Re: Possible regression between 5.18.2 and 6.2.1

["Linux regression tracking #update (Thorsten Leemhuis)" <regressions@leemhuis.info>]

On 02.04.23 03:14, Dan Crawford wrote:
> Thanks for the suggestions. I've done some bisecting and I've found
> that the issue appears due to wg-quick, which means I can easily work
> around it. First, apologies but there's a typo in my original
> email, I upgraded from 5.12.8, not 5.18.2.
> 
> On versions prior to 5.14.0, wg-quick correctly adds routes for the
> appropriate addresses (line 341 and then line 177). However, on versions
> after 5.14.0, the condition doesn't work quite right and the ip route
> add command does not run (line 177).
> 
> To investigate this I print ip -4 route show dev wg1 match 192.168.1.3,
> on both 5.13.0 and 5.14.0, at line 177.
> 
> On 5.13.0 I get no output, and the ip route add command runs.
> However, on 5.14.0 the output is
> 
> 192.168.1.0/24 proto kernel scope link src 192.168.1.0 

Thx for your investigation.

This per the Linux kernel policy might qualify as regression. But the
thing is: the change was introduced quite a while ago already, hence
fixing it now might itself lead to other regressions, as other scripts
might have started to rely on the new behavior. If anyone wanted to
discuss this upstream we'd also likely need a bisection to know which
change caused the new behavior. Given all this and the relative simple...

> and so the ip route add command does not run.
> 
> Obviously I can easily work around the issue by patching the conditional
> out of wg-quick. But I don't have any clue why the output of ip varies
> between 5.13 and 5.14. I'm also surprised no-one has encountered
> this issue either (unless I missed something while searching).
> 
> Possibly one way to resolve the issue is to replace the conditional with
> 
> [[ -n $(ip $proto route show dev "$INTERFACE" match "$1" proto boot 2>/dev/null) ]]

...workaround you apparently have found I'd say it's better to fix this
in wg-quick. I'll thus for now will remove this from the list of tracked
Linux kernel regressions:

#regzbot inconclusive: small change broke script, workaround found;
fixing this now might lead to other regressions
#regzbot ignore-activity

Ciao, Thorsten (wearing his 'the Linux kernel's regression tracker' hat)
--
Everything you wanna know about Linux kernel regression tracking:
https://linux-regtracking.leemhuis.info/about/#tldr
That page also explains what to do if mails like this annoy you.



> On Fri Mar 31, 2023 at 1:39 AM AEDT, Jason A. Donenfeld wrote:
>> Hi Dan,
>>
>> Hard to imagine that this is a WireGuard bug, but more likely
>> something having to do with SNAT or something.
>>
>> What is the unallowed src IP when you get that error? Can you debug
>> further? Maybe bisect a bit? Otherwise, not much I can do.
>>
>> The diff between those versions you listed is pretty minimal, so I
>> suspect your bug is elsewhere.
>>
>> Jason
> 
>