diff mbox series

[ovs-dev,branch-2.14] dpdk: Use DPDK 19.11.13 release.

Message ID 20220922145210.1344849-1-michael.phelan@intel.com
State Accepted
Headers show
Series [ovs-dev,branch-2.14] dpdk: Use DPDK 19.11.13 release. | expand

Checks

Context Check Description
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/intel-ovs-compilation fail test: fail

Commit Message

Phelan, Michael Sept. 22, 2022, 2:52 p.m. UTC 
Update OVS CLI and relevant documentation to use DPDK 19.11.13.

DPDK 19.11.13 contains fixes for the CVEs listed below:
CVE-2022-28199 [1]
CVE-2022-2132 [2]

A bug was introduced in DPDK 19.11.12 by the commit 1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
This bug can cause a deadlock when vIOMMU is enabled and NUMA reallocation of the virtqueues happen.
A fix [3] has been posted and is due to be included in the DPDK 19.11.14 release.
If a user wishes to avoid the issue then it is recommended to use DPDK 19.11.11 until the release of DPDK 19.11.14.
It should be noted that DPDK 19.11.11 does not benefit from the numerous bug and CVE fixes addressed since its release.
If a user wishes to benefit from these fixes it is recommended to use DPDK 19.11.13.

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
[3] https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/

Signed-off-by: Michael Phelan <michael.phelan@intel.com>
---
 .ci/linux-build.sh                   |  2 +-
 Documentation/faq/releases.rst       |  4 ++--
 Documentation/intro/install/dpdk.rst |  8 ++++----
 NEWS                                 | 18 ++++++++++++++++++
 4 files changed, 25 insertions(+), 7 deletions(-)

Comments

0-day Robot Sept. 22, 2022, 3:11 p.m. UTC | #1 
Bleep bloop.  Greetings Michael Phelan, I am a robot and I have tried out your patch.
Thanks for your contribution.

I encountered some error that I wasn't expecting.  See the details below.


checkpatch:
WARNING: Line is 84 characters long (recommended limit is 79)
#101 FILE: NEWS:12:
       A fix has been posted and is due to be included in the DPDK 19.11.14 release.

WARNING: Line is 102 characters long (recommended limit is 79)
#103 FILE: NEWS:14:
       https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/.

Lines checked: 116, Warnings: 2, Errors: 0


Please check this out.  If you feel there has been an error, please email aconole@redhat.com

Thanks,
0-day Robot
Kevin Traynor Sept. 30, 2022, 10:43 a.m. UTC | #2 
On 22/09/2022 15:52, Michael Phelan wrote:
> Update OVS CLI and relevant documentation to use DPDK 19.11.13.
> 
> DPDK 19.11.13 contains fixes for the CVEs listed below:
> CVE-2022-28199 [1]
> CVE-2022-2132 [2]
> 
> A bug was introduced in DPDK 19.11.12 by the commit 1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
> This bug can cause a deadlock when vIOMMU is enabled and NUMA reallocation of the virtqueues happen.
> A fix [3] has been posted and is due to be included in the DPDK 19.11.14 release.
> If a user wishes to avoid the issue then it is recommended to use DPDK 19.11.11 until the release of DPDK 19.11.14.
> It should be noted that DPDK 19.11.11 does not benefit from the numerous bug and CVE fixes addressed since its release.
> If a user wishes to benefit from these fixes it is recommended to use DPDK 19.11.13.
> 
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
> [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
> [3] https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/
> 
> Signed-off-by: Michael Phelan <michael.phelan@intel.com>

branch-2.14, reviewed and ran github actions.

Acked-by: Kevin Traynor <ktraynor@redhat.com>

> ---
>   .ci/linux-build.sh                   |  2 +-
>   Documentation/faq/releases.rst       |  4 ++--
>   Documentation/intro/install/dpdk.rst |  8 ++++----
>   NEWS                                 | 18 ++++++++++++++++++
>   4 files changed, 25 insertions(+), 7 deletions(-)
> 
> diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh
> index e7e603040..464a5285e 100755
> --- a/.ci/linux-build.sh
> +++ b/.ci/linux-build.sh
> @@ -187,7 +187,7 @@ fi
>   
>   if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then
>       if [ -z "$DPDK_VER" ]; then
> -        DPDK_VER="19.11.10"
> +        DPDK_VER="19.11.13"
>       fi
>       install_dpdk $DPDK_VER
>       # Disregard cast alignment errors until DPDK is fixed
> diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst
> index f606ef2f8..7c4b17988 100644
> --- a/Documentation/faq/releases.rst
> +++ b/Documentation/faq/releases.rst
> @@ -195,8 +195,8 @@ Q: What DPDK version does each Open vSwitch release work with?
>       2.10.x       17.11.10
>       2.11.x       18.11.11
>       2.12.x       18.11.11
> -    2.13.x       19.11.10
> -    2.14.x       19.11.10
> +    2.13.x       19.11.13
> +    2.14.x       19.11.13
>       ============ ========
>   
>   Q: Are all the DPDK releases that OVS versions work with maintained?
> diff --git a/Documentation/intro/install/dpdk.rst b/Documentation/intro/install/dpdk.rst
> index 5bf71e5ed..c84024ff7 100644
> --- a/Documentation/intro/install/dpdk.rst
> +++ b/Documentation/intro/install/dpdk.rst
> @@ -42,7 +42,7 @@ Build requirements
>   In addition to the requirements described in :doc:`general`, building Open
>   vSwitch with DPDK will require the following:
>   
> -- DPDK 19.11.10
> +- DPDK 19.11.13
>   
>   - A `DPDK supported NIC`_
>   
> @@ -71,9 +71,9 @@ Install DPDK
>   #. Download the `DPDK sources`_, extract the file and set ``DPDK_DIR``::
>   
>          $ cd /usr/src/
> -       $ wget https://fast.dpdk.org/rel/dpdk-19.11.10.tar.xz
> -       $ tar xf dpdk-19.11.10.tar.xz
> -       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.10
> +       $ wget https://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz
> +       $ tar xf dpdk-19.11.13.tar.xz
> +       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.13
>          $ cd $DPDK_DIR
>   
>   #. (Optional) Configure DPDK as a shared library
> diff --git a/NEWS b/NEWS
> index 14d9aa36c..67690e519 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -1,5 +1,23 @@
>   v2.14.7 - xx xxx xxxx
>   ---------------------
> +   - DPDK:
> +     * OVS validated with DPDK 19.11.13.
> +       DPDK 19.11.13 contains fixes for the following CVEs:
> +       CVE-2022-28199 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
> +       CVE-2022-2132 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
> +       A bug was introduced in DPDK 19.11.12 by the commit
> +       1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
> +       This bug can cause a deadlock when vIOMMU is enabled and NUMA
> +       reallocation of the virtqueues happen.
> +       A fix has been posted and is due to be included in the DPDK 19.11.14 release.
> +       It can be found here:
> +       https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/.
> +       If a user wishes to avoid the issue then it is recommended to use
> +       DPDK 19.11.11 until the release of DPDK 19.11.14.
> +       It should be noted that DPDK 19.11.11 does not benefit from the numerous
> +       bug and CVE fixes addressed since its release.
> +       If a user wishes to benefit from these fixes it is recommended to use
> +       DPDK 19.11.13.
>   
>   v2.14.6 - 15 Jun 2022
>   ---------------------
Stokes, Ian Oct. 3, 2022, 5:10 p.m. UTC | #3 
> -----Original Message-----
> From: Kevin Traynor <ktraynor@redhat.com>
> Sent: Friday, September 30, 2022 11:43 AM
> To: Phelan, Michael <michael.phelan@intel.com>; dev@openvswitch.org
> Cc: Stokes, Ian <ian.stokes@intel.com>; i.maximets@ovn.org;
> maxime.coquelin@redhat.com
> Subject: Re: [branch-2.14] dpdk: Use DPDK 19.11.13 release.
> 
> On 22/09/2022 15:52, Michael Phelan wrote:
> > Update OVS CLI and relevant documentation to use DPDK 19.11.13.
> >
> > DPDK 19.11.13 contains fixes for the CVEs listed below:
> > CVE-2022-28199 [1]
> > CVE-2022-2132 [2]
> >
> > A bug was introduced in DPDK 19.11.12 by the commit 1e68fe334ff0 ("vhost:
> fix unsafe vring addresses modifications").
> > This bug can cause a deadlock when vIOMMU is enabled and NUMA
> reallocation of the virtqueues happen.
> > A fix [3] has been posted and is due to be included in the DPDK 19.11.14
> release.
> > If a user wishes to avoid the issue then it is recommended to use DPDK
> 19.11.11 until the release of DPDK 19.11.14.
> > It should be noted that DPDK 19.11.11 does not benefit from the numerous
> bug and CVE fixes addressed since its release.
> > If a user wishes to benefit from these fixes it is recommended to use DPDK
> 19.11.13.
> >
> > [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
> > [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
> > [3] https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-
> david.marchand@redhat.com/
> >
> > Signed-off-by: Michael Phelan <michael.phelan@intel.com>
> 
> branch-2.14, reviewed and ran github actions.
> 
> Acked-by: Kevin Traynor <ktraynor@redhat.com>

Thanks for review Kevin, Re-ran the github actions tests and they passed without issue.

https://github.com/istokes/ovs/actions/runs/3175747712

Applied.

Thanks
Ian
> 
> > ---
> >   .ci/linux-build.sh                   |  2 +-
> >   Documentation/faq/releases.rst       |  4 ++--
> >   Documentation/intro/install/dpdk.rst |  8 ++++----
> >   NEWS                                 | 18 ++++++++++++++++++
> >   4 files changed, 25 insertions(+), 7 deletions(-)
> >
> > diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh
> > index e7e603040..464a5285e 100755
> > --- a/.ci/linux-build.sh
> > +++ b/.ci/linux-build.sh
> > @@ -187,7 +187,7 @@ fi
> >
> >   if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then
> >       if [ -z "$DPDK_VER" ]; then
> > -        DPDK_VER="19.11.10"
> > +        DPDK_VER="19.11.13"
> >       fi
> >       install_dpdk $DPDK_VER
> >       # Disregard cast alignment errors until DPDK is fixed
> > diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst
> > index f606ef2f8..7c4b17988 100644
> > --- a/Documentation/faq/releases.rst
> > +++ b/Documentation/faq/releases.rst
> > @@ -195,8 +195,8 @@ Q: What DPDK version does each Open vSwitch
> release work with?
> >       2.10.x       17.11.10
> >       2.11.x       18.11.11
> >       2.12.x       18.11.11
> > -    2.13.x       19.11.10
> > -    2.14.x       19.11.10
> > +    2.13.x       19.11.13
> > +    2.14.x       19.11.13
> >       ============ ========
> >
> >   Q: Are all the DPDK releases that OVS versions work with maintained?
> > diff --git a/Documentation/intro/install/dpdk.rst
> b/Documentation/intro/install/dpdk.rst
> > index 5bf71e5ed..c84024ff7 100644
> > --- a/Documentation/intro/install/dpdk.rst
> > +++ b/Documentation/intro/install/dpdk.rst
> > @@ -42,7 +42,7 @@ Build requirements
> >   In addition to the requirements described in :doc:`general`, building Open
> >   vSwitch with DPDK will require the following:
> >
> > -- DPDK 19.11.10
> > +- DPDK 19.11.13
> >
> >   - A `DPDK supported NIC`_
> >
> > @@ -71,9 +71,9 @@ Install DPDK
> >   #. Download the `DPDK sources`_, extract the file and set ``DPDK_DIR``::
> >
> >          $ cd /usr/src/
> > -       $ wget https://fast.dpdk.org/rel/dpdk-19.11.10.tar.xz
> > -       $ tar xf dpdk-19.11.10.tar.xz
> > -       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.10
> > +       $ wget https://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz
> > +       $ tar xf dpdk-19.11.13.tar.xz
> > +       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.13
> >          $ cd $DPDK_DIR
> >
> >   #. (Optional) Configure DPDK as a shared library
> > diff --git a/NEWS b/NEWS
> > index 14d9aa36c..67690e519 100644
> > --- a/NEWS
> > +++ b/NEWS
> > @@ -1,5 +1,23 @@
> >   v2.14.7 - xx xxx xxxx
> >   ---------------------
> > +   - DPDK:
> > +     * OVS validated with DPDK 19.11.13.
> > +       DPDK 19.11.13 contains fixes for the following CVEs:
> > +       CVE-2022-28199 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-
> 28199
> > +       CVE-2022-2132 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-
> 2132
> > +       A bug was introduced in DPDK 19.11.12 by the commit
> > +       1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
> > +       This bug can cause a deadlock when vIOMMU is enabled and NUMA
> > +       reallocation of the virtqueues happen.
> > +       A fix has been posted and is due to be included in the DPDK 19.11.14
> release.
> > +       It can be found here:
> > +       https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-
> 2-david.marchand@redhat.com/.
> > +       If a user wishes to avoid the issue then it is recommended to use
> > +       DPDK 19.11.11 until the release of DPDK 19.11.14.
> > +       It should be noted that DPDK 19.11.11 does not benefit from the
> numerous
> > +       bug and CVE fixes addressed since its release.
> > +       If a user wishes to benefit from these fixes it is recommended to use
> > +       DPDK 19.11.13.
> >
> >   v2.14.6 - 15 Jun 2022
> >   ---------------------
>
diff mbox series

Patch

diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh
index e7e603040..464a5285e 100755
--- a/.ci/linux-build.sh
+++ b/.ci/linux-build.sh
@@ -187,7 +187,7 @@  fi
 
 if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then
     if [ -z "$DPDK_VER" ]; then
-        DPDK_VER="19.11.10"
+        DPDK_VER="19.11.13"
     fi
     install_dpdk $DPDK_VER
     # Disregard cast alignment errors until DPDK is fixed
diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst
index f606ef2f8..7c4b17988 100644
--- a/Documentation/faq/releases.rst
+++ b/Documentation/faq/releases.rst
@@ -195,8 +195,8 @@  Q: What DPDK version does each Open vSwitch release work with?
     2.10.x       17.11.10
     2.11.x       18.11.11
     2.12.x       18.11.11
-    2.13.x       19.11.10
-    2.14.x       19.11.10
+    2.13.x       19.11.13
+    2.14.x       19.11.13
     ============ ========
 
 Q: Are all the DPDK releases that OVS versions work with maintained?
diff --git a/Documentation/intro/install/dpdk.rst b/Documentation/intro/install/dpdk.rst
index 5bf71e5ed..c84024ff7 100644
--- a/Documentation/intro/install/dpdk.rst
+++ b/Documentation/intro/install/dpdk.rst
@@ -42,7 +42,7 @@  Build requirements
 In addition to the requirements described in :doc:`general`, building Open
 vSwitch with DPDK will require the following:
 
-- DPDK 19.11.10
+- DPDK 19.11.13
 
 - A `DPDK supported NIC`_
 
@@ -71,9 +71,9 @@  Install DPDK
 #. Download the `DPDK sources`_, extract the file and set ``DPDK_DIR``::
 
        $ cd /usr/src/
-       $ wget https://fast.dpdk.org/rel/dpdk-19.11.10.tar.xz
-       $ tar xf dpdk-19.11.10.tar.xz
-       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.10
+       $ wget https://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz
+       $ tar xf dpdk-19.11.13.tar.xz
+       $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.13
        $ cd $DPDK_DIR
 
 #. (Optional) Configure DPDK as a shared library
diff --git a/NEWS b/NEWS
index 14d9aa36c..67690e519 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,23 @@ 
 v2.14.7 - xx xxx xxxx
 ---------------------
+   - DPDK:
+     * OVS validated with DPDK 19.11.13.
+       DPDK 19.11.13 contains fixes for the following CVEs:
+       CVE-2022-28199 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
+       CVE-2022-2132 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
+       A bug was introduced in DPDK 19.11.12 by the commit
+       1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
+       This bug can cause a deadlock when vIOMMU is enabled and NUMA
+       reallocation of the virtqueues happen.
+       A fix has been posted and is due to be included in the DPDK 19.11.14 release.
+       It can be found here:
+       https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/.
+       If a user wishes to avoid the issue then it is recommended to use
+       DPDK 19.11.11 until the release of DPDK 19.11.14.
+       It should be noted that DPDK 19.11.11 does not benefit from the numerous
+       bug and CVE fixes addressed since its release.
+       If a user wishes to benefit from these fixes it is recommended to use
+       DPDK 19.11.13.
 
 v2.14.6 - 15 Jun 2022
 ---------------------