Created attachment 37062 [details] kernel config When using IPSec on 3.6.35.8 (openswan 2.4.15) the following warning appears on message logs, at least when an invalid IPsec peer is specified: WARNING: at include/linux/skbuff.h:460 ip_cmsg_recv+0x239/0x290() Hardware name: Modules linked in: deflate zlib_deflate ctr twofish twofish_common camellia serpent blowfish cast5 dahdi_transcode cbc xcbc sha512_generic crypto_null xfrm_user xfrm4_tunnel tunnel4 ipcomp xfrm_ipcomp esp4 ah4 aes_i586 aes_generic sha256_generic af_key hfcm ulti l3udss1 mISDN_l2 mISDN_l1 mISDN_dsp dahdi_dummy dahdi crc_ccitt cls_u32 cls_tcindex act_police cls_fw sch_netem sch_sfq sch_gred sch_tbf s ch_htb sch_dsmark ipt_ULOG iptable_raw xt_IMQ xt_dscp xt_length xt_multiport iptable_mangle ipt_LOG xt_limit xt_state iptable_filter ipt_REDIRE CT xt_tcpudp xt_mark iptable_nat ip_tables usbhid uhci_hcd ehci_hcd ohci_hcd ssb xfrm4_mode_tunnel xfrm4_mode_transport ebt_vlan ebtable_broute ebtables x_tables bridge stp llc 8021q ppdev parport ftdi_sio w83793 hwmon_vid hwmon i2c_i801 nozomi option usb_wwan usbserial pcmcia vfat fat usblp nf_nat_ftp nf_nat_pptp nf_nat_proto_gre nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack_pptp nf_conntrack_proto_gre nf_conntrack_ft p nf_conntrack imq mISD _core yenta_socket pcmcia_rsrc pcmcia_core pppoe pppox ppp_generic slhc 8139too br2684 atm tulip e100 bnx2x crc32c libcrc32c mdio bnx2 tg3 libphy e1000e e1000 r8169 sis900 pcnet32 mii Pid: 5005, comm: pluto Not tainted 2.6.35.8 #8 Call Trace: [<c05ba08a>] ? printk+0x18/0x1e [<c0547b29>] ? ip_cmsg_recv+0x239/0x290 [<c013b28c>] warn_slowpath_common+0x6c/0xc0 [<c0547b29>] ? ip_cmsg_recv+0x239/0x290 [<c013b2fd>] warn_slowpath_null+0x1d/0x20 [<c0547b29>] ip_cmsg_recv+0x239/0x290 [<c050d3db>] ? memcpy_toiovec+0x4b/0x70 [<c050dd77>] ? skb_copy_datagram_iovec+0x77/0x1f0 [<c050a5fd>] ? skb_dequeue+0x4d/0x70 [<c0547db1>] ip_recv_error+0x231/0x270 [<c0566c95>] udp_recvmsg+0x245/0x280 [<c056db5d>] ? inet_recvmsg+0x5d/0xe0 [<c056db9c>] inet_recvmsg+0x9c/0xe0 [<c050309a>] sock_recvmsg+0xba/0xe0 [<c015b958>] ? sched_clock_cpu+0x108/0x140 [<c056e310>] ? inet_sendmsg+0x0/0xe0 [<c05031c0>] ? sock_sendmsg+0xb0/0xe0 [<c050d430>] ? verify_iovec+0x30/0xb0 [<c0502fe0>] ? sock_recvmsg+0x0/0xe0 [<c0504519>] __sys_recvmsg+0xe9/0x1e0 [<c0504e25>] ? sys_sendto+0xa5/0xd0 [<c05bd7bd>] ? _raw_spin_unlock+0x1d/0x20 [<c0165b93>] ? lock_release_holdtime+0x33/0x220 [<c0123516>] ? do_page_fault+0x1d6/0x380 [<c05048c6>] sys_recvmsg+0x36/0x60 [<c050508b>] sys_socketcall+0xeb/0x2c0 [<c01e7704>] ? sys_poll+0x54/0xb0 [<c0102b0c>] sysenter_do_call+0x12/0x2d ---[ end trace b60688fcc2cb9d36 ]--- Same warning appears on 2.6.35.5. Applying the following 2.6.36 patch does not make warning go away, although the symptoms are similar: commit e71895a1beff2014534c9660d9ae42e043f11555 Author: Eric Dumazet <eric.dumazet@gmail.com> Date: Thu Sep 16 12:27:50 2010 +0000 xfrm: dont assume rcu_read_lock in xfrm_output_one() ip_local_out() is called with rcu_read_lock() held from ip_queue_xmit() but not from other call sites. Reported-and-bisected-by: Nick Bowler <nbowler@elliptictech.com> Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>