Bug 112004

Summary: pppd receives error "Couldn't get channel number: bad address"
Product: Red Hat Enterprise Linux 3 Reporter: Brian Vandecoevering <brian.j.vandecoevering>
Component: kernelAssignee: Neil Horman <nhorman>
Status: CLOSED ERRATA QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: cww, davem, grgustaf, jbaron, nhorman, petrides, tao
Target Milestone: ---   
Target Release: ---   
Hardware: ia64   
OS: Linux   
Whiteboard:
Fixed In Version: RHSA-2006-0144 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-03-15 15:33:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 168424    
Attachments:
Description Flags
patch to correct use of put_user in ppp.o module
none
patch with correct fix for put_user on ia64 none

Description Brian Vandecoevering 2003-12-12 19:12:11 UTC
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)

Description of problem:
When executing pppd to connect to a remote server we get the 
following error:

Couldn't get channel number: Bad address

Afer further investigation and research on the internet I found there 
is a problem with the ppp_async module and that it could be fixed by 
replacing put_user with copy_to_user in a few of the ioctl calls.

I have made the modifications to the code thanks to a patch sent to 
me by an unknown source and it fixes the problem.  Unfortunately, 
asking our customers to rebuild the modules in the kernel is not an 
acceptable solution.

Version-Release number of selected component (if applicable):
ppp-2.4.3-ia64

How reproducible:
Always

Steps to Reproduce:
1.Make a modem connection to a remote server
2.run: pppd /dev/ttyS1 115200 -detach .......
3.    

Actual Results:  Couldn't get channel number: bad address

Expected Results:  pppd to return without error and a new ppp0 entry 
to show up when typing ifconfig

Additional info:

Comment 1 Thomas Woerner 2004-06-07 15:56:04 UTC
Do you had to modify kernel modules?

Comment 2 Jason Baron 2004-10-21 17:24:19 UTC
Brian, could you please attach the patch that you reference. thanks.

Comment 4 Jason Baron 2005-02-16 18:42:02 UTC
Brian, can we get a pointer to that patch? thanks.

Comment 10 Neil Horman 2005-08-12 15:25:05 UTC
Created attachment 117674 [details]
patch to correct use of put_user in ppp.o module

Think I've found the problem.  Its described pretty accurately here:
http://www.gelato.unsw.edu.au/archives/linux-ia64/0312/7755.html

The problem appears to be that registers get inappropriately clobbered when
functions are inlined as arguments to put_user (specifically to
__put_user_check).  The solution seems to be to make local copies of the passed
in arguments so as to avoid the register clobbering.  The fix, as proposed
works well in my test case.  Given the relative maturity of RHEL3 however, I'd
be nervous about proposing a modification to such a widely used macro w/o a lot
more testing.  Given that, I think the easier solution for the problem at hand
would be to simply move the inlined functions out of the put_user/get_user
macros in the ppp module, as this patch does.  It also passes my test case, and
I'm waiting for confirmation from the reporter now.

Comment 12 Neil Horman 2005-08-24 13:22:02 UTC
Created attachment 118056 [details]
patch with correct fix for put_user on ia64

Consensus on review was that this should probably be fixed the right way. 
Fixing __put_user_check so that passing in functions as the value to copy
worked, outweighed the potential risk of modifiying such a pervasive function. 
This patch corrects __put_user_check so that passed in functions are evaluated
prior to being passed to __put_user_size.

Comment 13 Ernie Petrides 2005-09-15 04:07:51 UTC
A fix for this problem has just been committed to the RHEL3 U7
patch pool this evening (in kernel version 2.4.21-37.2.EL).


Comment 22 Red Hat Bugzilla 2006-03-15 15:33:33 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0144.html