PDA

View Full Version : When was the rp_filter change backported to SLES 10 SP4?



matthew_hornung
11-Jul-2014, 17:06
According to this link, https://www.novell.com/support/kb/doc.php?id=7007649 the rp_filter for an interface is based on:

The max value from conf/{all,interface}/rp_filter is used when doing source validation on the {interface}

It also says

When development fixed this deficiency and released that fix in SLES 11 SP1, and SLES 10 SP4 the kernel began validating all incoming packets based on the setting.

Here is what I'm running with.

uname -r:
2.6.16.60-0.85.1-smp

cat /etc/SuSE-release:
SUSE Linux Enterprise Server 10 (x86_64)
VERSION = 10
PATCHLEVEL = 4

and I looked at the kernel source (/usr/src/linux-2.6.16.60-0.85.1/) and the fix wasn't in there. I looked at a SLES 11 SP 1 machine and it did have the fix.

When was this fix backported to SLES 10 SP4? Was it in a later kernel version? I was looking at the list of kernel versions here: http://wiki.novell.com/index.php/Kernel_versions

Is there a way I can get the source for the different kernel versions to look at them and see if the change is in there?

Let me know if there is any other information you need from me! It is very important that I figure out when this change was made.

ab
11-Jul-2014, 18:48
I'm not sure when this was backported, but you may have better luck asking
the kernel RPM for changelog information; something like this may help:



rpm -q --changelog kernel


--
Good luck.

If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below...

matthew_hornung
11-Jul-2014, 19:20
Thanks for the quick response! I ran:


rpm -q --changelog kernel-source

and the latest change listed is March 4th, 2011. The source I have (2.6.16.60-0.85.1) was released April 2011, and I don't it doesn't have the fix. If I could view the changelog for a later version, such as 2.6.16.60-0.107.1 maybe that would tell me. I did find the source for linux-2.6.16.60-0.101.1 from a colleague, and it did not have the change. I'm really starting to think that this link: https://www.novell.com/support/kb/doc.php?id=7007649 is wrong and that this change was never back-ported to SLES 10 SP 4.

mikewillis
11-Jul-2014, 19:28
Thanks for the quick response! I ran:


rpm -q --changelog kernel-source

and the latest change listed is March 4th, 2011.

According to Patch Finder
http://download.novell.com/patch/finder/#familyId=7261&productId=36423&dateRange=&startDate=&endDate=&priority=&distribution=&architecture=&keywords=Kernel
There was a Kernel update for SLES 10 SP4 released 10th June 2104 which was 2.6.16.60-0.107.1 Have you been installing updates?

matthew_hornung
11-Jul-2014, 20:44
Correct, I was not on the latest version. I did manage to get all the latest kernel source code from a coworker. From what I can tell, the changes were not back-ported to SLES 10 SP 4 in any of the kernel versions.

Thanks for your assistance! My problem is solved. You may want to verify what I think and update this link: https://www.novell.com/support/kb/doc.php?id=7007649 but that's up to you. I appreciate your quick replies!

malcolmlewis
11-Jul-2014, 21:12
On Fri 11 Jul 2014 07:54:01 PM CDT, matthew hornung wrote:


Correct, I was not on the latest version. I did manage to get all the
latest kernel source code from a coworker. From what I can tell, the
changes were not back-ported to SLES 10 SP 4 in any of the kernel
versions.

Thanks for your assistance! My problem is solved. You may want to verify
what I think and update this link:
https://www.novell.com/support/kb/doc.php?id=7007649 but that's up to
you. I appreciate your quick replies!




Hi
The kernel sources are just that, the source. The changes will be in
patches and reside in the src rpm, so you need to grab the src rpm from
the SUSE src rpm repository (or via patch finder) to see if/when
patches (backports) are applied.

--
Cheers Malcolm °¿° SUSE Knowledge Partner (Linux Counter #276890)
openSUSE 13.1 (Bottle) (x86_64) GNOME 3.10.1 Kernel 3.11.10-17-desktop
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below... Thanks!

matthew_hornung
11-Jul-2014, 21:43
I think I understood. Besides looking at my own machine, I looked at these directories: linux-2.6.16.60-0.101.1, linux-2.6.16.60-0.103.1, linux-2.6.16.60-0.105.1, and linux-2.6.16.60-0.107.1 from these rpms: kernel-source-2.6.16.60-0.101.1.x86_64.rpm, kernel-source-2.6.16.60-0.103.1.x86_64.rpm, kernel-source-2.6.16.60-0.105.1.x86_64.rpm and kernel-source-2.6.16.60-0.107.1.x86_64.rpm.

Those had the source and patches for SLES 10 SP 4, right?

mikewillis
12-Jul-2014, 10:30
Correct, I was not on the latest version. I did manage to get all the latest kernel source code from a coworker. From what I can tell, the changes were not back-ported to SLES 10 SP 4 in any of the kernel versions.

[QUOTE=matthew_hornung;22545]
Thanks for your assistance! My problem is solved.

I'm really not sure it is ;)


You may want to verify what I think and update this link: https://www.novell.com/support/kb/doc.php?id=7007649 but that's up to you.

It's not up to me, nor anyone else who has posted in this thread. We don't work for SUSE. There's a feedback link at the bottom of the page.



I think I understood. Besides looking at my own machine, I looked at these directories: linux-2.6.16.60-0.101.1, linux-2.6.16.60-0.103.1, linux-2.6.16.60-0.105.1, and linux-2.6.16.60-0.107.1 from these rpms: kernel-source-2.6.16.60-0.101.1.x86_64.rpm, kernel-source-2.6.16.60-0.103.1.x86_64.rpm, kernel-source-2.6.16.60-0.105.1.x86_64.rpm and kernel-source-2.6.16.60-0.107.1.x86_64.rpm.

Those had the source and patches for SLES 10 SP 4, right?

Malcom said the changes are in the .src.rpm You've installed the rpms.


I asked earlier if you've been installing updates. I now realise I asked the question having not paid sufficient attention to your first post because in that you included output of uname and that shows you are running Kernel 2.6.16.60-0.85.1-smp. That means one of two things. Either updates haven't been install or updates have been installed but the machine hasn't been rebooted to so it's still running an old Kernel version. If there a particular reason for this? Is the machine set up so that updates can be installed?

If you install all outstanding updates then look at the change log of the kernel package you may see the change you're looking for mentioned.


You may do better to raise a Service Request about this, if you can
https://www.suse.com/support/

matthew_hornung
14-Jul-2014, 15:37
Thanks mikewillis! When I called Novell to ask about this, they recommended posting on the forums and said that their engineers would browse them. Sorry for the mix up! I was under the impression you guys did work for SuSE. You have been very helpful nonetheless.

I'm not sure why my machine hasn't updated. I just needed to determine when the change was made, I don't actually need to on my machine. I will look into getting it updated to the latest kernel version.

I submitted feedback for that page on Friday. It said I'll hear back within two weeks.

I will look into raising a Service Request as well. Thank you for all your help!

matthew_hornung
07-Aug-2014, 21:30
Thanks again for the help on this! I heard back from the feedback I gave on that page, and their doc is correct now: https://www.novell.com/support/kb/doc.php?id=7007649