From owner-freebsd-net@freebsd.org  Tue Dec 26 10:22:46 2017
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 485D3E8305C
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Tue, 26 Dec 2017 10:22:46 +0000 (UTC)
 (envelope-from harsh@chelsio.com)
Received: from stargate.chelsio.com (stargate.chelsio.com [12.32.117.8])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 372BE6E56E
 for <freebsd-net@freebsd.org>; Tue, 26 Dec 2017 10:22:45 +0000 (UTC)
 (envelope-from harsh@chelsio.com)
Received: from [10.193.189.121] (harsh.asicdesigners.com [10.193.189.121])
 by stargate.chelsio.com (8.13.8/8.13.8) with ESMTP id vBQAMhUE012031;
 Tue, 26 Dec 2017 02:22:44 -0800
Subject: Re: [freebsd-current]Who should reset M_PKTHDR flag in m_buf when IP
 packets are fragmented. m_unshare panic throw when IPSec is enabled
To: "Andrey V. Elsukov" <bu7cher@yandex.ru>, freebsd-net@freebsd.org
References: <73302ead-b2e9-c25b-4d11-475f38dec1a1@chelsio.com>
 <993c58bb-3bf2-d6a3-9a05-13e1631aec87@yandex.ru>
From: Harsh Jain <harsh@chelsio.com>
Message-ID: <fdb72f54-efdd-c54b-c8f7-c53057d24adf@chelsio.com>
Date: Tue, 26 Dec 2017 15:52:42 +0530
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <993c58bb-3bf2-d6a3-9a05-13e1631aec87@yandex.ru>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Dec 2017 10:22:46 -0000



On 26-12-2017 15:22, Andrey V. Elsukov wrote:
> On 26.12.2017 07:43, Harsh Jain wrote:
>> Hi All,
>>
>> If I try to run ping of size say 6000 in IPSec transport mode, m_unshare() panic with following trace. It seems that while re-assembly of IP packet "ip_reass" missed re-setting of "M_PKTHDR".  After applying below patch things work fine. Can some one suggest Is it a BUG or I am missing somethings.
>>
>> panic: m_unshare: m0 0xfffff80020f82600, m 0xfffff8005d054100 has M_PKTHDR
>> cpuid = 15
>> time = 1495578455
>> KDB: stack backtrace:
>> db_trace_self_wrapper() at db_trace_self_wrapper+0x2c/frame 0xfffffe044e9bb890
>> kdb_backtrace() at kdb_backtrace+0x53/frame 0xfffffe044e9bb960
>> vpanic() at vpanic+0x269/frame 0xfffffe044e9bba30
>> kassert_panic() at kassert_panic+0xc7/frame 0xfffffe044e9bbac0
>> m_unshare() at m_unshare+0x578/frame 0xfffffe044e9bbbc0
>> esp_output() at esp_output+0x44c/frame 0xfffffe044e9bbe40
>> ipsec4_perform_request() at ipsec4_perform_request+0x5df/frame 0xfffffe044e9bbff0
> Hi,
>
> it seems unusual that IP reassembly happens on outbound path.
It can be re-produced with single Ping packet on chelsio(cxgbe) NIC. I tried with Intel NIC. It seems they re-produce M_WRITEABLE() buffer(follows different path in m_unshare) which is not true for cxgbe.
> Do you have some packet normalization using firewall?
Default FREEBSD current installation. No explicit firewall.

What you think above patch makes sense.
>