[freebsd-current]Who should reset M_PKTHDR flag in m_buf when IP packets are fragmented. m_unshare panic throw when IPSec is enabled

[Harsh Jain]

On 26-12-2017 15:22, Andrey V. Elsukov wrote:
> On 26.12.2017 07:43, Harsh Jain wrote:
>> Hi All,
>>
>> If I try to run ping of size say 6000 in IPSec transport mode, m_unshare() panic with following trace. It seems that while re-assembly of IP packet "ip_reass" missed re-setting of "M_PKTHDR".  After applying below patch things work fine. Can some one suggest Is it a BUG or I am missing somethings.
>>
>> panic: m_unshare: m0 0xfffff80020f82600, m 0xfffff8005d054100 has M_PKTHDR
>> cpuid = 15
>> time = 1495578455
>> KDB: stack backtrace:
>> db_trace_self_wrapper() at db_trace_self_wrapper+0x2c/frame 0xfffffe044e9bb890
>> kdb_backtrace() at kdb_backtrace+0x53/frame 0xfffffe044e9bb960
>> vpanic() at vpanic+0x269/frame 0xfffffe044e9bba30
>> kassert_panic() at kassert_panic+0xc7/frame 0xfffffe044e9bbac0
>> m_unshare() at m_unshare+0x578/frame 0xfffffe044e9bbbc0
>> esp_output() at esp_output+0x44c/frame 0xfffffe044e9bbe40
>> ipsec4_perform_request() at ipsec4_perform_request+0x5df/frame 0xfffffe044e9bbff0
> Hi,
>
> it seems unusual that IP reassembly happens on outbound path.
It can be re-produced with single Ping packet on chelsio(cxgbe) NIC. I tried with Intel NIC. It seems they re-produce M_WRITEABLE() buffer(follows different path in m_unshare) which is not true for cxgbe.
> Do you have some packet normalization using firewall?
Default FREEBSD current installation. No explicit firewall.

What you think above patch makes sense.
>