Page MenuHomeFreeBSD

ipsec: enter epoch before calling into ipsec_run_hhooks
ClosedPublic

Authored by mjg on Sep 17 2021, 3:33 PM.
Tags
None
Referenced Files
F102952460: D32007.diff
Tue, Nov 19, 3:28 AM
Unknown Object (File)
Wed, Oct 23, 12:06 PM
Unknown Object (File)
Sep 29 2024, 7:24 AM
Unknown Object (File)
Sep 16 2024, 12:41 PM
Unknown Object (File)
Sep 14 2024, 2:22 AM
Unknown Object (File)
Aug 19 2024, 11:19 AM
Unknown Object (File)
Aug 19 2024, 4:01 AM
Unknown Object (File)
Aug 18 2024, 9:31 AM
Subscribers

Details

Summary

pfil_run_hooks which eventually can get called asserts on it.

Fixes a failed epoch assert:

panic: Assertion in_epoch(net_epoch_preempt) failed at /usr/home/mjg/git/netgate/FreeBSD-src/sys/net/pfil.c:172
panic() at panic+0x43/frame 0xfffffe00c8917850
pfil_run_hooks() at pfil_run_hooks+0x129/frame 0xfffffe00c8917890
enc_hhook() at enc_hhook+0x247/frame 0xfffffe00c89178d0
hhook_run_hooks() at hhook_run_hooks+0x6a/frame 0xfffffe00c8917940
ipsec_run_hhooks() at ipsec_run_hhooks+0x69/frame 0xfffffe00c8917960
ipsec4_common_input_cb() at ipsec4_common_input_cb+0x3bf/frame 0xfffffe00c89179f0
esp_input_cb() at esp_input_cb+0x587/frame 0xfffffe00c8917a70
crypto_ret_proc() at crypto_ret_proc+0x78/frame 0xfffffe00c8917ab0
fork_exit() at fork_exit+0x80/frame 0xfffffe00c8917af0
fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe00c8917af0

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

mjg requested review of this revision.Sep 17 2021, 3:33 PM
mjg edited the summary of this revision. (Show Details)
mjg added a reviewer: ae.
sys/netipsec/ipsec_input.c
485

It seems there is possible one case when we are not in the EPOCH.

681–682

extra EPOCH enter/exit.

692

missing NET_EPOCH_EXIT()

huh, sorry for the lazy patch

This revision is now accepted and ready to land.Sep 21 2021, 2:47 PM