libnl: fail to bind() netlink sockets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
libnl3 (Debian) |
Fix Released
|
Unknown
|
|||
libnl3 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Trusty |
Fix Released
|
Medium
|
Adam Conrad |
Bug Description
[Triage Notes]
The proposed fix for this bug in libnl3 caused a regression in trusty-proposed, tracked in bug 1539634. The regression is caused by a latent bug in Network Manager. We expect to fix this by landing a fix for the bug in Network Manager in trusty-updates at the same time as this fix.
[Impact]
* Applications in Trusty using libnl-3-200 which frequently open and
close netlink sockets can easily fail when attempting to bind the
local socket. The problem happens when libnl choose a port id
already used by another application and subsequently libnl fails
instead of trying another port id.
The original bug was discovered when attempting to start a virtual
machine under libvirt, which is a user of this library.
* Backporting fixes from upstream release fixes a real bug in the
current version of the library in Trusty. The alternative is for all
applications to manually manage their local port allocation, or as
upstream has accepted allowing libnl to attempt to try for other
local ports.
* All patches applied are already accepted upstream and newer Ubuntu
releases are not affected.
[Test Case]
* On a Trusty 14.04 system
1. sudo apt-get install libnl-3-200 libnl-3-dev libnl-3-dev \
2. download and unpack attachment: lp_1511735_test.tar
3. Run testcases:
% if ./example.sh; then echo "libnl OK"; else echo "libnl FAILED"; fi
gcc -o example -I/usr/
set manually the local port to 6975 (pid: 6974)
local port has been set by the libnl to 6975 (pid: 6975)
ERROR: genl_connect(): Object exists (local port: 6975, pid: 6975)
libnl FAILED
% python libnl3-
ulimit(NOFILE) = (2048, 4096)
Test: PID=6978
TEST (a)...
Traceback (most recent call last):
File "libnl3-
File "libnl3-
sk = nl_get_socket()
File "libnl3-
raise IOError(-err, _nl_geterror())
OSError: [Errno 6] b'Unspecific failure'
4. After applying the updated packages:
% if ./example.sh; then echo "libnl OK"; else echo "libnl FAILED"; fi
gcc -o example -I/usr/
set manually the local port to 11295 (pid: 11294)
local port has been set by the libnl to 2894081055 (pid: 11295)
libnl OK
% python libnl3-
ulimit(NOFILE) = (2048, 4096)
Test: PID=11296
TEST (a)...
...done
TEST (b)...
...done
TEST (c)...
...done
TEST (d)...
...done
[Regression Potential]
* There are quite a few high profile packages that depend on this package,
notably libvirt and network-manager. The complete list is here:
# on Trusty
% apt-rdepends -r libnl-3-200 | head -n 33
libnl-3-200
Reverse Depends: batctl (>= 2013.4.0-2)
Reverse Depends: bmon (>= 1:3.1-1)
Reverse Depends: crda (>= 1.1.2-1ubuntu2)
Reverse Depends: hostapd (>= 1:2.1-0ubuntu1)
Reverse Depends: ipvsadm (>= 1:1.26-2ubuntu1)
Reverse Depends: iw (>= 3.4-1)
Reverse Depends: keepalived (>= 1:1.2.7-1ubuntu1)
Reverse Depends: kismet (>= 2013.03.R1b-3)
Reverse Depends: knemo (>= 0.7.6-2)
Reverse Depends: libfsobasics3 (>= 0.12.0-4)
Reverse Depends: libnetcf1 (>= 1:0.2.3-4ubuntu1)
Reverse Depends: libnl-3-200-dbg (= 3.2.21-1)
Reverse Depends: libnl-3-dev (= 3.2.21-1)
Reverse Depends: libnl-cli-3-200 (= 3.2.21-1)
Reverse Depends: libnl-genl-3-200 (= 3.2.21-1)
Reverse Depends: libnl-nf-3-200 (= 3.2.21-1)
Reverse Depends: libnl-route-3-200 (= 3.2.21-1)
Reverse Depends: libnl-utils (>= 3.2.21-1)
Reverse Depends: libnss-gw-name (>= 0.3-2)
Reverse Depends: libvirt-bin (>= 1.2.2-0ubuntu13)
Reverse Depends: libvirt0 (>= 1.2.2-0ubuntu13)
Reverse Depends: lowpan-test-tools (>= 0.3-1)
Reverse Depends: lowpan-tools (>= 0.3-1)
Reverse Depends: neard (>= 0.11-1)
Reverse Depends: neard-tools (>= 0.11-1)
Reverse Depends: network-manager (>= 0.9.8.8-0ubuntu7)
Reverse Depends: ntrack-
Reverse Depends: plainbox-
Reverse Depends: powertop (>= 2.5-1ubuntu1)
Reverse Depends: quota (>= 4.01-3)
Reverse Depends: sssd-common (>= 1.11.5-1ubuntu3)
Reverse Depends: wpasupplicant (>= 2.1-0ubuntu1)
* This patch does change the default behavoir when asking libnl-3-200
to generate local ports. Applications (or libraries) may already
have retry code in-place and it's not clear if those applications
would break.
[Original Description]
The following upstream patches are needed in order to avoid failures when binding a netlink socket:
1f734a8f892a lib/socket: randomize the generated local port
http://
4dd5fdd0af2c lib/socket: retry generate local port in nl_connect on ADDRINUSE
http://
027157898708 lib/socket: don't fail if no more local ports can be assigned in nl_socket_alloc
http://
0fd510b3673f lib/socket: use proper typed constant UINT32_MAX for uint32_t typed port
http://
Without these patches, an application which opens and closes regularly netlink sockets can easily fails to bind them.
no longer affects: | linux (Ubuntu) |
tags: | added: 6wind |
Changed in libnl3 (Debian): | |
status: | Unknown → New |
Changed in libnl3 (Ubuntu): | |
importance: | Undecided → Medium |
Changed in libnl3 (Ubuntu Trusty): | |
importance: | Undecided → Medium |
status: | New → Triaged |
tags: | added: patch |
tags: |
added: verification-failed removed: verification-done |
Changed in libnl3 (Debian): | |
status: | New → Fix Released |
description: | updated |
Changed in libnl3 (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
description: | updated |
tags: |
added: verification-done removed: verification-needed |
Changed in libnl3 (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
Changed in libnl3 (Ubuntu Trusty): | |
assignee: | nobody → Ryan Harper (raharper) |
Changed in libnl3 (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:
apport-collect 1511735
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.