Received: with ECARTIS (v1.0.0; list netdev); Fri, 22 Aug 2003 16:03:44 -0700 (PDT) Received: from e34.co.us.ibm.com (e34.co.us.ibm.com [32.97.110.132]) by oss.sgi.com (8.12.9/8.12.9) with SMTP id h7MN2VoO016403 for ; Fri, 22 Aug 2003 16:03:12 -0700 Received: from westrelay04.boulder.ibm.com (westrelay04.boulder.ibm.com [9.17.193.32]) by e34.co.us.ibm.com (8.12.9/8.12.2) with ESMTP id h7MN1oEh371662; Fri, 22 Aug 2003 19:01:50 -0400 Received: from austin.ibm.com (d03av02.boulder.ibm.com [9.17.193.82]) by westrelay04.boulder.ibm.com (8.12.9/NCO/VER6.6) with ESMTP id h7MN1nO9165006; Fri, 22 Aug 2003 17:01:49 -0600 Received: from faith.austin.ibm.com (faith.austin.ibm.com [9.41.94.16]) by austin.ibm.com (8.12.9/8.12.9) with ESMTP id h7MN1mN2088568; Fri, 22 Aug 2003 18:01:48 -0500 Received: from faith.austin.ibm.com (localhost.localdomain [127.0.0.1]) by faith.austin.ibm.com (8.12.5/8.12.8) with ESMTP id h7MNCBKn019007; Fri, 22 Aug 2003 18:12:11 -0500 Received: (from jml@localhost) by faith.austin.ibm.com (8.12.5/8.12.5/Submit) id h7MNCAJl019005; Fri, 22 Aug 2003 18:12:10 -0500 Date: Fri, 22 Aug 2003 18:12:10 -0500 From: latten@austin.ibm.com Message-Id: <200308222312.h7MNCAJl019005@faith.austin.ibm.com> To: davem@redhat.com, kazunori@miyazawa.org Subject: Re: IPSecv6/Neighbor discovery crash Cc: netdev@oss.sgi.com X-archive-position: 5212 X-ecartis-version: Ecartis v1.0.0 Sender: netdev-bounce@oss.sgi.com Errors-to: netdev-bounce@oss.sgi.com X-original-sender: latten@austin.ibm.com Precedence: bulk X-list: netdev Content-Length: 1829 Lines: 62 I tried my old standby of putting a few printk's to help debug. I put them in ndisc_output() and ndisc_build_ll_hdr() and they get printed out ok except when the crash occurs. I get absolutely nothing. So I do not know where or what are some of the values ndisc_output() or ndisc_build_ll_addr() are using. Nothing gets written to my log file when I do the ping6. I too had been thinking similar to Miyazawa-san... Joy On Thu, 21 Aug 2003 18:46:40 -0700 "David S. Miller" wrote: > On Thu, 21 Aug 2003 20:49:47 -0500 > latten@austin.ibm.com wrote: > > > EIP is at ndisc_build_ll_hdr+0x17/0x1e0 > > So what exactly is NULL in ndisc_build_ll_hdr(), is > it 'dev'? That'd be really weird... > I had same crach. I guess it is due to xfrm cache. My impression about the problem is likes this. When we configure IPsec and src and dst of neighbour discoery match the configuration occasionally, The kernel creates and caches the stackable dst like this because ndisc_send_* want to use it dst->output(ah6_output) +- child->output(ndisc_output) Then it receives icmpv6 echo request. It replys by using the cached stackable dst like above. The kernel however must use another stackable dst like dst->output(ah6_output) +- child->output(ip6_output) It is the issue. The kernel can not tell first stackable dst from second stackable dst because it can not know the last output function. I believe we need to change the kernel to use ip6_output ( or another common output function) to send neighbour discovery packet instead of ndisc_output essentially. But it may make the kernel be unstable. I think there is not so much request to use IPsec with neighbour discovery. I think it is better to remove xfrm_lookup from ndisc_send_* functions at the moment. Best regards, --Kazunori Miyazawa