DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 31st July 2015
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default Nmap scan from another PC can trigger kernel-current crash

Hello
I am running OpenBSD 5.7 amd64 userland with kernel-current (5.8 amd64). I know this is not supported configuration. On the other hand I discovered that nmap scan (-sO The IP protocol scan) from another PC (Linux kernel based on 3.19, nmap 6.47) triggers remote kernel crash. I think that having mix of userland and kernel from different releases may lead to some problems with applications, but kernel must not crash. So I suppose that properly installed OpenBSD-current can crash too and this is kernel bug. Bug is reproductible for me. Does it reproductible for anyone else?

How to reproduce the problem? From another PC in LAN run:
Code:
nmap -sO -O ip_address
My hardware:
Code:
lspci -nn | grep -i ethernet
02:00.0 Ethernet controller [0200]: Broadcom Corporation NetLink BCM57785 Gigabit Ethernet PCIe [14e4:16b5] (rev 10)
CPU: Sandy Bridge based Intel Pentium processor

Kernel outputs something like that:
Code:
uvm_fault(0xffffffff81905280,0x141,0,1)
kernel: pagefault(trap,code=0)
stopped at mplsip_decap+0x17
Reply With Quote
  #2   (View Single Post)  
Old 1st August 2015
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by e1-531g View Post
Hello
I am running OpenBSD 5.7 amd64 userland with kernel-current (5.8 amd64). I know this is not supported configuration. So I suppose that properly installed OpenBSD-current can crash too and this is kernel bug. Bug is reproductible for me. Does it reproductible for anyone else?
Are you serious?
Reply With Quote
  #3   (View Single Post)  
Old 1st August 2015
ibara's Avatar
ibara ibara is offline
GNU gold linker
 
Join Date: Jan 2014
Posts: 601
Default

Quote:
Originally Posted by e1-531g View Post
I think that having mix of userland and kernel from different releases may lead to some problems with applications, but kernel must not crash.
This is not guaranteed whatsoever. In fact, I can think of several instances where the kernel would be guaranteed to crash.

Sorry, but you'll have to reproduce this with -current.
Reply With Quote
  #4   (View Single Post)  
Old 1st August 2015
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default

I come from Linux world, where (in theory) almost everything can crash in userland (except i.e. pid 1) and kernel should continue to run without any problem. I know that kernel without userland probably will not do anything useful, but it should not crash. Ok. Let's assume that thing are different in *BSD world.
I know this is not guaranteed so I didn't send mail to openbsd-bugs.
The thing is I don't want to upgrade to current unless I must. On the other hand I know on this forum there are people who are running -current so maybe somebody could reproduce a problem. It is just a nmap scan from another computer. If somebody will reproduce problem, I will install current and take some steps to report it properly to openbsd-bugs.
Reply With Quote
  #5   (View Single Post)  
Old 1st August 2015
bsd-keith bsd-keith is offline
Real Name: Keith
Open Source Software user
 
Join Date: Jun 2014
Location: Surrey/Hants Border, England
Posts: 165
Default

Please don't take this the wrong way, but on BSD, the kernel & userland are considered to be one, they are not considered to be separate like in Linux, so you would be much more likely to have problems if you mix & match.

(BSD are operating systems, Linux is a kernel.)
__________________
Linux since 1999, & also a BSD user.
Reply With Quote
  #6   (View Single Post)  
Old 1st August 2015
sacerdos_daemonis's Avatar
sacerdos_daemonis sacerdos_daemonis is offline
Real Name: Will forever be a secret.
Package Pilot
 
Join Date: Sep 2014
Posts: 206
Default

Quote:
I come from Linux world
Even with Linux mixing different branches of the same OS will break the system.

Quote:
I think that having mix of userland and kernel from different releases may lead to some problems with applications, but kernel must not crash. So I suppose that properly installed OpenBSD-current can crash too and this is kernel bug.
Why would you suppose that? If a certain action can crash the system when using the -current kernel with -release, why would the same action crash a -release or -current system that is properly set up?
__________________
OpenBSD 6.3
Reply With Quote
  #7   (View Single Post)  
Old 1st August 2015
kpa kpa is offline
Port Guard
 
Join Date: Jul 2015
Posts: 18
Default

I don't buy the argument that the kernel should be allowed crash when mixing different versions of userland and kernel. Imagine that a malicious user knows that running 5.7 binaries on 5.8 kernel can be used to crash the system. He can just take a suitable binary from 5.7 and run it from his own home directory and crash the system. This is absolutely not acceptable.

However, I suspect that the real problem in particular case is the cutting edge nature of OpenBSD current and there is a real problem in the kernel that needs to be looked at.
Reply With Quote
  #8   (View Single Post)  
Old 1st August 2015
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default

@kpa
I think the same.

I have read:
http://undeadly.org/cgi?action=artic...20150730180506
It seems that they were working on pf, especially multiprocessing. So maybe it is just a temporary problem.
Reply With Quote
  #9   (View Single Post)  
Old 1st August 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,288
Default

I'm not a member of the OpenBSD Project. I don't speak for them. However, having been a user for many years, I can at least parrot the position of the Project on this particular issue, because it's been discussed before.

"You can run whatever customized 'Frankensystem' monster you want to run. But the Project will only accept problem reports produced by supported configurations. If this problem is not repeatable with -release, -stable, or -current, using the Project-supplied GENERIC or RAMDISK kernel configuration, then it's your problem, and your problem alone."
Reply With Quote
Old 3rd August 2015
ibara's Avatar
ibara ibara is offline
GNU gold linker
 
Join Date: Jan 2014
Posts: 601
Default

Quote:
Originally Posted by kpa View Post
I don't buy the argument that the kernel should be allowed crash when mixing different versions of userland and kernel. Imagine that a malicious user knows that running 5.7 binaries on 5.8 kernel can be used to crash the system. He can just take a suitable binary from 5.7 and run it from his own home directory and crash the system. This is absolutely not acceptable.
You're not thinking in the right direction.
Reply With Quote
Old 4th August 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,288
Default

kpa, e1-531g, here's an informal problem report thread where it was just determined the problem was caused by inadvertently building a Frankensystem.

http://marc.info/?t=143867794900002&r=1&w=2


Last edited by jggimi; 4th August 2015 at 12:41 PM. Reason: typo
Reply With Quote
Old 4th August 2015
kpa kpa is offline
Port Guard
 
Join Date: Jul 2015
Posts: 18
Default

I hear you and I understand what you mean very well. However, if you have 5.8 kernel and 5.7 userland it's exactly what you get when you're halfway trough an upgrade from 5.7 (using source code method) when you have booted with the new kernel but haven't yet installed 5.8 userland. That should be a supported configuration at least for the purpose of finishing the upgrade if not using it in production. But as I said this is not relevant to the OP's problem because it looks very much like he would observe the same behaviour even if he did have a fully upgraded OpenBSD current on his machine.

Last edited by kpa; 4th August 2015 at 01:13 PM.
Reply With Quote
Old 4th August 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,288
Default

Quote:
Originally Posted by kpa View Post
...using source code method...
The supported method for upgrading by building from source is to start with the most recently available snapshot.
Is it possible to upgrade without doing so? Of course. It depends upon the starting point, the extent of interface and architectural change to reach the end point, the admin's skills, and the guidance available in the Following -current FAQ.
Using your example, if you start with 5.7-release and build -current from source, you are doing something that is unsupported. As I type this, the oldest snapshot available for any of the supported architectures is for the luna88k, and while that snapshot is six weeks old, it contains more than three months of development over 5.7-release.
Quote:
...it looks very much like he would observe the same behaviour even if he did have a fully upgraded OpenBSD current on his machine.
That hasn't been shown, yet. As stated earlier in this thread, the problem must be repeatable on a supported configuration before it would be given any attention by the Project, if reported.

Can you replicate the problem?

Last edited by jggimi; 4th August 2015 at 01:49 PM. Reason: clarity regarding unsupported source builds
Reply With Quote
Old 4th August 2015
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default

Quote:
Can you replicate the problem?
I will try on Thursday or Friday to properly install current and then test.
Is this, for example, good source of snapshot?
Code:
ht tp ://ftp.hostserver.de/pub/OpenBSD/snapshots/amd64/
Reply With Quote
Old 4th August 2015
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,294
Default

Quote:
Originally Posted by e1-531g View Post
Is this, for example, good source of snapshot?
Code:
ht tp ://ftp.hostserver.de/pub/OpenBSD/snapshots/amd64/
Yes. A list of sanctioned mirrors can be found at the following:

www.openbsd.org/ftp.html
Reply With Quote
Old 4th August 2015
denta denta is offline
Shell Scout
 
Join Date: Nov 2009
Location: Sweden
Posts: 95
Default

Quote:
Originally Posted by e1-531g View Post
Hello
I am running OpenBSD 5.7 amd64 userland with kernel-current (5.8 amd64).
Yes, and thus the entire post is meaningless.
Reply With Quote
Old 8th August 2015
e1-531g e1-531g is offline
VPN Cryptographer
 
Join Date: Mar 2014
Posts: 448
Default

Hmm. With properly installed current I didn't triggered that crash. Sorry for this thread. I have also educated myself what is page fault.
Reply With Quote
Old 8th August 2015
betweendayandnight betweendayandnight is offline
friendly
 
Join Date: Jul 2015
Posts: 67
Default

Quote:
Originally Posted by e1-531g View Post
I am running OpenBSD 5.7 amd64 userland with kernel-current (5.8 amd64). I know this is not supported configuration.
Did you mean that if I installed a kernel from /pub/OpenBSD/snapshots/`uname -m`/, I should install packages from /pub/OpenBSD/snapshots/packages/`uanme -m`/ and not from /pub/OpenBSD/5.7/packages/`uname -m`/ ?
Reply With Quote
Old 8th August 2015
ocicat ocicat is offline
Administrator
 
Join Date: Apr 2008
Posts: 3,294
Default

Quote:
Originally Posted by betweendayandnight View Post
Did you mean that if I installed a kernel from /pub/OpenBSD/snapshots/`uname -m`/, I should install packages from /pub/OpenBSD/snapshots/packages/`uanme -m`/ and not from /pub/OpenBSD/5.7/packages/`uname -m`/ ?
Yes. This is explicitly covered in Section 15.4.1 of the official FAQ. Mixing -release packages with a -current installation of the base system is not supported.
Reply With Quote
Old 9th August 2015
betweendayandnight betweendayandnight is offline
friendly
 
Join Date: Jul 2015
Posts: 67
Default

Quote:
Originally Posted by ocicat View Post
Yes. This is explicitly covered in Section 15.4.1 of the official FAQ. Mixing -release packages with a -current installation of the base system is not supported.
Sometimes packages in the "snapshots" directory fail to install properly with missing libraries. That's why I installed packages in the "5.7" directory on a "snapshots" kernel.
Reply With Quote
Reply

Tags
crash, kernel, openbsd, remote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
NetBSD New kernel modules in NetBSD-CURRENT (instead LKM) vermaden News 1 17th May 2015 11:06 PM
Update your FreeBSD-CURRENT kernel rocket357 FreeBSD Security 0 17th February 2015 07:10 PM
Please scan softly - your router could crash J65nko News 2 5th July 2010 11:36 PM
OBSD 4.6 Installed - Problem building Kernel for -current IronForge OpenBSD Installation and Upgrading 11 10th November 2009 09:34 PM
track current kernel itti NetBSD Installation and Upgrading 8 11th December 2008 06:09 PM


All times are GMT. The time now is 10:17 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick