[freebsd-current]Who should reset M_PKTHDR flag in m_buf when IP packets are fragmented. m_unshare panic throw when IPSec is enabled
Andrey V. Elsukov
bu7cher at yandex.ru
Tue Dec 26 09:55:42 UTC 2017
On 26.12.2017 07:43, Harsh Jain wrote:
> Hi All,
>
> If I try to run ping of size say 6000 in IPSec transport mode, m_unshare() panic with following trace. It seems that while re-assembly of IP packet "ip_reass" missed re-setting of "M_PKTHDR". After applying below patch things work fine. Can some one suggest Is it a BUG or I am missing somethings.
>
> panic: m_unshare: m0 0xfffff80020f82600, m 0xfffff8005d054100 has M_PKTHDR
> cpuid = 15
> time = 1495578455
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x2c/frame 0xfffffe044e9bb890
> kdb_backtrace() at kdb_backtrace+0x53/frame 0xfffffe044e9bb960
> vpanic() at vpanic+0x269/frame 0xfffffe044e9bba30
> kassert_panic() at kassert_panic+0xc7/frame 0xfffffe044e9bbac0
> m_unshare() at m_unshare+0x578/frame 0xfffffe044e9bbbc0
> esp_output() at esp_output+0x44c/frame 0xfffffe044e9bbe40
> ipsec4_perform_request() at ipsec4_perform_request+0x5df/frame 0xfffffe044e9bbff0
Hi,
it seems unusual that IP reassembly happens on outbound path.
Do you have some packet normalization using firewall?
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20171226/8c80585a/attachment.sig>
More information about the freebsd-net
mailing list