thr3ads.net - freebsd stable - Possible breakage of RELENG_4_8 kernels with security fix for FreeBSD-SA-03:14.arp [Sep 2003]

If this information is useful, please help other people find it:
Share via:
Scott Lambert
2003-Sep-23 23:27 UTC
Possible breakage of RELENG_4_8 kernels with security fix for FreeBSD-SA-03:14.arp

We cvsupped RELENG_4_8 today to get fix for FreeBSD-SA-03:14.arp.
Several machines are ok but three had issues before we stopped rebooting
to the new kernels.

This is the cvsup log:
Parsing supfile "/usr/share/examples/cvsup/RELENG_4_8-supfile"
Connecting to cvsup.lambertfam.org
Connected to cvsup.lambertfam.org
Server software version: SNAP_16_1h
Negotiating file attribute support
Exchanging collection information
Establishing multiplexed-mode data connection
Running
Updating collection src-all/cvs
 Edit src/UPDATING
  Add delta 1.73.2.80.2.10 2003.09.23.16.44.58 bms
 Edit src/sys/conf/newvers.sh
  Add delta 1.44.2.29.2.9 2003.09.23.16.44.58 bms
 Edit src/sys/netinet/if_ether.c
  Add delta 1.64.2.22.2.1 2003.09.23.16.44.58 bms
Shutting down connection to server
Finished successfully

One one machine, we have two fxp cards.  One is a crossover to machine
"two".  The default route was not set properly during boot.  I got in
from another machine on the local LAN and added the default route.  No
further problems, but we haven't reloaded it again as it is a critical
system and is currently functional.  01:41:32 Wed Sep 24 # uname -a

PII 300

FreeBSD one.xxxx.com 4.8-RELEASE-p8 FreeBSD 4.8-RELEASE-p8 #1: Tue Sep 23
22:07:57 EDT 2003     root@buildhost.xxxx.com:/usr/obj/usr/src/sys/ONE  i386

/kernel.old says he was:
@(#)FreeBSD 4.8-RELEASE-p7 #0: Thu Sep 18 14:58:30 EDT 2003

I am unsure if that kernel was running or awaiting a reload.

IPv4 only.

ipfw with OPEN rc.firewall option.

On the second machine, (one I didn't work with personally), we have two
fxp0 NICs.  One is a crossover cable to machine "one".  The other is
the
customer facing interface which holds the default route.

This machine couldn't ping any of the hosts on the exterior facing LAN
but was accessible via the crossover network.  Luck is with us. 

We reverted to the old kernel almost immediately since this is a very
critical server and it is remote while the time is late.

This is the only machine that gave us errors in the logs:
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for 216.22ork
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216>arpresolve: can't allocate
llinfo for 216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: locate llinfo for 216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolval network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt
Sep 24 01:00:01 two /kernel: arplookup 216.223.192.1 failed: host is not on
local network
Sep 24 01:00:01 two /kernel: arpresolve: can't allocate llinfo for
216.223.192.1rt

PII 300

Current kernel:
FreeBSD two.xxxx.com 4.8-RELEASE-p1 FreeBSD 4.8-RELEASE-p1 #32: Sun Aug  3
22:13:45 EDT 2003     root@buildhost.xxxx.com:/usr/obj/usr/src/sys/GENERIC  i386

Grepped this from the bad kernel:
@(#)FreeBSD 4.8-RELEASE-p8 #1: Tue Sep 23 20:55:58 EDT 2003
root@buildhost.xxxx.com:/usr/obj/usr/src/sys/GENERIC

IPv4 and IPv6.

ipfw with OPEN rc.firewall option.

The third system I have played with more since it is less critical.  I
am able to access it via other hosts on the LAN.  When I try to add the
default route, I recieve no errors, but the route does not show in the
netstat -an.  There are no errors or warnings in the logs.  Nothing in
dmesg.

P 133

FreeBSD three.xxxx.com 4.8-RELEASE-p8 FreeBSD 4.8-RELEASE-p8 #1: Tue Sep 23
21:07:37 EDT 2003     root@buildhost.xxxx.com:/usr/obj/usr/src/sys/THREE  i386

IPv4 and IPv6.

no ipfw.

vx0: <3COM 3C595 Fast Etherlink III PCI>

So basically, all three machines are exhibiting slightly different
failures.  But all related to the network. 

I can dig up more details tomorrow, but wanted to get this little bit
out tonight to see if anyone else sees anything similar.

-- 
Scott Lambert                    KC5MLE                       Unix SysAdmin
lambert@lambertfam.org
freebsd stable - Sep 2003 - Possible breakage of RELENG_4_8 kernels with security fix for FreeBSD-SA-03:14.arp

Possible breakage of RELENG_4_8 kernels with security fix for FreeBSD-SA-03:14.arp
