Date: Thu, 20 Jul 2023 14:23:18 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 272616] [panic] Reproducible kernel panic related to sendfile and IPSec Message-ID: <bug-272616-7501-TKtsMpYf0f@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-272616-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-272616-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272616 --- Comment #10 from Mark Johnston <markj@FreeBSD.org> --- (In reply to Konstantin Belousov from comment #9) Well, there is no real guarantee, but if you only need to access the IP hea= der, then mb_unmapped_to_ext() is overkill. In practice, protocol headers gener= ated by the kernel will live in mapped mbufs that are separate from unmapped dat= a.=20 To be safer, we could introduce a mbuf function which guarantees that the f= irst N bytes of the chain are mapped. m_makespace() needs a bit of work but fundamentally I don't see any problems with IPSec+unmapped mbufs. Really the bug here is that m_unshare() operate= s on the entire mbuf chain instead of stopping once we've gotten far enough to inject an IPSec header. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272616-7501-TKtsMpYf0f>