Date: Tue, 23 Sep 2008 14:18:19 -0400 From: "Ben Kaduk" <minimarmot@gmail.com> To: "Stefan Ehmann" <shoesoft@gmx.net> Cc: freebsd-current@freebsd.org Subject: Re: ipfw: LOR/panic with uid rules Message-ID: <47d0403c0809231118x1fa5ad3u4d24a399035fda80@mail.gmail.com> In-Reply-To: <200809231851.42849.shoesoft@gmx.net> References: <200809231851.42849.shoesoft@gmx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Sep 23, 2008 at 12:51 PM, Stefan Ehmann <shoesoft@gmx.net> wrote: > Hello, > > Also posted about this problem recently in stable@. But got no replies there. > So I tried on a recent CURRENT but the problem persists: > > ipfw rules using uid are causing a deadlock. > eg. allow ip from any to any uid root > A simple HTTP fetch triggers this problem nearly instantly. > > For me, this problem existed in 6.x with PREEMPTION enabled. It was fixed in > 7.0. But in RELENG_7 and head it's back. This is a single processor i386 > machine. > I don't think this was ever guaranteed to work. See this post by Robert Watson to freebsd-hackers: http://lists.freebsd.org/pipermail/freebsd-hackers/2008-September/025930.html Perhaps the biggest problem is that there's a stack-layering violation inherent in this sort of rule; Robert's message has more detail. Nonetheless, it might be interesting if you had the time to track down a particular set of changes that caused the problem to return. -Ben Kaduk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47d0403c0809231118x1fa5ad3u4d24a399035fda80>