[SRU][N][PATCH 0/4] re-enable Ubuntu FAN in the Noble kernel

Andrea Righi andrea.righi at canonical.com
Wed May 29 14:25:55 UTC 2024 

On Wed, May 29, 2024 at 04:11:58PM +0200, Stefan Bader wrote:
> On 01.05.24 14:34, Andrea Righi wrote:
> > BugLink: https://bugs.launchpad.net/bugs/2064508
> > 
> > [Impact]
> > 
> > In LP: #2063298, we have opted to deprecate Ubuntu FAN support because
> > of the maintenance overhead and the possibility of regressions /
> > conflicts with the new networking eBPF APIs in kernels >= 6.8.
> > 
> > However, we cannot disable this feature in HWE/backport kernels, so it
> > seems safer to adjust the Ubuntu FAN kernel patch set to ensure proper
> > co-existence with the updated vxlan policy requirements in newer 6.8
> > kernels.
> > 
> > The re-introduction of Ubuntu FAN should be considered as a temporary
> > measure, aimed at facilitating a smooth transition during its
> > deprecation without disrupting existing users (specifically Juju), and
> > enabling the backporting of 6.8 kernels to older releases.
> > 
> > The main plan is still to deprecate Ubuntu FAN in newer releases.
> > 
> > [Test case]
> > 
> > Rely on the specific Ubuntu FAN regression test to validate the proper
> > kernel support of this feature:
> > 
> > https://git.launchpad.net/~canonical-kernel-team/+git/autotest-client-tests/tree/ubuntu_fan_smoke_test?h=autotest3
> > 
> > [Fix]
> > 
> > Re-apply the Ubuntu FAN patch set to the latest Noble kernel 6.8 and
> > integrate the IFLA_VXLAN_FAN_MAP attribute type in vxlan_policy to
> > satisfy the strict length validation check.
> > 
> > Test result (ubuntu_fan_smoke_test) with this patch set applied to the
> > latest Noble kernel:
> > 
> >   11:48:05 INFO | Writing results to /home/ubuntu/autotest/client/results/default
> >   11:48:05 INFO | START	----	----	timestamp=1714564085	localtime=May 01 11:48:05
> >   11:48:05 INFO | 	START	ubuntu_fan_smoke_test.setup	ubuntu_fan_smoke_test.setup	timeout=1200	timestamp=1714564085	localtime=May 01 11:48:05
> >   11:48:07 INFO | 		GOOD	ubuntu_fan_smoke_test.setup	ubuntu_fan_smoke_test.setup	timestamp=1714564087	localtime=May 01 11:48:07	completed successfully
> >   11:48:07 INFO | 	END GOOD	ubuntu_fan_smoke_test.setup	ubuntu_fan_smoke_test.setup	timestamp=1714564087	localtime=May 01 11:48:07
> >   11:48:07 INFO | 	START	ubuntu_fan_smoke_test.fan-smoke-test	ubuntu_fan_smoke_test.fan-smoke-test	timeout=1800	timestamp=1714564087	localtime=May 01 11:48:07
> >   11:51:46 INFO | Testing Fan Networking (pre-0.13.0 API)
> >   11:51:46 INFO | docker pull --platform linux/amd64 ubuntu: PASSED
> >   11:51:46 INFO | enable disable fan test: PASSED
> >   11:51:46 INFO | fanctl show test: PASSED
> >   11:51:46 INFO | fanctl check bridge config test: PASSED
> >   11:51:46 INFO | fanatic docker test(--dns=192.168.122.1): PASSED
> >   11:51:47 INFO | 		GOOD	ubuntu_fan_smoke_test.fan-smoke-test	ubuntu_fan_smoke_test.fan-smoke-test	timestamp=1714564307	localtime=May 01 11:51:47	completed successfully
> >   11:51:47 INFO | 	END GOOD	ubuntu_fan_smoke_test.fan-smoke-test	ubuntu_fan_smoke_test.fan-smoke-test	timestamp=1714564307	localtime=May 01 11:51:47
> >   11:51:47 INFO | END GOOD	----	----	timestamp=1714564307	localtime=May 01 11:51:47
> >   11:51:47 INFO | Report successfully generated at /home/ubuntu/autotest/client/results/default/job_report.html
> > 
> > [Regression potential]
> > 
> > We may experience regressions with eBPF vxlan capabilities and
> > potentially specific use cases of the Ubuntu FAN technology (Juju
> > installations).
> > 
> > ----------------------------------------------------------------
> > Andrea Righi (1):
> >        UBUNTU: SAUCE: fan: support vxlan strict length validation
> > 
> > Jay Vosburgh (2):
> >        UBUNTU: SAUCE: fan: tunnel multiple mapping mode (v3)
> >        UBUNTU: SAUCE: fan: add VXLAN implementation
> > 
> > Juerg Haefliger (1):
> >        UBUNTU: SAUCE: fan: Fix NULL pointer dereference
> > 
> >   drivers/net/vxlan/vxlan_core.c | 264 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
> >   include/net/ip_tunnels.h       |  28 +++++++++++
> >   include/net/vxlan.h            |   2 +
> >   include/uapi/linux/if_link.h   |   1 +
> >   include/uapi/linux/if_tunnel.h |  19 ++++++++
> >   net/ipv4/ip_tunnel.c           |   2 +-
> >   net/ipv4/ipip.c                | 311 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
> >   7 files changed, 624 insertions(+), 3 deletions(-)
> > 
> 
> Did we not say this should be encapsulated by a config option so we can for
> now leave it disabled in Noble and enabled in hwe-6.8?

Correct, sorry, I should have mentioned in the bug description.

With the extra fix (PATCH 4/4) there's really no benefit to provide a
separate CONFIG, considering that we're not breaking anymore the
upstream vxlan_policy rules and the special ubuntu-fan is now compliant
with the length validation rules.

We are still planning to drop ubuntu-fan in 24.10, but at least for now
it can co-exist in the 24.04 kernel(s) without breaking anything. And
the same change can be propagated to the hwe kernels without any special
config change.

-Andrea

More information about the kernel-team mailing list