FreeBSD Errata Notice FreeBSD-EN-23:04.ixgbe
8 February, 2023 by errata-notices@freebsd.org | freebsd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-EN-23:04.ixgbe Errata Notice The FreeBSD Project Topic: ixgbe incorrectly reports input errors for 82599ES Category: core Module: ixgbe Announced: 2023-02-08 Affects: All supported versions of FreeBSD. Corrected: 2022-11-17 20:13:43 UTC (stable/13, 13.1-STABLE) 2023-02-08 16:30:38 UTC (releng/13.1, 13.1-RELEASE-p6) 2022-11-17 20:17:22 UTC (stable/12, 12.4-STABLE) 2023-02-08 18:30:24 UTC (releng/12.4, 12.4-RELEASE-p1) 2023-02-08 18:28:28 UTC (releng/12.3, 12.3-RELEASE-p11) For general information regarding FreeBSD Errata Notices and Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit <URL:https://security.FreeBSD.org/>. I. Background ixgbe(4) is driver that supports multiple Intel 10Gb Ethernet cards including the Intel 82599. II. Problem Description Intel 82599 hardware has errata related to IPv4 UDP frames with a zero checksum. The L4 integrity error counter is incremented for such frames, which results in reported interface errors through utilities such as ifconfig(8). This confuses users, since all frames are in fact handled correctly by the system. III. Impact Incorrect interface statistics are reported for affected hardware. IV. Workaround Ignore reported interface errors. V. Solution Upgrade your system to a supported FreeBSD stable or release / security branch (releng) dated after the correction date and reboot. Perform one of the following: 1) To update your system via a binary patch: Systems running a RELEASE version of FreeBSD on the amd64, i386, or (on FreeBSD 13 and later) arm64 platforms can be updated via the freebsd-update(8) utility: # freebsd-update fetch # freebsd-update install # shutdown -r +10min "Rebooting for an erratum update" 2) To update your system via a source code patch: The following patches have been verified to apply to the applicable FreeBSD release branches. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch https://security.FreeBSD.org/patches/EN-23:04/ixgbe.patch # fetch https://security.FreeBSD.org/patches/EN-23:04/ixgbe.patch.asc # gpg --verify ixgbe.patch.asc b) Apply the patch. Execute the following commands as root: # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in <URL:https://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the system. VI. Correction details This issue is corrected by the corresponding Git commit hash or Subversion revision number in the following stable and release branches: Branch/path Hash Revision - ------------------------------------------------------------------------- stable/13/ daf3d88ac184 stable/13-n253100 releng/13.1/ f3e20eb8d8f0 releng/13.1-n250178 stable/12/ r372757 releng/12.4/ r372916 releng/12.3/ r372912 - ------------------------------------------------------------------------- For FreeBSD 13 and later: Run the following command to see which files were modified by a particular commit: # git show --stat <commit hash> Or visit the following URL, replacing NNNNNN with the hash: <URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN> To determine the commit count in a working tree (for comparison against nNNNNNN in the table above), run: # git rev-list --count --first-parent HEAD For FreeBSD 12 and earlier: Run the following command to see which files were modified by a particular revision, replacing NNNNNN with the revision number: # svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base Or visit the following URL, replacing NNNNNN with the revision number: <URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> VII. References <URL:https://bugs.freebsd.org/bugzilla/show_bug.cgi?id&6048> The latest revision of this advisory is available at <URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-23:04.ixgbe.asc> -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEthUnfoEIffdcgYM7bljekB8AGu8FAmPj8BcACgkQbljekB8A Gu+H7g//dEdyDgXVQeyezAZuL1wqUaKVE0ZzPfpouG9X3+FaXMalo0FzkJy75olx vv0eOznDoS+IWlwkdvzKCaAGZK8ZFPNT0SkNTGlABh+xvX0FoORdPLh9AmZbDlsx 1FA1Az+Sew0EJ/t0D0v/ZMTpj267664yVXI1G5IFUxTLnFq/bC9w8ssOQCWF4/+z KgwTt7XfaxE03EE6JasyeIRKF4nobbErNo7Z+yjEkqT43geSS8N3T6uE8JwV8y2w 0wAZT3nj7TBsHnRErHgDQabPXOEdZDODV+iDGTOmu7bwmoG9FKbuuE4tZtDzKNZ1 wjjG0Gka091Wx7ss5KLO0kD99iqHrtno/I2qJuk/R5HZuNTzOsp56RgQUQu9uxjm 1Lfsd6HdzV2dd4/PZ9dGgU7bTiSIJXCh5pu3NGF3nKshgDPDq05kz3Ho3ktWEccQ SpWOc6IyMibuxq9T50CFyW+qPMoPa4pN2BsVilwQJ/LeWYp8lcN9T5bY2ssVk33q s6elPBZsmGOvIMe14mDUL2ANfcZSUDkbZuvCPoOo1LMGnh8TSikbj1uaWH4qntlC gPJ502ggGaw1CuMuUzddyv14bNCL9PMY1zZOnEi6MWwZWZnVvzdqLvhz4U6BORVJ OOqJTlxquMYGyILtHqKvqodZ471SaHMC9Sk5MPvO/mk0u3W5Zeg=sTJD -----END PGP SIGNATURE-----