Bug 215122 - Try to change route default to IP out of range lock the system
Summary: Try to change route default to IP out of range lock the system
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 11.0-STABLE
Hardware: Any Any
: --- Affects Some People
Assignee: Andrey V. Elsukov
URL:
Keywords: patch
: 211602 (view as bug list)
Depends on:
Blocks:
 
Reported: 2016-12-07 16:26 UTC by Renato Botelho
Modified: 2017-06-20 06:00 UTC (History)
8 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Renato Botelho freebsd_committer 2016-12-07 16:26:58 UTC
This issue was first reported on pfSense - https://redmine.pfsense.org/issues/6850 and it started to happen on pfSense 2.4, which is based on FreeBSD 11.0.

Really easy to reproduce, just run:

# route change -inet default <IP_OUT_OF_RANGE>

It'll lock the machine. After that I got serial console access and could login, but when I ran 'netstat -nr' it locked console too
Comment 1 Andrey V. Elsukov freebsd_committer 2016-12-07 18:20:09 UTC
With
Comment 2 Andrey V. Elsukov freebsd_committer 2016-12-07 18:23:09 UTC
The problem is that ifa_ifwithroute() called with acquired RIB_WLOCK, but since gateway is not in directly connect network it uses rtalloc1_fib() that acquires RIB_RLOCK.
Comment 3 Renato Botelho freebsd_committer 2016-12-08 19:30:27 UTC
loos@ pushed a fix on pfSense, we will test and report back results here.

https://github.com/pfsense/FreeBSD-src/commit/4627301691bb818abae4e82bda1a5ef38d52a68f
Comment 4 guyyur 2016-12-24 13:18:00 UTC
*** Bug 211602 has been marked as a duplicate of this bug. ***
Comment 5 Luiz Otavio O Souza,+55 (14) 99772-1255 freebsd_committer 2017-01-03 23:50:28 UTC
Can we revert r293829 and use RTF_RNH_LOCKED here ?

I wasn't aware of r293829 when I did the pfSense workaround.
Comment 6 Gleb Smirnoff freebsd_committer 2017-01-04 00:04:54 UTC
Let's allow Alexander to look at before reverting.
Comment 7 Marek Zarychta 2017-04-17 12:07:40 UTC
Changing a route for all fibs but fib 0 also locks the system. 

# route add default 127.0.0.1 -fib 1
add net default: gateway 127.0.0.1 fib 1
# route change default 127.0.0.2 -fib 1
Now the system is locked, it is possible to log in via ssh for some time, then machine loses network access.

When the route is deleted, then added again with new gateway the lock doesn't happen.
Comment 8 Marek Zarychta 2017-04-17 20:03:17 UTC
Affected system: 11.0-STABLE r317066 with default, GENERIC kernel.
Comment 9 commit-hook freebsd_committer 2017-06-13 10:52:54 UTC
A commit references this bug:

Author: ae
Date: Tue Jun 13 10:52:31 UTC 2017
New revision: 319895
URL: https://svnweb.freebsd.org/changeset/base/319895

Log:
  Resurrect RTF_RNH_LOCKED flag and restore ability to call rtalloc1_fib()
  with acquired RIB lock.

  This fixes a possible panic due to trying to acquire RIB rlock when it is
  already exclusive locked.

  PR:		215963, 215122
  MFC after:	1 week
  Sponsored by:	Yandex LLC

Changes:
  head/sys/net/route.c
  head/sys/net/route.h
Comment 10 commit-hook freebsd_committer 2017-06-20 05:58:28 UTC
A commit references this bug:

Author: ae
Date: Tue Jun 20 05:57:28 UTC 2017
New revision: 320134
URL: https://svnweb.freebsd.org/changeset/base/320134

Log:
  MFC r319895:
    Resurrect RTF_RNH_LOCKED flag and restore ability to call rtalloc1_fib()
    with acquired RIB lock.

    This fixes a possible panic due to trying to acquire RIB rlock when it is
    already exclusive locked.

    PR:		215963, 215122
    Sponsored by:	Yandex LLC
  Approved by:	re (delphij)

Changes:
_U  stable/11/
  stable/11/sys/net/route.c
  stable/11/sys/net/route.h