kernel-packages team mailing list archive

Thread
Date

[Bug 1326473] Re: No /proc/sys/net/ipv4/tcp_syncookies present with 2.6.32-61-generic #123 in -proposed

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Tyler Hicks <tyhicks@xxxxxxxxxxxxx>
Date: Wed, 04 Jun 2014 18:04:00 -0000
Reply-to: Bug 1326473 <1326473@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This issue is unrelated to the SYN cookie check in test-kernel-security.py. It
just so happens that the test caught the bug. Here's two kernel stack dumps
that I see in the logs after booting the 2.6.32-61-generic #123 kernel:

 sysctl table check failed: /net/core/somaxconn .3.1.18 Missing strategy
 Pid: 1, comm: swapper Not tainted 2.6.32-61-generic #123-Ubuntu
 Call Trace:
  [<ffffffff8108f509>] set_fail+0x59/0x60
  [<ffffffff8108f83b>] sysctl_check_table+0x16b/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8107235d>] __register_sysctl_paths+0x11d/0x360
  [<ffffffff8108f84c>] ? sysctl_check_table+0x17c/0x4b0
  [<ffffffff81535181>] register_net_sysctl_table+0x61/0x70
  [<ffffffff81462765>] sysctl_core_net_init+0x45/0xb0
  [<ffffffff81461b08>] register_pernet_operations+0x48/0x100
  [<ffffffff8188e882>] ? sysctl_core_init+0x0/0x38
  [<ffffffff81461c6c>] register_pernet_subsys+0x2c/0x50
  [<ffffffff8188e8b8>] sysctl_core_init+0x36/0x38
  [<ffffffff8100a04c>] do_one_initcall+0x3c/0x1a0
  [<ffffffff818576d1>] do_basic_setup+0x54/0x66
  [<ffffffff818577f1>] kernel_init+0x10e/0x162
  [<ffffffff810141ea>] child_rip+0xa/0x20
  [<ffffffff818576e3>] ? kernel_init+0x0/0x162
  [<ffffffff810141e0>] ? child_rip+0x0/0x20


 sysctl table check failed: /net/ipv4/ip_no_pmtu_disc .3.5.39 Missing strategy
 Pid: 1, comm: swapper Not tainted 2.6.32-61-generic #123-Ubuntu
 Call Trace:
  [<ffffffff8108f509>] set_fail+0x59/0x60
  [<ffffffff8108f83b>] sysctl_check_table+0x16b/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8107235d>] __register_sysctl_paths+0x11d/0x360
  [<ffffffff811a4808>] ? __proc_create+0xd8/0x130
  [<ffffffff8189029a>] ? sysctl_ipv4_init+0x0/0x4e
  [<ffffffff810725cb>] register_sysctl_paths+0x2b/0x30
  [<ffffffff818902b6>] sysctl_ipv4_init+0x1c/0x4e
  [<ffffffff8100a04c>] do_one_initcall+0x3c/0x1a0
  [<ffffffff818576d1>] do_basic_setup+0x54/0x66
  [<ffffffff818577f1>] kernel_init+0x10e/0x162
  [<ffffffff810141ea>] child_rip+0xa/0x20
  [<ffffffff818576e3>] ? kernel_init+0x0/0x162
  [<ffffffff810141e0>] ? child_rip+0x0/0x20


The first stack dump involves the /net/core/somaxconn sysctl. Looking at the
git log of changes that went into this kernel, I'd say that the following
commit is the likely culprit:

  d77028f net: check net.core.somaxconn sysctl values

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1326473

Title:
  No /proc/sys/net/ipv4/tcp_syncookies present with 2.6.32-61-generic
  #123 in -proposed

Status in “linux” package in Ubuntu:
  Incomplete

Bug description:
  The following security test failure is seen with the Platform QA
  Regression Testing task with 2.6.32-61-generic #123 kernel.

  06/04 15:06:05 ERROR|base_utils:0114| [stderr] 
  06/04 15:06:05 ERROR|base_utils:0114| [stderr] ======================================================================
  06/04 15:06:05 ERROR|base_utils:0114| [stderr] FAIL: SYN cookies is enabled
  06/04 15:06:05 ERROR|base_utils:0114| [stderr] ----------------------------------------------------------------------
  06/04 15:06:05 ERROR|base_utils:0114| [stderr] Traceback (most recent call last):
  06/04 15:06:05 ERROR|base_utils:0114| [stderr]   File "./test-kernel-security.py", line 359, in test_033_syn_cookies
  06/04 15:06:05 ERROR|base_utils:0114| [stderr]     self._test_sysctl_value('net/ipv4/tcp_syncookies', expected)
  06/04 15:06:05 ERROR|base_utils:0114| [stderr]   File "/home/ubuntu/autotest/client/tmp/ubuntu_qrt_kernel_security/src/scripts/testlib.py", line 1050, in _test_sysctl_value
  06/04 15:06:05 ERROR|base_utils:0114| [stderr]     self.assertEquals(exists, os.path.exists(sysctl), sysctl)
  06/04 15:06:05 ERROR|base_utils:0114| [stderr] AssertionError: /proc/sys/net/ipv4/tcp_syncookies

  Please see https://jenkins.qa.ubuntu.com/view/All/job/sru_kernel-
  lucid-
  generic_i386-amd_64-mga_g200ew/47/testReport/junit/autotest/ubuntu_qrt_kernel_security/test_kernel_security_py/
  for detailed logs.

  This can also be seen linux-ec2: 2.6.32-365.78 too.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1326473/+subscriptions

References

[Bug 1326473] [NEW] No /proc/sys/net/ipv4/tcp_syncookies present with 2.6.32-61-generic #123 in -proposed
From: Parameswaran Sivatharman, 2014-06-04