← Back to team overview

group.of.nepali.translators team mailing list archive

[Bug 1772456] Re: ebtables lock file fcntl errno value not correctly checked

 

thanks @setuid for reproducer bash script that I used in description

** Also affects: ebtables (Ubuntu Precise)
   Importance: Undecided
       Status: New

** Also affects: ebtables (Ubuntu Trusty)
   Importance: Undecided
       Status: New

** Also affects: ebtables (Ubuntu Artful)
   Importance: Undecided
       Status: New

** Also affects: ebtables (Ubuntu Cosmic)
   Importance: Medium
     Assignee: Dan Streetman (ddstreet)
       Status: In Progress

** Also affects: ebtables (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: ebtables (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** No longer affects: ebtables (Ubuntu Precise)

** Also affects: ebtables (Ubuntu Precise)
   Importance: Undecided
       Status: New

** No longer affects: ebtables (Ubuntu Precise)

** Changed in: ebtables (Ubuntu Trusty)
       Status: New => In Progress

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1772456

Title:
  ebtables lock file fcntl errno value not correctly checked

Status in ebtables package in Ubuntu:
  In Progress
Status in ebtables source package in Trusty:
  In Progress
Status in ebtables source package in Xenial:
  New
Status in ebtables source package in Artful:
  New
Status in ebtables source package in Bionic:
  New
Status in ebtables source package in Cosmic:
  In Progress

Bug description:
  [impact]

  bug 1645324 introduced code to improve the existing file-based
  locking, by using fcntl instead of exclusive file opening.

  However, when fcntl fails the new code tries to check for errno of
  EAGAIN or EACCES, but does so incorrectly:

  +		ret = fcntl(lockfd, F_SETLK, &fl);
  +		if (ret == -1 && errno != (EAGAIN || EACCES))

  "errno != (EAGAIN || EACCES)" is not correct, because it will always
  evaluate to true when errno is either EAGAIN or EACCES; the bitwise OR
  of EAGAIN (11) and EACCES (13) produces 15 (ENOTBLK) which will never
  match either, so != always is true.

  [test case]

  run ebtables in a tight loop from two separate shells, to force
  lockfile contention, for example:

  #!/bin/bash

  dev="$1"

  while test 1; do
  sleep 0
  ebtables --concurrent -t nat -A PREROUTING -i ${dev} -j ACCEPT
  if [ $? -ne 0 ]; then
  echo "odd!"
  fi
  ebtables --concurrent -t nat -D PREROUTING -i ${dev} -j ACCEPT
  if [ $? -ne 0 ]; then
  echo "odd!"
  fi
  done

  that can be run with any text param (e.g. "foo" and "bar") from 2
  shells, to produce the failure:

  Unable to create lock file /var/lib/ebtables/lock.

  [regression potential]

  like the previous patch, this change also has the potential to
  introduce errors in file locking that ebtables uses; however
  considering the file locking currently does not work at all due to the
  above logic error, this patch should only help.  The only regression
  potential is see is the possibility of breaking non-contended file
  locking, which currently does work.

  [other info]

  see previous bug 1645324
  https://launchpad.net/bugs/1645324

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ebtables/+bug/1772456/+subscriptions