[Openswan dev] Complete system crash if modular IPSEC is unloaded
mcr at sandelman.ottawa.on.ca
Fri Apr 9 15:50:46 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Joshua" == Joshua Jackson <jjackson at vortech.net> writes:
Joshua> I have started experimenting with openswan 1.0.2 and have a
Joshua> run into a bit of a snag. If the ipsec module is rmmod'ed,
Joshua> the entire system crashes with no debug output or additional
Joshua> logging messages.
Joshua> The kernel locks hard enough that the software watchdog
Joshua> module will not reboot it and there is no response from the
Joshua> console or network.
It should not be possible to rmmod the module when there are
connections active, or interfaces "tncfg".
Joshua> As a side note, I just ran into this for the first time
Joshua> after noticing that the ALG modules will not be installed if
Joshua> klips is compiled directly into the kernel (the way I
Joshua> usually build the kernel for my embedded Linux product). If
Joshua> I try to build the ALG modules into the kernel, the build
Joshua> fails with an enormous list of errors.
Not surprising - few seem to think that static builds are important.
The openswan 2.x tree tests that kind of thing every night.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
-----END PGP SIGNATURE-----
More information about the Dev