bpfilter: read fail 0
Vincent Li
vincent.mc.li at gmail.com
Wed Feb 15 15:33:32 UTC 2023
On Tue, Feb 14, 2023 at 10:44 PM Andrea Righi
<andrea.righi at canonical.com> wrote:
>
> On Tue, Feb 14, 2023 at 01:24:53PM -0800, Vincent Li wrote:
> > On Tue, Feb 14, 2023 at 10:08 AM Vincent Li <vincent.mc.li at gmail.com> wrote:
> > >
> > > Hi,
> > >
> > > Sorry if this is the wrong list, I installed
> > > https://kernel.ubuntu.com/~kernel-ppa/mainline/v6.1.10/ on Ubuntu
> > > 20.04. I have firehol running with iptables rules, the kernel emits
> > > noise log messages like below all the time, google this message, it
> > > appears the issue has been fixed in the upstream mainline kernel, I am
>
> Do you have a reference / link for the specific upstream fix? I can't
> find anything relevant googling the error message.
>
> > > wondering if Ubuntu PPA kernel could address this issue.
> > >
> > > [ 36.902856] bpfilter: Loaded bpfilter_umh pid 2242
> > >
> > > [ 36.902998] bpfilter: read fail 0
> > >
> > > [ 36.976678] bpfilter: Loaded bpfilter_umh pid 2244
> > >
> > > [ 36.976795] bpfilter: read fail 0
> > >
> > > [ 37.042831] bpfilter: Loaded bpfilter_umh pid 2246
> > >
> > > [ 37.042990] bpfilter: read fail 0
> > >
> >
> > it looks the following should be disabled
> >
> > CONFIG_BPFILTER=y
> >
> > CONFIG_BPFILTER_UMH=m
>
> Well.. these options have been enabled since focal, I don't think
> disabling them is a viable solution.
>
> For what I see there seem to be some interactions with the firewall
> (iptables / ufw), that is triggering bpfilter user mode helper, that
> seems to exit immediately after reading the request message with this
> 'read fail 0' error message.
>
> I'll try to reproduce the problem and investigate more, unless you have
> a reference to the commit that fixes this.
>
> Thanks for reporting this!
> -Andrea
Sorry I could not find the commit to fix the problem, I probably read
it wrong while googling. according to
https://lore.kernel.org/bpf/2da59c17-dead-9cd7-0b21-3cc59b4ef9b7@iogearbox.net/T/
CONFIG_BPFILTER is not production ready, I assume the PPA kernel will
eventually role into Ubuntu production kernel, I think it probably
should be disabled.
More information about the kernel-team
mailing list