| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID:
<MN2PR12MB44863139E562A59329E89DBEB982A@MN2PR12MB4486.namprd12.prod.outlook.com>
Date: Thu, 30 Nov 2023 13:55:06 +0000
From: Shachar Kagan <skagan@...dia.com>
To: "edumazet@...gle.com" <edumazet@...gle.com>
CC: "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"netdev@...r.kernel.org" <netdev@...r.kernel.org>, "kuba@...nel.org"
<kuba@...nel.org>, Jason Gunthorpe <jgg@...dia.com>, Yishai Hadas
<yishaih@...dia.com>, Ido Kalir <idok@...dia.com>, Topaz Uliel
<topazu@...dia.com>, Shirly Ohnona <shirlyo@...dia.com>, Ziyad Atiyyeh
<ziyadat@...dia.com>
Subject: Bug report connect to VM with Vagrant
Hi Eric,
I have an issue that bisection pointed at this patch:
commit 0a8de364ff7a14558e9676f424283148110384d6
tcp: no longer abort SYN_SENT when receiving some ICMP
Full commit message at [1].
The issue appears while using Vagrant to manage nested VMs.
The steps are:
* create vagrant file
* vagrant up
* vagrant halt (VM is created but shut down)
* vagrant up - fail
Turn on a VM with ‘Vagrant up’ fails when the VM is in halt state. When the VM hasn't been created yet, 'Vagrant up' passes.
The failure occurs in the Net-SSH connection to the VM step.
Vagrant error is ‘Guest communication could not be established! This is usually because SSH is not running, the authentication information was changed, or some other networking issue.'
We use a new version of vagrant-libvirt.
Turn on the VM with virsh instead of vagrant works.
Stdout[2] bellow.
Any idea what may cause the error with your patch?
Thanks,
Shachar Kagan
[1]
commit 0a8de364ff7a14558e9676f424283148110384d6
Author: Eric Dumazet <edumazet@...gle.com>
Date: Tue Nov 14 17:23:41 2023 +0000
tcp: no longer abort SYN_SENT when receiving some ICMP
Currently, non fatal ICMP messages received on behalf
of SYN_SENT sockets do call tcp_ld_RTO_revert()
to implement RFC 6069, but immediately call tcp_done(),
thus aborting the connect() attempt.
This violates RFC 1122 following requirement:
4.2.3.9 ICMP Messages
...
o Destination Unreachable -- codes 0, 1, 5
Since these Unreachable messages indicate soft error
conditions, TCP MUST NOT abort the connection, and it
SHOULD make the information available to the
application.
This patch makes sure non 'fatal' ICMP[v6] messages do not
abort the connection attempt.
It enables RFC 6069 for SYN_SENT sockets as a result.
Signed-off-by: Eric Dumazet <edumazet@...gle.com>
Cc: David Morley <morleyd@...gle.com>
Cc: Neal Cardwell <ncardwell@...gle.com>
Cc: Yuchung Cheng <ycheng@...gle.com>
Signed-off-by: David S. Miller <davem@...emloft.net>
[2]
Vagrant up stdout:
Bringing machine 'player1' up with 'libvirt' provider...
==> player1: Creating shared folders metadata...
==> player1: Starting domain.
==> player1: Domain launching with graphics connection settings...
==> player1: -- Graphics Port: 5900
==> player1: -- Graphics IP: 127.0.0.1
==> player1: -- Graphics Password: Not defined
==> player1: -- Graphics Websocket: 5700
==> player1: Waiting for domain to get an IP address...
==> player1: Waiting for machine to boot. This may take a few minutes...
player1: SSH address: 192.168.123.61:22
player1: SSH username: vagrant
player1: SSH auth method: private key
==> player1: Attempting graceful shutdown of VM...
==> player1: Attempting graceful shutdown of VM...
==> player1: Attempting graceful shutdown of VM...
player1: Guest communication could not be established! This is usually because
player1: SSH is not running, the authentication information was changed,
player1: or some other networking issue. Vagrant will force halt, if
player1: capable.
==> player1: Attempting direct shutdown of domain...
Powered by blists - more mailing lists