Fixed
Created: Jan 19, 2016
Updated: Dec 3, 2018
Resolved Date: Jan 19, 2016
Found In Version: 6.0
Fix Version: 6.0.0.28
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Kernel
Heading: vsftpd and gettimeofday syscall
Severity: High
It seems we are bitten by this problem:
https://lists.ubuntu.com/archives/ubuntu-server-bugs/2014-April/111922.html
in vsftpd in WRL5. The problem for the customer is that gettimeofday
gets called for a simple 'ls' even without syslog_enable if they run
wrl5 as a kvm guest!?
Log:
[Fri Jan 08 14:12:57.701 2016] 230 Login successful.
[Fri Jan 08 14:12:57.701 2016] Remote system type is UNIX.
[Fri Jan 08 14:12:57.701 2016] Using binary mode to transfer files.
[2] when "ls" command is issued, it gives error
[Fri Jan 08 14:12:57.701 2016] ftp> ls
[Fri Jan 08 14:13:04.354 2016] 500 OOPS: priv_sock_get_int
[Fri Jan 08 14:13:04.354 2016] 421 Service not available, remote server
has closed connection.
strace:
shed ...>
[pid 18632] <... recvfrom resumed> "EPSV\r\n", 4096, MSG_PEEK, NULL,
NULL) = 6
[pid 18632] read(0, "EPSV\r\n", 6) = 6
[pid 18632] write(8, "\n", 1) = 1
[pid 18632] read(8, <unfinished ...>
[pid 18620] <... read resumed> "\n", 1) = 1
[pid 18620] write(4, "\1", 1 <unfinished ...>
[pid 18632] <... read resumed> "\1", 1) = 1
[pid 18632] write(8, "\f", 1) = 1
[pid 18632] read(8, <unfinished ...>
[pid 18620] <... write resumed> ) = 1
[pid 18620] read(4, "\f", 1) = 1
[pid 18632] <... read resumed> "", 4) = 0
[pid 18632] fcntl(0, F_GETFL) = 0x2 (flags O_RDWR)
[pid 18632] fcntl(0, F_SETFL, O_RDWR|O_NONBLOCK) = 0
[pid 18632] write(0, "500 OOPS: ", 10) = 10
[pid 18632] write(0, "priv_sock_get_int", 17) = 17
[pid 18632] write(0, "\r\n", 2) = 2
[pid 18632] exit_group(2) = ?
[pid 18632] +++ exited with 2 +++
[pid 18620] +++ killed by SIGSYS +++
<... accept resumed> 0x7fff61210790, [28]) = ? ERESTARTSYS (To be
restarted if SA_RESTART is set)
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_KILLED, si_pid=18620,
si_status=SIGSYS, si_utime=4, si_stime=1} ---/buildarea/raid0/jliu7
alarm(1) = 0
rt_sigreturn() = -1 EINTR (Interrupted system call)
alarm(0) = 1
wait4(-1, NULL, WNOHANG, NULL) = 18620
wait4(-1, NULL, WNOHANG, NULL) = -1 ECHILD (No child processes)
accept(3,
if we allow gettimeofday() in seccompsandbox (like in the link above) we
get this strace when running under kvm:
<unfinished ...>
[pid 27645] <... recvfrom resumed> "EPSV\r\n", 4096, MSG_PEEK, NULL,
NULL) = 6
[pid 27645] read(0, "EPSV\r\n", 6) = 6
[pid 27645] write(8, "\n", 1) = 1
[pid 27645] read(8, <unfinished ...>
[pid 27630] <... read resumed> "\n", 1) = 1
[pid 27630] write(4, "\1", 1 <unfinished ...>
[pid 27645] <... read resumed> "\1", 1) = 1
[pid 27645] write(8, "\f", 1) = 1
[pid 27645] read(8, <unfinished ...>
[pid 27630] <... write resumed> ) = 1
[pid 27630] read(4, "\f", 1) = 1
[pid 27630] gettimeofday({1452257075, 758868}, NULL) = 0
[pid 27630] socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 8
[pid 27630] setsockopt(8, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
[pid 27630] bind(8, {sa_family=AF_INET, sin_port=htons(60020),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
[pid 27630] listen(8, 1) = 0
[pid 27630] write(4, "t\352\0\0", 4 <unfinished ...>
[pid 27645] <... read resumed> "t\352\0\0", 4) = 4
[pid 27645] write(0, "229 Entering Extended Passive Mo"..., 49) = 49
[pid 27645] rt_sigaction(SIGALRM, {0x410670, ~[RTMIN RT_1],
SA_RESTORER, 0x3e09834710}, NULL, 8) = 0
[pid 27645] alarm(300) = 293
[pid 27645] recvfrom(0, "LIST\r\n", 4096, MSG_PEEK, NULL, NULL) = 6
For reference this is the same strace (for un-patched vsftpd) running
native:
"EPSV\r\n", 4096, MSG_PEEK, NULL, NULL) = 6
[pid 19575] read(0, "EPSV\r\n", 6) = 6
[pid 19575] write(7, "\n", 1) = 1
[pid 19561] <... read resumed> "\n", 1) = 1
[pid 19575] read(7, <unfinished ...>
[pid 19561] write(4, "\1", 1 <unfinished ...>
[pid 19575] <... read resumed> "\1", 1) = 1
[pid 19561] <... write resumed> ) = 1
[pid 19575] write(7, "\f", 1) = 1
[pid 19575] read(7, <unfinished ...>
[pid 19561] read(4, "\f", 1) = 1
[pid 19561] socket(PF_INET, SOCK_STREAM, IPPROTO_TCP) = 7
[pid 19561] setsockopt(7, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
[pid 19561] bind(7, {sa_family=AF_INET, sin_port=htons(50179),
sin_addr=inet_addr("127.0.0.1")}, 16) = 0
[pid 19561] listen(7, 1) = 0
[pid 19561] write(4, "\3\304\0\0", 4) = 4
[pid 19561] read(4, <unfinished ...>
[pid 19575] <... read resumed> "\3\304\0\0", 4) = 4
[pid 19575] write(0, "229 Entering Extended Passive Mo"..., 49) = 49
[pid 19575] rt_sigaction(SIGALRM, {0x410670, ~[RTMIN RT_1], SA_RESTORER,
0x3620434710}, NULL, 8) = 0
[pid 19575] alarm(300) = 295
[pid 19575] recvfrom(0, "LIST\r\n", 4096, MSG_PEEK, NULL, NULL) = 6
As you can see gettimeofday() is never used and ftp hence works!
Can you please investigate?
