On Wed, Jul 07, 2021 at 02:09:23PM +0200, Alexander Bluhm wrote: > On Wed, Jul 07, 2021 at 12:52:26PM +0200, Hrvoje Popovski wrote: > > On 7.7.2021. 12:46, Hrvoje Popovski wrote: > > > Panic can be triggered when i have parallel diff and sending traffic > > Different panic on same setup ... > > Thanks a lot for the report. > > I can see the same stop of traffic and crashes here. I use iked > instead of isakmpd. I guess the traffic stop happens at rekeying. > > http://bluhm.genua.de/perform/results/2021-07-06T08:17:07Z/perform.html > There are the yellow NOEXIT fields when the traffic stops. > > When clicking for more details you end here. > http://bluhm.genua.de/perform/results/2021-07-06T08:17:07Z/2021-07-06T00%3A00%3A00Z/btrace-kstack.0/logs/ssh_perform%40lt13_iperf3_-c10.4.56.36_-P10_-t10.log > After 18 seconds nothing is transmitted anymore. > > The crash may also be triggered by rekeying. But it happens less > often than the traffic stop. The crash only happens with multiple > forwarding diff. And it is not triggered by my regular iperf3 -t80 > test, it is a bit harder to reproduce. > > bluhm >
Hi, It seems the first the first panic occured because ipsp_spd_lookup() modifies tdbp->tdb_policy_head and simultaneous execution breaks it. I guess at least mutex(9) should be used to protect `tdb_policy_head'. The second panic occured because ipsp_acquire_sa() does `ipsec_acquire_pool' initialization in runtime so parallel execution breaks it. It's easy to fix. Could you try the diff below? It moves `ipsec_acquire_pool' initialization to pfkey_init() just after `ipsec_policy_pool' initialization. This should fix the second panic. Index: sys/net/pfkeyv2.c =================================================================== RCS file: /cvs/src/sys/net/pfkeyv2.c,v retrieving revision 1.216 diff -u -p -r1.216 pfkeyv2.c --- sys/net/pfkeyv2.c 5 Jul 2021 12:01:20 -0000 1.216 +++ sys/net/pfkeyv2.c 7 Jul 2021 17:35:32 -0000 @@ -249,6 +249,8 @@ pfkey_init(void) IPL_SOFTNET, PR_WAITOK, "pkpcb", NULL); pool_init(&ipsec_policy_pool, sizeof(struct ipsec_policy), 0, IPL_SOFTNET, 0, "ipsec policy", NULL); + pool_init(&ipsec_acquire_pool, sizeof(struct ipsec_acquire), 0, + IPL_SOFTNET, 0, "ipsec acquire", NULL); } Index: sys/net/pfkeyv2.h =================================================================== RCS file: /cvs/src/sys/net/pfkeyv2.h,v retrieving revision 1.88 diff -u -p -r1.88 pfkeyv2.h --- sys/net/pfkeyv2.h 5 Jul 2021 12:01:20 -0000 1.88 +++ sys/net/pfkeyv2.h 7 Jul 2021 17:35:32 -0000 @@ -449,6 +449,7 @@ extern const uint64_t sadb_exts_allowed_ extern const uint64_t sadb_exts_required_out[SADB_MAX+1]; extern struct pool ipsec_policy_pool; +extern struct pool ipsec_acquire_pool; #endif /* _KERNEL */ #endif /* _NET_PFKEY_V2_H_ */ Index: sys/netinet/ip_spd.c =================================================================== RCS file: /cvs/src/sys/netinet/ip_spd.c,v retrieving revision 1.103 diff -u -p -r1.103 ip_spd.c --- sys/netinet/ip_spd.c 4 May 2021 09:28:04 -0000 1.103 +++ sys/netinet/ip_spd.c 7 Jul 2021 17:35:32 -0000 @@ -52,7 +52,6 @@ struct pool ipsec_policy_pool; struct pool ipsec_acquire_pool; /* Protected by the NET_LOCK(). */ -int ipsec_acquire_pool_initialized = 0; struct radix_node_head **spd_tables; unsigned int spd_table_max; TAILQ_HEAD(ipsec_acquire_head, ipsec_acquire) ipsec_acquire_head = @@ -719,12 +718,6 @@ ipsp_acquire_sa(struct ipsec_policy *ipo return 0; /* Add request in cache and proceed. */ - if (ipsec_acquire_pool_initialized == 0) { - ipsec_acquire_pool_initialized = 1; - pool_init(&ipsec_acquire_pool, sizeof(struct ipsec_acquire), - 0, IPL_SOFTNET, 0, "ipsec acquire", NULL); - } - ipa = pool_get(&ipsec_acquire_pool, PR_NOWAIT|PR_ZERO); if (ipa == NULL) return ENOMEM;