Greetings,
This email is both a request for assistance/help and a heads-up.
[8irgehuq] CVE-2011-1083: Algorithmic denial of service in epoll.
After ksplice automatically installed the above patch on our mail servers,
most/all IMAP/POP3 connections began experiencing time-outs trying to connect,
or extreme timeouts in the auth procedure.
dovecot: imap-login: Disconnected (no auth attempts): rip=a.a.a.a, lip=b.b.b.b,
TLS handshaking: Disconnected
dovecot: pop3-login: Disconnected (no auth attempts): rip=a.a.a.a, lip=b.b.b.b,
TLS handshaking: Disconnected
dovecot: pop3-login: Panic: epoll_ctl(add, 6) failed: Invalid argument
dovecot: pop3-login: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0
[0x3cb543baa0] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3cb543baf6] ->
/usr/lib64/dovecot/libdovecot.so.0 [0x3cb543afb3] ->
/usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_add+0x118) [0x3cb5447708] ->
/usr/lib64/dovecot/libdovecot.so.0(io_add+0xa5) [0x3cb5446e15] ->
/usr/lib64/dovecot/libdovecot.so.0(master_service_init_finish+0x1c6)
[0x3cb54355a6] -> /usr/lib64/dovecot/libdovecot-login.so.0(main+0x136)
[0x37a000bdf6] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x3cb301d994] ->
dovecot/pop3-login(main+0x49) [0x401b99]
dovecot: master: Error: service(pop3-login): child 27603 killed with signal 6
(core not dumped - add -D parameter to service pop3-login { executable }
dovecot: master: Error: service(pop3-login): command startup failed, throttling
dovecot: imap-login: Panic: epoll_ctl(add, 6) failed: Invalid argument
dovecot: imap-login: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0
[0x3cb543baa0] -> /usr/lib64/dovecot/libdovecot.so.0 [0x3cb543baf6] ->
/usr/lib64/dovecot/libdovecot.so.0 [0x3cb543afb3] ->
/usr/lib64/dovecot/libdovecot.so.0(io_loop_handle_add+0x118) [0x3cb5447708] ->
/usr/lib64/dovecot/libdovecot.so.0(io_add+0xa5) [0x3cb5446e15] ->
/usr/lib64/dovecot/libdovecot.so.0(master_service_init_finish+0x1c6)
[0x3cb54355a6] -> /usr/lib64/dovecot/libdovecot-login.so.0(main+0x136)
[0x37a000bdf6] -> /lib64/libc.so.6(__libc_start_main+0xf4) [0x3cb301d994] ->
dovecot/imap-login(main+0x39) [0x402069]
dovecot: master: Error: service(imap-login): child 27604 killed with signal 6
(core not dumped - add -D parameter to service imap-login { executable }
Once this patch was removed, everything started working again.
Is it possible that dovecot is trying to re-add already-added connections to
the polling list - which this specific 'patch' prevents?
We haven't dug deeper yet, but the error is being thrown from the method
io_loop_handle_add in ioloop-epoll.c
http://hg.dovecot.org/dovecot-2.0/file/aa8dfa085a99/src/lib/ioloop-epoll.c
Thanks
Doug
