Your message dated Thu, 30 Jul 2020 14:04:43 +0200
with message-id <[email protected]>
and subject line Re: Bug#822677: base: kernel panic with iptables AUDIT target
and iptables-persistent
has caused the Debian Bug report #822677,
regarding base: kernel panic with iptables AUDIT target and iptables-persistent
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
822677: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822677
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: base
Severity: important
Dear Maintainer,
I see kernel panic at boot after adding iptables rule with AUDIT target and
persisting it via iptables-persisent.
Can be also reproduced with own init script which runs on boot and adds
iptables rule.
Reproduced on VirtualBox and VMWare. Guest OS:
root@debian7:~# uname -a
Linux debian7 3.2.0-4-amd64 #1 SMP Debian 3.2.78-1 x86-64 GNU/Linux
Steps to reproduce:
1) Install Linux debian7 3.2.0-4-amd64 #1 SMP Debian 3.2.78-1 x86-64 GNU/Linux
2) Install iptables-persistent
3) Add rule to OUTPUT chain
iptables -I OUTPUT -j AUDIT --type accept
4) Save rule
iptables-save > /etc/iptables/rules.v4
5) Reboot
6) Kernel panic
[ 217.819774] piix4_smbus 0000:00:07.0: SMBus base address uninitialized -
upgrade BIOS or use force_addr=0xaddr
[ 218.173782] Error: Driver 'pcspkr' is already registered, aborting...
[ 229.433697] BUG: unable to handle kernel paging request at ffff88021a2fc80b
[ 229.524189] IP: [<ffffffffa03e3330>] audit_tg+0xb9/0x15b [xt_AUDIT]
[ 229.713702] PGD 1606063 PUD 0
[ 229.714117] Oops: 0000 [#1] SMP
[ 229.714479] CPU 0
[ 229.714652] Modules linked in: xt_AUDIT parport_pc ppdev lp parport bnep
bluetooth rfkill ip6table_filter ip6_tables iptable_filter ip_tables x_tables
uinput nfsd nfs nfs_acl auth_rpcgss fscache lockd sunrpc loop crc32c_intel
aesni_intel battery ac power_supply pcspkr processor video aes_x86_64
thermal_sys psmouse joydev evdev serio_raw button aes_generic cryptd
snd_intel8x0 snd_ac97_codec snd_pcm snd_page_alloc snd_timer snd soundcore
vboxguest(O) i2c_piix4 i2c_core ac97_bus ext4 crc16 jbd2 mbcache usbhid hid sg
sr_mod sd_mod crc_t10dif cdrom ata_generic ata_piix ohci_hcd ehci_hcd ahci
libahci libata usbcore usb_common e1000 scsi_mod [last unloaded: scsi_wait_scan]
[ 230.154897]
[ 230.223490] Pid: 0, comm: swapper/0 Tainted: G O 3.2.0-4-amd64 #1
Debian 3.2.78-1 innotek GmbH VirtualBox/VirtualBox
[ 230.594007] RIP: 0010:[<ffffffffa03e3330>] [<ffffffffa03e3330>]
audit_tg+0xb9/0x15b [xt_AUDIT]
[ 230.963683] RSP: 0018:ffff88011fc03be0 EFLAGS: 00010286
[ 231.053744] RAX: 0000000000000000 RBX: ffff880119f8aac0 RCX: ffff88021a2fc7ff
[ 231.433840] RDX: 000000000000005c RSI: ffffffffa03e412f RDI: ffff88011a8beac0
[ 231.603982] RBP: ffff88011fc03ce0 R08: ffff880119e15000 R09: 00000000fffffff8
[ 231.724164] R10: 0000000000000078 R11: 0000000000000000 R12: ffff88011a8beac0
[ 231.725226] R13: ffff8801181cb658 R14: ffff880119f8aac0 R15: ffff8801181cb638
[ 231.744298] FS: 0000000000000000(0000) GS:ffff88011fc00000(0000)
knlGS:0000000000000000
[ 231.745494] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 231.754042] CR2: ffff88021a2fc80b CR3: 0000000119e58000 CR4: 00000000000406f0
[ 231.755131] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 231.763888] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 231.764930] Process swapper/0 (pid: 0, threadinfo ffffffff81600000, task
ffffffff8160d020)
[ 231.766108] Stack:
[ 231.772178] ffff880117e3e000 0000000000000000 0000009d00000001
ffff8801181cb5c8
[ 231.794053] ffff880119e1a540 ffff88011fc1a88c ffff88011a2fc810
ffffffffa035b0f4
[ 231.804858] 0000000000000046 ffff880117e3e000 ffff880118f17e80
ffffffff8160d020
[ 231.805980] Call Trace:
[ 231.814086] <IRQ>
[ 231.814508] [<ffffffffa035b0f4>] ? ipt_do_table+0x4d7/0x556 [ip_tables]
[ 231.815478] [<ffffffff812f4470>] ? xfrm_lookup+0x3a1/0x43a
[ 231.816293] [<ffffffff810ec003>] ? virt_to_cache+0x7/0x23
[ 231.854059] [<ffffffff812b3a49>] ? nf_iterate+0x41/0x77
[ 231.864550] [<ffffffff812bc14a>] ? __skb_dequeue+0x31/0x31
[ 231.865372] [<ffffffff812b3ae7>] ? nf_hook_slow+0x68/0x101
[ 231.866184] [<ffffffff812bc14a>] ? __skb_dequeue+0x31/0x31
[ 231.880501] [<ffffffff812bd7cb>] ? nf_hook_thresh.constprop.31+0x39/0x3e
[ 231.881538] [<ffffffff812bd7ef>] ? __ip_local_out+0x1f/0x3d
[ 231.882373] [<ffffffff812bd816>] ? ip_local_out+0x9/0x19
[ 231.883171] [<ffffffff812e2aa5>] ? igmp_ifc_timer_expire+0x1b2/0x1df
[ 231.884114] [<ffffffff810526cc>] ? run_timer_softirq+0x19a/0x261
[ 231.885010] [<ffffffff812e28f3>] ? add_grec+0x364/0x364
[ 231.885799] [<ffffffff8102b2d2>] ? kvm_clock_read+0x17/0x1a
[ 231.894392] [<ffffffff8104c4c0>] ? __do_softirq+0xd7/0x1af
[ 231.895271] [<ffffffff8106b417>] ? clockevents_program_event+0xaa/0xce
[ 231.896236] [<ffffffff813594ec>] ? call_softirq+0x1c/0x30
[ 231.897055] [<ffffffff8100faad>] ? do_softirq+0x3c/0x7b
[ 231.897857] [<ffffffff8104c742>] ? irq_exit+0x3c/0x99
[ 231.904278] [<ffffffff81024670>] ? smp_apic_timer_interrupt+0x74/0x82
[ 231.905270] [<ffffffff81357d5e>] ? apic_timer_interrupt+0x6e/0x80
[ 231.906178] <EOI>
[ 231.906543] [<ffffffff810149e7>] ? mwait_idle+0x7f/0xac
[ 232.125169] [<ffffffff810149da>] ? mwait_idle+0x72/0xac
[ 232.284049] [<ffffffff8100d24c>] ? cpu_idle+0xaf/0xf2
[ 232.284927] [<ffffffff816aab3b>] ? start_kernel+0x3bd/0x3c8
[ 232.285814] [<ffffffff816aa140>] ? early_idt_handlers+0x140/0x140
[ 232.286728] [<ffffffff816aa3c4>] ? x86_64_start_kernel+0x104/0x111
[ 232.287645] Code: 8b 43 20 48 85 c0 74 78 66 83 b8 c4 01 00 00 01 75 6e 8b
8b c8 00 00 00 31 c0 48 c7 c6 2f 41 3e a0 48 03 8b d8 00 00 00 4c 89 e7 <66> 44
8b 41 0c 48 8d 51 06 66 41 c1 c0 08 45 0f b7 c0 e8 cd 5e
[ 232.505392] RIP [<ffffffffa03e3330>] audit_tg+0xb9/0x15b [xt_AUDIT]
[ 232.506338] RSP <ffff88011fc03be0>
[ 232.524441] CR2: ffff88021a2fc80b
[ 232.534296] ---[ end trace 3c9efffc5c9e0cae ]---
[ 232.535051] Kernel panic - not syncing: Fatal exception in interrupt
[ 232.535973] Pid: 0, comm: swapper/0 Tainted: G D O 3.2.0-4-amd64 #1
Debian 3.2.78-1
[ 232.537158] Call Trace:
[ 232.537543] <IRQ> [<ffffffff8134b6b7>] ? panic+0x95/0x1a2
[ 232.538388] [<ffffffff81352247>] ? _raw_spin_unlock_irqrestore+0xe/0xf
[ 232.539358] [<ffffffff8135310c>] ? oops_end+0xa9/0xb6
[ 232.540123] [<ffffffff8134afd6>] ? no_context+0x1ff/0x20e
[ 232.540968] [<ffffffff8134a8ed>] ? pud_offset+0x16/0x35
[ 232.564725] [<ffffffff81355109>] ? do_page_fault+0x1b6/0x345
[ 2232.604314] [<ffffffff81089205>] ? audit_log_vformat+0xcb/0xda
[ 232.914225] [<ffffffff811b4025>] ? vsnprintf+0x3ee/0x427
[ 233.014428] [<ffffffff81089257>] ? audit_log_format+0x43/0x48
[ 233.164204] [<ffffffff81352815>] ? page_fault+0x25/0x30
[ 233.374338] [<ffffffffa03e3330>] ? audit_tg+0xb9/0x15b [xt_AUDIT]
[ 233.405031] [<ffffffffa035b0f4>] ? ipt_do_table+0x4d7/0x556 [ip_tablss]
[ 233.924368] [<ffffffff812f4470>] ? xfrm_lookup+0x3a1/0x43a
[ 234.214539] [<ffffffff810ec003>] ? virt_to_cache+0x7/0x23
[ 2234.274907] [<ffffffff812b3a49>] ? nf_iterate+0x41/0x77
[ 234.342667] [<ffffffff812bc14a>] ? __skb_dequeue+0x31/0x31
[ 234.495100] [<ffffffff812b3ae7>] ? nf_hook_slow+0x68/0x101
[ 234.535275] [<ffffffff812bc14a>] ? __skb_dequeue+0x31/0x31
[ 234.614601] [<ffffffff812bd7cb>] ? nf_hook_thresh.constprop.31+0x39/0x3e
[ 234.714592] [<ffffffff812bd7ef>] ? __ip_local_out+0x1f/0x3
[ 2234.836013] [<ffffffff812bd816>] ? ip_local_out+0x9/0x19
[ 2234.925049] [<ffffffff812e2aa5>] ? igmp_ifc_timer_expire+0x1b2/0x1df
[ 235.014937] [<ffffffff810526cc>] ? run_timer_softirq+0x19a/0x261
[ 235.083763] [<ffffffff812e28f3>] ? add_grec+0x364/0x364
[ 235.314747] [<ffffffff8102b2d2>] ? kvm_clock_read+0x17/0x1a
[ 235.380032] [<ffffffff8104c4c0>] ? __do_softirq+0xd7/0x1af
[ 235.495023] [<ffffffff8106b417>] ? clockevents_program_event+0xaa/0xce
[ 2235.575418] [<ffffffff813594ec>] ? call_softirq+0x1c/0x30
[ 255.725267] [<ffffffff8100faad>] ? do_softirq+0x3c/0x7b
[ 235.914972] [<ffffffff8104c742>] ? irq_exit+0x3c/0x99
[ 235.995091] [<ffffffff81024670>] ? smp_apic_timer_interrupt+0x74/0x82
[ 236.035736] [<ffffffff81357d5e>] ? apic_timer_interrupt+0x6e/0x80
[ 236.104947] <EOI> [<ffffffff810149e7>] ? mwait_idle+0x7f/0xac
[ 236.254760] [<ffffffff810149da>] ? mwait_idle+0x72/0xac
[ 236.358975] [<ffffffff8100d24c>] ? cpu_idle+0xaf/0x22
[ 236.463513] [<ffffffff816aab3b>] ? start_kernel+0x3bd/0x3c8
[ 236.515132] [<ffffffff816aa140>] ? early_idt_handlers+0x140/0x140
[ 2236.536116] [<ffffffff816aa3c4>] ? x86_64_start_kernel+0x104/0x111
-- System Information:
Debian Release: 7.10
APT prefers oldstable-updates
APT policy: (500, 'oldstable-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=locale: Cannot set
LC_ALL to default locale: No such file or directory
UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
* Lev Stipakov <[email protected]> [200730 12:03]:
> 1) Install Linux debian7 3.2.0-4-amd64 #1 SMP Debian 3.2.78-1 x86-64 GNU/Linux
...
This should have been filed against linux-image-3.2.0.4-amd64, but
it's been so long ago that we don't even have metadata for that
package anymore.
It's unlikely anyone will follow up on this, so I'm closing this
bug.
Chris
--- End Message ---
