dp_mst_handle_up_req()

  * CVE-2024-56658
    - net: defer final 'struct net' free in netns dismantle

  * CVE-2024-35864
    - smb: client: fix potential UAF in smb2_is_valid_lease_break()

  * CVE-2024-35864/CVE-2024-26928
    - smb: client: fix potential UAF in cifs_debug_files_proc_show()

 -- Stefan Bader <stefan.ba...@canonical.com>  Fri, 14 Mar 2025 15:32:05
+0100

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2096976

Title:
  ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J

Status in ubuntu-kernel-tests:
  New
Status in linux package in Ubuntu:
  Invalid
Status in linux source package in Jammy:
  Fix Released
Status in linux source package in Oracular:
  Fix Released

Bug description:
  [ Impact ]

  selftest: netfilter: after upstream commit 
2cf567f421dbfe7e53b7e5ddee9400da10efb75d
  ipsec_offload test needs its source ip written into  the expected value, 
however the
  complete patchset 
https://lore.kernel.org/lkml/20241010040027.21440-1-liuhang...@gmail.com/
  has a more comprehensive modification so this only fixes the test for the
  current status (only patch 2/3 of the patchset applied).

  Found on Oracular 6.11.0-17.17 and should be found on its derivatives /
  backports.

  Log output:

      # selftests: net: rtnetlink.sh
      # PASS: policy routing
      ---(snip)---
      # PASS: ipsec
      # FAIL: ipsec_offload incorrect driver data
      # FAIL: ipsec_offload
      # PASS: bridge fdb get

  Verbose output should be like:

      COMMAND: modprobe -q netdevsim
      COMMAND: ip x p add dir out src 192.168.123.3/24 dst 192.168.123.4/24 tmpl
  proto esp src 192.168.123.3 dst 192.168.123.4 spi 9 mode transport reqid 42
      COMMAND: ip x p add dir in src 192.168.123.4/24 dst 192.168.123.3/24 tmpl
  proto esp src 192.168.123.4 dst 192.168.123.3 spi 9 mode transport reqid 42
      COMMAND: ip x s add proto esp src 192.168.123.3 dst 192.168.123.4 spi 9 
mode
  transport reqid 42 aead rfc4106(gcm(aes))
  0x3132333435363738393031323334353664636261 128 sel src 192.168.123.3/24 dst
  192.168.123.4/24 offload dev eni0np1 dir out
      COMMAND: ip x s add proto esp src 192.168.123.4 dst 192.168.123.3 spi 9 
mode
  transport reqid 42 aead rfc4106(gcm(aes))
  0x3132333435363738393031323334353664636261 128 sel src 192.168.123.4/24 dst
  192.168.123.3/24 offload dev eni0np1 dir in
      COMMAND: diff /sys/kernel/debug/netdevsim/netdevsim0/ports/0//ipsec -
          2c2
      < sa[0] tx ipaddr=0x00000000 00000000 00000000 047ba8c0
      ---
      > sa[0] tx ipaddr=0x00000000 00000000 00000000 00000000
      FAIL: ipsec_offload incorrect driver data

  [ Fix ]

  Oracular: fixed separately
  Jammy:    fixed separately

  [ Test Plan ]

  Compiled, boot tested and auto-tested on amd64.

  [ Where Problems Could Occur ]

  The fix affects only the failing ipsec_offload of the netfilter test.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/2096976/+subscriptions


-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 2096976] Re: ipsec_offload in rtnetlink.sh from ubunsu_kselftests_net fails on O/J

Reply via email to