From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LRqAl-0004PL-5u for garchives@archives.gentoo.org; Tue, 27 Jan 2009 15:48:19 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6A527E046E; Tue, 27 Jan 2009 15:47:51 +0000 (UTC) Received: from eric.schwarzvogel.de (eric.schwarzvogel.de [194.97.4.250]) by pigeon.gentoo.org (Postfix) with ESMTP id 40B86E046E for ; Tue, 27 Jan 2009 15:47:51 +0000 (UTC) Received: from klausman by eric.schwarzvogel.de with local (Exim 4.69) (envelope-from ) id 1LRqAI-00015q-5F for gentoo-dev@lists.gentoo.org; Tue, 27 Jan 2009 16:47:50 +0100 Date: Tue, 27 Jan 2009 16:47:50 +0100 From: Tobias Klausmann To: gentoo-dev@lists.gentoo.org Message-ID: <20090127154750.GA32544@eric.schwarzvogel.de> Mail-Followup-To: gentoo-dev@lists.gentoo.org Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.5.16 (2007-06-09) Sender: Tobias Klausmann Subject: [gentoo-dev] X-Archives-Salt: 15a39e73-07f7-452c-8c3c-498041ac4632 X-Archives-Hash: 7af58a5598ef0f8917c877d4d16c12dc Hi,=20 glibc 2.9 uses a different way to implement getaddrinfo() which triggers a race condition in most (if not all) Netfilter firewalls that use connection tracking. glibc does nothing wrong per se, it just triggers the condition. (technical details here: http://marc.info/?l=3Dlinux-netdev&m=3D123304473331445) Since glibc 2.9 fires off two udp packets (a query for the A record and one for the AAAA record), a race condition is triggered in Netfilter (see URL). This has been acknowledged by several people and I can reproduce it (relatively) reliably in our LAN with all Gentoo boxes that have 2.9. Why am I bringing this up here? Well, I figure that eventually, 2.9 (or some other version with equivalent code) will become stable and we'll get lots of bug reports from people who run into this. Since they can not simply backdate to 2.7 for various reasons *and* they might be unable to fix a packetfilter (because it might not be their own), this might become very ugly. The Kernel/Netfilter devs (probably) are aware now of the issue since I mailed them - but it's not all that easy to fix. On top of that, even if it was fixed in (say) 2.6.28.3 and 2.6.29, this does not mean that it's deployed out there and it might be very hard for our users to get some firewall guy to update their kernel when this is perceived as glibc's or our fault (plus the widespread "ricer" clich=E9 about Gentoo users; I've gotten an idiotic reply to that effect already). I don't have any experience with glibc upstream but pestering them about this out of the blue might only cause a flame war between kernel and glibc folks. Thus, I'm asking you, my fellow devs (and the glibc and kernel teams specifically), what you think is the best idea/course of action. Regards, Tobias (Blackb|rd) --=20 printk("Cool stuff's happening!\n") linux-2.4.3/fs/jffs/intrep.c