[Bug 219356] Using AES-GCM with IPSEC with aesni module loaded panics FreeBSD 11 stable
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Wed May 17 14:39:37 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219356
Bug ID: 219356
Summary: Using AES-GCM with IPSEC with aesni module loaded
panics FreeBSD 11 stable
Product: Base System
Version: 11.0-STABLE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: lab at gta.com
Created attachment 182666
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=182666&action=edit
Core text file from panic
Using iperf to pass data between two hosts behind two FreeBSD gateways that
have an IPSec tunnel between them will panic gateway. The gateway that panics
os the one doing most of the decryption (gateway in front of iperf running in
server mode). I used iperf in UDP mode. Not sure if that is needed. If I use
11.0-RELEASE-p9 I do not see this issue.
I used strongswan to create IPSec tunnel between gateways. If duplicating, make
sure GCM option is turned on for strongswan.
Setkey -D shows:
172.16.72.71 172.16.73.67
esp mode=tunnel spi=3420721730(0xcbe41242) reqid=1(0x00000001)
E: aes-gcm-16 83cc9338 e415ad69 340ecec3 1e698f52 c2b2dc8e 19687c70
192200ca 9c7564a8
27bba7d2
seq=0x00000001 replay=0 flags=0x00000000 state=mature
created: May 17 10:37:56 2017 current: May 17 10:38:01 2017
diff: 5(s) hard: 3600(s) soft: 2935(s)
last: May 17 10:37:57 2017 hard: 0(s) soft: 0(s)
current: 140(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 1 hard: 0 soft: 0
sadb_seq=1 pid=808 refcnt=1
172.16.73.67 172.16.72.71
esp mode=tunnel spi=3464455471(0xce7f652f) reqid=1(0x00000001)
E: aes-gcm-16 032a2b86 1f878f00 b7b09d0e f95233e1 14af88a4 f5e3ad11
380a9fa7 8afc3a01
c72438bc
seq=0x00000000 replay=4 flags=0x00000000 state=mature
created: May 17 10:37:56 2017 current: May 17 10:38:01 2017
diff: 5(s) hard: 3600(s) soft: 2530(s)
last: May 17 10:37:57 2017 hard: 0(s) soft: 0(s)
current: 84(bytes) hard: 0(bytes) soft: 0(bytes)
allocated: 1 hard: 0 soft: 0
sadb_seq=0 pid=808 refcnt=1
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list