← Back to team overview

desktop-packages team mailing list archive

[Bug 1511735] Re: libnl: fail to bind() netlink sockets


Hello Nicolas, or anyone else affected,

Accepted libnl3 into trusty-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/libnl3/3.2.21-1ubuntu1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in

** Changed in: libnl3 (Ubuntu Trusty)
       Status: Triaged => Fix Committed

** Tags added: verification-needed

You received this bug notification because you are a member of Desktop
Packages, which is subscribed to libnl3 in Ubuntu.

  libnl: fail to bind() netlink sockets

Status in libnl3 package in Ubuntu:
  Fix Released
Status in libnl3 source package in Trusty:
  Fix Committed
Status in libnl3 package in Debian:

Bug description:

   * Applications in Trusty using libnl-3-200 which frequently open and
     close netlink sockets can easily fail when attempting to bind the
     local socket.  The problem happens when libnl choose a port id
     already used by another application and subsequently libnl fails
     instead of trying another port id.
     The original bug was discovered when attempting to start a virtual
     machine under libvirt, which is a user of this library.

   * Backporting fixes from upstream release fixes a real bug in the
     current version of the library in Trusty.  The alternative is for all
     applications to manually manage their local port allocation, or as
     upstream has accepted allowing libnl to attempt to try for other
     local ports.

   * All patches applied are already accepted upstream and newer Ubuntu
     releases are not affected.

  [Test Case]

   * On a Trusty 14.04 system
     1. sudo apt-get install libnl-3-200 libnl-3-dev libnl-3-dev \
                             libnl-genl-3-dev libnl-route-3-200 \
                             make gcc build-essential libnl1
     2. download and unpack attachment: lp_1511735_test.tar
     3. Run testcases:

      % if ./example.sh; then echo "libnl OK"; else echo "libnl FAILED"; fi 
      gcc -o example -I/usr/include/libnl3 example.c -lnl-3 -lnl-genl-3
      set manually the local port to 6975 (pid: 6974)
      local port has been set by the libnl to 6975 (pid: 6975)
      ERROR: genl_connect(): Object exists (local port: 6975, pid: 6975)
      libnl FAILED
      % python libnl3-test-rh1249158.py a b c d
      ulimit(NOFILE) = (2048, 4096)
      Test: PID=6978
      TEST (a)...
      Traceback (most recent call last):
        File "libnl3-test-rh1249158.py", line 226, in <module>
          locals()["TEST_" + arg]()
        File "libnl3-test-rh1249158.py", line 140, in TEST_a
          sk = nl_get_socket()
        File "libnl3-test-rh1249158.py", line 115, in nl_get_socket
          raise IOError(-err, _nl_geterror())
      OSError: [Errno 6] b'Unspecific failure'

     4. After applying the updated packages:

      % if ./example.sh; then echo "libnl OK"; else echo "libnl FAILED"; fi
      gcc -o example -I/usr/include/libnl3 example.c -lnl-3 -lnl-genl-3
      set manually the local port to 11295 (pid: 11294)
      local port has been set by the libnl to 2894081055 (pid: 11295)
      libnl OK
      % python libnl3-test-rh1249158.py a b c d
      ulimit(NOFILE) = (2048, 4096)
      Test: PID=11296
      TEST (a)...
      TEST (b)...
      TEST (c)...
      TEST (d)...
  [Regression Potential] 

   * There are quite a few high profile packages that depend on this package,
     notably libvirt and network-manager.  The complete list is here:

     # on Trusty
      % apt-rdepends -r libnl-3-200 | head -n 33
        Reverse Depends: batctl (>= 2013.4.0-2)
        Reverse Depends: bmon (>= 1:3.1-1)
        Reverse Depends: crda (>= 1.1.2-1ubuntu2)
        Reverse Depends: hostapd (>= 1:2.1-0ubuntu1)
        Reverse Depends: ipvsadm (>= 1:1.26-2ubuntu1)
        Reverse Depends: iw (>= 3.4-1)
        Reverse Depends: keepalived (>= 1:1.2.7-1ubuntu1)
        Reverse Depends: kismet (>= 2013.03.R1b-3)
        Reverse Depends: knemo (>= 0.7.6-2)
        Reverse Depends: libfsobasics3 (>= 0.12.0-4)
        Reverse Depends: libnetcf1 (>= 1:0.2.3-4ubuntu1)
        Reverse Depends: libnl-3-200-dbg (= 3.2.21-1)
        Reverse Depends: libnl-3-dev (= 3.2.21-1)
        Reverse Depends: libnl-cli-3-200 (= 3.2.21-1)
        Reverse Depends: libnl-genl-3-200 (= 3.2.21-1)
        Reverse Depends: libnl-nf-3-200 (= 3.2.21-1)
        Reverse Depends: libnl-route-3-200 (= 3.2.21-1)
        Reverse Depends: libnl-utils (>= 3.2.21-1)
        Reverse Depends: libnss-gw-name (>= 0.3-2)
        Reverse Depends: libvirt-bin (>= 1.2.2-0ubuntu13)
        Reverse Depends: libvirt0 (>= 1.2.2-0ubuntu13)
        Reverse Depends: lowpan-test-tools (>= 0.3-1)
        Reverse Depends: lowpan-tools (>= 0.3-1)
        Reverse Depends: neard (>= 0.11-1)
        Reverse Depends: neard-tools (>= 0.11-1)
        Reverse Depends: network-manager (>=
        Reverse Depends: ntrack-module-libnl-0 (>= 016-1.2ubuntu2)
        Reverse Depends: plainbox-provider-resource-generic (>= 0.3-1)
        Reverse Depends: powertop (>= 2.5-1ubuntu1)
        Reverse Depends: quota (>= 4.01-3)
        Reverse Depends: sssd-common (>= 1.11.5-1ubuntu3)
        Reverse Depends: wpasupplicant (>= 2.1-0ubuntu1)

   * This patch does change the default behavoir when asking libnl-3-200
     to generate local ports.  Applications (or libraries) may already
     have retry code in-place and it's not clear if those applications
     would break.

  [Original Description]
  The following upstream patches are needed in order to avoid failures when binding a netlink socket:

  1f734a8f892a lib/socket: randomize the generated local port

  4dd5fdd0af2c lib/socket: retry generate local port in nl_connect on ADDRINUSE

  027157898708 lib/socket: don't fail if no more local ports can be assigned in nl_socket_alloc

  0fd510b3673f lib/socket: use proper typed constant UINT32_MAX for uint32_t typed port

  Without these patches, an application which opens and closes regularly
  netlink sockets can easily fails to bind them.

To manage notifications about this bug go to: