Kernel panic on 5.3.1-arch1-1-ARCH

Nico Schottelius nico.schottelius at ungleich.ch
Sun Oct 6 00:02:18 CEST 2019 

... and just updated via the testing repo, everything green on 5.3.4.

On this system I see one error regarding the IPv4 fib table,
which might be due to IPv6 only usage:

[root at diamond ~]# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -6 address add 2a0a:e5c1:137::137/48 dev wg0
[#] ip link set mtu 1420 up dev wg0
Error: ipv4: FIB table does not exist.
Dump terminated
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[root at diamond ~]# ip a sh dev wg0
5: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet6 2a0a:e5c1:137::137/48 scope global
       valid_lft forever preferred_lft forever
[root at diamond ~]# pacman -Q | grep wireguard
wireguard-dkms 0.0.20190913-1
wireguard-tools 0.0.20190913-1

As everything work[tm], would it be an option to rename it to a warning
instead?

Best,

Nico

Nico Schottelius <nico.schottelius at ungleich.ch> writes:

> Hey Jason,
>
> thanks for the quick reply - I' ll upgrade as soon as a new package is
> released and give a status update afterwards. Thanks for tracking it
> down!
>
> Best,
>
> Nico
>
> Jason A. Donenfeld <Jason at zx2c4.com> writes:
>
>> This isn't WireGuard, actually. It's a line in wg-quick's bash that
>> says `ip rule add ... suppress_prefix ...`.
>>
>> You can reproduce the kernel crash without WireGuard anywhere in the
>> equation with this sequence:
>>
>> ip netns add crash
>> ip -n crash link add dummy1 type dummy
>> ip -n crash link set dummy1 up
>> ip -n crash -6 route add default dev dummy1
>> ip -n crash -6 rule add table main suppress_prefixlength 0
>> ip netns exec crash ping -f -c 1000 -W 1 1234::1 || true
>> ip -n crash -6 rule del table main suppress_prefixlength 0
>> ip -n crash link del dummy1
>> ip netns del crash
>>
>> I submitted a patch for this upstream here:
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
>>
>> It's been backported to stable already. Update your kernel to 5.3.4
>> and things should work again for you.
>>
>> Jason


--
Modern, affordable, Swiss Virtual Machines. Visit www.datacenterlight.ch

More information about the WireGuard mailing list