Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 27 Sep 2008 20:14:49 +0100 (BST)
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Ganbold <ganbold@micom.mng.net>
Cc:        cvs-src@FreeBSD.org, src-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject:   Re: cvs commit: src/sys/netinet ip_fw2.c
Message-ID:  <alpine.BSF.1.10.0809272013380.20117@fledge.watson.org>
In-Reply-To: <48DE5C4F.8040807@micom.mng.net>
References:  <200809271014.m8RAENka041457@repoman.freebsd.org> <48DE5C4F.8040807@micom.mng.net>

next in thread | previous in thread | raw e-mail | index | archive | help

On Sun, 28 Sep 2008, Ganbold wrote:

> Robert Watson wrote:
>> rwatson     2008-09-27 10:14:02 UTC
>>
>>   FreeBSD src repository
>>
>>   Modified files:
>>     sys/netinet          ip_fw2.c   Log:
>>   SVN rev 183398 on 2008-09-27 10:14:02Z by rwatson
>>     Rather than shadowing global variable 'lookup' in check_uidgid(), 
>> rename
>>   it to ugid_lookupp.  This should make debugging issues with ipfw uid
>>   rules easier.
>> 
> Still panics:
>
> (kgdb) bt
> #0  doadump () at pcpu.h:221
> #1  0xc07b56fe in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418
> #2  0xc07b59c3 in panic (fmt=Variable "fmt" is not available.
> ) at /usr/src/sys/kern/kern_shutdown.c:572
> #3  0xc07b3e86 in _rw_rlock (rw=0xc0e1d9ec, file=0xc284deed 
> "/usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c", line=2020)
>   at /usr/src/sys/kern/kern_rwlock.c:283
> #4  0xc284c92a in ipfw_chk (args=0xc22c589c) at 
> /usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c:2020
> #5  0xc284d4c8 in ipfw_check_out (arg=0x0, m0=0xc22c59c0, ifp=0xc25b2c00, 
> dir=2, inp=0xc2731c60)

Something seems odd here, we may be looking at an ipfw bug.  The goal of 
passing down the inpcb is that ipfw doesn't have to look it up (and hence 
avoids acquiring locks in ipfw on the outbound path) -- the stack arguments 
clearly show it held in ipfw, but locks are acquired anyway.  This particular 
change was purely cosmetic, but I'll review the ipfw code more closely and see 
about a fix...

Robert N M Watson
Computer Laboratory
University of Cambridge


>   at /usr/src/sys/modules/ipfw/../../netinet/ip_fw_pfil.c:253
> #6  0xc0860458 in pfil_run_hooks (ph=0xc0e1ccc0, mp=0xc22c5a30, 
> ifp=0xc25b2c00, dir=2, inp=0xc2731c60) at /usr/src/sys/net/pfil.c:79
> #7  0xc08a87b2 in ip_output (m=0xc266ac00, opt=0x0, ro=0xc22c5a38, flags=0, 
> imo=0x0, inp=0xc2731c60)
>   at /usr/src/sys/netinet/ip_output.c:452
> #8  0xc090f5ee in tcp_twrespond (tw=0xc2ae1d68, flags=Variable "flags" is not 
> available.
> ) at /usr/src/sys/netinet/tcp_timewait.c:602
> #9  0xc090fa46 in tcp_twcheck (inp=0xc2731c60, to=0xc22c5b50, th=0xc2668958, 
> m=0xc2668900, tlen=0)
>   at /usr/src/sys/netinet/tcp_timewait.c:407
> #10 0xc090482a in tcp_input (m=0xc2668900, off0=20) at 
> /usr/src/sys/netinet/tcp_input.c:554
> #11 0xc08a6dc0 in ip_input (m=0xc2668900) at 
> /usr/src/sys/netinet/ip_input.c:670
> #12 0xc085fc53 in netisr_dispatch (num=2, m=0xc2668900) at 
> /usr/src/sys/net/netisr.c:178
> #13 0xc0859ba1 in ether_demux (ifp=0xc25b2c00, m=0xc2668900) at 
> /usr/src/sys/net/if_ethersubr.c:842
> #14 0xc085a00f in ether_input (ifp=0xc25b2c00, m=0xc2668900) at 
> /usr/src/sys/net/if_ethersubr.c:700
> #15 0xc057fefc in edintr (arg=0xc2534800) at /usr/src/sys/dev/ed/if_ed.c:1292
> #16 0xc0796ef5 in intr_event_execute_handlers (p=0xc24ba7d4, ie=0xc24d8e00) 
> at /usr/src/sys/kern/kern_intr.c:1134
> #17 0xc0797b6f in ithread_loop (arg=0xc2570800) at 
> /usr/src/sys/kern/kern_intr.c:1147
> #18 0xc0794cb8 in fork_exit (callout=0xc0797ad0 <ithread_loop>, 
> arg=0xc2570800, frame=0xc22c5d38) at /usr/src/sys/kern/kern_fork.c:810
> #19 0xc0ab2110 in fork_trampoline () at 
> /usr/src/sys/i386/i386/exception.s:270
> (kgdb) fr 4
> #4  0xc284c92a in ipfw_chk (args=0xc22c589c) at 
> /usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c:2020
> 2020            INP_INFO_RLOCK(pi);
> (kgdb) p inp
> No symbol "inp" in current context.
> (kgdb) p lookup
> $1 = {int (struct nameidata *)} 0xc0831e60 <lookup>
> (kgdb) p pi
> No symbol "pi" in current context.
> (kgdb) fr 5
> #5  0xc284d4c8 in ipfw_check_out (arg=0x0, m0=0xc22c59c0, ifp=0xc25b2c00, 
> dir=2, inp=0xc2731c60)
>   at /usr/src/sys/modules/ipfw/../../netinet/ip_fw_pfil.c:253
> 253        ipfw = ipfw_chk(&args);
> (kgdb) p inp
> $2 = (struct inpcb *) 0xc2731c60
> (kgdb) p lookup
> $3 = {int (struct nameidata *)} 0xc0831e60 <lookup>
> (kgdb) list
> 248        }
> 249   250        args.m = *m0;
> 251        args.oif = ifp;
> 252        args.inp = inp;
> 253        ipfw = ipfw_chk(&args);
> 254        *m0 = args.m;
> 255        tee = 0;
> 256   257        KASSERT(*m0 != NULL || ipfw == IP_FW_DENY, ("%s: m0 is 
> NULL",
> (kgdb) fr 4
> #4  0xc284c92a in ipfw_chk (args=0xc22c589c) at 
> /usr/src/sys/modules/ipfw/../../netinet/ip_fw2.c:2020
> 2020    h = 0;
> (kgdb) list
> 2015    dcard = INPLOOKUP_WILDCARD;
> 2016            pi = &V_udbinfo;
> 2017        } else
> 2018            return 0;
> 2019        match = 0;
> 2020        if (*ugid_lookupp == 0) {
> 2021            INP_INFO_RLOCK(pi);
> 2022            pcb =  (oif) ?
> 2023                in_pcblookup_hash(pi,
> 2024                    dst_ip, htons(dst_port),
> (kgdb) p ugid_lookupp
> No symbol "ugid_lookupp" in current context.
> (kgdb) p *ugid_lookupp
> No symbol "ugid_lookupp" in current context.
> (kgdb) fr 5
> #5  0xc284d4c8 in ipfw_check_out (arg=0x0, m0=0xc22c59c0, ifp=0xc25b2c00, 
> dir=2, inp=0xc2731c60)
>   at /usr/src/sys/modules/ipfw/../../netinet/ip_fw_pfil.c:253
> 253        ipfw = ipfw_chk(&args);
> (kgdb) p *ugid_lookupp
> No symbol "ugid_lookupp" in current context.
> (kgdb)
>
>
>
>>     MFC after:      3 days
>>     Revision  Changes    Path
>>   1.194     +8 -8      src/sys/netinet/ip_fw2.c
>> _______________________________________________
>> cvs-all@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/cvs-all
>> To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
>> 
>> 
>>
>> 
>
>
> -- 
> Where there's a will, there's an Inheritance Tax.
>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.1.10.0809272013380.20117>