[Openswan dev] pfkey_create crash

Leena Soman leenax at gmail.com
Fri Mar 28 07:00:01 EDT 2008


Hi,
I am using openswan as a reference while developing my own kernel module
with a PF_KEY interface to my proprietary ipsec stack. I'm new to kernel
programming and have redhat fc 6 kernel 2.6.18-1.2798.fc6-i686. I've created
a module and done a sock_register with pfkey_create. I've written a small
test app which just opens a PF_KEY socket. My kernel module calls
pfkey_create but crashes just before pfkey_create returns. Can anybody let
me know what I'm missing here?

My code :
#include <linux/module.h>
#include <linux/kernel.h>
#include <linux/socket.h>
#include <linux/net.h>
#include <net/sock.h>

struct net_proto_family pfkey_family_ops;

static int
pfkey_create(struct socket *sock, int protocol)
{
        return 0;
}

int init_module(void)
{
    printk("<1>Hello world 1\n");
    pfkey_family_ops.family = PF_KEY;
    pfkey_family_ops.create = pfkey_create;
    pfkey_family_ops.owner = THIS_MODULE;
    sock_register(&pfkey_family_ops);
    return 0;
}

void cleanup_module(void)
{
    sock_unregister(PF_KEY);
    printk(KERN_ALERT "Goodbye world 1\n");
}


The o/p from dmesg looks like :
Hello world 1
NET: Registered protocol family 15
BUG: unable to handle kernel NULL pointer dereference at virtual address
00000004
 printing eip:
c05aff14
*pde = 00000000
Oops: 0000 [#1]
SMP
last sysfs file: /class/drm/card0/dev
Modules linked in: hello(U) i915 drm autofs4 hidp rfcomm l2cap bluetooth
sunrpc ip_conntrack_ftp ip_conntrack_netbios_ns ipt_REJECT xt_state
ip_conntrack nfnetlink iptable_filter ip_tables ip6t_REJECT xt_tcpudp
ip6table_filter ip6_tables x_tables dm_multipath video sbs i2c_ec button
battery asus_acpi ac ipv6 parport_pc lp parport snd_hda_intel snd_hda_codec
snd_seq_dummy snd_seq_oss intel_rng snd_seq_midi_event snd_seq
snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer wlan_scan_sta(U)
snd ath_rate_sample(U) soundcore via_rhine ath_pci(U) e100 snd_page_alloc
wlan(U) ath_hal(U) serio_raw mii i2c_i801 ide_cd i2c_core cdrom pcspkr
dm_snapshot dm_zero dm_mirror dm_mod ata_piix libata sd_mod scsi_mod ext3
jbd ehci_hcd ohci_hcd uhci_hcd
CPU:    1
EIP:    0060:[<c05aff14>]    Tainted: P      VLI
EFLAGS: 00010246   (2.6.18-1.2798.fc6 #1)
EIP is at __sock_create+0x14c/0x227
eax: 00000000   ebx: 00000000   ecx: f8d93700   edx: 00000002
esi: 0000000f   edi: e8263500   ebp: 00000003   esp: dd446f3c
ds: 007b   es: 007b   ss: 0068
Process app (pid: 3513, ti=dd446000 task=f7d74720 task.ti=dd446000)
Stack: 00000000 e86a41d4 00000002 dd446f70 dd446f94 00000000 dd446000
c05b0023
       dd446f70 00000000 00000003 c05b021c dd446f70 00000000 00000003
c05b0c91
       0000000f 00000003 00000002 e86a41b8 e86a4180 00000000 0000000f
00000003
Call Trace:
 [<c05b0023>] sock_create+0x18/0x1c
 [<c05b021c>] sys_socket+0x1c/0x3e
 [<c05b0c91>] sys_socketcall+0x7a/0x261
 [<c0404013>] syscall_call+0x7/0xb
DWARF2 unwinder stuck at syscall_call+0x7/0xb
Leftover inexact backtrace:
 =======================
Code: 00 00 c1 e0 07 8d 84 10 80 01 00 00 ff 00 8b 0c b5 e0 2b 82 c0 89 f8
8b 54 24 08 ff 51 04 85 c0 89 c3 0f 88 90 00 00 00 8b 47 08 <8b> 50 04 85 d2
74 1b 89 e0 25 00 f0 ff ff 83 3a 02 8b 40 10 74
EIP: [<c05aff14>] __sock_create+0x14c/0x227 SS:ESP 0068:dd446f3c

Thanks,
Leena.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/dev/attachments/20080328/9f5bd90d/attachment.html 


More information about the Dev mailing list