Red Hat Bugzilla – Bug 294881
Kernel panic when mounting with insecure ports
Last modified: 2015-01-07 19:15:58 EST
Description of problem: Problem with "mount". Client is without any free insecure/local port. Server shares a folder with ack insecure. When client try to mount mount-point then kernel panic. Version-Release number of selected component (if applicable): I tried kernels: 2.6.18-8.1.8.el5, 2.6.18-47.el5 and 2.6.18-48.el5; nfs-utils-1.0.9-23.el5 or ..-16, util-linux-2.13-0.45.el5 or ..-30 How reproducible: Steps to Reproduce: Server: [root@vepro ~]# cat /etc/exports /export *(ro,insecure) # there is insecure ... I am using ports like "1024 to 61000" [root@vepro ~] service nfs restart # just to be sure Client 1.[root@nec-em14 ~]# echo 32768 32768 > /proc/sys/net/ipv4/ip_local_port_range 32768 32768 # two same numbers, for ex "32769 32768" etc. 2.[root@nec-em14 ~]# cat /proc/sys/net/ipv4/ip_local_port_range 32768 32768 3.[root@nec-em14 ~]# mount server:/export /import Actual results: always kernel panic Expected results: mount error like: "There is now free ports" Additional info:
Created attachment 198471 [details] Detailed steps and output
Created attachment 221251 [details] proposed patch I'm going to send it to netdev/lkml for the further upstream commit
patch has been posted: lkml: http://marc.info/?l=linux-kernel&m=119193843909227&w=2 netdev: http://marc.info/?l=linux-netdev&m=119193856709431&w=2
NetDev guys decided rework completely port assignment via sysctl/proc interfaces. Robustness and locking has been added. I'm going to test the patches next week. port_range: http://marc.info/?l=linux-netdev&m=119206109918235&w=2 SCTP: http://marc.info/?l=linux-netdev&m=119206106218187&w=2
Patches does not support the situation when we want to use the same minimal/maximal port numbers. I've triggered conversation of this issue.
I've posted justifying patch to netdev: http://marc.info/?l=linux-netdev&m=119271773922939&w=2
Justification has been accepted and committed.
Created attachment 232411 [details] proposed patch based on four-patches intersection: upstream commit# 06393009000779b00a558fd2f280882cc7dc2008 upstream commit# 227b60f5102cda4e4ab792b526a59c8cb20cd9f8 http://marc.info/?l=linux-mm-commits&m=119274231700326&w=2 upstream commit# 3f196eb519a419bf83ecc22753943fd0a0de4f8f
User psklenar@redhat.com's account has been closed
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Created attachment 269831 [details] proposed patch kabi breakage eliminated. actual change: EXPORT_SYMBOL(sysctl_local_port_range) and sysctl_local_port_range definition leaved untouched. This is safe for us and good for customers, since we promised to keep the kabi.
in 2.6.18-58.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0314.html