Bug 624507 - Network filter driver not handling driver reload (SIGHUP) correctly
Network filter driver not handling driver reload (SIGHUP) correctly
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libvirt (Show other bugs)
6.1
All Linux
low Severity medium
: rc
: ---
Assigned To: Daniel Veillard
Virtualization Bugs
: RHELNAK
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-16 13:43 EDT by Stefan Berger
Modified: 2011-05-19 09:20 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-05-19 09:20:20 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Stefan Berger 2010-08-16 13:43:01 EDT
Description of problem:

The network filter driver was not handling the driver reload upon SIGHUP correctly and could lead to crashes of libvirtd in case a VM using an nwfilter was running.

Version-Release number of selected component (if applicable):


How reproducible:

kill -SIGHUP <libvirtd pid>

  
Actual results:

If a VM using nwfilters is running and a SIGHUP signal is sent to libvirtd, a segmentation fault will result during nwfilter driver reload.

Expected results:

The nwfilter driver should rebuild the network traffic filters for VMs.

Additional info:

The following patches have been applied to recent libvirt tree to solve this problem (August 13 & 16):

ID of patch:

bed3a217f6faf1e668760feb82d83b05faa311ca
753d76e0cd3554acb6c087d1ce3a2aa6f1dda203
cf6f8b9a9720fe5323a84e690de9fbf8ba41f6ac

From an up-to-date libvirt checkout these patches can be downloaded using:

git log -p -n 1 ${id}
Comment 2 RHEL Product and Program Management 2010-08-16 13:58:42 EDT
This issue has been proposed when we are only considering blocker
issues in the current Red Hat Enterprise Linux release.

** If you would still like this issue considered for the current
release, ask your support representative to file as a blocker on
your behalf. Otherwise ask that it be considered for the next
Red Hat Enterprise Linux release. **
Comment 3 Stefan Berger 2010-10-29 17:20:11 EDT
Patches have been applied as shown above. Can this bug be closed now?
Comment 5 xhu 2011-02-14 03:16:47 EST
I have verified it on RHEL6_x86_64 Server with the following components and it passed:
libvirt-0.8.7-6.el6.x86_64
qemu-kvm-0.12.1.2-2.144.el6.x86_64
kernel-2.6.32-113.el6.x86_64

The steps are as follows:
1 Get libvirtd pid and send SIGHUP to libvirtd 
# ps -edf|grep libvirtd
root      5968     1  0 16:59 ?        00:00:00 libvirtd --daemon
root      6153  6107  0 17:01 pts/0    00:00:00 grep libvirtd
# kill -SIGHUP 5968

2 list nwfilter rules
# virsh nwfilter-list
UUID                                  Name                 
----------------------------------------------------------------
d620cdf9-0f09-9d1c-2999-6c32bf718d3f  allow-arp           
5aba0b89-aa3d-a0ef-35d3-89f4e368c76d  allow-dhcp          
2db6d4b7-3608-b047-c675-a701c1e93d65  allow-dhcp-server   
26393bb3-f8b1-c485-e567-76d86eca445f  allow-incoming-ipv4 
b0e4f13b-ac3f-2ebd-cd4c-1ee5db3bb71a  allow-ipv4          
b190d301-7ac8-b077-f6fc-134170f0b0cd  clean-traffic       
f88f1932-debf-4aa1-9fbe-f10d3aa4bc95  no-arp-spoofing     
d5fb3aab-763d-9fd7-7224-a806b8401596  no-ip-multicast     
1ef235b7-73cc-2f41-ab61-458c05d05930  no-ip-spoofing      
a1a836f9-5d32-ce16-03d5-913181f38b29  no-mac-broadcast    
3ff93219-6da0-7c92-5b2d-8c0656b8a224  no-mac-spoofing     
2333635d-aa71-597c-1ef5-2155a9d751e4  no-other-l2-traffic 
0fb161d8-7dff-c453-e4d3-e9bdbb859233  no-other-rarp-traffic
e03ad655-95c8-a5d1-f6a6-65ab5f44b719  qemu-announce-self  
f4dae6b8-008e-f42e-777a-ae0ef9499592  qemu-announce-self-rarp

After step 1, no errors occur and the nwfilter rules can be listed
Comment 8 errata-xmlrpc 2011-05-19 09:20:20 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0596.html

Note You need to log in before you can comment on or make changes to this bug.