Greetings! I’ve got a fairly long message, so please bear with me, and hopefully someone can assist me here.
Some work was done to integrate VPP and StrongSwan a while back, you can see the original work here [1]. That was working great with VPP version 18.07 and StrongSwan code from about 7 months ago. What I’ve done is rebased those patches against the latest StrongSwan. I’ve verified that in fact also works fine with VPP 18.07. However, when I try to run this against VPP 18.10 or master, it crashes (see the gdb backtrace below). In searching, I came across a similar issue reported in August here [3], and even a response from Florin on what allowed that issue to be worked around here [4]. The tl;dr was: rm -rf /dev/shm/*. However, that doesn’t fix things for me here. I should note that I’m running both VPP and StrongSwan in a Docker container. This works with VPP 18.07, just not 18.10 or master. The backtrace is below, hoping someone can either spot what might be happening or point me in the right direction. Thanks! Kyle [root@15b2338aa4b9 /]# ipsec start --nofork --attach-gdb Starting strongSwan 5.7.2dr2 IPsec [starter]... no netkey IPsec stack detected no KLIPS IPsec stack detected no known IPsec stack detected, ignoring! starter is already running (/var/run/starter.charon.pid exists) -- no fork done [root@15b2338aa4b9 /]# ipsec stop Stopping strongSwan IPsec... [root@15b2338aa4b9 /]# ipsec start --nofork --attach-gdb Starting strongSwan 5.7.2dr2 IPsec [starter]... no netkey IPsec stack detected no KLIPS IPsec stack detected no known IPsec stack detected, ignoring! GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-110.el7 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/local/libexec/ipsec/charon...done. (gdb) r Starting program: /usr/local/libexec/ipsec/charon warning: Error disabling address space randomization: Operation not permitted [tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device] [tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". [tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device] [tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device] [tcsetpgrp failed in terminal_inferior: Inappropriate ioctl for device] Program received signal SIGSEGV, Segmentation fault. 0x00007f85ceca96ad in mspace_malloc () from /lib64/libvppinfra.so.19.01 Missing separate debuginfos, use: debuginfo-install glibc-2.17-222.el7.x86_64 vpp-lib-19.01-rc0~183_g2130284~b5473.x86_64 (gdb) bt #0 0x00007f85ceca96ad in mspace_malloc () from /lib64/libvppinfra.so.19.01 #1 0x00007f85cecab068 in mspace_get_aligned () from /lib64/libvppinfra.so.19.01 #2 0x00007f85ceca0238 in vec_resize_allocate_memory () from /lib64/libvppinfra.so.19.01 #3 0x00007f85cec5251b in va_format () from /lib64/libvppinfra.so.19.01 #4 0x00007f85cec517b7 in format () from /lib64/libvppinfra.so.19.01 #5 0x00007f85ceed40ae in svm_map_region () from /lib64/libsvm.so.19.01 #6 0x00007f85ceed4954 in svm_region_init_internal () from /lib64/libsvm.so.19.01 #7 0x00007f85ceed4bb0 in svm_region_init_chroot () from /lib64/libsvm.so.19.01 #8 0x00007f85cf0fdf77 in vl_map_shmem () from /lib64/libvlibmemoryclient.so.19.01 #9 0x00007f85cf0ff6fb in vl_client_api_map () from /lib64/libvlibmemoryclient.so.19.01 #10 0x00007f85cf3126fa in vac_create (name=name@entry=0x7f85cf3127fa "strongswan") at kernel_vpp_shared.c:569 #11 0x00007f85cf30e72a in kernel_vpp_plugin_create () at kernel_vpp_plugin.c:90 #12 0x00007f85d04d120d in create_plugin (handle=handle@entry=0xbde7c0, name=name@entry=0xbddd50 "kernel-vpp", integrity=integrity@entry=true, critical=critical@entry=false, entry=entry@entry=0x7ffcedc2c500, this=0xbd8540) at plugins/plugin_loader.c:391 #13 0x00007f85d04d1b8b in load_plugin (this=0xbd8540, critical=false, file=<optimized out>, name=0xbddd50 "kernel-vpp") at plugins/plugin_loader.c:458 #14 load_plugins (this=0xbd8540, list=0x402550 "aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp curve25519 xcbc cmac hmac attr kernel-netlink resolve socket-"...) at plugins/plugin_loader.c:1256 #15 0x00007f85d02236b5 in initialize (this=<optimized out>, plugins=0x402550 "aes des rc2 sha2 sha1 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem fips-prf gmp curve25519 xcbc cmac hmac attr kernel-netlink resolve socket-"...) at daemon.c:900 #16 0x000000000040180e in main (argc=1, argv=0x7ffcedc2dc38) at charon.c:422 (gdb) [1] https://github.com/matfabia/strongswan/tree/vpp [2] https://github.com/mestery/strongswan/blob/vpp-1810/src/libcharon/plugins/kernel_vpp/kernel_vpp_shared.c#L569 [3] https://lists.fd.io/g/vpp-dev/message/10272 [4] https://lists.fd.io/g/vpp-dev/message/10273
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#11112): https://lists.fd.io/g/vpp-dev/message/11112 Mute This Topic: https://lists.fd.io/mt/27861739/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
