Opened 3 weeks ago

Last modified 3 days ago

#25380 needs_information defect

Transparent proxy not working with linux kernel 4.15.6

Reported by: vafan Owned by:
Priority: High Milestone: Tor: 0.3.3.x-final
Component: Core Tor/Tor Version: Tor:
Severity: Major Keywords: 033-must, hang, 032-backport, 031-backport-maybe, 029-backport-maybe, 025-backport-maybe, regression?, 033-triage-20180320, 033-included-20180320
Cc: adrelanos@… Actual Points:
Parent ID: Points: 0.5
Reviewer: Sponsor:


I dunno if yous test with da latest kernel but transparent proxy is not working at all with verion 4.15.6

If I were shooting from the hip or throwing darts blindfolded I would probably blame change 8f2f8993e0f69f4f8d5afe3873158f723daacb31 but I am not that kind of person.

The symptoms are tor process gets stuck in the getopt for the original destination address (in connection_edge.c) ipv4 transprarent proxy code and cannot be killed because the system call just sits there UNINTERRUPTIBLE

Child Tickets

#25401closedTransparent proxy stopped working after Linux kernel update to version 4.4.118 that fixes Spectre variant 1Core Tor/Tor
#25465closedTransparent proxy hangs after kernel update to 4.15.6-200.fc26.x86_64Core Tor/Tor

Change History (13)

comment:1 Changed 3 weeks ago by vafan

Make that change ff225999c603f0efed8fdbb791bab039d133eda2 - same author tho

comment:2 Changed 3 weeks ago by teor

Keywords: 033-must hang added
Milestone: Tor: 0.3.3.x-final
Points: 0.5

comment:3 Changed 3 weeks ago by teor

Priority: MediumHigh
Severity: NormalMajor

A few users are experiencing this issue, see #25401

comment:4 Changed 3 weeks ago by teor

Keywords: 032-backport 031-backport-maybe 029-backport-maybe 025-backport-maybe added
Version: Tor:

This also affects multiple versions, perhaps all Tor versions.

comment:5 Changed 3 weeks ago by nickm

This sounds more like a Linux kernel bug than a bug in our code. Are we doing something wrong here?

comment:6 Changed 3 weeks ago by nickm

Status: newneeds_information

Marking as "needs_information". The information we need here is: Is this a kernel bug, or are we doing something wrong?

comment:7 Changed 2 weeks ago by FlinchX

Feel free to add tor- to the list of affected versions. I have just tried to reproduce the problem on Slackware64-14.2 with kernel 4.4.118 and tor locks the same way as soon as a program tries to run transparently over it, but works fine when it is used just as socks proxy.

comment:8 Changed 2 weeks ago by adrelanos

Cc: adrelanos@… added

comment:9 Changed 2 weeks ago by FlinchX

I can't reproduce the problem on Slackware -current with kernel 4.14.24 and tor-, tor works fine there, both as socks proxy and is able to route programs transparently.

Situation so far:

tor- and do not work with kernel 4.4.118 (from duplicate ticket made by me that was merged into this one)
tor- does not work with kernel 4.15.6 (this ticket)
tor- works with kernel 4.14.24 (latest setup tested by me)

comment:10 Changed 13 days ago by FlinchX

A few additional details here

kernel 4.4.118 but tor being replaced with another transparent proxy - tinyproxy - which worked fine

comment:11 Changed 3 days ago by nickm

Keywords: regression? added

comment:12 Changed 3 days ago by nickm

Keywords: 033-triage-20180320 added

Marking all tickets reached by current round of 033 triage.

comment:13 Changed 3 days ago by nickm

Keywords: 033-included-20180320 added

Mark 033-must tickets as triaged-in for 0.3.3

Note: See TracTickets for help on using tickets.