Attachment 242136 Details for Bug 254596 – partial FreeBSD-EN-ERRATA_TEMPLATE as requested

partial FreeBSD-EN-ERRATA_TEMPLATE as requested

errata.txt (text/plain), 4.40 KB, created by paul vixie on 2023-05-12 20:46:11 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: paul vixie

Created: 2023-05-12 20:46:11 UTC

Size: 4.40 KB

patch

obsolete

>=============================================================================
>FreeBSD-EN-ERRATA_TEMPLATE                                      Errata Notice
>                                                          The FreeBSD Project
>
>Topic:
>
>Category:       < core | contrib >
>Module:         <module name>
>Announced:      2023-XX-XX
>Credits:
>Affects:        <affected versions>
>                <e.g., "All supported versions of FreeBSD.", "FreeBSD
>                13.1 and later.", "FreeBSD 13.x", or "FreeBSD 12.4">
>Corrected:      2023-XX-XX XX:XX:XX UTC (stable/13, 13.2-STABLE)
>                2023-XX-XX XX:XX:XX UTC (releng/13.1, 13.1-RELEASE-pXX)
>                2023-XX-XX XX:XX:XX UTC (releng/13.2, 13.2-RELEASE-pXX)
>                2023-XX-XX XX:XX:XX UTC (stable/12, 12.4-STABLE)
>                2023-XX-XX XX:XX:XX UTC (releng/12.4, 12.4-RELEASE-pXX)
>
>For general information regarding FreeBSD Errata Notices and Security
>Advisories, including descriptions of the fields above, security
>branches, and the following sections, please visit
><URL:https://security.FreeBSD.org/>.
>
>I.   Background
>
>Vlan subinterfaces are intended to allow FreeBSD to access more than one
>LAN (called virtual LANs or Vlans) on the same physical interface. Most
>non-trivial LANs are at this point segregated into Vlans, each having its
>own subnet, its own gateway, its own policy, and its own purpose.
>
>Bridge interfaces are intended to act as logical switches within FreeBSD,
>to allow multiple non-bridge interfaces to be part of the same subnet.
>This is particularly vital for BHyve and other VM guests, who generally
>need access to one or more physical LANs or Vlans on the host's networks.
>
>LRO (large receive offload) is a technology whereby network interface
>hardware can aggregate multiple incoming packets into a larger buffer to
>reduce the number of packets that must be processed by the CPU. LRO must
>not be performed by a FreeBSD host operating as a bridge or as a router,
>since the output after LRO will be seen as damaged.
>
>II.  Problem Description
>
>FreeBSD's Vlan support (if_vlan.c) has logic meant to propagate the LRO
>capability and setting of the underlying physical interface to each Vlan
>subinterface. 
>
>III. Impact
>
>This is incompatible with bridging or routing. 
>
>IV.  Workaround
>
>Absent this change, LRO must be disabled (if available) in the underlying
>physical (trunk) interface of any bridged Vlan subinterfaces, which gives
>up any potential LRO performance advantage for that physical interface and
>for any non-bridged Vlan subinterfaces.
>
>V.   Solution
>
>For the bridging case, it is simple to prevent the propagation of the LRO
>option from a physical interface to its Vlan subinterfaces, and the patch
>here accomplishes this. In the routing case, a more extensive change would
>be required, and so for routing across a Vlan subinterface, it will continue
>to be necessary to disable LRO in the underlying physical interface.
>
>Upgrade your system to a supported FreeBSD stable or release / security
>branch (releng) dated after the correction date.
>[XX Needs reboot? Mention please]
>
>Perform one of the following:
>
>1) To update your system via a binary patch:
>
>Systems running a RELEASE version of FreeBSD on the amd64, i386, or
>(on FreeBSD 13 and later) arm64 platforms can be updated via the
>freebsd-update(8) utility:
>
># freebsd-update fetch
># freebsd-update install
>[XX Needs reboot? Mention please]
>
>2) To update your system via a source code patch:
>
>The following patches have been verified to apply to the applicable
>FreeBSD release branches.
>
>a) Download the relevant patch from the location below, and verify the
>detached PGP signature using your PGP utility.
>
>[FreeBSD 12.4]
># fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch
># fetch https://security.FreeBSD.org/patches/EN-XX:XX/XXXX.patch.asc
># gpg --verify XXXX.patch.asc
>
>b) Apply the patch.  Execute the following commands as root:
>
># cd /usr/src
># patch < /path/to/patch
>
><for a userland utility:>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
><for a daemons>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>
>Restart the applicable daemons, or reboot the system.
>
><for a common library>
>
>c) Recompile the operating system using buildworld and installworld as
>described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
>

Actions: View

Attachments on bug 254596: 242067 | 242133 | 242136