NetBSD Problem Report #55288
From liman@cafax.se Sat May 23 11:34:37 2020
Return-Path: <liman@cafax.se>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
by mollari.NetBSD.org (Postfix) with ESMTPS id 4670F1A9244
for <gnats-bugs@gnats.NetBSD.org>; Sat, 23 May 2020 11:34:37 +0000 (UTC)
Message-Id: <227dx2vrds.fsf@floptop.liman.net>
Date: Sat, 23 May 2020 13:10:23 +0200
From: Lars-Johan Liman <liman@cafax.se>
To: gnats-bugs@NetBSD.org
Subject: Kernel panics on "npfctl reload" if setting incorrect variables.
X-Send-Pr-Version: 3.95
>Number: 55288
>Category: kern
>Synopsis: Kernel panics on "npfctl reload" if setting portmap parameters.
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: rmind
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat May 23 11:35:00 +0000 2020
>Closed-Date: Mon May 25 17:35:36 +0000 2020
>Last-Modified: Mon May 25 17:35:36 +0000 2020
>Originator: Lars-Johan Liman
>Release: NetBSD 9.0
>Organization:
Cafax AB
>Environment:
System: NetBSD vpn.cafax.se 9.0 NetBSD 9.0 (XEN3_DOMU) #0: Fri Feb 14 00:06:28 UTC 2020 mkrepro@mkrepro.NetBSD.org:/usr/src/sys/arch/xen/compile/XEN3_DOMU amd64
Architecture: x86_64
Machine: amd64
>Description:
If you try to set a parameter with somewhat incorrect name and
do an "npfctl reload", the kernel will immediately panic and the
machine will reboot.
>How-To-Repeat:
# cat >/etc/npf.conf <<EOT
set portmap.somthingweird 40010
group default {
pass in all
pass out all
}
EOT
# npfctl reload
<crash!>
>Fix:
None known.
The traceback on the console looks like this:
[ 96.9801348] uvm_fault(0xffffd40004af02f0, 0x0, 1) -> e
[ 96.9801348] fatal page fault in supervisor mode
[ 96.9801348] trap type 6 code 0 rip 0xffffffff802fe1d4 cs 0xe030 rflags 0x10282 cr2 0 ilevel 0 rsp 0xffffd4007a62bbb0
[ 96.9801348] curlwp 0xffffd40004ad56a0 pid 955.1 lowest kstack 0xffffd4007a6282c0
[ 96.9801348] panic: trap
[ 96.9901034] cpu0: Begin traceback...
[ 96.9901034] vpanic() at netbsd:vpanic+0x143
[ 96.9901034] snprintf() at netbsd:snprintf
[ 96.9901034] startlwp() at netbsd:startlwp
[ 96.9901034] alltraps() at netbsd:alltraps+0xae
[ 96.9901034] npf_config_destroy() at netbsd:npf_config_destroy+0x26
[ 96.9901034] npfctl_load() at netbsd:npfctl_load+0x75
[ 96.9901034] VOP_IOCTL() at netbsd:VOP_IOCTL+0x3b
[ 96.9901034] vn_ioctl() at netbsd:vn_ioctl+0xa5
[ 96.9901034] sys_ioctl() at netbsd:sys_ioctl+0x547
[ 96.9901034] syscall() at netbsd:syscall+0x9c
[ 96.9901034] --- syscall (number 54) ---
[ 96.9901034] 7b3c5f7681ba:
[ 96.9901034] cpu0: End traceback...
[ 96.9901034] dumping to dev 168,1 (offset=8388607, size=0): not possible
[ 96.9901034] rebooting...
Sorry, I have no idea where to start looking. :-(
The background is that I wanted to set the port range for NAT.
npf-params(7) says "portmap.min_port" (and "...max_port") but they yield
syntax errors with "npfctl validate". I thought it might be a
documentation error and tried "portmap.min-port" (hyphen instead of
underscore), but still syntax error, so I then tried with
"portmap.minport" (neiter hyphen nor underscore). That passed
validation, so I did a "reload", with ther result above.
Since then I've been testing other combinations, and I blieve the syntax
check will say OK to anything that begings with a proper "xxx.", but it
can be followed by any ".yyy" that is a valid combination of characters,
so "portmap.somethingsweird" will pass, but "somethingweird.max_port"
will not.
So there are essentially two problems here:
1. The syntax checker needs a once-over to make sure it kicks out
unknown variables.
2. The kernel should deal gracefully with unknown variables.
... and I still haven't found the right words to use for setting the
port interval ... ;-)
Your kind assistance would be appreciated. :-)
Best regards,
/Lars-Johan Liman
--
#-------------------------------------------------------------------------
# Lars-Johan Liman, M.Sc. ! E-mail: liman@cafax.se
# Cafax AB ! HTTP : //www.cafax.se/
# Computer Consultants, Sweden ! Voice : +46 8 - 564 702 30
#-------------------------------------------------------------------------
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: kern-bug-people->rmind
Responsible-Changed-By: rmind@NetBSD.org
Responsible-Changed-When: Sat, 23 May 2020 12:20:18 +0000
Responsible-Changed-Why:
Likely fixed in NPF version on Github, but I'll have a look.
From: Lars-Johan Liman <liman@cafax.se>
To: rmind@NetBSD.org
Cc: kern-bug-people@netbsd.org, netbsd-bugs@netbsd.org, gnats-admin@netbsd.org,
gnats-bugs@netbsd.org
Subject: Re: kern/55288 (Kernel panics on "npfctl reload" if setting portmap parameters.)
Date: Sun, 24 May 2020 08:16:55 +0200
rmind@NetBSD.org 2020-05-23 12:20 [+0000]:
> Likely fixed in NPF version on Github, but I'll have a look.
Ack! Thanks!
Cheers,
/Liman
From: "Mindaugas Rasiukevicius" <rmind@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55288 CVS commit: src/usr.sbin/npf/npfctl
Date: Sun, 24 May 2020 15:35:40 +0000
Module Name: src
Committed By: rmind
Date: Sun May 24 15:35:40 UTC 2020
Modified Files:
src/usr.sbin/npf/npfctl: npf_scan.l
Log Message:
PR/55288: npfctl: change parameter syntax to be more permissive.
To generate a diff of this commit:
cvs rdiff -u -r1.30 -r1.31 src/usr.sbin/npf/npfctl/npf_scan.l
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/55288 CVS commit: [netbsd-9] src/usr.sbin/npf/npfctl
Date: Mon, 25 May 2020 17:29:28 +0000
Module Name: src
Committed By: martin
Date: Mon May 25 17:29:28 UTC 2020
Modified Files:
src/usr.sbin/npf/npfctl [netbsd-9]: npf_scan.l
Log Message:
Pull up following revision(s) (requested by rmind in ticket #932):
usr.sbin/npf/npfctl/npf_scan.l: revision 1.31
PR/55288: npfctl: change parameter syntax to be more permissive.
To generate a diff of this commit:
cvs rdiff -u -r1.29.2.1 -r1.29.2.2 src/usr.sbin/npf/npfctl/npf_scan.l
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: rmind@NetBSD.org
State-Changed-When: Mon, 25 May 2020 17:35:36 +0000
State-Changed-Why:
Fixed.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.46 2020/01/03 16:35:01 leot Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2020
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.