From nobody Thu Jul 20 14:23:18 2023
X-Original-To: net@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4R6FKN6S0Cz4nwyG
	for <net@mlmmj.nyi.freebsd.org>; Thu, 20 Jul 2023 14:23:20 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4R6FKM0G4Nz3l34
	for <net@FreeBSD.org>; Thu, 20 Jul 2023 14:23:18 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1689862999;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=Vp3qDkEjMp3Y0V4S+D69dVAHxLrOf/l8IaF+++LQm0k=;
	b=bhW94cw7qjxcMzxViDHGnRH0/BuI/cIj7OlIdtxSR2MWffyU/m+fCQXBcmoPKTG0Xn79SZ
	d7FGHWsCpIHS+NvPXheiBdKA9EzuTrn5QJGZjlojWojHlDHJcZ7WRjn0HkLv4BDzfmb6gh
	sG8UKJI/kG3fqLG5XI6dyZalyhJmoYcoRwKLS7B5ywvbhLHDfSkUYfh94R/RZ1yBWVmE+b
	RaoWMzZ7KPGlK0ZIBQotO76ed0lsCCVJtaV5vi74ApCpK/HDUsH7fHnR0cWhtL5FF3JDYd
	qjC8qZytol547J/Ugu2TM/2tAFv2sKDiGuxY8+d/AIIX6Al1wF91Gaqv7oKXog==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1689862999; a=rsa-sha256; cv=none;
	b=UYTArKQ6mMU86tTYjzekgStgCOJSEH90pq2MMY3GGrpPsrgYPecNYYtjSZHDlupL/18aMd
	WvqutKoCVrUJnSEALCfjgw7+2EJjOH5GaF0p8Ll/5On80+T1OmzETp0+Pys1dwz3DTZdeo
	cb1mB4OUPiL8xy4tB3UeiW2d7rDRIJbeMRNYA0EHqI9vI8NIv9z36e0ctGcM/jNB+Xm05O
	ZPUb17x9xjnC6WNhenZj5u6laup14LhiUneDOmMbLLL3xaJ7YDB2uXga0t7Wg4nasMgciA
	SiGXV7edUQlVsbvXkWcAK+HekIvxO8CjrDprcmbpRHD9PPUE3n+HR7o8kpdNeQ==
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4R6FKL0l0qzYdR
	for <net@FreeBSD.org>; Thu, 20 Jul 2023 14:23:18 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 36KENIul001260
	for <net@FreeBSD.org>; Thu, 20 Jul 2023 14:23:18 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 36KENI2k001259
	for net@FreeBSD.org; Thu, 20 Jul 2023 14:23:18 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: net@FreeBSD.org
Subject: [Bug 272616] [panic] Reproducible kernel panic related to sendfile
 and IPSec
Date: Thu, 20 Jul 2023 14:23:18 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: kern
X-Bugzilla-Version: 13.2-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: markj@FreeBSD.org
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: net@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-272616-7501-TKtsMpYf0f@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-272616-7501@https.bugs.freebsd.org/bugzilla/>
References: <bug-272616-7501@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-net
List-Help: <mailto:freebsd-net+help@freebsd.org>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Subscribe: <mailto:freebsd-net+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-net+unsubscribe@freebsd.org>
Sender: owner-freebsd-net@freebsd.org
MIME-Version: 1.0

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272616

--- Comment #10 from Mark Johnston <markj@FreeBSD.org> ---
(In reply to Konstantin Belousov from comment #9)
Well, there is no real guarantee, but if you only need to access the IP hea=
der,
then mb_unmapped_to_ext() is overkill.  In practice, protocol headers gener=
ated
by the kernel will live in mapped mbufs that are separate from unmapped dat=
a.=20
To be safer, we could introduce a mbuf function which guarantees that the f=
irst
N bytes of the chain are mapped.

m_makespace() needs a bit of work but fundamentally I don't see any problems
with IPSec+unmapped mbufs.  Really the bug here is that m_unshare() operate=
s on
the entire mbuf chain instead of stopping once we've gotten far enough to
inject an IPSec header.

--=20
You are receiving this mail because:
You are the assignee for the bug.=