WireGuard Archive on lore.kernel.org
 help / color / Atom feed
From: Nico Schottelius <nico.schottelius@ungleich.ch>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Kernel panic on 5.3.1-arch1-1-ARCH
Date: Sun, 06 Oct 2019 00:02:18 +0200
Message-ID: <874l0mzw9h.fsf@ungleich.ch> (raw)
In-Reply-To: <87r23qc2jw.fsf@ungleich.ch>

... and just updated via the testing repo, everything green on 5.3.4.

On this system I see one error regarding the IPv4 fib table,
which might be due to IPv6 only usage:

[root@diamond ~]# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -6 address add 2a0a:e5c1:137::137/48 dev wg0
[#] ip link set mtu 1420 up dev wg0
Error: ipv4: FIB table does not exist.
Dump terminated
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[root@diamond ~]# ip a sh dev wg0
5: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    inet6 2a0a:e5c1:137::137/48 scope global
       valid_lft forever preferred_lft forever
[root@diamond ~]# pacman -Q | grep wireguard
wireguard-dkms 0.0.20190913-1
wireguard-tools 0.0.20190913-1

As everything work[tm], would it be an option to rename it to a warning



Nico Schottelius <nico.schottelius@ungleich.ch> writes:

> Hey Jason,
> thanks for the quick reply - I' ll upgrade as soon as a new package is
> released and give a status update afterwards. Thanks for tracking it
> down!
> Best,
> Nico
> Jason A. Donenfeld <Jason@zx2c4.com> writes:
>> This isn't WireGuard, actually. It's a line in wg-quick's bash that
>> says `ip rule add ... suppress_prefix ...`.
>> You can reproduce the kernel crash without WireGuard anywhere in the
>> equation with this sequence:
>> ip netns add crash
>> ip -n crash link add dummy1 type dummy
>> ip -n crash link set dummy1 up
>> ip -n crash -6 route add default dev dummy1
>> ip -n crash -6 rule add table main suppress_prefixlength 0
>> ip netns exec crash ping -f -c 1000 -W 1 1234::1 || true
>> ip -n crash -6 rule del table main suppress_prefixlength 0
>> ip -n crash link del dummy1
>> ip netns del crash
>> I submitted a patch for this upstream here:
>> https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
>> It's been backported to stable already. Update your kernel to 5.3.4
>> and things should work again for you.
>> Jason

Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch
WireGuard mailing list

      reply index

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-05 20:45 Nico Schottelius
2019-10-05 20:57 ` Jason A. Donenfeld
2019-10-05 21:20   ` Nico Schottelius
2019-10-05 22:02     ` Nico Schottelius [this message]

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=874l0mzw9h.fsf@ungleich.ch \
    --to=nico.schottelius@ungleich.ch \
    --cc=wireguard@lists.zx2c4.com \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

WireGuard Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/wireguard/0 wireguard/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 wireguard wireguard/ https://lore.kernel.org/wireguard \
		wireguard@lists.zx2c4.com zx2c4-wireguard@archiver.kernel.org
	public-inbox-index wireguard

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/ public-inbox