Patch for fragment problem in key.c

• Previous message: B: "Re: (KAME-snap 8803) Re: Weird memory exhaustion with FreeBSD 4.10-STABLE"
• Next in thread: itojun_at_iijlab.net: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Reply: itojun_at_iijlab.net: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Reply: George V. Neville-Neil: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Tue, 28 Sep 2004 10:39:09 +0900
To: snap-users@kame.net

Hi Folks,

        Robert Watson tried to send email about this but it never got
        through, and then Sam Leffler got ahold of me and told me he
        fixed something similar in the FAST_IPSEC code. So, the
        following patch fixes, in KAME IPSec. This patch was
        generated against 6.0-CURRENT and I included Sam's commit
        message.

Later,
George

Correct handling of SADB_UPDATE and SADB_ADD requests. key_align may split
the mbuf due to use of m_pulldown. Discarding the result because of this
does not make sense as no subsequent code depends on the entire msg being
linearized (only the individual pieces). It's likely something else is wrong
here but for now this appears to get things back to a working state.

Index: sys/netkey/key.c
===================================================================
RCS file: /Volumes/exported/FreeBSD-CVS/src/sys/netkey/key.c,v
retrieving revision 1.67
diff -u -r1.67 key.c
--- sys/netkey/key.c 2 Sep 2004 20:14:03 -0000 1.67
+++ sys/netkey/key.c 27 Sep 2004 16:08:31 -0000
@@ -6952,11 +6952,6 @@
         if (error)
                 return error;
 
- if (m->m_next) { /*XXX*/
- m_freem(m);
- return ENOBUFS;
- }
-
         msg = mh.msg;
 
         /* check SA type */
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: B: "Re: (KAME-snap 8803) Re: Weird memory exhaustion with FreeBSD 4.10-STABLE"
• Next in thread: itojun_at_iijlab.net: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Reply: itojun_at_iijlab.net: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Reply: George V. Neville-Neil: "Re: (KAME-snap 8809) Patch for fragment problem in key.c"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages RE: mbuf denied problem ... Allowing mbuf memory to be reclaimed for the purposes of other subsystems was an intentional design choice. ... The below change means that after a network load spike, the memory can't be returned for use by other subsystems. ... netstat -m show 0 deny till has memory, ... 7410219/101093/101499 requests for mbufs denied ... (freebsd-net) Re: Performance/lockup issues with FreeBSD as a router ... I would watch your mbuf usage and> when you ... > SysAdmin, CarDomain Network ... 450 mbufs in use 448/132096 mbuf clusters in use 0/2/33280 sfbufs in use 1008 KBytes allocated to network ... requests for sfbufs delayed ... (freebsd-performance) Re: High usage of mbufs ... > small syn flood that went un noticed and that the current mbuf stat is ... > 0 requests for sfbufs delayed ... 4159799080/25600 mbuf clusters in use ... (freebsd-performance) Re: requests for mbufs denied ... requests for sfbufs delayed ... In such case, we drain cached buckets from zones to the system to get more free pages, and disable bucket allocation. ... As the result, we cannot get a bucket when freeing a mbuf to the zone and just do internal free, counting up the number of allocation failure, i.e. the number of "requests for mbufs denied". ... (freebsd-current) Re: requests for mbufs denied ... requests for sfbufs delayed ... In such case, we drain cached buckets from zones to the system to get more free pages, and disable bucket allocation. ... As the result, we cannot get a bucket when freeing a mbuf to the zone and just do internal free, counting up the number of allocation failure, i.e. the number of "requests for mbufs denied". ... (freebsd-net)