From owner-freebsd-current@freebsd.org Tue Sep 29 21:36:19 2020 Return-Path: Delivered-To: freebsd-current@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 949FC3F1288 for ; Tue, 29 Sep 2020 21:36:19 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4C1CPZ2tpzz4JPy for ; Tue, 29 Sep 2020 21:36:18 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qk1-x733.google.com with SMTP id w12so6006781qki.6 for ; Tue, 29 Sep 2020 14:36:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=91r0gpIYrhz6v2L9FwevLnM6xw7Ue+AmXm77eQ+ce0c=; b=mF0QITUzW0xRWEFrg4/W49jYwuRGghfA/yGhZekMi05gwKz+jWLkUzhl5u39ZQQJf7 GoDpo2Dt/QcjQfDRh9hmVHR3dCUSuySFZM3b/adfhrZY6TQu8GsgWtcUheOn4ZEkV0Gu oG2R8Nb3OV1zB9bNFIzXO+yU415gIzVxIk0rmciRQpnmofF6KulyXV7pMgBG01bBJv8i b2Z3Krc2DHOEhRQxaTgT06jaHmZsLLLL/DQZpvbtiQ2XqqViawF8T3hbXKWxmz+f6xjs aAPpyC2DnAkSizFDqeMp0H2QyoXteY1Y91JPZT9zAFEEJZ9EuoklOpRxHeFJ1bq3Pf0i u5EA== X-Gm-Message-State: AOAM5335jKIfLyCXbg816sY3Js4uzvr+6H/LLEp35HNDLnw5ep+asHgR 3+hCkHOKiEH5CaV0VlPc7x72Sw== X-Google-Smtp-Source: ABdhPJwB5gv1TUxTO6361fGche3hvMrvjFN3u7IfXOzyYqRzser9jP4gNTcf1BtQ6hwwX/ln6gZNWw== X-Received: by 2002:a05:620a:2055:: with SMTP id d21mr6710905qka.202.1601415377215; Tue, 29 Sep 2020 14:36:17 -0700 (PDT) Received: from mutt-hbsd (pool-100-16-222-53.bltmmd.fios.verizon.net. [100.16.222.53]) by smtp.gmail.com with ESMTPSA id q6sm6007853qkc.85.2020.09.29.14.36.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 29 Sep 2020 14:36:16 -0700 (PDT) Date: Tue, 29 Sep 2020 17:36:15 -0400 From: Shawn Webb To: Kristof Provost Cc: Alexander Leidinger , FreeBSD Current Subject: Re: iflib/bridge kernel panic Message-ID: <20200929213615.5gpupobj2ylgv2yr@mutt-hbsd> X-Operating-System: FreeBSD mutt-hbsd 13.0-CURRENT-HBSD FreeBSD 13.0-CURRENT-HBSD X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0xFF2E67A277F8E1FA References: <58CADEBB-64FD-414E-AB19-E4F8D3CABCA5@FreeBSD.org> <20200921121627.3dovpumnl6xub3kn@mutt-hbsd> <7FE1F106-2CEE-4692-95D0-14C5229ED768@FreeBSD.org> <20200928124531.Horde.0EjsBzIG5ktLzby_tFcoPPS@webmail.leidinger.net> <33903BFF-4158-4CD9-AD79-360BCD81F1C9@FreeBSD.org> <20200928164410.Horde.mYBkuEeD_Q6xgnKnwNomv7P@webmail.leidinger.net> <6A5EFCFA-C0DC-4DEF-834B-2F9E4FCC8812@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="z6mdqzawej7d7qnq" Content-Disposition: inline In-Reply-To: <6A5EFCFA-C0DC-4DEF-834B-2F9E4FCC8812@FreeBSD.org> X-Rspamd-Queue-Id: 4C1CPZ2tpzz4JPy X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[hardenedbsd.org:s=google]; NEURAL_HAM_MEDIUM(-1.02)[-1.025]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; NEURAL_HAM_LONG(-1.02)[-1.025]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-current@freebsd.org]; DMARC_NA(0.00)[hardenedbsd.org]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[hardenedbsd.org:+]; NEURAL_HAM_SHORT(-0.45)[-0.454]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::733:from]; SIGNED_PGP(-2.00)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; MID_RHS_NOT_FQDN(0.50)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-current]; RECEIVED_SPAMHAUS_PBL(0.00)[100.16.222.53:received] X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Sep 2020 21:36:19 -0000 --z6mdqzawej7d7qnq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Sep 29, 2020 at 11:20:44PM +0200, Kristof Provost wrote: >=20 >=20 > On 28 Sep 2020, at 16:44, Alexander Leidinger wrote: >=20 > > Quoting Kristof Provost (from Mon, 28 Sep 2020 13:53:16 > > +0200): > >=20 > > > On 28 Sep 2020, at 12:45, Alexander Leidinger wrote: > > > > Quoting Kristof Provost (from Sun, 27 Sep 2020 > > > > 17:51:32 +0200): > > > > > Here???s an early version of a task queue based approach: http://= people.freebsd.org/~kp/0001-bridge-Cope-with-if_ioctl-s-that-sleep.patch > > > > >=20 > > > > > That still needs to be cleaned up, but this should resolve > > > > > the sleep issue and the LOR. > > > >=20 > > > > There are some issues... seems like inside a jail I can't ping > > > > systems outside of the hardware. > > > >=20 > > > > Bridge setup: > > > > - member jail A > > > > - member jail B > > > > - member external_if of host > > > >=20 > > > > If I ping the router from the host, it works. If I ping from one > > > > jail to another, it works. If I ping from the jail to the IP of > > > > the external_if, it works. If I ping from a jail to the router, > > > > I do not get a response. > > > >=20 > > > Can you check for 'failed ifpromisc' error messages in dmesg? And > > > verify that all bridge member interfaces are in promiscuous mode? > >=20 > > I have a panic for you...: > > - startup still in progress =3D 22 jails in startup, somewhere after a > > few jails started the panic happened > > - tcpdump was running on the external interface > > - a ping to a jail IP from another system was running, the first ping > > went through, then it paniced > >=20 > > First regarding your questions about promisc mode: no error, but the > > promisc mode is directly disabled again on all interfaces. > >=20 > I think I see why you had issues with the promiscuous setting. I???ve > updated the patch to be even more horrific than it was before. >=20 > I can???t explain the panic, and the backtrace also doesn???t appear to be > directly related to this patch. Not sure what???s going on with that. I should have time to test the new patch this weekend. ${LIFE} is keeping me busy the past few weeks. I'm gonna add an event in my calendar to remind me to test the patch. heh. Thanks, --=20 Shawn Webb Cofounder / Security Engineer HardenedBSD GPG Key ID: 0xFF2E67A277F8E1FA GPG Key Fingerprint: D206 BB45 15E0 9C49 0CF9 3633 C85B 0AF8 AB23 0FB2 https://git-01.md.hardenedbsd.org/HardenedBSD/pubkeys/src/branch/master/Sha= wn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc --z6mdqzawej7d7qnq Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEA6TL67gupaZ9nzhT/y5nonf44foFAl9zqM0ACgkQ/y5nonf4 4fq5zg/+JM3ycYLRr82nQEaG1ihREiR6hVuXfuq3mpTIOqPVbqQ6r58lJK4+1DaI SkXMtJ92hS3rxS0mn6ORD782YHBTI6RAi0UPpGpj7OkVjj/nFgag4rP4+1Z4qF0X vFr7s0v/DffZFr1nJRJ6d5Yg9zXz5hp/VPIY6yDetfjxNQ38TVH7Kbaxtst7QgRZ XvCVtBAxOXZBRrkBK5ABdNHc1HszPLJYbR1BwNQp4PNXSWDRFVX04GOA1t/LHXEA s00d35Bw2Xw2boW+gy+zSZqrA3N/5vMO8fCtooswoZIi104+JJckUAtDgmwo9gL0 0YguM0sUcjWcj9zg8Q4RThdckqA6diHgDwHLHPOI+z7y+PY6Zy6SHIatKKfZORw2 wLmpr8BNQdF+5XqqsGZBW6QQBXZuY6F652LG//Li1oGVKAizhdIWfOOxFDP0YSzg lE0IVKiN5uMXqHwllDSmwQFWPGT9sBh8C0/lW9oXj9j1KqCDsZ84caOfnb16oDMx fnpl4akctu88JSWSPzQFD72wmiOyiAfvtsYpSKjPvJQMOiCurlnRAh8rRmmIbFhA J8ylgE8e9+PxPk3Tb6o0nhMYu3wTQoV0MthInSX8BC7t7bs2UpVrH1eie39s0xgf zJu+DTwuUMgXfIRo3q0FbVywBIH5FE3bHR2tg4/qK3YjfenBEQE= =iXps -----END PGP SIGNATURE----- --z6mdqzawej7d7qnq--