Date: Sat, 8 Mar 2014 20:39:09 GMT From: Boris Lytochkin <lytboris@gmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: sparc64/187381: [panic] pfsync: memory address not aligned Message-ID: <201403082039.s28Kd9Eb077203@cgiserv.freebsd.org> Resent-Message-ID: <201403082040.s28Ke0B9074121@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187381
>Category: sparc64
>Synopsis: [panic] pfsync: memory address not aligned
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-sparc64
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 08 20:40:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator: Boris Lytochkin
>Release: 10.0-STABLE
>Organization:
private person
>Environment:
FreeBSD rfloor1.cars 10.0-STABLE FreeBSD 10.0-STABLE #1 r262232M: Fri Feb 21 11:29:53 MSK 2014 boris@sparc1.cars:/usr/obj/usr/src/sys/CARSROUTER sparc64
>Description:
An unligned memory access is possible in the following part of code:
====sys/netpfil/pf/if_pfsync.c, ~450 line==================
if (PF_ANEQ(&sp->key[PF_SK_WIRE].addr[0],
&sp->key[PF_SK_STACK].addr[0], sp->af) ||
PF_ANEQ(&sp->key[PF_SK_WIRE].addr[1],
&sp->key[PF_SK_STACK].addr[1], sp->af) ||
sp->key[PF_SK_WIRE].port[0] != sp->key[PF_SK_STACK].port[0] ||
sp->key[PF_SK_WIRE].port[1] != sp->key[PF_SK_STACK].port[1]) {
sks = uma_zalloc(V_pf_state_key_z, M_NOWAIT);
if (sks == NULL)
goto cleanup;
} else
sks = skw;
==========================================================
once &sp->key[PF_SK_WIRE].addr is not an 32-bit aligned address (PF_ANEQ operates with uint32)
>How-To-Repeat:
Setup a pfsync link between sparc64-based routers and wait some time until the problem is triggered.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403082039.s28Kd9Eb077203>