Bug 294881 - Kernel panic when mounting with insecure ports
Kernel panic when mounting with insecure ports
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.0
All Linux
low Severity low
: ---
: ---
Assigned To: Anton Arapov
Martin Jenner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-18 11:17 EDT by Jay Turner
Modified: 2015-01-07 19:15 EST (History)
3 users (show)

See Also:
Fixed In Version: RHBA-2008-0314
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-21 10:55:29 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Detailed steps and output (3.20 KB, application/octet-stream)
2007-09-18 11:17 EDT, Petr Sklenar
no flags Details
proposed patch (667 bytes, patch)
2007-10-09 09:42 EDT, Anton Arapov
no flags Details | Diff
proposed patch (18.13 KB, patch)
2007-10-19 06:48 EDT, Anton Arapov
no flags Details | Diff
proposed patch (17.62 KB, patch)
2007-11-27 10:20 EST, Anton Arapov
no flags Details | Diff

  None (edit)
Description Petr Sklenar 2007-09-18 11:17:40 EDT
Description of problem:
Problem with "mount". Client is without any free insecure/local port. Server
shares a folder with ack insecure. When client try to mount mount-point then
kernel panic.


Version-Release number of selected component (if applicable):
I tried kernels:  2.6.18-8.1.8.el5, 2.6.18-47.el5 and 2.6.18-48.el5;
nfs-utils-1.0.9-23.el5 or ..-16, util-linux-2.13-0.45.el5 or ..-30
How reproducible:


Steps to Reproduce:
Server:
[root@vepro ~]# cat /etc/exports
/export *(ro,insecure)
# there is insecure ... I am using ports like "1024 to 61000"
[root@vepro ~] service nfs restart 
# just to be sure
Client
1.[root@nec-em14 ~]# echo 32768 32768 > /proc/sys/net/ipv4/ip_local_port_range
32768   32768
# two same numbers, for ex "32769 32768" etc.
2.[root@nec-em14 ~]# cat /proc/sys/net/ipv4/ip_local_port_range
32768   32768
3.[root@nec-em14 ~]# mount server:/export /import
  
Actual results:
always kernel panic 

Expected results:
mount error like: "There is now free ports"

Additional info:
Comment 1 Petr Sklenar 2007-09-18 11:17:40 EDT
Created attachment 198471 [details]
Detailed steps and output
Comment 2 Anton Arapov 2007-10-09 09:42:25 EDT
Created attachment 221251 [details]
proposed patch

I'm going to send it to netdev/lkml for the further upstream commit
Comment 3 Anton Arapov 2007-10-09 10:05:56 EDT
patch has been posted:
lkml: http://marc.info/?l=linux-kernel&m=119193843909227&w=2
netdev: http://marc.info/?l=linux-netdev&m=119193856709431&w=2
Comment 4 Anton Arapov 2007-10-12 14:41:14 EDT
NetDev guys decided rework completely port assignment via sysctl/proc
interfaces. Robustness and locking has been added. I'm going to test the patches
next week.

port_range: http://marc.info/?l=linux-netdev&m=119206109918235&w=2
SCTP: http://marc.info/?l=linux-netdev&m=119206106218187&w=2 
Comment 5 Anton Arapov 2007-10-16 07:55:37 EDT
Patches does not support the situation when we want to use the same
minimal/maximal port numbers. I've triggered conversation of this issue.
Comment 6 Anton Arapov 2007-10-18 10:31:09 EDT
I've posted justifying patch to netdev:
http://marc.info/?l=linux-netdev&m=119271773922939&w=2
Comment 7 Anton Arapov 2007-10-19 02:40:26 EDT
Justification has been accepted and committed. 
Comment 8 Anton Arapov 2007-10-19 06:48:05 EDT
Created attachment 232411 [details]
proposed patch

based on four-patches intersection:
upstream commit# 06393009000779b00a558fd2f280882cc7dc2008
upstream commit# 227b60f5102cda4e4ab792b526a59c8cb20cd9f8
http://marc.info/?l=linux-mm-commits&m=119274231700326&w=2
upstream commit# 3f196eb519a419bf83ecc22753943fd0a0de4f8f
Comment 9 Red Hat Bugzilla 2007-10-31 21:30:53 EDT
User psklenar@redhat.com's account has been closed
Comment 10 RHEL Product and Program Management 2007-11-20 00:15:24 EST
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 12 Anton Arapov 2007-11-27 10:20:24 EST
Created attachment 269831 [details]
proposed patch

kabi breakage eliminated.
actual change: EXPORT_SYMBOL(sysctl_local_port_range) and
sysctl_local_port_range definition leaved untouched. This is safe for us and
good for customers, since we promised to keep the kabi.
Comment 13 Don Zickus 2007-11-29 12:06:18 EST
in 2.6.18-58.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5
Comment 16 errata-xmlrpc 2008-05-21 10:55:29 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2008-0314.html

Note You need to log in before you can comment on or make changes to this bug.