On Saturday 25 September 2004 04:50 pm, Bjoern A. Zeeb wrote: > On Sat, 25 Sep 2004, Sam Leffler wrote: > > > > That's a 216 byte packet, fwiw. I instrumented key.c and ran into > > > > the following ENOBUFS case on key.c:6957: > > > > > > > > /* align the mbuf chain so that extensions are in contiguous > > > > region. */ error = key_align(m, &mh); > > > > if (error) > > > > return error; > > > > > > > > if (m->m_next) { /*XXX*/ > > > > m_freem(m); > > > > return ENOBUFS; > > > > } > > > > > > > > I.e., the author knew it was a bug (feature) that an additional mbuf > > > > couldn't be handled here, but we do need to handle one. Looks like > > > > much of the surrounding code could be replaced with a call to > > > > m_defrag() and/or m_pullup(). > > > > > > Just to mention that i too experience this problem, > > > but with FAST_IPSEC so this probably means that if any fix will be made > > > for netkey/key.c then netipsec/key.c will need it too.(as far as i can > > > tell) Please correct me if i'm wrong. > > > > Correct. I gave Robert a fix that was sent to me for fast ipsec. I was > > going to commit it this weekend after some testing. > > could you perhaps post it or place it somewhere for download ? sam 2004-09-26 02:01:27 UTC FreeBSD src repository Modified files: sys/netipsec key.c Log: Correct handling of SADB_UPDATE and SADB_ADD requests. key_align may split the mbuf due to use of m_pulldown. Discarding the result because of this does not make sense as no subsequent code depends on the entire msg being linearized (only the individual pieces). It's likely something else is wrong here but for now this appears to get things back to a working state. Submitted by: Roselyn Lee Revision Changes Path 1.17 +0 -5 src/sys/netipsec/key.c http://cvsweb.FreeBSD.org/src/sys/netipsec/key.c.diff?r1=1.16&r2=1.17Received on Sun Sep 26 2004 - 00:33:56 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:13 UTC