[PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Fernando Luis Vázquez Cao]

Subject: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

System policy (for example netfilter rule) can cause a send* operation
to fail with EPERM.

Reported-by: Hirotaka Sasaki <sasaki.hirotaka-Zyj7fXuS5i5L9jVzuh4AOg@public.gmane.org>
Signed-off-by: Fernando Luis Vazquez Cao <fernando-gVGce1chcLdL9jVzuh4AOg@public.gmane.org>
---

diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
--- man-pages-3.50-orig/man2/send.2	2013-03-15 16:17:32.000000000 +0900
+++ man-pages-3.50/man2/send.2	2013-03-19 15:17:03.616008275 +0900
@@ -357,6 +357,10 @@ Some bit in the
 .I flags
 argument is inappropriate for the socket type.
 .TP
+.B EPERM
+System policy (for example a netfilter rule) does not permit the requested
+operation.
+.TP
 .B EPIPE
 The local end has been shut down on a connection oriented socket.
 In this case the process


--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors

[Fernando Luis Vázquez Cao]

Subject: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors

This bug has been known since early 2009 (the latest) and  discussed in
netdev before:

http://marc.info/?l=linux-netdev&w=2&r=1&s=Possible+race+condition+in+conntracking+&q=b

It seems that a proper fix would be non trivial, so document the bug
in the meantime.

Reported-by: Hirotaka Sasaki <sasaki.hirotaka-Zyj7fXuS5i5L9jVzuh4AOg@public.gmane.org>
Signed-off-by: Fernando Luis Vazquez Cao <fernando-gVGce1chcLdL9jVzuh4AOg@public.gmane.org>
---

diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
--- man-pages-3.50-orig/man2/send.2	2013-03-19 15:18:03.784306647 +0900
+++ man-pages-3.50/man2/send.2	2013-03-19 15:30:40.788060426 +0900
@@ -420,6 +420,11 @@ Linux may return
 .B EPIPE
 instead of
 .BR ENOTCONN .
+
+Linux may return spurious
+.B EPERM
+errors when netfilter's conntrack module is loaded and two or more
+UDP packets belonging to the same connection are processed in parallel.
 .SH EXAMPLE
 An example of the use of
 .BR sendto ()


--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors

[Pablo Neira Ayuso]

On Tue, Mar 19, 2013 at 03:52:40PM +0900, Fernando Luis Vázquez Cao wrote:
> Subject: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors
> 
> This bug has been known since early 2009 (the latest) and  discussed in
> netdev before:
> 
> http://marc.info/?l=linux-netdev&w=2&r=1&s=Possible+race+condition+in+conntracking+&q=b
> 
> It seems that a proper fix would be non trivial, so document the bug
> in the meantime.
>
> Reported-by: Hirotaka Sasaki <sasaki.hirotaka-Zyj7fXuS5i5L9jVzuh4AOg@public.gmane.org>
> Signed-off-by: Fernando Luis Vazquez Cao <fernando-gVGce1chcLdL9jVzuh4AOg@public.gmane.org>
> ---
> 
> diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
> --- man-pages-3.50-orig/man2/send.2	2013-03-19 15:18:03.784306647 +0900
> +++ man-pages-3.50/man2/send.2	2013-03-19 15:30:40.788060426 +0900
> @@ -420,6 +420,11 @@ Linux may return
>  .B EPIPE
>  instead of
>  .BR ENOTCONN .
> +
> +Linux may return spurious
> +.B EPERM
> +errors when netfilter's conntrack module is loaded and two or more
> +UDP packets belonging to the same connection are processed in parallel.

The Connection tracking system may drop packets for different reasons
under rare circunstances, not only in this case.

I'd prefer if you only apply patch 1/2.
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors

[Fernando Luis Vazquez Cao]

On 2013/03/19 19:12, Pablo Neira Ayuso wrote:
> On Tue, Mar 19, 2013 at 03:52:40PM +0900, Fernando Luis Vázquez Cao wrote:
>> Subject: [PATCH 2/2] man/send(2): document a long standing bug that can cause spurious EPERM errors
>>
>> This bug has been known since early 2009 (the latest) and  discussed in
>> netdev before:
>>
>> http://marc.info/?l=linux-netdev&w=2&r=1&s=Possible+race+condition+in+conntracking+&q=b
>>
>> It seems that a proper fix would be non trivial, so document the bug
>> in the meantime.
>>
>> Reported-by: Hirotaka Sasaki <sasaki.hirotaka@lab.ntt.co.jp>
>> Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>
>> ---
>>
>> diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
>> --- man-pages-3.50-orig/man2/send.2	2013-03-19 15:18:03.784306647 +0900
>> +++ man-pages-3.50/man2/send.2	2013-03-19 15:30:40.788060426 +0900
>> @@ -420,6 +420,11 @@ Linux may return
>>   .B EPIPE
>>   instead of
>>   .BR ENOTCONN .
>> +
>> +Linux may return spurious
>> +.B EPERM
>> +errors when netfilter's conntrack module is loaded and two or more
>> +UDP packets belonging to the same connection are processed in parallel.
> The Connection tracking system may drop packets for different reasons
> under rare circunstances, not only in this case.
> I'd prefer if you only apply patch 1/2.

I'd agree with you if we *silently* dropped packets in such
situations, but unfortunately that's not the case.

The problem is that sometimes we end up returning spurious EPERM
errors to user space. Applications may (and many actually do)
interpret EPERM as "an attempt was made to perform an operation
limited to processes with appropriate privileges or to the owner of a
file or other resource" and just bail out after seeing the first
EPERM; after all, if its cause is system policy-related there is no
point in retrying. Spurious EPERM errors would break such (perfectly
compliant) applications, so the least we can do is document them
properly.

Thanks,
Fernando
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Fernando Luis Vazquez Cao]

Hi Michael,

Do you see any problem with these two patches?

Thanks,
Fernando


On 2013/03/19 15:45, Fernando Luis Vázquez Cao wrote:
> Subject: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors
>
> System policy (for example netfilter rule) can cause a send* operation
> to fail with EPERM.
>
> Reported-by: Hirotaka Sasaki <sasaki.hirotaka-Zyj7fXuS5i5L9jVzuh4AOg@public.gmane.org>
> Signed-off-by: Fernando Luis Vazquez Cao <fernando-gVGce1chcLdL9jVzuh4AOg@public.gmane.org>
> ---
>
> diff -urNp man-pages-3.50-orig/man2/send.2 man-pages-3.50/man2/send.2
> --- man-pages-3.50-orig/man2/send.2	2013-03-15 16:17:32.000000000 +0900
> +++ man-pages-3.50/man2/send.2	2013-03-19 15:17:03.616008275 +0900
> @@ -357,6 +357,10 @@ Some bit in the
>   .I flags
>   argument is inappropriate for the socket type.
>   .TP
> +.B EPERM
> +System policy (for example a netfilter rule) does not permit the requested
> +operation.
> +.TP
>   .B EPIPE
>   The local end has been shut down on a connection oriented socket.
>   In this case the process
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Pablo Neira Ayuso]

On Tue, Mar 26, 2013 at 05:37:50PM +0900, Fernando Luis Vazquez Cao wrote:
> Hi Michael,
> 
> Do you see any problem with these two patches?

Please, hold on with the second patch.

I'd like to find a possible solution for the EPERM problem that we've
been discussing. It requires some rework and performance evaluation.

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Fernando Luis Vazquez Cao]

Hi Pablo,

On 2013/03/26 19:48, Pablo Neira Ayuso wrote:
> On Tue, Mar 26, 2013 at 05:37:50PM +0900, Fernando Luis Vazquez Cao wrote:
>> Hi Michael,
>>
>> Do you see any problem with these two patches?
> Please, hold on with the second patch.

Are you Ok with getting patch 1 merged while be discuss
what to do about the issue that the second patch tried to
document? Could I get your "Acked-by" for it?


> I'd like to find a possible solution for the EPERM problem that we've
> been discussing. It requires some rework and performance evaluation.

The problem is that there is a huge installed base of
systems that show this broken behaviour, so even if
we find a proper fix for it we still should document
which systems may be affected by the spurious EPERM
bug, thus giving application programmers a chance to
add logic to their programs to recover from such
eventualities.


Regards,
Fernando
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Pablo Neira Ayuso]

Hi Fernando,

On Wed, Mar 27, 2013 at 01:14:49PM +0900, Fernando Luis Vazquez Cao wrote:
> Hi Pablo,
> 
> On 2013/03/26 19:48, Pablo Neira Ayuso wrote:
> >On Tue, Mar 26, 2013 at 05:37:50PM +0900, Fernando Luis Vazquez Cao wrote:
> >>Hi Michael,
> >>
> >>Do you see any problem with these two patches?
> >Please, hold on with the second patch.
> 
> Are you Ok with getting patch 1 merged while be discuss
> what to do about the issue that the second patch tried to
> document? Could I get your "Acked-by" for it?

Done.

> >I'd like to find a possible solution for the EPERM problem that we've
> >been discussing. It requires some rework and performance evaluation.
> 
> The problem is that there is a huge installed base of
> systems that show this broken behaviour, so even if
> we find a proper fix for it we still should document
> which systems may be affected by the spurious EPERM
> bug, thus giving application programmers a chance to
> add logic to their programs to recover from such
> eventualities.

I see. The problem is that it will take some time until that manpage
update reaches main distributions, by that time we may have fixed it
already in existing kernels. Then, we'll have to remove it again. I
still think patch 1 already provides some clue to programmers
regarding EPERM at this moment (even if not so explicit and detailed).

Please, ping me again if we didn't come up with some solution for this
in some prudential amount of time.

Regards.

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Fernando Luis Vazquez Cao]

On 2013-03-28 02:51, Pablo Neira Ayuso wrote:
> On Wed, Mar 27, 2013 at 01:14:49PM +0900, Fernando Luis Vazquez Cao wrote:
>>> I'd like to find a possible solution for the EPERM problem that we've
>>> been discussing. It requires some rework and performance evaluation.
>> The problem is that there is a huge installed base of
>> systems that show this broken behaviour, so even if
>> we find a proper fix for it we still should document
>> which systems may be affected by the spurious EPERM
>> bug, thus giving application programmers a chance to
>> add logic to their programs to recover from such
>> eventualities.
> I see. The problem is that it will take some time until that manpage
> update reaches main distributions, by that time we may have fixed it
> already in existing kernels. Then, we'll have to remove it again.

IMHO, if the second patch were applied too and we managed to
fix the bug it documents after that, we should not revert it but
apply a new patch along the lines of: "In older versions of the
Linux kernel (< 3.??) ...". I will certainly want applications
developed on future distributions to work properly on my legacy
Debian Squeeze systems (a distribution upgrade or a backport
of the upstream fix to your distribution's kernel may not possible).


> I still think patch 1 already provides some clue to programmers
> regarding EPERM at this moment (even if not so explicit and detailed).

For the reasons exposed above I'd rather have the second patch
applied too, but I will defer to you and Michael on that regard.


> Please, ping me again if we didn't come up with some solution for this
> in some prudential amount of time.

I will. Thank you. I would appreciate it if you kept me CCed.


- Fernando
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Pablo Neira Ayuso]

On Tue, Mar 19, 2013 at 03:45:13PM +0900, Fernando Luis Vázquez Cao wrote:
> Subject: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors
> 
> System policy (for example netfilter rule) can cause a send* operation
> to fail with EPERM.
> 
> Reported-by: Hirotaka Sasaki <sasaki.hirotaka@lab.ntt.co.jp>
> Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>

Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>

Re: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors

[Fernando Luis Vazquez Cao]

On 2013-03-28 02:42, Pablo Neira Ayuso wrote:
> On Tue, Mar 19, 2013 at 03:45:13PM +0900, Fernando Luis Vázquez Cao wrote:
>> Subject: [PATCH 1/2] man/send(2): add EPERM to the list of possible errors
>>
>> System policy (for example netfilter rule) can cause a send* operation
>> to fail with EPERM.
>>
>> Reported-by: Hirotaka Sasaki <sasaki.hirotaka-Zyj7fXuS5i5L9jVzuh4AOg@public.gmane.org>
>> Signed-off-by: Fernando Luis Vazquez Cao <fernando-gVGce1chcLdL9jVzuh4AOg@public.gmane.org>
> Acked-by: Pablo Neira Ayuso <pablo-Cap9r6Oaw4JrovVCs/uTlw@public.gmane.org>

Thank you for the "Acked-by", Pablo.

Michael, could you pick this patch?

- Fernando
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html