[Openswan Users] openswan 2.6.27 - klips - kernel panic

[陈琳涛]

Linux Kernel : 2.6.27.47 SMP
Linux Openswan 2.6.27 (klips)

## Center 
/etc/ipsec.conf
version 2
config setup
        protostack=klips
        pluto=yes
        plutowait=no
        plutodebug=none
        klipsdebug=none
        uniqueids=yes
        nat_traversal=yes
        nhelpers=0

conn    %default
        type=tunnel
        keyingtries=0
        keyexchange=ike
        auto=start
        authby=secret
        auth=esp
        ikelifetime=1h
        rekeymargin=10m
        rekeyfuzz=20%
        keylife=8h

conn PROFILE_1
        pfs=no
        keylife=3600s
        ike=des-md5-modp768,des-sha1-modp768,3des-md5,3des-sha1,aes128-md5
        esp=aes128-md5
        compress=yes
        left=172.16.1.5
        leftnexthop=172.16.0.1
        leftsubnet=192.168.5.0/24
        auto=add
        right=%any
        rekey=no
        forceencaps=yes
        rightsubnet=vhost:%all

### Branches : SLES11 kernel  2.6.27.45-0.1-pae , Linux Openswan U2.6.16/K2.6.27.45-0.1-pae (netkey)
/etc/ipsec.conf
version 2.0

config setup
    klipsdebug=none
    plutodebug=none
    protostack=netkey

conn    %default
        type=tunnel
        keyingtries=0
        keyexchange=ike
        authby=secret
        auth=esp
        #auth=ah
        ikelifetime=24h
        rekeymargin=10m
        rekeyfuzz=20%
        keylife=24h
        compress=no

conn PROFILE_1
        pfs=no
        rekey=no
        keylife=86400s
        auto=add
        left=172.16.200.8
        leftsubnet=18.18.18.0/24
        right=172.16.1.5
        rightsubnet=192.168.5.0/24


#### Steps
1. I raised two branches for test.
For SA Recycle test : Such script blow is running on each branch
#!/bin/sh

IPSEC="/usr/sbin/ipsec"

while [ 1 ]; do

$IPSEC auto --replace PROFILE_1
$IPSEC auto --rereadsecrets
$IPSEC auto --up PROFILE_1

done

2. For several minutes , Center crashed as below

kernel BUG at mm/vmalloc.c:217!
invalid opcode: 0000 [#1] SMP 
Modules linked in: ipsec xt_connlimit xt_state xt_conntrack ipt_REDIRECT ipt_MASQUERADE nf_nat_tftp nf_nat_pptp nf_nat_proto_gre nf_nat_irc nf_nat_ftp nf_nat_amanda iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack_tftp nf_conntrack_pptp nf_conntrack_proto_gre nf_conntrack_irc nf_conntrack_ftp nf_conntrack_amanda nf_conntrack
 
Pid: 5502, comm: pluto Not tainted (2.6.27.47-CORE2-SMP #2)
EIP: 0060:[<c024e161>] EFLAGS: 00010206 CPU: 1
EIP is at __get_vm_area_node+0x22/0x18a
EAX: f7158000 EBX: f8800000 ECX: f8800000 EDX: 000000d2
ESI: 00002000 EDI: ffffffff EBP: 000000d2 ESP: f7159c08
 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process pluto (pid: 5502, ti=f7158000 task=f7177800 task.ti=f7158000)
Stack: 00000002 f7159c5c f7159c4c 00002000 f8b402e4 ffffffff 000000d2 c024e55c 
       ff7fe000 ffffffff 000000d2 f8b402e4 00000163 00000800 00000001 0000000f 
       00000000 c024e5ac ffffffff f8b402e4 f8b402e4 00000800 00000001 f8b403f1 
Call Trace:
 [<f8b402e4>] ipsec_SArefSubTable_alloc+0x2c/0x90 [ipsec]
 [<c024e55c>] __vmalloc_node+0x64/0x8a
 [<f8b402e4>] ipsec_SArefSubTable_alloc+0x2c/0x90 [ipsec]
 [<c024e5ac>] vmalloc+0x14/0x17
 [<f8b402e4>] ipsec_SArefSubTable_alloc+0x2c/0x90 [ipsec]
 [<f8b402e4>] ipsec_SArefSubTable_alloc+0x2c/0x90 [ipsec]
 [<f8b403f1>] ipsec_SAref_recycle+0xa9/0x198 [ipsec]
 [<f8b405f3>] ipsec_SAref_alloc+0x53/0x10f [ipsec]
 [<f8b40fff>] ipsec_sa_intern+0x14/0xe3 [ipsec]
 [<f8b4df19>] pfkey_add_parse+0x21d/0x675 [ipsec]
 [<f8b538f5>] ultoa+0xb5/0xc0 [ipsec]
 [<c03f4f87>] __alloc_skb+0x46/0xee
 [<f8b55309>] pfkey_msg_parse+0x41a/0x63a [ipsec]
 [<c03f51c4>] skb_queue_tail+0x11/0x2d
 [<f8b4ff6e>] pfkey_msg_interp+0x24a/0x2c7 [ipsec]
 [<f8b4d71b>] pfkey_sendmsg+0x271/0x37c [ipsec]
 [<c03f135d>] sock_aio_write+0xc3/0xd0
 [<c025af36>] do_sync_write+0xbf/0x100
 [<c02116c7>] ptep_set_access_flags+0x20/0x29
 [<c022ad00>] autoremove_wake_function+0x0/0x2d
 [<c025b649>] vfs_write+0x7c/0x8d
 [<c025b755>] sys_write+0x3c/0x63
 [<c02029d9>] sysenter_do_call+0x12/0x25
 [<c0460000>] igb_probe+0x15e/0x9d5
 =======================
Code: 00 00 89 c8 e9 35 ff ff ff 55 57 56 89 c6 53 89 cb 83 ec 0c 89 e0 89 14 24 25 00 e0 ff ff 8b 54 24 28 f7 40 14 00 ff ff 0f 74 04 <0f> 0b eb fe f6 04 24 01 c7 44 24 08 01 00 00 00 74 30 0f bd c6 
EIP: [<c024e161>] __get_vm_area_node+0x22/0x18a SS:ESP 0068:f7159c08
Kernel panic - not syncing: Fatal exception in interrupt

3. I have tried openswan-2.6.26 , just the same . 
4. openswan-2.6.23 test OK. But has another problem when running test branches for several hours
2010/06/26 12:46:24 ICEFLOW pluto[25604]: ERROR: "PROFILE_1"[106] 172.16.12.1 #138505: pfkey write() of K_SADB_ADD message 872859 for Add SA tun.26f15 at 172.16.12.1 failed. Errno 28: No space left on device

I must reload ipsec.ko to release SAref space.

5. Openswan 2.6.24 test ok. It doesn't crash  and  IPSec SA  reconnected  78697 times after 3 hours . ( One SAref cycle 2^16 = 32768 ? )