Date: Wed, 5 Feb 2014 01:27:39 -0800 (PST) From: girgen <girgen@FreeBSD.org> To: freebsd-pf@freebsd.org Subject: Re: VIMAGE + PF crash in mbuf destructor Message-ID: <3A244BF6-F9E0-4578-8193-1437B0D2BB83@FreeBSD.org> In-Reply-To: <1391591816960-5883192.post@n5.nabble.com> References: <CAG=rPVfxFiOVOeSyDP=wBubNQCHK5dqcgBBaJjeS6XXtSZSZqg@mail.gmail.com> <51ED5308.3020008@gmx.com> <CAJ-VmomAC573hrQivfT9Gn_tJn5SkMhM_MK8hUCbtr-7D-NGDw@mail.gmail.com> <CAG=rPVd3F2sfwizJuEngxexo0Rby2qwzqpAB4_K-fZXXb8-Rmw@mail.gmail.com> <CAJ-Vmo=jDPrJHXRz8xY9aA-soBx54DjvqkpzdSUvr%2B4hZ9ExkQ@mail.gmail.com> <201307222338.09833.zec@fer.hr> <1389886004148-5876949.post@n5.nabble.com> <1391591816960-5883192.post@n5.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Cool, thanks for the feedback. I'll try the patch in the host environment. I never really used pf inside the jails, so I don't have a test case for that failing. 5 feb 2014 kl. 10:16 skrev mm [via FreeBSD] <ml-node+s1045724n5883192h88@n5.nabble.com>: > Ok, I have found the cause. The patches I use fix the host pf, but pf inside jails is broken. This means if we expose the pf device to the jails, calling pfctl on it causes a panic. > > To make sure your jails get just the limited ruleset, I suggest you put the following line to your /etc/rc.conf: > devfs_load_rulesets="YES" > > If you reply to this email, your message will be added to the discussion below: > http://freebsd.1045724.n5.nabble.com/VIMAGE-PF-crash-in-mbuf-destructor-tp5830537p5883192.html > To unsubscribe from VIMAGE + PF crash in mbuf destructor, click here. > NAML signature.asc (506 bytes) <http://freebsd.1045724.n5.nabble.com/attachment/5883198/0/signature.asc>; -- View this message in context: http://freebsd.1045724.n5.nabble.com/VIMAGE-PF-crash-in-mbuf-destructor-tp5830537p5883198.html Sent from the freebsd-pf mailing list archive at Nabble.com. From owner-freebsd-pf@FreeBSD.ORG Fri Feb 7 00:54:46 2014 Return-Path: <owner-freebsd-pf@FreeBSD.ORG> Delivered-To: freebsd-pf@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3EA2C71A; Fri, 7 Feb 2014 00:54:46 +0000 (UTC) Received: from mail.vx.sk (mail.vx.sk [176.9.45.25]) by mx1.freebsd.org (Postfix) with ESMTP id B549618D3; Fri, 7 Feb 2014 00:54:45 +0000 (UTC) Received: from core.vx.sk (localhost [127.0.0.2]) by mail.vx.sk (Postfix) with ESMTP id 8978A411DA; Fri, 7 Feb 2014 01:54:38 +0100 (CET) X-Virus-Scanned: amavisd-new at mail.vx.sk Received: from mail.vx.sk by core.vx.sk (amavisd-new, unix socket) with LMTP id s44sVgfkHtfX; Fri, 7 Feb 2014 01:54:36 +0100 (CET) Received: from [192.168.2.103] (dslb-094-223-160-133.pools.arcor-ip.net [94.223.160.133]) by mail.vx.sk (Postfix) with ESMTPSA id 6A662411D2; Fri, 7 Feb 2014 01:54:36 +0100 (CET) Message-ID: <52F42ECB.4050700@FreeBSD.org> Date: Fri, 07 Feb 2014 01:54:35 +0100 From: Martin Matuska <mm@FreeBSD.org> User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0 MIME-Version: 1.0 To: Craig Rodrigues <rodrigc@FreeBSD.org>, girgen@FreeBSD.org Subject: Re: VIMAGE + PF crash in mbuf destructor References: <CAG=rPVfxFiOVOeSyDP=wBubNQCHK5dqcgBBaJjeS6XXtSZSZqg@mail.gmail.com> <51ED5308.3020008@gmx.com> <CAJ-VmomAC573hrQivfT9Gn_tJn5SkMhM_MK8hUCbtr-7D-NGDw@mail.gmail.com> <CAG=rPVd3F2sfwizJuEngxexo0Rby2qwzqpAB4_K-fZXXb8-Rmw@mail.gmail.com> <CAJ-Vmo=jDPrJHXRz8xY9aA-soBx54DjvqkpzdSUvr+4hZ9ExkQ@mail.gmail.com> <201307222338.09833.zec@fer.hr> <1389886004148-5876949.post@n5.nabble.com> <1391536059015-5882971.post@n5.nabble.com> <CAG=rPVe=QFGWH2f80foCr3yJvsuhZZ5PLvX9D34Rth3JJbEtDg@mail.gmail.com> In-Reply-To: <CAG=rPVe=QFGWH2f80foCr3yJvsuhZZ5PLvX9D34Rth3JJbEtDg@mail.gmail.com> X-Enigmail-Version: 1.5.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.17 Cc: freebsd-pf@FreeBSD.org X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" <freebsd-pf.freebsd.org> List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-pf>, <mailto:freebsd-pf-request@freebsd.org?subject=unsubscribe> List-Archive: <http://lists.freebsd.org/pipermail/freebsd-pf/>; List-Post: <mailto:freebsd-pf@freebsd.org> List-Help: <mailto:freebsd-pf-request@freebsd.org?subject=help> List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-pf>, <mailto:freebsd-pf-request@freebsd.org?subject=subscribe> X-List-Received-Date: Fri, 07 Feb 2014 00:54:46 -0000 I don't have objections - the patch was done with avg's help and does its job, but we may consult someone first. http://people.freebsd.org/~mm/patches/pf_mtag_taskq.patch On 2014-02-07 00:37, Craig Rodrigues wrote: > > On Tue, Feb 4, 2014 at 9:47 AM, mm <mm@freebsd.org > <mailto:mm@freebsd.org>> wrote: > > Looks like I experience this panic, too. > > To fix the mbuf and taskq problems, I use the following pach atm.: > http://people.freebsd.org/~mm/patches/pf_mtag_taskq.patch > <http://people.freebsd.org/%7Emm/patches/pf_mtag_taskq.patch>; > > > Thanks for showing that patch. It looks good to me. Is it good > enough for commit? > This problem has been around for a while. >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A244BF6-F9E0-4578-8193-1437B0D2BB83>