summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Phelan <michael.phelan@intel.com>2022-09-22 14:51:27 +0000
committerIan Stokes <ian.stokes@intel.com>2022-10-03 16:59:28 +0100
commitcd47660b9b567cf01c304e004a73148f423c6fe5 (patch)
tree133797aa51408a7823681eab99df0e8ef57196f7
parent8535912ace2d5cde2e5d88836a5adfae228938f3 (diff)
downloadopenvswitch-cd47660b9b567cf01c304e004a73148f423c6fe5.tar.gz
dpdk: Use DPDK 19.11.13 release.
Update OVS CLI and relevant documentation to use DPDK 19.11.13. DPDK 19.11.13 contains fixes for the CVEs listed below: CVE-2022-28199 [1] CVE-2022-2132 [2] A bug was introduced in DPDK 19.11.12 by the commit 1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications"). This bug can cause a deadlock when vIOMMU is enabled and NUMA reallocation of the virtqueues happen. A fix [3] has been posted and is due to be included in the DPDK 19.11.14 release. If a user wishes to avoid the issue then it is recommended to use DPDK 19.11.11 until the release of DPDK 19.11.14. It should be noted that DPDK 19.11.11 does not benefit from the numerous bug and CVE fixes addressed since its release. If a user wishes to benefit from these fixes it is recommended to use DPDK 19.11.13. [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199 [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132 [3] https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/ Signed-off-by: Michael Phelan <michael.phelan@intel.com> Acked-by: Kevin Traynor <ktraynor@redhat.com> Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Diffstat
-rwxr-xr-x.ci/linux-build.sh2
-rw-r--r--Documentation/faq/releases.rst2
-rw-r--r--Documentation/intro/install/dpdk.rst8
-rw-r--r--NEWS18
4 files changed, 24 insertions, 6 deletions
diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh
index 17ce6961f..776148cfd 100755
--- a/.ci/linux-build.sh
+++ b/.ci/linux-build.sh
@@ -182,7 +182,7 @@ fi
if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then
if [ -z "$DPDK_VER" ]; then
- DPDK_VER="19.11.10"
+ DPDK_VER="19.11.13"
fi
install_dpdk $DPDK_VER
# Enable pdump support in OVS.
diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst
index 0df2e4163..73542a70b 100644
--- a/Documentation/faq/releases.rst
+++ b/Documentation/faq/releases.rst
@@ -192,7 +192,7 @@ Q: What DPDK version does each Open vSwitch release work with?
2.10.x 17.11.10
2.11.x 18.11.11
2.12.x 18.11.11
- 2.13.x 19.11.10
+ 2.13.x 19.11.13
============ ========
Q: Are all the DPDK releases that OVS versions work with maintained?
diff --git a/Documentation/intro/install/dpdk.rst b/Documentation/intro/install/dpdk.rst
index 7acdaac06..4c63856b8 100644
--- a/Documentation/intro/install/dpdk.rst
+++ b/Documentation/intro/install/dpdk.rst
@@ -42,7 +42,7 @@ Build requirements
In addition to the requirements described in :doc:`general`, building Open
vSwitch with DPDK will require the following:
-- DPDK 19.11.10
+- DPDK 19.11.13
- A `DPDK supported NIC`_
@@ -71,9 +71,9 @@ Install DPDK
#. Download the `DPDK sources`_, extract the file and set ``DPDK_DIR``::
$ cd /usr/src/
- $ wget https://fast.dpdk.org/rel/dpdk-19.11.10.tar.xz
- $ tar xf dpdk-19.11.10.tar.xz
- $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.10
+ $ wget https://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz
+ $ tar xf dpdk-19.11.13.tar.xz
+ $ export DPDK_DIR=/usr/src/dpdk-stable-19.11.13
$ cd $DPDK_DIR
#. (Optional) Configure DPDK as a shared library
diff --git a/NEWS b/NEWS
index a3b745fc7..8e2553901 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,23 @@
v2.13.9 - xx xxx xxxx
---------------------
+ - DPDK:
+ * OVS validated with DPDK 19.11.13.
+ DPDK 19.11.13 contains fixes for the following CVEs:
+ CVE-2022-28199 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28199
+ CVE-2022-2132 cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2132
+ A bug was introduced in DPDK 19.11.12 by the commit
+ 1e68fe334ff0 ("vhost: fix unsafe vring addresses modifications").
+ This bug can cause a deadlock when vIOMMU is enabled and NUMA
+ reallocation of the virtqueues happen.
+ A fix has been posted and is due to be included in the DPDK 19.11.14 release.
+ It can be found here:
+ https://patches.dpdk.org/project/dpdk/patch/20220725203206.427083-2-david.marchand@redhat.com/.
+ If a user wishes to avoid the issue then it is recommended to use
+ DPDK 19.11.11 until the release of DPDK 19.11.14.
+ It should be noted that DPDK 19.11.11 does not benefit from the numerous
+ bug and CVE fixes addressed since its release.
+ If a user wishes to benefit from these fixes it is recommended to use
+ DPDK 19.11.13.
v2.13.8 - 15 Jun 2022
---------------------
View Lorry Controller Status