Your message dated Sat, 09 May 2020 11:53:52 +0100 with message-id <fd7fa4d56896c35aab49a5a51cb69727dc60e87a.camel@adam-barratt.org.uk> and subject line Closing requests included in 10.4 point release has caused the Debian Bug report #951399, regarding buster-pu: package softflowd/0.9.9-5 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 951399: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951399 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: buster-pu: package softflowd/0.9.9-5
- From: Christoph Biedl <debian.axhn@manchmal.in-ulm.de>
- Date: Sun, 16 Feb 2020 00:27:27 +0100
- Message-id: <1581809224@msgid.manchmal.in-ulm.de>
Package: release.debian.org Severity: normal Tags: buster User: release.debian.org@packages.debian.org Usertags: pu Hello release team, a nasty bug made it into the Debian 10 ("buster") version of softflowd, and I'd like to fix that in a stable point release. Due to a broken flow aggregation, the flow table might overflow, resulting in forced flow expiration. Which, as I was told, can lead to constant 100% CPU usage of the softflowd process. Another effect is the resulting flow files captured by nfcapd(1) (from the nfdump package) are way bigger then before the upgrade, and nfcapd creating a lot of noise in the syslog as well. This was fixed upstream although not quite in an obvious way - thanks to bisecting this wasn't a big problem anyway. According to tests done by the reporter the fix ended the massive CPU usage, for the other effects I can confirm the desired behaviour as seen in the previous Debian 9 ("stretch") version is restored as well. For the next stable point release, version 0.9.9-5+deb10u1 was already uploaded to the applicable queue. Suggested one-line description: Fix broken netflow aggregation Regards, Christoph -- System Information: Debian Release: 10.3 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.4.19 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: unable to detectdiff -Nru softflowd-0.9.9/debian/changelog softflowd-0.9.9/debian/changelog --- softflowd-0.9.9/debian/changelog 2018-10-26 17:10:09.000000000 +0200 +++ softflowd-0.9.9/debian/changelog 2019-12-05 00:21:02.000000000 +0100 @@ -1,3 +1,10 @@ +softflowd (0.9.9-5+deb10u1) buster; urgency=medium + + * Fix roken flow aggregation which might result in flow table overflow + and 100% CPU usage. + + -- Christoph Biedl <debian.axhn@manchmal.in-ulm.de> Thu, 05 Dec 2019 00:21:02 +0100 + softflowd (0.9.9-5) unstable; urgency=high * Don't migrate legacy config if it wasn't modified. Closes: #910214 diff -Nru softflowd-0.9.9/debian/patches/cherry-pick.softflowd-0.9.9-22-ge6d29a1.fix-some-bugs.patch softflowd-0.9.9/debian/patches/cherry-pick.softflowd-0.9.9-22-ge6d29a1.fix-some-bugs.patch --- softflowd-0.9.9/debian/patches/cherry-pick.softflowd-0.9.9-22-ge6d29a1.fix-some-bugs.patch 1970-01-01 01:00:00.000000000 +0100 +++ softflowd-0.9.9/debian/patches/cherry-pick.softflowd-0.9.9-22-ge6d29a1.fix-some-bugs.patch 2019-12-05 00:21:02.000000000 +0100 @@ -0,0 +1,68 @@ +Subject: [ Add option "-a" for reading pcap file and ] fix some bugs +Origin: softflowd-0.9.9-22-ge6d29a1 <https://github.com/irino/softflowd/commit/e6d29a1> +Upstream-Author: Hitoshi Irino <irino@sfc.wide.ad.jp> +Date: Sun May 26 23:00:41 2019 +0900 +Comment: Fixes a regression introduced in buster: The flow aggregation + is broken, causing a new flow to generated for virtually each packet. + If the daemon sees a lot of traffic, the flow table might overflow, + resulting in forced expiration and 100% CPU usage. + . + Thanks Johanna Jerzembeck for reporting and testing. + + - fix flow_compare for comparing vlan and ether + [ - fix missing sequence in netflow v9 ] + + +--- a/softflowd.c ++++ b/softflowd.c +@@ -55,6 +55,8 @@ + static int verbose_flag = 0; /* Debugging flag */ + static u_int16_t if_index = 0; /* "manual" interface index */ + ++static int track_level; ++ + /* Signal handler flags */ + static volatile sig_atomic_t graceful_shutdown_request = 0; + +@@ -144,15 +146,21 @@ + { + /* Be careful to avoid signed vs unsigned issues here */ + int r; ++ if (track_level == TRACK_FULL_VLAN || track_level == TRACK_FULL_VLAN_ETHER) { ++ if (a->vlanid[0] != b->vlanid[0]) ++ return (a->vlanid[0] > b->vlanid[0] ? 1 : -1); ++ ++ if (a->vlanid[1] != b->vlanid[1]) ++ return (a->vlanid[1] > b->vlanid[1] ? 1 : -1); ++ } + +- if (a->vlanid != b->vlanid) +- return (a->vlanid > b->vlanid ? 1 : -1); +- ++ if (track_level == TRACK_FULL_VLAN_ETHER) { + if ((r = memcmp(&a->ethermac[0], &b->ethermac[0], 6)) != 0) + return (r > 0 ? 1 : -1); + + if ((r = memcmp(&a->ethermac[1], &b->ethermac[1], 6)) != 0) + return (r > 0 ? 1 : -1); ++ } + + if (a->af != b->af) + return (a->af > b->af ? 1 : -1); +@@ -1526,7 +1534,7 @@ + + ft->param.max_flows = DEFAULT_MAX_FLOWS; + +- ft->param.track_level = TRACK_FULL; ++ track_level = ft->param.track_level = TRACK_FULL; + + ft->param.tcp_timeout = DEFAULT_TCP_TIMEOUT; + ft->param.tcp_rst_timeout = DEFAULT_TCP_RST_TIMEOUT; +@@ -1882,6 +1890,7 @@ + usage(); + exit(1); + } ++ track_level = flowtrack.param.track_level; + break; + case 'L': + hoplimit = atoi(optarg); diff -Nru softflowd-0.9.9/debian/patches/series softflowd-0.9.9/debian/patches/series --- softflowd-0.9.9/debian/patches/series 2018-09-14 19:40:33.000000000 +0200 +++ softflowd-0.9.9/debian/patches/series 2019-12-05 00:21:02.000000000 +0100 @@ -14,3 +14,4 @@ cherry-pick.softflowd-0.9.9-13-g49c039a.added-define-default-source-line-to-avoid-warning-in-linux.patch cherry-pick.softflowd-0.9.9-14-g8a47e87.adding-current-repository-information-in-readme.patch cherry-pick.softflowd-0.9.9-16-gbbd0685.add-check-of-the-length-of-string-for-i-interface-option.patch +cherry-pick.softflowd-0.9.9-22-ge6d29a1.fix-some-bugs.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 932251-done@bugs.debian.org, 933839-done@bugs.debian.org, 939120-done@bugs.debian.org, 942520-done@bugs.debian.org, 943889-done@bugs.debian.org, 947102-done@bugs.debian.org, 947142-done@bugs.debian.org, 947172-done@bugs.debian.org, 947442-done@bugs.debian.org, 948333-done@bugs.debian.org, 948381-done@bugs.debian.org, 948786-done@bugs.debian.org, 948855-done@bugs.debian.org, 949113-done@bugs.debian.org, 949702-done@bugs.debian.org, 949890-done@bugs.debian.org, 949891-done@bugs.debian.org, 949897-done@bugs.debian.org, 949921-done@bugs.debian.org, 950104-done@bugs.debian.org, 950105-done@bugs.debian.org, 950478-done@bugs.debian.org, 950546-done@bugs.debian.org, 950547-done@bugs.debian.org, 950655-done@bugs.debian.org, 950765-done@bugs.debian.org, 950773-done@bugs.debian.org, 950795-done@bugs.debian.org, 950854-done@bugs.debian.org, 950918-done@bugs.debian.org, 951146-done@bugs.debian.org, 951399-done@bugs.debian.org, 951563-done@bugs.debian.org, 951761-done@bugs.debian.org, 951769-done@bugs.debian.org, 951871-done@bugs.debian.org, 952414-done@bugs.debian.org, 952441-done@bugs.debian.org, 952586-done@bugs.debian.org, 952785-done@bugs.debian.org, 953005-done@bugs.debian.org, 953124-done@bugs.debian.org, 953246-done@bugs.debian.org, 953647-done@bugs.debian.org, 953737-done@bugs.debian.org, 953797-done@bugs.debian.org, 954001-done@bugs.debian.org, 954073-done@bugs.debian.org, 954269-done@bugs.debian.org, 954398-done@bugs.debian.org, 954404-done@bugs.debian.org, 954714-done@bugs.debian.org, 954757-done@bugs.debian.org, 954835-done@bugs.debian.org, 954838-done@bugs.debian.org, 954862-done@bugs.debian.org, 954985-done@bugs.debian.org, 955395-done@bugs.debian.org, 955410-done@bugs.debian.org, 955508-done@bugs.debian.org, 955509-done@bugs.debian.org, 955510-done@bugs.debian.org, 955547-done@bugs.debian.org, 955860-done@bugs.debian.org, 956155-done@bugs.debian.org, 956216-done@bugs.debian.org, 956315-done@bugs.debian.org, 956533-done@bugs.debian.org, 956535-done@bugs.debian.org, 956536-done@bugs.debian.org, 956801-done@bugs.debian.org, 956861-done@bugs.debian.org, 956890-done@bugs.debian.org, 956913-done@bugs.debian.org, 956932-done@bugs.debian.org, 958053-done@bugs.debian.org, 958141-done@bugs.debian.org, 958173-done@bugs.debian.org, 958395-done@bugs.debian.org, 958399-done@bugs.debian.org, 958489-done@bugs.debian.org, 958490-done@bugs.debian.org, 958568-done@bugs.debian.org, 958714-done@bugs.debian.org, 958716-done@bugs.debian.org, 958814-done@bugs.debian.org, 958887-done@bugs.debian.org, 958916-done@bugs.debian.org, 958931-done@bugs.debian.org, 958969-done@bugs.debian.org, 958994-done@bugs.debian.org, 959081-done@bugs.debian.org, 959101-done@bugs.debian.org, 959224-done@bugs.debian.org, 959431-done@bugs.debian.org, 959489-done@bugs.debian.org, 948191-done@bugs.debian.org
- Subject: Closing requests included in 10.4 point release
- From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Date: Sat, 09 May 2020 11:53:52 +0100
- Message-id: <fd7fa4d56896c35aab49a5a51cb69727dc60e87a.camel@adam-barratt.org.uk>
Package: release.debian.org Version: 10.4 Hi, Each of the uploads referred to by these bugs was included in today's stable point release. Regards, Adam
--- End Message ---