2.6.12 patch on 2.6.11 kernel
I have applied the tproxy 2.6.12-2.0.2. patch on 2.6.11-hardened-r15 (Gentoo SElinux default kernel). The patch applied almost clean I have to fix some Make files but no other major problem. When the kernel is compiled with SMP support the kernel freeze when the j TPROXY rule is hit by any package more exactly is crash on a writelock. The last line is executed is in ip_nat_core.c if (have_to_hash) { unsigned int srchash = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] .tuple); WRITE_LOCK(&ip_nat_lock); <-- here is hangs list_add(&info->bysource, &bysource[srchash]); WRITE_UNLOCK(&ip_nat_lock); } I have tried the compiling the kernel without SMP and is almost working I get some kernel panic even with no tproxy rule at all But I didnt have time to investigate . Anybody manage to apply the patch on 2.6.11 kernel ? I have spent a lot of time applying a lot of patched on this kernel (I intended to use it in a extremely experimental network) so I am not too happy to change it because until now I never have problems with it. Do I have any chance to make it work or should I use a clean vanilla kernel sources. Sorry if is sounds kind of stupid applying a patch for kernel 2.6.12 on a 2.6.11 that is already extremely blotted with other patches. P.S: The problems manifests even with the stock hardened Gentoo kernel with no others patched but the one from the portage. (Not in enforce mode) __________________________________ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com
Hi, On Wednesday 02 November 2005 00.02, Tudor Alexandru Dragos wrote:
Make files but no other major problem. When the kernel is compiled with SMP support the kernel freeze when the j TPROXY rule is hit by any package more exactly is crash on a writelock. The last line is executed is in ip_nat_core.c
if (have_to_hash) { unsigned int srchash = hash_by_src(&conntrack->tuplehash[IP_CT_DIR_ORIGINAL] .tuple); WRITE_LOCK(&ip_nat_lock); <-- here is hangs list_add(&info->bysource, &bysource[srchash]); WRITE_UNLOCK(&ip_nat_lock); }
I have tried the compiling the kernel without SMP and is almost working I get some kernel panic even with no tproxy rule at all But I didnt have time to investigate .
Uh, I've found exactly the same problem last friday, but did not have time to release a new patch before my four-day-long weekend. Sorry about this, I'll create an updated release today.
Anybody manage to apply the patch on 2.6.11 kernel ?
I have spent a lot of time applying a lot of patched on this kernel (I intended to use it in a extremely experimental network) so I am not too happy to change it because until now I never have problems with it. Do I have any chance to make it work or should I use a clean vanilla kernel sources. Sorry if is sounds kind of stupid applying a patch for kernel 2.6.12 on a 2.6.11 that is already extremely blotted with other patches.
Differences in the tproxy patch between 2.6.11 and 2.6.12 were quite small, so applying the patch should be easy. I don't say it will work out-of-the-box, but there shouldn't be any serious incompatibilities. (Like those between 2.6.10 and 2.6.11.) -- Regards, Krisztian Kovacs
participants (2)
-
KOVACS Krisztian
-
Tudor Alexandru Dragos