| 1 |
[Mike: This looks like your field of expertise] |
| 2 |
On Tue, 27 Jan 2009 16:47:50 +0100 |
| 3 |
Tobias Klausmann <klausman@g.o> wrote: |
| 4 |
|
| 5 |
> Hi, |
| 6 |
> |
| 7 |
> glibc 2.9 uses a different way to implement getaddrinfo() which |
| 8 |
> triggers a race condition in most (if not all) Netfilter |
| 9 |
> firewalls that use connection tracking. glibc does nothing wrong |
| 10 |
> per se, it just triggers the condition. (technical details here: |
| 11 |
> http://marc.info/?l=linux-netdev&m=123304473331445) |
| 12 |
[...] |
| 13 |
> I don't have any experience with glibc upstream but pestering |
| 14 |
> them about this out of the blue might only cause a flame war |
| 15 |
> between kernel and glibc folks. Thus, I'm asking you, my fellow |
| 16 |
> devs (and the glibc and kernel teams specifically), what you |
| 17 |
> think is the best idea/course of action. |
| 18 |
|
| 19 |
The connection with IPv6 leads me to believe that this is |
| 20 |
http://bugs.gentoo.org/250468 |
| 21 |
http://sourceware.org/bugzilla/show_bug.cgi?id=7060 |
| 22 |
|
| 23 |
Mike has added a patch to Gentoo's patchset but hasn't bumped the |
| 24 |
revision yet. It does look spectacularly hacky, though :-) |
| 25 |
|
| 26 |
Anyway, if this is your problem, it looks like upstream is already |
| 27 |
working on it and that we just need to *prod* Mike a bit to get a fix |
| 28 |
into the tarball. |
| 29 |
|
| 30 |
/PA |
Archives