Ubuntu
linux package

  1. Bug #1326473
  2. Comment #2

Comment 2 for bug 1326473

Revision history for this message
Tyler Hicks (tyhicks) wrote :

This issue is unrelated to the SYN cookie check in test-kernel-security.py. It
just so happens that the test caught the bug. Here's two kernel stack dumps
that I see in the logs after booting the 2.6.32-61-generic #123 kernel:

 sysctl table check failed: /net/core/somaxconn .3.1.18 Missing strategy
 Pid: 1, comm: swapper Not tainted 2.6.32-61-generic #123-Ubuntu
 Call Trace:
  [<ffffffff8108f509>] set_fail+0x59/0x60
  [<ffffffff8108f83b>] sysctl_check_table+0x16b/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8107235d>] __register_sysctl_paths+0x11d/0x360
  [<ffffffff8108f84c>] ? sysctl_check_table+0x17c/0x4b0
  [<ffffffff81535181>] register_net_sysctl_table+0x61/0x70
  [<ffffffff81462765>] sysctl_core_net_init+0x45/0xb0
  [<ffffffff81461b08>] register_pernet_operations+0x48/0x100
  [<ffffffff8188e882>] ? sysctl_core_init+0x0/0x38
  [<ffffffff81461c6c>] register_pernet_subsys+0x2c/0x50
  [<ffffffff8188e8b8>] sysctl_core_init+0x36/0x38
  [<ffffffff8100a04c>] do_one_initcall+0x3c/0x1a0
  [<ffffffff818576d1>] do_basic_setup+0x54/0x66
  [<ffffffff818577f1>] kernel_init+0x10e/0x162
  [<ffffffff810141ea>] child_rip+0xa/0x20
  [<ffffffff818576e3>] ? kernel_init+0x0/0x162
  [<ffffffff810141e0>] ? child_rip+0x0/0x20

 sysctl table check failed: /net/ipv4/ip_no_pmtu_disc .3.5.39 Missing strategy
 Pid: 1, comm: swapper Not tainted 2.6.32-61-generic #123-Ubuntu
 Call Trace:
  [<ffffffff8108f509>] set_fail+0x59/0x60
  [<ffffffff8108f83b>] sysctl_check_table+0x16b/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8108f84c>] sysctl_check_table+0x17c/0x4b0
  [<ffffffff8107235d>] __register_sysctl_paths+0x11d/0x360
  [<ffffffff811a4808>] ? __proc_create+0xd8/0x130
  [<ffffffff8189029a>] ? sysctl_ipv4_init+0x0/0x4e
  [<ffffffff810725cb>] register_sysctl_paths+0x2b/0x30
  [<ffffffff818902b6>] sysctl_ipv4_init+0x1c/0x4e
  [<ffffffff8100a04c>] do_one_initcall+0x3c/0x1a0
  [<ffffffff818576d1>] do_basic_setup+0x54/0x66
  [<ffffffff818577f1>] kernel_init+0x10e/0x162
  [<ffffffff810141ea>] child_rip+0xa/0x20
  [<ffffffff818576e3>] ? kernel_init+0x0/0x162
  [<ffffffff810141e0>] ? child_rip+0x0/0x20

The first stack dump involves the /net/core/somaxconn sysctl. Looking at the
git log of changes that went into this kernel, I'd say that the following
commit is the likely culprit:

  d77028f net: check net.core.somaxconn sysctl values