bin/61084: nfsd sometimes exits prematurely during port-scan
Bjoern Groenvall
bg at sics.se
Thu Jan 8 09:01:31 PST 2004
>Number: 61084
>Category: bin
>Synopsis: nfsd sometimes exits prematurely during port-scan
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jan 08 09:00:32 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Bjoern Groenvall
>Release: FreeBSD 5.2-RC i386
>Organization:
SICS
>Environment:
System: FreeBSD dim.sics.se 5.2-RC FreeBSD 5.2-RC #1: Fri Dec 19 16:32:35 CET 2003 root at dim.sics.se:/usr/src/sys/i386/compile/DIM i386
>Description:
When an NFS server is port-scanned nfsd sometimes exits. This has happened
3 times the last few weeks.
Nfsd has been written to exit when accept(2) fails. Unfortunately
accept can sometimes make a "normal" return with errno ECONNABORTED
and in this case nfsd exits prematurely (see below).
Dec 22 16:25:59 dim kernel: Limiting closed port RST response from 363 to 200 packets/sec
Dec 22 16:25:59 dim nfsd[417]: accept failed: Software caused connection abort
Dec 22 16:26:00 dim kernel: Limiting closed port RST response from 215 to 200 packets/sec
Dec 28 08:26:43 dim kernel: Limiting closed port RST response from 325 to 200 packets/sec
Dec 28 08:26:43 dim nfsd[36538]: accept failed: Software caused connection abort
Dec 28 08:26:45 dim kernel: Limiting closed port RST response from 431 to 200 packets/sec
Jan 7 00:37:12 dim kernel: Limiting closed port RST response from 305 to 200 packets/sec
Jan 7 00:37:12 dim nfsd[89133]: accept failed: Software caused connection abort
Jan 7 00:37:14 dim kernel: Limiting closed port RST response from 371 to 200 packets/sec
>How-To-Repeat:
Unknown. Perhaps possible using a port-scan program of some sort.
>Fix:
This is a sample fix that also handles rare "normal" returns with errno EINTR.
--- nfsd.c.orig Thu Jul 25 08:18:22 2002
+++ nfsd.c Wed Jan 7 18:02:18 2004
@@ -658,6 +658,8 @@
if (select(maxsock + 1,
&ready, NULL, NULL, NULL) < 1) {
syslog(LOG_ERR, "select failed: %m");
+ if (errno == EINTR)
+ continue;
nfsd_exit(1);
}
}
@@ -668,6 +670,9 @@
if ((msgsock = accept(tcpsock,
(struct sockaddr *)&inetpeer, &len)) < 0) {
syslog(LOG_ERR, "accept failed: %m");
+ if (errno == ECONNABORTED ||
+ errno == EINTR)
+ continue;
nfsd_exit(1);
}
memset(inetpeer.sin_zero, 0,
@@ -688,6 +693,9 @@
&len)) < 0) {
syslog(LOG_ERR,
"accept failed: %m");
+ if (errno == ECONNABORTED ||
+ errno == EINTR)
+ continue;
nfsd_exit(1);
}
if (setsockopt(msgsock, SOL_SOCKET,
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list