Bug#822801: xl2tpd makes kernel soft lockup

2016-09-25 Thread Ben Hutchings 
Control: severity -1 important
Control: found -1 4.5.1-1
Control: tag -1 moreinfo

On Thu, 28 Apr 2016 01:17:46 +0800 Lu Wang  wrote:
> Package: xl2tpd
> Version: 1.3.6+dfsg-4
> Severity: critical
> Justification: breaks the whole system
> 
> Dear Maintainer,
> 
> I want to set a client of the l2tp vpn for my campus using this technique to 
> connect to the internet.
> I have set the client for Debian 7. But now, when I try to do the same thing 
> for a computer with Debian 9, I failed.
> I set use the configuration for the Debian 7 mechine, including 
> /etc/xl2tpd/xl2tpd /etc/ppp/chap-secrets and /etc/ppp/options.xl2tpd.zju.
> The first one is the configuration for xl2tp, and the last two are for the 
> ppp.
> 
> 
> Following is what I do.
> I find the xl2tpd is running after the initialization through lots of 
> init-scripts. Then I use "echo 'c ZJU_VPN' > /var/run/xl2tpd/l2tp-control" to 
> connect the vpn server in my campus. At the beginning everything is fine, I 
> use "ip link" and I find that there is ppp0. But few time later, about 20-30 
> seconds I am not sure, the keybroad is useless. I can type nothing. And I 
> find there are some words on the screen.
> NMI watchdog: BUG: soft lockup CPU#0 stuck for 23s ... And the mechine begins 
> to beep.

Does this problem still occur when using Linux 4.7 (currently in
unstable)?

Ben.

-- 
Ben Hutchings
No political challenge can be met by shopping. - George Monbiot


signature.asc
Description: This is a digitally signed message part

Bug#822801: xl2tpd makes kernel soft lockup

2016-04-27 Thread Lu Wang 
Package: xl2tpd
Version: 1.3.6+dfsg-4
Severity: critical
Justification: breaks the whole system

Dear Maintainer,

I want to set a client of the l2tp vpn for my campus using this technique to 
connect to the internet.
I have set the client for Debian 7. But now, when I try to do the same thing 
for a computer with Debian 9, I failed.
I set use the configuration for the Debian 7 mechine, including 
/etc/xl2tpd/xl2tpd /etc/ppp/chap-secrets and /etc/ppp/options.xl2tpd.zju.
The first one is the configuration for xl2tp, and the last two are for the ppp.


Following is what I do.
I find the xl2tpd is running after the initialization through lots of 
init-scripts. Then I use "echo 'c ZJU_VPN' > /var/run/xl2tpd/l2tp-control" to 
connect the vpn server in my campus. At the beginning everything is fine, I use 
"ip link" and I find that there is ppp0. But few time later, about 20-30 
seconds I am not sure, the keybroad is useless. I can type nothing. And I find 
there are some words on the screen.
NMI watchdog: BUG: soft lockup CPU#0 stuck for 23s ... And the mechine begins 
to beep.



-- System Information:
Debian Release: stretch/sid
  APT prefers testing-updates
  APT policy: (500, 'testing-updates'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 4.5.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages xl2tpd depends on:
ii  libc6   2.22-7
ii  libpcap0.8  1.7.4-2
ii  ppp 2.4.7-1+2

xl2tpd recommends no packages.

xl2tpd suggests no packages.

-- Configuration Files:
/etc/xl2tpd/l2tp-secrets [Errno 13] Permission denied: 
u'/etc/xl2tpd/l2tp-secrets'
/etc/xl2tpd/xl2tpd.conf changed:
;
; Sample l2tpd configuration file
;
; This example file should give you some idea of how the options for l2tpd
; should work.  The best place to look for a list of all options is in
; the source code itself, until I have the time to write better documetation :)
; Specifically, the file "file.c" contains a list of commands at the end.
;
; You most definitely don't have to spell out everything as it is done here
;
[global]; Global parameters:
port = 1701 ; * Bind to port 1701
auth file = /etc/l2tpd/l2tp-secrets ; * Where our challenge secrets are
access control = yes; * Refuse connections without IP match
rand source = dev ; Source for entropy for random
;   ; numbers, options are:
;   ; dev - reads of /dev/urandom
;   ; sys - uses rand()
;   ; egd - reads from egd socket
;   ; egd is not yet implemented
;
; [lns default]; Our fallthrough LNS definition
; exclusive = no; * Only permit one tunnel per host
; ip range = 192.168.0.1-192.168.0.20; * Allocate from this IP range
; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
; ip range = 192.168.0.5; * But this one is okay
; ip range = lac1-lac2; * And anything from lac1 to lac2's 
IP
; lac = 192.168.1.4 - 192.168.1.8; * These can connect as LAC's
; no lac = untrusted.marko.net; * This guy can't connect
; hidden bit = no; * Use hidden AVP's?
; local ip = 192.168.1.2; * Our local IP to use
; length bit = yes; * Use length bit in payload?
; require chap = yes; * Require CHAP auth. by peer
; refuse pap = yes; * Refuse PAP authentication
; refuse chap = no; * Refuse CHAP authentication
; refuse authentication = no; * Refuse authentication altogether
; require authentication = yes; * Require peer to authenticate
; unix authentication = no; * Use /etc/passwd for auth.
; name = myhostname; * Report this as our hostname
; ppp debug = no; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.l2tpd.lns; * ppp options file
; call rws = 10; * RWS for call (-1 is valid)
; tunnel rws = 4; * RWS for tunnel (must be > 0)
; flow bit = yes; * Include sequence numbers
; challenge = yes; * Challenge authenticate peer ; 
; rx bps = 1000; Receive tunnel speed
; tx bps = 1000; Transmit tunnel speed
; bps = 10; Define both receive and transmit speed in 
one option
; [lac marko]; Example VPN LAC definition
; lns = lns.marko.net; * Who is our LNS?
; lns = lns2.marko.net; * A backup LNS (not yet used)
;