Re: forwarding in parallel with ipsec panic

Hrvoje Popovski Wed, 07 Jul 2021 13:02:47 -0700

On 7.7.2021. 19:38, Vitaliy Makkoveev wrote:
> Hi,
> 
> It seems the first the first panic occured because ipsp_spd_lookup()
> modifies tdbp->tdb_policy_head and simultaneous execution breaks it.
> I guess at least mutex(9) should be used to protect `tdb_policy_head'.
> 
> The second panic occured because ipsp_acquire_sa() does
> `ipsec_acquire_pool' initialization in runtime so parallel execution
> breaks it. It's easy to fix.
> 
> Could you try the diff below? It moves `ipsec_acquire_pool'
> initialization to pfkey_init() just after `ipsec_policy_pool'
> initialization. This should fix the second panic.



Hi,

with this diff i manage to get this panics ..

r620-1# uvm_fault(0xfffffd842f83e170, 0x147, 0, 2) -> e
kernel: page fault trap, code=0
Stopped at      tdb_free+0x9c:  movq    %rsi,0(%rdi)
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
* 38448  89106     68        0x10          0    1K isakmpd
tdb_free(ffff80000131e688) at tdb_free+0x9c
pfkeyv2_send(fffffd83b2512d30,ffff8000012f2680,50) at pfkeyv2_send+0x1191
pfkeyv2_output(fffffd80a4b37400,fffffd83b2512d30,0,0) at pfkeyv2_output+0x8a
pfkeyv2_usrreq(fffffd83b2512d30,9,fffffd80a4b37400,0,0,ffff800023908d20)
at pfkeyv2_usrreq+0x1b0
sosend(fffffd83b2512d30,0,ffff800023959130,0,0,0) at sosend+0x3a9
dofilewritev(ffff800023908d20,7,ffff800023959130,0,ffff800023959230) at
dofilewritev+0x14d
sys_writev(ffff800023908d20,ffff8000239591d0,ffff800023959230) at
sys_writev+0xe2
syscall(ffff8000239592a0) at syscall+0x3b9
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffb27c0, count: 6
https://www.openbsd.org/ddb.html describes the minimum info required in
bug reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{1}>



r620-1# uvm_fault(0xffffffff82379d80, 0x147, 0, 2) -> e
kernel: page fault trap, code=0
Stopped at      ipsp_spd_lookup+0x9a4:  movq    %rax,0(%rcx)
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
 434446  37326      0     0x14000      0x200    4  softnet
 405134  41722      0     0x14000      0x200    1  softnet
 106389  88948      0     0x14000      0x200    3  softnet
*262295  93659      0     0x14000      0x200    2  softnet
ipsp_spd_lookup(fffffd80a44f6f00,2,14,ffff8000238651bc,2,0) at
ipsp_spd_lookup+0x9a4
ip_output_ipsec_lookup(fffffd80a44f6f00,14,ffff8000238651bc,0,0) at
ip_output_ipsec_lookup+0x4d
ip_output(fffffd80a44f6f00,0,ffff800023865348,1,0,0) at ip_output+0x42a
ip_forward(fffffd80a44f6f00,ffff800000087048,fffffd83b3ea6d98,0) at
ip_forward+0x26a
ip_input_if(ffff800023865488,ffff800023865494,4,0,ffff800000087048) at
ip_input_if+0x365
ipv4_input(ffff800000087048,fffffd80a44f6f00) at ipv4_input+0x39
if_input_process(ffff800000087048,ffff800023865508) at if_input_process+0x6f
ifiq_process(ffff800000086c00) at ifiq_process+0x69
taskq_thread(ffff800000030000) at taskq_thread+0x9f
end trace frame: 0x0, count: 6
https://www.openbsd.org/ddb.html describes the minimum info required in
bug reports.  Insufficient info makes it difficult to find and fix bugs.

Re: forwarding in parallel with ipsec panic

Reply via email to