NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

kern/52304: NetBSD 8.0_BETA diagnostic assertion in ipsec codepath

>Number:         52304
>Category:       kern
>Synopsis:       8.0_BETA panics on ipsec traffic
>Confidential:   yes
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Jun 16 22:40:00 +0000 2017
>Originator:     Dominik Bialy
>Release:        NetBSD 8.0_BETA
Underlegend Networks
System: NetBSD yenn 8.0_BETA NetBSD 8.0_BETA (YENN) #2: Thu Jun 15 05:53:36 UTC 2017 builds@yenn:/var/obj/sys/arch/amd64/compile/YENN amd64
Architecture: x86_64
Machine: amd64
	The machine couldn't survive more than a few minutes of exposing on the internet.
	I found that the cause was the ipsec traffic.

	Here's a picture of ddb running (forgot "bt", sorry):

	sys/netinet/tcp_input.c, line 1838

	Use ipsec on 8 BETA?  Or maybe use NetBSD 6 configs for ipsec on NetBSD 8.
	No idea.  Don't start ipsec to mitigate the bug.

 Soruces from Jun 13, kernel is pretty much GENERIC, with altq and GATEWAY, but it happens on vanilla GENERIC, too

Home | Main Index | Thread Index | Old Index