From owner-freebsd-bugs@FreeBSD.ORG  Mon Apr 10 01:50:33 2006
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
X-Original-To: freebsd-bugs@hub.freebsd.org
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 5603316A408;
	Mon, 10 Apr 2006 01:50:33 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F0B7543D81;
	Mon, 10 Apr 2006 01:50:16 +0000 (GMT)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k3A1oEQn053285;
	Mon, 10 Apr 2006 01:50:14 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k3A1oEnC053281;
	Mon, 10 Apr 2006 01:50:14 GMT (envelope-from gnats)
Resent-Date: Mon, 10 Apr 2006 01:50:14 GMT
Resent-Message-Id: <200604100150.k3A1oEnC053281@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-bugs@FreeBSD.org
Resent-Cc: gnn@FreeBSD.org, rwatson@FreeBSD.org, mlaier@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Xin LI <delphij@FreeBSD.org>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id ABF3016A403
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 01:49:39 +0000 (UTC)
	(envelope-from delphij@tarsier.delphij.net)
Received: from tarsier.geekcn.org (tarsier.geekcn.org [210.51.165.229])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 76E9343D53
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 01:49:30 +0000 (GMT)
	(envelope-from delphij@tarsier.delphij.net)
Received: from localhost (tarsier.geekcn.org [210.51.165.229])
	by tarsier.geekcn.org (Postfix) with ESMTP id 56594EB2A49
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 09:49:28 +0800 (CST)
Received: from tarsier.geekcn.org ([210.51.165.229])
	by localhost (mail.geekcn.org [210.51.165.229]) (amavisd-new,
	port 10024)
	with ESMTP id 72478-03 for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 09:49:25 +0800 (CST)
Received: from tarsier.delphij.net (tarsier.geekcn.org [210.51.165.229])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by tarsier.geekcn.org (Postfix) with ESMTP id C9007EB2327
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 09:49:24 +0800 (CST)
Received: from tarsier.delphij.net (localhost [127.0.0.1])
	by tarsier.delphij.net (8.13.6/8.13.4) with ESMTP id k3A1nO6W074309
	for <FreeBSD-gnats-submit@freebsd.org>;
	Mon, 10 Apr 2006 09:49:24 +0800 (CST)
	(envelope-from delphij@tarsier.delphij.net)
Received: (from delphij@localhost)
	by tarsier.delphij.net (8.13.6/8.13.4/Submit) id k3A1nI1Y074308;
	Mon, 10 Apr 2006 09:49:18 +0800 (CST) (envelope-from delphij)
Message-Id: <200604100149.k3A1nI1Y074308@tarsier.delphij.net>
Date: Mon, 10 Apr 2006 09:49:18 +0800 (CST)
From: Xin LI <delphij@FreeBSD.org>
To: FreeBSD-gnats-submit@FreeBSD.org
X-Send-Pr-Version: 3.113
X-GNATS-Notify: gnn@FreeBSD.org, rwatson@FreeBSD.org, mlaier@FreeBSD.org
Cc: 
Subject: kern/95559: [RELENG_6] write(2) fails with EPERM on TCP socket
	under certain situations
X-BeenThere: freebsd-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Xin LI <delphij@FreeBSD.org>
List-Id: Bug reports <freebsd-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-bugs>
List-Post: <mailto:freebsd-bugs@freebsd.org>
List-Help: <mailto:freebsd-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-bugs>,
	<mailto:freebsd-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Apr 2006 01:50:33 -0000


>Number:         95559
>Category:       kern
>Synopsis:       [RELENG_6] write(2) fails with EPERM on TCP socket under certain situations
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Apr 10 01:50:14 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Xin LI
>Release:        FreeBSD 6.1-RC i386
>Organization:
The FreeBSD Project
>Environment:
System: FreeBSD tarsier.delphij.net 6.1-RC FreeBSD 6.1-RC #26: Sun Apr 9 04:27:53 CST 2006 delphij@tarsier.delphij.net:/usr/obj/usr/src/sys/TARSIER i386

>Description:
	With two rule set in pf.conf, connection from cvsup client
within a jail to the cvsupd running in the host would fail, which
ends up with that cvsupd (in the host) died with write(2) on the
TCP socket, which suddenly returns EPERM.

	The box has pf(4) and ipfw(4) installed where, pf(4) was
loaded with two rules, while ipfw(4) has an empty ruleset with
a default accept rule.
>How-To-Repeat:

	First, one should load the following ruleset onto pf(4)

--- pf.conf begins here ---
scrub reassemble tcp random-id
set skip on lo0
--- pf.conf ends here ---

	Second, run a cvsupd daemon from the host.

	Third, set up a jail and try to transfer some big data
from the host.

	A ktrace dump is available at:
		http://www.delphij.net/kdump.txt.bz2

	Please note that the dump is big (about 7MB).

>Fix:

	By removing either rule from the pf.conf seems to work
around the issue.  However, we have grep'ed EPERM from netinet
and pf code and found that there is not a reasonable reason
why write(2) would return EPERM in the code path.
>Release-Note:
>Audit-Trail:
>Unformatted: