On Tue, Mar 04, 2025 at 07:23:23AM +0000, Mikolaj Kucharski wrote:
> ipv6_input(ffff8000000f2000,fffffd80ccc05a00,1) at ipv6_input+0x42
> ipsec_common_input_cb(ffff80002d75f320,ffff800012f9a9e0,14,9,0) at
> ipsec_common
ipsec_common_input_cb() is called with netstack pointer NULL.
But in ipv6_input() the pointer is 1.
There is a missing parameter in the prototype. Sadly the buggy
code did compile due to a missing include file.
Diff below should fix it.
bluhm
Index: net/if_sec.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/if_sec.c,v
diff -u -p -r1.13 if_sec.c
--- net/if_sec.c 2 Mar 2025 21:28:32 -0000 1.13
+++ net/if_sec.c 4 Mar 2025 13:05:34 -0000
@@ -43,6 +43,7 @@
#include <net/if.h>
#include <net/if_var.h>
+#include <net/if_sec.h>
#include <net/if_types.h>
#include <net/toeplitz.h>
Index: net/if_sec.h
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/net/if_sec.h,v
diff -u -p -r1.1 if_sec.h
--- net/if_sec.h 7 Aug 2023 01:57:33 -0000 1.1
+++ net/if_sec.h 4 Mar 2025 13:04:42 -0000
@@ -29,7 +29,7 @@ struct tdb;
struct sec_softc *sec_get(unsigned int);
void sec_input(struct sec_softc * , int, int,
- struct mbuf *);
+ struct mbuf *, struct netstack *);
void sec_put(struct sec_softc *);
/*
Index: netinet/ipsec_input.c
===================================================================
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ipsec_input.c,v
diff -u -p -r1.208 ipsec_input.c
--- netinet/ipsec_input.c 2 Mar 2025 21:28:32 -0000 1.208
+++ netinet/ipsec_input.c 4 Mar 2025 13:03:23 -0000
@@ -564,7 +564,7 @@ ipsec_common_input_cb(struct mbuf **mp,
if (sc == NULL)
goto baddone;
- sec_input(sc, af, prot, m);
+ sec_input(sc, af, prot, m, ns);
sec_put(sc);
return IPPROTO_DONE;
}
