From owner-freebsd-current@FreeBSD.ORG Tue Sep 23 18:47:17 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CC34B1065671 for ; Tue, 23 Sep 2008 18:47:17 +0000 (UTC) (envelope-from minimarmot@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.169]) by mx1.freebsd.org (Postfix) with ESMTP id 557118FC20 for ; Tue, 23 Sep 2008 18:47:17 +0000 (UTC) (envelope-from minimarmot@gmail.com) Received: by wf-out-1314.google.com with SMTP id 24so2278355wfg.7 for ; Tue, 23 Sep 2008 11:47:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:cc:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=4mQUdCadPY0tqKrCVe3hXCnEhDoXP+xppMy4/JWagjE=; b=X9WG7bVknj8K0t+A6M4II6QtH/c6G3y1oR0gAFLq2bMWmVVEqEjco73gzSnY1Jol2b H04uzL3DJlru2qU8yUP0zK2UDdZjUJ7OyYU8Wol47w/u8/kKAPh4pEy++yE/vxhEExqP LgjKYUrwpoCJjn8l/5wPHSiVDcjFTbbfvvawY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:cc:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=ZQmzbq06ktJDa1d0SQ6SDUurAmS1TZy8CKpWBSJDqPeaCAcLOpg+8WTFNVuD0c0byX /K+FJSTXcwH4NIBACp5VM4eacBY7De5kve13jydPD29FMLw4MJdhwAe2FpF/45m86vmU H7m8oLNlbUDGuufvh90PhrZoUWsJfk9DfvNj4= Received: by 10.142.50.5 with SMTP id x5mr2129733wfx.162.1222193899324; Tue, 23 Sep 2008 11:18:19 -0700 (PDT) Received: by 10.142.204.17 with HTTP; Tue, 23 Sep 2008 11:18:19 -0700 (PDT) Message-ID: <47d0403c0809231118x1fa5ad3u4d24a399035fda80@mail.gmail.com> Date: Tue, 23 Sep 2008 14:18:19 -0400 From: "Ben Kaduk" To: "Stefan Ehmann" In-Reply-To: <200809231851.42849.shoesoft@gmx.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200809231851.42849.shoesoft@gmx.net> Cc: freebsd-current@freebsd.org Subject: Re: ipfw: LOR/panic with uid rules X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Sep 2008 18:47:17 -0000 On Tue, Sep 23, 2008 at 12:51 PM, Stefan Ehmann wrote: > Hello, > > Also posted about this problem recently in stable@. But got no replies there. > So I tried on a recent CURRENT but the problem persists: > > ipfw rules using uid are causing a deadlock. > eg. allow ip from any to any uid root > A simple HTTP fetch triggers this problem nearly instantly. > > For me, this problem existed in 6.x with PREEMPTION enabled. It was fixed in > 7.0. But in RELENG_7 and head it's back. This is a single processor i386 > machine. > I don't think this was ever guaranteed to work. See this post by Robert Watson to freebsd-hackers: http://lists.freebsd.org/pipermail/freebsd-hackers/2008-September/025930.html Perhaps the biggest problem is that there's a stack-layering violation inherent in this sort of rule; Robert's message has more detail. Nonetheless, it might be interesting if you had the time to track down a particular set of changes that caused the problem to return. -Ben Kaduk