(usagi-users 03889) Re: Mobile IPv6 TunnelPayload => kernel panic

[Sebastien Decugis <sdecugis@xxxxxxxxxxxxxxxx>]

Hi Shinta,

Sorry for late reply!

> First, could you provide your configuration files (both MN and HA)
> for mip6d?

Yes, I have attached the files to this mail. I run the ipsec-setSA.sh 
script first (both on HA and MN) and then I start the daemon mip6d.


> By "protect payload between HA and MN in Mobile IPv6 environment",
> do you intend to protect any traffic (including MIPv6 signaling
> messages such as BU and BA) with a single pair of transport mode
> IPsec SA?

Protecting the mobile signaling (BU / BA) works quite well. What I want 
to protect is tunnelled packets between the MN and the HA when MN talks 
to the CN. It can be:
-> The HoTi packet in case RO is enabled.
-> Any traffic (for example a ping) in case the RO is disabled.

Note that both case currently result in a kernel panic.

I will try Arnaud's workaround (Thank you Arnaud!) and let you know the 
result.

Best regards,
Sebastien.

> Regards,
> Shinta
>
> On Fri, 13 Jul 2007 13:51:19 +0900
> Sebastien Decugis <sdecugis@xxxxxxxxxxxxxxxx> wrote:
>
> > Hello,
> >
> > I am trying to use IPsec to protect payload between HA and MN in Mobile 
> > IPv6 environment. I am running the latest 2.6.22.1 kernel with latest 
> > USAGI patchs, and linux-2.6-mip6 binaries from USAGI git tree.
> >
> > Anyway, after the first packet is received by the Mobile Node, it just 
> > hangs and panic. I have c/p the panic output at the end of this message.
> >
> > Any idea why this is happenning?
> >
> > Thanks,
> > Sebastien.
> >
> > =======================================================================
> > [  121.173395] BUG: unable to handle kernel NULL pointer dereference at 
> > virtual address 0000001c
> > [  121.173491]  printing eip:
> > [  121.173537] *pde = 00000000
> > [  121.173580] Oops: 0000 [#1]
> > [  121.173625] Modules linked in: binfmt_misc rfcomm l2cap bluetooth 
> > i915 drm ppdev speedstep_lib cpufreq_powersave cpufreq_stats 
> > cpufreq_ondemand freq_table cpufreq_conservative cpufreq_userspace ac 
> > sbs battery video container button dock deflate zlib_deflate twofish 
> > twofish_common camellia serpent blowfish ecb aes xcbc sha256 crypto_null 
> > netconsole sbp2 parport_pc lp parport fuse snd_hda_intel snd_pcm_oss 
> > snd_mixer_oss snd_pcm snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi 
> > sr_mod snd_seq_midi_event snd_seq snd_timer snd_seq_device cdrom snd 
> > pcspkr ata_generic serio_raw soundcore psmouse intel_agp snd_page_alloc 
> > shpchp pci_hotplug af_packet agpgart evdev ext3 jbd mbcache sg sd_mod 
> > usbhid hid ohci1394 ieee1394 e100 mii ahci ata_piix libata scsi_mod 
> > ehci_hcd uhci_hcd usbcore thermal processor fan capability commoncap
> > [  121.176386] CPU:    0
> > [  121.176387] EIP:    0060:[<c02d528d>]    Not tainted VLI
> > [  121.176388] EFLAGS: 00010202   (2.6.22-8-mip6 #1)
> > [  121.176525] EIP is at fib6_add_1+0x5d/0x3d0
> > [  121.176572] eax: 0000000c   ebx: f7cbac00   ecx: 0000000c   edx: 0000002f
> > [  121.176623] esi: fffffff4   edi: 00000000   ebp: c03dd780   esp: c03e9c30
> > [  121.176674] ds: 007b   es: 007b   fs: 0000  gs: 0000  ss: 0068
> > [  121.176724] Process swapper (pid: 0, ti=c03e8000 task=c03c12c0 
> > task.ti=c03e8000)
> > [  121.177519] Stack: 00000004 00000001 f7cbacb4 00000001 0000000c 
> > 00000000 00000000 0000002f
> > [  121.177830]        f7cbac00 fffffff4 00000000 c03dd780 c02d5aa3 
> > 00000080 000000b4 043ded00
> > [  121.178143]        00000286 00000004 c03e9c00 00000000 dfdc1000 
> > f7cbac00 00000000 00000000
> > [  121.178565] Call Trace:
> > [  121.178673]  [<c02d5aa3>] fib6_add+0x33/0x3c0
> > [  121.178775]  [<c02d1f19>] __ip6_ins_rt+0x29/0x50
> > [  121.178858]  [<c02d3b0c>] rt6_redirect+0x18c/0x220
> > [  121.178996]  [<c02d9019>] ndisc_rcv+0x739/0xc50
> > [  121.179079]  [<c01c9a91>] blkcipher_walk_done+0x81/0x250
> > [  121.179171]  [<c02b707e>] xfrm_policy_match+0x3e/0x50
> > [  121.179250]  [<c02b73fc>] xfrm_policy_lookup_bytype+0x14c/0x1b0
> > [  121.179337]  [<c025a6b1>] skb_checksum+0x51/0x2e0
> > [  121.179442]  [<c025d6a8>] __skb_checksum_complete_head+0x18/0x60
> > [  121.179529]  [<c02df0df>] icmpv6_rcv+0x46f/0x7c0
> > [  121.179614]  [<c02b9e80>] __xfrm_policy_check+0x230/0x880
> > [  121.179800]  [<c02ca993>] ip6_input+0x163/0x370
> > [  121.179899]  [<c02cb12a>] ipv6_rcv+0x1ba/0x2e0
> > [  121.179978]  [<f8932337>] packet_rcv_spkt+0x107/0x1c0 [af_packet]
> > [  121.180078]  [<c0260766>] netif_receive_skb+0x276/0x300
> > [  121.180171]  [<c0262532>] process_backlog+0x82/0x100
> > [  121.180260]  [<c0262726>] net_rx_action+0x96/0x1c0
> > [  121.180348]  [<c011c972>] __do_softirq+0x52/0xa0
> > [  121.180432]  [<c011ca05>] do_softirq+0x45/0x50
> > [  121.180510]  [<c0105659>] do_IRQ+0x39/0x70
> > [  121.180590]  [<c0301e2b>] schedule+0x27b/0x580
> > [  121.180674]  [<c010416f>] common_interrupt+0x23/0x28
> > [  121.180775]  [<c01022b1>] mwait_idle_with_hints+0x41/0x50
> > [  121.180863]  [<c01023f1>] cpu_idle+0x41/0x60
> > [  121.180935]  [<c03eab6f>] start_kernel+0x24f/0x2e0
> > [  121.181015]  [<c03ea450>] unknown_bootoption+0x0/0x260
> > [  121.181105]  =======================
> > [  121.181149] Code: 00 00 00 c7 44 24 04 01 00 00 00 89 0c 24 eb 13 8b 
> > 4c 24 10 8b 59 08 85 db 0f 84 8e 00 00 00 89 5c 24 10 8b 4c 24 10 8b 44 
> > 24 10 <8b> 49 10 89 4c 24 0c 03 4c 24 38 89 4c 24 14 0f b7 58 14 3b 5c
> > [  121.183006] EIP: [<c02d528d>] fib6_add_1+0x5d/0x3d0 SS:ESP 0068:c03e9c30
> > [  121.183237] Kernel panic - not syncing: Fatal exception in interrupt

Attachment: ipsec-setSA.sh
Description: application/shellscript

# This is an example of mip6d Home Agent configuration file

NodeConfig HA;

## If set to > 0, will not detach from tty
DebugLevel 10;

## List of interfaces where we serve as Home Agent
Interface "eth0";

##
## IPsec configuration
##

UseMnHaIPsec enabled;

## Key Management Mobility Capability
KeyMngMobCapability disabled;


IPsecPolicySet {
                      HomeAgentAddress 2001:200:0:849c::9c;

                      HomeAddress 2001:200:0:849c:208:dff:fe4b:ce35/64;
 
        #               IPsecPolicy HomeRegBinding UseESP 201 202;
                       IPsecPolicy Mh UseESP 203 204;
                       IPsecPolicy MobPfxDisc UseESP 205 206;
        #               IPsecPolicy ICMP UseESP 207 208;
#                       IPsecPolicy any UseESP 209 210;      ### Does not work (MN: sendmsg: Operation not permitted)
        #               IPsecPolicy TunnelMh UseESP 211 212;
        #               IPsecPolicy TunnelHomeTesting UseESP 213 214;
                       IPsecPolicy TunnelPayload UseESP 215 216;



              }

# This is an example of mip6d Mobile Node configuration file

NodeConfig MN;

## If set to > 0, will not detach from tty
DebugLevel 10;

## Support route optimization with other MNs
DoRouteOptimizationCN disabled;

## Use route optimization with CNs
DoRouteOptimizationMN disabled;

UseCnBuAck enabled;

MnDiscardHaParamProb enabled;

Interface "eth0";

MnRouterProbes 1;

MnHomeLink "eth0" {
	HomeAddress 2001:200:0:849c:208:dff:fe4b:ce35/64;
	HomeAgentAddress 2001:200:0:849c::9c;
}

##
## IPsec configuration
##
UseMnHaIPsec enabled;

## Key Management Mobility Capability
KeyMngMobCapability disabled;


IPsecPolicySet {
                      HomeAgentAddress 2001:200:0:849c::9c;

                      HomeAddress 2001:200:0:849c:208:dff:fe4b:ce35/64;
 
	#		IPsecPolicy HomeRegBinding UseESP 201 202;
			IPsecPolicy Mh UseESP 203 204;
			IPsecPolicy MobPfxDisc UseESP 205 206;
	#		IPsecPolicy ICMP UseESP 207 208;
#			IPsecPolicy any UseESP 209 210;     #### broken
	#		IPsecPolicy TunnelMh UseESP 211 212;
	#		IPsecPolicy TunnelHomeTesting UseESP 213 214;
			IPsecPolicy TunnelPayload UseESP 215 216;

             }