Kernel panic on flatcar 3139.2.0 with loadBalancer.acceleration native #19453

ysksuzuki · 2022-04-15T05:36:48Z

Is there an existing issue for this?

I have searched the existing issues

What happened?

All worker nodes got stuck in rebooting due to kernel panics after we upgrade those OS from flatcar 3033.2.4, kernel 5.10.107 to flatcar 3139.2.0, kernel 5.15.32. It seems that something is wrong with loadBalancer.acceleration: native on flatcar 3139.2.0.

Test Result

flatcar 3139.2.0, kernel 5.15.32
- cilium 1.11.3
  - loadBalancer.acceleration: native -> Panic
  - loadBalancer.acceleration: disabled -> OK
- cilium 1.11.2
  - loadBalancer.acceleration: native -> Panic
  - loadBalancer.acceleration: disabled -> OK
flatcar 3033.2.4, kernel 5.10.107
- cilium 1.11.3
  - loadBalancer.acceleration: native -> OK
  - loadBalancer.acceleration: disabled -> OK
- cilium 1.11.2
  - loadBalancer.acceleration: native -> OK
  - loadBalancer.acceleration: disabled -> OK

Cilium Version

v1.11.3

Kernel Version

$ uname -a
Linux rack1-cs5 5.15.32-flatcar #1 SMP Tue Apr 5 17:17:31 -00 2022 x86_64 AMD EPYC 7413 24-Core Processor AuthenticAMD GNU/Linux

Kubernetes Version

$ kubectl version
Client Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.5", GitCommit:"5c99e2ac2ff9a3c549d9ca665e7bc05a3e18f07e", GitTreeState:"clean", BuildDate:"2021-12-16T08:38:33Z", GoVersion:"go1.16.12", Compiler:"gc", Platform:"linux/amd64"}
Server Version: version.Info{Major:"1", Minor:"22", GitVersion:"v1.22.5", GitCommit:"5c99e2ac2ff9a3c549d9ca665e7bc05a3e18f07e", GitTreeState:"archive", BuildDate:"2021-12-20T06:57:14Z", GoVersion:"go1.17.5", Compiler:"gc", Platform:"linux/amd64"}

Sysdump

I couldn't run cilium sysdump because all workers got stuck.

Relevant log output

[  419.309274] SELinux:  Context system_u:object_r:container_file_t:s0 is not valid (left unmapped).
[  419.309274] SELinux:  Context system_u:object_r:container_file_t:s0 is not valid (left unmapped).
[  516.835776] IPv6: ADDRCONF(NETDEV_CHANGE): cilium_net: link becomes ready
[  516.846413] IPv6: ADDRCONF(NETDEV_CHANGE): cilium_host: link becomes ready
[  516.835776] IPv6: ADDRCONF(NETDEV_CHANGE): cilium_net: link becomes ready
[  516.846413] IPv6: ADDRCONF(NETDEV_CHANGE): cilium_host: link becomes ready
[  520.006295] NET: Registered PF_ALG protocol family
[  520.006295] NET: Registered PF_ALG protocol family
[  520.293618] general protection fault, probably for non-canonical address 0xffff12784e218580: 0000 [#1] SMP PTI
[  520.307566] CPU: 10 PID: 0 Comm: swapper/10 Not tainted 5.15.32-flatcar #1
[  520.317475] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
[  520.332753] RIP: 0010:uncharge_page+0x11a/0x170
[  520.338345] Code: 8d e5 ff f6 45 54 01 75 bc 48 8b 45 10 a8 03 75 27 65 48 ff 08 5b 5d 41 5c 41 5d 41 5e e9 7e 8d e5 ff 48 8b 45 10 a8 03 75 49 <65> 48 ff 00 e8 6d 8d e5 ff e9 51 ff ff ff 48 8b 45 18 f0 488
[  520.363046] RSP: 0018:ffff9fcc00294c98 EFLAGS: 00010246
[  520.369842] RAX: ffff893a22598580 RBX: ffff9fcc00294cc8 RCX: 0000000000000000
[  520.378313] RDX: 0000000000000000 RSI: ffff9fcc00294cc8 RDI: ffffcd5b04db68c0
[  520.386854] RBP: ffff893a3505e000 R08: 000000000000000c R09: 0000000000001000
[  520.394920] R10: ffff9fcc00294df0 R11: ffff893ac85fc940 R12: ffffcd5b04db68c0
[  520.403387] R13: ffff893a36da3108 R14: 0000000000000000 R15: 0000000000001000
[  520.412159] FS:  0000000000000000(0000) GS:ffff893e2bc80000(0000) knlGS:0000000000000000
[  520.423741] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  520.431023] CR2: 0000561b82ea2f00 CR3: 0000000136dea003 CR4: 0000000000370ee0
[  520.439861] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  520.448639] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  520.457505] Call Trace:
[  520.460841]  <IRQ>
[  520.463425]  __mem_cgroup_uncharge+0x66/0x90
[  520.468909]  __put_page+0x2d/0x40
[  520.473681]  0xffffffffc05b1807
[  520.478029]  0xffffffffc05b40a3
[  520.481641]  ? detach_buf_split+0x6c/0x130
[  520.486641]  0xffffffffc05b47a4
[  520.490499]  __napi_poll+0x2a/0x130
[  520.494837]  net_rx_action+0x24b/0x2a0
[  520.499612]  __do_softirq+0xe1/0x296
[  520.504069]  irq_exit_rcu+0x84/0xa0
[  520.508218]  common_interrupt+0x80/0xa0
[  520.513053]  </IRQ>
[  520.515977]  <TASK>
[  520.518777]  asm_common_interrupt+0x1e/0x40
[  520.524051] RIP: 0010:native_safe_halt+0xb/0x10
[  520.529823] Code: 80 48 02 20 48 8b 00 a8 08 74 83 eb c2 cc cc eb 07 0f 00 2d d9 6e 5d 00 f4 c3 0f 1f 44 00 00 eb 07 0f 00 2d c9 6e 5d 00 fb f4 <c3> cc cc cc cc 0f 1f 44 00 00 53 65 8b 15 2b 06 7e 78 66 90c
[  520.552596] RSP: 0018:ffff9fcc000cbec8 EFLAGS: 00000202
[  520.559248] RAX: ffffffff87834eb0 RBX: 000000000000000a RCX: ffff893e2bc9be40
[  520.567815] RDX: ffff893e2bcacfe0 RSI: 7fffff8708ca87a1 RDI: 00000000000c38a8
[  520.576742] RBP: ffff893a003dbf00 R08: 00000000000c38a7 R09: 00000078f7633f1e
[  520.585745] R10: 0000000000000001 R11: 0000000000000001 R12: ffff893a003dbf00
[  520.593716] R13: ffff893a003dbf00 R14: 0000000000000000 R15: 0000000000000000
[  520.601770]  ? __cpuidle_text_start+0x8/0x8
[  520.606708]  default_idle+0xa/0x10
[  520.611437]  default_idle_call+0x31/0xc0
[  520.616562]  do_idle+0x1ef/0x240
[  520.620859]  cpu_startup_entry+0x19/0x20
[  520.626026]  start_secondary+0x119/0x150
[  520.630714]  secondary_startup_64_no_verify+0xc2/0xcb
[  520.636711]  </TASK>
[  520.639427] Modules linked in: algif_hash af_alg veth xt_socket nf_socket_ipv4 nf_socket_ipv6 ip6table_filter ip6table_raw ip6table_mangle ip6_tables iptable_raw iptable_mangle xt_MASQUERADE xt_conntrack xc
[  520.744070] BUG: unable to handle page fault for address: ffff893a1c054000
:     52502.029.367184] 4g3e7ne7ra]l  pr-ot-ec-ti[o en nfadul t,t prroabacble 6dc7y for non-canonical add78rdesbsb 05xfcf3fdf1276814ee 2]1-85-8-0
  00[0 0  [5#210] SM.P7 5PT3093] #PF: supervisor write access in kernel mode
[  520.761981] RIP: 0010:uncharge_page+0x11a/0x170
[  520.768107] #PF: error_code(0x0003) - permissions violation
[  520.773417] Code: 8d e5 ff f6 45 54 01 75 bc 48 8b 45 10 a8 03 75 27 65 48 ff 08 5b 5d 41 5c 41 5d 41 5e e9 7e 8d e5 ff 48 8b 45 10 a8 03 75 49 <65> 48 ff 00 e8 6d 8d e5 ff e9 51 ff ff ff 48 8b 45 18 f0 488
[  520.779352] PGD 1c8e01067 P4D 1c8e01067 PUD 100b40063 PMD 1397c3063 PTE 800000011c054161
[  520.799732] RSP: 0018:ffff9fcc00294c98 EFLAGS: 00010246
[  520.808476] Oops: 0003 [#2] SMP PTI
[  520.808627]
[  520.814189] CPU: 0 PID: 7141 Comm: dockerd Tainted: G      D           5.15.32-flatcar #1
[  520.818272] RAX: ffff893a22598580 RBX: ffff9fcc00294cc8 RCX: 0000000000000000
[  520.819827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
[  520.829165] RDX: 0000000000000000 RSI: ffff9fcc00294cc8 RDI: ffffcd5b04db68c0
[  520.836706] RIP: 0010:clear_page_erms+0x7/0x10
[  520.850425] RBP: ffff893a3505e000 R08: 000000000000000c R09: 0000000000001000
[  520.859183] Code: 48 89 47 18 48 89 47 20 48 89 47 28 48 89 47 30 48 89 47 38 48 8d 7f 40 75 d9 90 c3 0f 1f 80 00 00 00 00 b9 00 10 00 00 31 c0 <f3> aa c3 cc cc cc cc cc cc 0f 1f 44 00 00 48 85 ff 0f 84 f20
[  520.865186] R10: ffff9fcc00294df0 R11: ffff893ac85fc940 R12: ffffcd5b04db68c0
[  520.874086] RSP: 0018:ffff9fcc0175faa8 EFLAGS: 00010246
[  520.874093] RAX: 0000000000000000 RBX: ffffcd5b04701500 RCX: 0000000000001000
[  520.874095] RDX: ffffcd5b04701500 RSI: ffff893a3cee9f80 RDI: ffff893a1c054000
[  520.874097] RBP: 0000000000500dc0 R08: ffffcd5b04701540 R09: 0000000000000000
[  520.896457] R13: ffff893a36da3108 R14: 0000000000000000 R15: 0000000000001000
[  520.903855] R10: 0000000000000293 R11: ffff893e2ba30c70 R12: 0000000000000000
[  520.910209] FS:  0000000000000000(0000) GS:ffff893e2bc80000(0000) knlGS:0000000000000000
[  520.918749] R13: 0000000000000901 R14: ffff893e2ba29688 R15: 0000000000000000
[  520.927353] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  520.935856] FS:  00007fda9affd640(0000) GS:ffff893e2ba00000(0000) knlGS:0000000000000000
[  520.944061] CR2: 0000561b82ea2f00 CR3: 0000000136dea003 CR4: 0000000000370ee0
[  520.952508] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  520.962629] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  520.971774] CR2: ffff893a1c054000 CR3: 0000000101032004 CR4: 0000000000370ef0
[  520.978576] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  520.989157] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  520.996976] Kernel panic - not syncing: Fatal exception in interrupt
[  521.004219] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  521.054549] Call Trace:
[  521.057530]  <TASK>
[  521.060298]  kernel_init_free_pages.part.0+0x46/0x60
[  521.066664]  prep_new_page+0x6c/0x80
[  521.070909]  get_page_from_freelist+0xa6f/0xc70
[  521.076228]  __alloc_pages+0x181/0x310
[  521.081133]  __get_free_pages+0xd/0x30
[  521.085438]  __pud_alloc+0x2c/0x110
[  521.089573]  __handle_mm_fault+0x7de/0x1370
[  521.094367]  handle_mm_fault+0xcf/0x2a0
[  521.099230]  __get_user_pages+0x210/0x680
[  521.104299]  __get_user_pages_remote+0xda/0x330
[  521.109385]  get_arg_page+0x5f/0x100
[  521.113456]  copy_string_kernel+0x100/0x1e0
[  521.118206]  do_execveat_common.isra.0+0x109/0x1d0
[  521.123657]  __x64_sys_execve+0x33/0x40
[  521.127999]  do_syscall_64+0x3b/0x90
[  521.132146]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[  521.137640] RIP: 0033:0x55ea4a3e74d6
[  521.141598] Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 1b 48 c7 44 24 28 ff ff ff ff 48 c7 440
[  521.163987] RSP: 002b:000000c0017e6868 EFLAGS: 00000206 ORIG_RAX: 000000000000003b
[  521.173370] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 000055ea4a3e74d6
[  521.181649] RDX: 000000c0018cc000 RSI: 000000c000952228 RDI: 000000c000160200
[  521.189774] RBP: 000000c0017e6a10 R08: 0000000000000052 R09: 0000000000000000
[  521.198755] R10: 0000000000000008 R11: 0000000000000206 R12: 000055ea4a3db931
[  521.207146] R13: 0000000000000001 R14: 000000c0012704e0 R15: ffffffffffffffff
[  521.214837]  </TASK>
[  521.217448] Modules linked in: algif_hash af_alg veth xt_socket nf_socket_ipv4 nf_socket_ipv6 ip6table_filter ip6table_raw ip6table_mangle ip6_tables iptable_raw iptable_mangle xt_MASQUERADE xt_conntrack xc
[  521.315858] CR2: ffff893a1c054000
[  521.320959] ---[ end trace 6dc778dbb5c3d61f ]---
[  521.327623] RIP: 0010:uncharge_page+0x11a/0x170
[  521.333146] Code: 8d e5 ff f6 45 54 01 75 bc 48 8b 45 10 a8 03 75 27 65 48 ff 08 5b 5d 41 5c 41 5d 41 5e e9 7e 8d e5 ff 48 8b 45 10 a8 03 75 49 <65> 48 ff 00 e8 6d 8d e5 ff e9 51 ff ff ff 48 8b 45 18 f0 488
[  521.356648] RSP: 0018:ffff9fcc00294c98 EFLAGS: 00010246
[  521.362798] RAX: ffff893a22598580 RBX: ffff9fcc00294cc8 RCX: 0000000000000000
[  521.371761] RDX: 0000000000000000 RSI: ffff9fcc00294cc8 RDI: ffffcd5b04db68c0
[  521.380494] RBP: ffff893a3505e000 R08: 000000000000000c R09: 0000000000001000
[  521.389813] R10: ffff9fcc00294df0 R11: ffff893ac85fc940 R12: ffffcd5b04db68c0
[  521.398655] R13: ffff893a36da3108 R14: 0000000000000000 R15: 0000000000001000
[  521.407056] FS:  00007fda9affd640(0000) GS:ffff893e2ba00000(0000) knlGS:0000000000000000
[  521.417495] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  521.425198] CR2: ffff893a1c054000 CR3: 0000000101032004 CR4: 0000000000370ef0
[  521.434272] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  521.444319] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  522.132705] Shutting down cpus with NMI
[  522.137871] Kernel Offset: 0x6000000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  522.149691] Rebooting in 10 seconds..

Anything else?

helm values.yaml

bgp:
  announce:
    loadbalancerIP: true
  enabled: true
bpf:
  hostRouting: true
cni:
  chainingMode: "generic-veth"
  customConf: true
datapathMode: "veth"
devices: "eth+ eno1+ eno2+"
enableIdentityMark: false
enableIPv4Masquerade: false
externalIPs:
  enabled: true
hostPort:
  enabled: false
hostServices:
  enabled: true
  hostNamespaceOnly: true
hubble:
  relay:
    enabled: true
    tls:
      server:
        enabled: true
    rollOutPods: true
    resources:
      requests:
        cpu: 100m
        memory: 200Mi
  tls:
    auto:
      method: "cronJob"
  metrics:
    enabled:
      - "dns"
      - "drop:destinationContext=pod|dns|ip;sourceContext=pod|dns|ip"
      - "tcp"
      - "flow:destinationContext=pod|dns|ip;sourceContext=pod|dns|ip"
      - "icmp"
      - "http"
k8sServiceHost: 127.0.0.1
k8sServicePort: 16443
kubeProxyReplacement: "partial"
loadBalancer:
  acceleration: native
  algorithm: maglev
  mode: dsr
maglev:
  hashSeed: 3HCx6JennjWtot2U
nodePort:
  directRoutingDevice: "e+"
  enabled: true
operator:
  rollOutPods: true
  prometheus:
    enabled: true
  resources:
    requests:
      cpu: 100m
      memory: 200Mi
policyAuditMode: false
policyEnforcementMode: "default"
prometheus:
  enabled: true
rollOutCiliumPods: true
resources:
  requests:
    cpu: 100m
    memory: 400Mi
tunnel: "disabled"

Code of Conduct

I agree to follow this project's Code of Conduct

The text was updated successfully, but these errors were encountered:

ysksuzuki · 2022-04-15T05:39:28Z

cilium-agent log

level=info msg="Started gops server" address="127.0.0.1:9890" subsys=daemon
level=info msg="Memory available for map entries (0.003% of 20984954880B): 52462387B" subsys=config
level=info msg="option bpf-ct-global-tcp-max set by dynamic sizing to 184078" subsys=config
level=info msg="option bpf-ct-global-any-max set by dynamic sizing to 92039" subsys=config
level=info msg="option bpf-nat-global-max set by dynamic sizing to 184078" subsys=config
level=info msg="option bpf-neigh-global-max set by dynamic sizing to 184078" subsys=config
level=info msg="option bpf-sock-rev-map-max set by dynamic sizing to 92039" subsys=config
level=info msg="  --agent-health-port='9876'" subsys=daemon
level=info msg="  --agent-labels=''" subsys=daemon
level=info msg="  --allocator-list-timeout='3m0s'" subsys=daemon
level=info msg="  --allow-icmp-frag-needed='true'" subsys=daemon
level=info msg="  --allow-localhost='auto'" subsys=daemon
level=info msg="  --annotate-k8s-node='true'" subsys=daemon
level=info msg="  --api-rate-limit=''" subsys=daemon
level=info msg="  --arping-refresh-period='30s'" subsys=daemon
level=info msg="  --auto-create-cilium-node-resource='true'" subsys=daemon
level=info msg="  --auto-direct-node-routes='false'" subsys=daemon
level=info msg="  --bgp-announce-lb-ip='true'" subsys=daemon
level=info msg="  --bgp-announce-pod-cidr='false'" subsys=daemon
level=info msg="  --bgp-config-path='/var/lib/cilium/bgp/config.yaml'" subsys=daemon
level=info msg="  --bpf-ct-global-any-max='262144'" subsys=daemon
level=info msg="  --bpf-ct-global-tcp-max='524288'" subsys=daemon
level=info msg="  --bpf-ct-timeout-regular-any='1m0s'" subsys=daemon
level=info msg="  --bpf-ct-timeout-regular-tcp='6h0m0s'" subsys=daemon
level=info msg="  --bpf-ct-timeout-regular-tcp-fin='10s'" subsys=daemon
level=info msg="  --bpf-ct-timeout-regular-tcp-syn='1m0s'" subsys=daemon
level=info msg="  --bpf-ct-timeout-service-any='1m0s'" subsys=daemon
level=info msg="  --bpf-ct-timeout-service-tcp='6h0m0s'" subsys=daemon
level=info msg="  --bpf-fragments-map-max='8192'" subsys=daemon
level=info msg="  --bpf-lb-acceleration='native'" subsys=daemon
level=info msg="  --bpf-lb-algorithm='maglev'" subsys=daemon
level=info msg="  --bpf-lb-bypass-fib-lookup='false'" subsys=daemon
level=info msg="  --bpf-lb-dev-ip-addr-inherit=''" subsys=daemon
level=info msg="  --bpf-lb-dsr-dispatch='opt'" subsys=daemon
level=info msg="  --bpf-lb-dsr-l4-xlate='frontend'" subsys=daemon
level=info msg="  --bpf-lb-external-clusterip='false'" subsys=daemon
level=info msg="  --bpf-lb-maglev-hash-seed='3HCx6JennjWtot2U'" subsys=daemon
level=info msg="  --bpf-lb-maglev-table-size='16381'" subsys=daemon
level=info msg="  --bpf-lb-map-max='65536'" subsys=daemon
level=info msg="  --bpf-lb-mode='dsr'" subsys=daemon
level=info msg="  --bpf-lb-rss-ipv4-src-cidr=''" subsys=daemon
level=info msg="  --bpf-lb-rss-ipv6-src-cidr=''" subsys=daemon
level=info msg="  --bpf-lb-sock-hostns-only='true'" subsys=daemon
level=info msg="  --bpf-map-dynamic-size-ratio='0.0025'" subsys=daemon
level=info msg="  --bpf-nat-global-max='524288'" subsys=daemon
level=info msg="  --bpf-neigh-global-max='524288'" subsys=daemon
level=info msg="  --bpf-policy-map-max='16384'" subsys=daemon
level=info msg="  --bpf-root=''" subsys=daemon
level=info msg="  --bpf-sock-rev-map-max='262144'" subsys=daemon
level=info msg="  --bypass-ip-availability-upon-restore='false'" subsys=daemon
level=info msg="  --certificates-directory='/var/run/cilium/certs'" subsys=daemon
level=info msg="  --cflags=''" subsys=daemon
level=info msg="  --cgroup-root='/run/cilium/cgroupv2'" subsys=daemon
level=info msg="  --cluster-health-port='4240'" subsys=daemon
level=info msg="  --cluster-id=''" subsys=daemon
level=info msg="  --cluster-name='default'" subsys=daemon
level=info msg="  --clustermesh-config='/var/lib/cilium/clustermesh/'" subsys=daemon
level=info msg="  --cmdref=''" subsys=daemon
level=info msg="  --config=''" subsys=daemon
level=info msg="  --config-dir='/tmp/cilium/config-map'" subsys=daemon
level=info msg="  --conntrack-gc-interval='0s'" subsys=daemon
level=info msg="  --crd-wait-timeout='5m0s'" subsys=daemon
level=info msg="  --datapath-mode='veth'" subsys=daemon
level=info msg="  --debug='true'" subsys=daemon
level=info msg="  --debug-verbose=''" subsys=daemon
level=info msg="  --derive-masquerade-ip-addr-from-device=''" subsys=daemon
level=info msg="  --devices='eth+,eno1+,eno2+'" subsys=daemon
level=info msg="  --direct-routing-device='e+'" subsys=daemon
level=info msg="  --disable-cnp-status-updates='true'" subsys=daemon
level=info msg="  --disable-conntrack='false'" subsys=daemon
level=info msg="  --disable-endpoint-crd='false'" subsys=daemon
level=info msg="  --disable-envoy-version-check='false'" subsys=daemon
level=info msg="  --disable-iptables-feeder-rules=''" subsys=daemon
level=info msg="  --dns-max-ips-per-restored-rule='1000'" subsys=daemon
level=info msg="  --egress-masquerade-interfaces=''" subsys=daemon
level=info msg="  --egress-multi-home-ip-rule-compat='false'" subsys=daemon
level=info msg="  --enable-auto-protect-node-port-range='true'" subsys=daemon
level=info msg="  --enable-bandwidth-manager='false'" subsys=daemon
level=info msg="  --enable-bpf-clock-probe='true'" subsys=daemon
level=info msg="  --enable-bpf-masquerade='false'" subsys=daemon
level=info msg="  --enable-bpf-tproxy='false'" subsys=daemon
level=info msg="  --enable-cilium-endpoint-slice='false'" subsys=daemon
level=info msg="  --enable-custom-calls='false'" subsys=daemon
level=info msg="  --enable-endpoint-health-checking='false'" subsys=daemon
level=info msg="  --enable-endpoint-routes='false'" subsys=daemon
level=info msg="  --enable-external-ips='true'" subsys=daemon
level=info msg="  --enable-health-check-nodeport='true'" subsys=daemon
level=info msg="  --enable-health-checking='true'" subsys=daemon
level=info msg="  --enable-host-firewall='false'" subsys=daemon
level=info msg="  --enable-host-legacy-routing='true'" subsys=daemon
level=info msg="  --enable-host-port='false'" subsys=daemon
level=info msg="  --enable-host-reachable-services='true'" subsys=daemon
level=info msg="  --enable-hubble='true'" subsys=daemon
level=info msg="  --enable-hubble-recorder-api='true'" subsys=daemon
level=info msg="  --enable-icmp-rules='false'" subsys=daemon
level=info msg="  --enable-identity-mark='false'" subsys=daemon
level=info msg="  --enable-ip-masq-agent='false'" subsys=daemon
level=info msg="  --enable-ipsec='false'" subsys=daemon
level=info msg="  --enable-ipv4='true'" subsys=daemon
level=info msg="  --enable-ipv4-egress-gateway='false'" subsys=daemon
level=info msg="  --enable-ipv4-fragment-tracking='true'" subsys=daemon
level=info msg="  --enable-ipv4-masquerade='false'" subsys=daemon
level=info msg="  --enable-ipv6='false'" subsys=daemon
level=info msg="  --enable-ipv6-masquerade='true'" subsys=daemon
level=info msg="  --enable-ipv6-ndp='false'" subsys=daemon
level=info msg="  --enable-k8s-api-discovery='false'" subsys=daemon
level=info msg="  --enable-k8s-endpoint-slice='true'" subsys=daemon
level=info msg="  --enable-k8s-event-handover='false'" subsys=daemon
level=info msg="  --enable-k8s-terminating-endpoint='true'" subsys=daemon
level=info msg="  --enable-l2-neigh-discovery='true'" subsys=daemon
level=info msg="  --enable-l7-proxy='true'" subsys=daemon
level=info msg="  --enable-local-node-route='false'" subsys=daemon
level=info msg="  --enable-local-redirect-policy='false'" subsys=daemon
level=info msg="  --enable-mke='false'" subsys=daemon
level=info msg="  --enable-monitor='true'" subsys=daemon
level=info msg="  --enable-node-port='true'" subsys=daemon
level=info msg="  --enable-policy='default'" subsys=daemon
level=info msg="  --enable-recorder='false'" subsys=daemon
level=info msg="  --enable-remote-node-identity='true'" subsys=daemon
level=info msg="  --enable-selective-regeneration='true'" subsys=daemon
level=info msg="  --enable-service-topology='false'" subsys=daemon
level=info msg="  --enable-session-affinity='true'" subsys=daemon
level=info msg="  --enable-svc-source-range-check='true'" subsys=daemon
level=info msg="  --enable-tracing='false'" subsys=daemon
level=info msg="  --enable-well-known-identities='false'" subsys=daemon
level=info msg="  --enable-wireguard='false'" subsys=daemon
level=info msg="  --enable-wireguard-userspace-fallback='false'" subsys=daemon
level=info msg="  --enable-xdp-prefilter='false'" subsys=daemon
level=info msg="  --enable-xt-socket-fallback='true'" subsys=daemon
level=info msg="  --encrypt-interface=''" subsys=daemon
level=info msg="  --encrypt-node='false'" subsys=daemon
level=info msg="  --endpoint-gc-interval='5m0s'" subsys=daemon
level=info msg="  --endpoint-interface-name-prefix='lxc+'" subsys=daemon
level=info msg="  --endpoint-queue-size='25'" subsys=daemon
level=info msg="  --endpoint-status=''" subsys=daemon
level=info msg="  --envoy-log=''" subsys=daemon
level=info msg="  --exclude-local-address=''" subsys=daemon
level=info msg="  --fixed-identity-mapping=''" subsys=daemon
level=info msg="  --force-local-policy-eval-at-source='true'" subsys=daemon
level=info msg="  --gops-port='9890'" subsys=daemon
level=info msg="  --host-reachable-services-protos='tcp,udp'" subsys=daemon
level=info msg="  --http-403-msg=''" subsys=daemon
level=info msg="  --http-idle-timeout='0'" subsys=daemon
level=info msg="  --http-max-grpc-timeout='0'" subsys=daemon
level=info msg="  --http-normalize-path='true'" subsys=daemon
level=info msg="  --http-request-timeout='3600'" subsys=daemon
level=info msg="  --http-retry-count='3'" subsys=daemon
level=info msg="  --http-retry-timeout='0'" subsys=daemon
level=info msg="  --hubble-disable-tls='false'" subsys=daemon
level=info msg="  --hubble-event-buffer-capacity='4095'" subsys=daemon
level=info msg="  --hubble-event-queue-size='0'" subsys=daemon
level=info msg="  --hubble-export-file-compress='false'" subsys=daemon
level=info msg="  --hubble-export-file-max-backups='5'" subsys=daemon
level=info msg="  --hubble-export-file-max-size-mb='10'" subsys=daemon
level=info msg="  --hubble-export-file-path=''" subsys=daemon
level=info msg="  --hubble-listen-address=':4244'" subsys=daemon
level=info msg="  --hubble-metrics='dns,drop:destinationContext=pod|dns|ip;sourceContext=pod|dns|ip,tcp,flow:destinationContext=pod|dns|ip;sourceContext=pod|dns|ip,icmp,http'" subsys=daemon
level=info msg="  --hubble-metrics-server=':9091'" subsys=daemon
level=info msg="  --hubble-recorder-sink-queue-size='1024'" subsys=daemon
level=info msg="  --hubble-recorder-storage-path='/var/run/cilium/pcaps'" subsys=daemon
level=info msg="  --hubble-socket-path='/var/run/cilium/hubble.sock'" subsys=daemon
level=info msg="  --hubble-tls-cert-file='/var/lib/cilium/tls/hubble/server.crt'" subsys=daemon
level=info msg="  --hubble-tls-client-ca-files='/var/lib/cilium/tls/hubble/client-ca.crt'" subsys=daemon
level=info msg="  --hubble-tls-key-file='/var/lib/cilium/tls/hubble/server.key'" subsys=daemon
level=info msg="  --identity-allocation-mode='crd'" subsys=daemon
level=info msg="  --identity-change-grace-period='5s'" subsys=daemon
level=info msg="  --install-iptables-rules='true'" subsys=daemon
level=info msg="  --install-no-conntrack-iptables-rules='false'" subsys=daemon
level=info msg="  --ip-allocation-timeout='2m0s'" subsys=daemon
level=info msg="  --ip-masq-agent-config-path='/etc/config/ip-masq-agent'" subsys=daemon
level=info msg="  --ipam='cluster-pool'" subsys=daemon
level=info msg="  --ipsec-key-file=''" subsys=daemon
level=info msg="  --iptables-lock-timeout='5s'" subsys=daemon
level=info msg="  --iptables-random-fully='false'" subsys=daemon
level=info msg="  --ipv4-native-routing-cidr=''" subsys=daemon
level=info msg="  --ipv4-node='auto'" subsys=daemon
level=info msg="  --ipv4-pod-subnets=''" subsys=daemon
level=info msg="  --ipv4-range='auto'" subsys=daemon
level=info msg="  --ipv4-service-loopback-address='169.254.42.1'" subsys=daemon
level=info msg="  --ipv4-service-range='auto'" subsys=daemon
level=info msg="  --ipv6-cluster-alloc-cidr='f00d::/64'" subsys=daemon
level=info msg="  --ipv6-mcast-device=''" subsys=daemon
level=info msg="  --ipv6-node='auto'" subsys=daemon
level=info msg="  --ipv6-pod-subnets=''" subsys=daemon
level=info msg="  --ipv6-range='auto'" subsys=daemon
level=info msg="  --ipv6-service-range='auto'" subsys=daemon
level=info msg="  --ipvlan-master-device='undefined'" subsys=daemon
level=info msg="  --join-cluster='false'" subsys=daemon
level=info msg="  --k8s-api-server=''" subsys=daemon
level=info msg="  --k8s-heartbeat-timeout='30s'" subsys=daemon
level=info msg="  --k8s-kubeconfig-path=''" subsys=daemon
level=info msg="  --k8s-namespace='kube-system'" subsys=daemon
level=info msg="  --k8s-require-ipv4-pod-cidr='false'" subsys=daemon
level=info msg="  --k8s-require-ipv6-pod-cidr='false'" subsys=daemon
level=info msg="  --k8s-service-cache-size='128'" subsys=daemon
level=info msg="  --k8s-service-proxy-name=''" subsys=daemon
level=info msg="  --k8s-sync-timeout='3m0s'" subsys=daemon
level=info msg="  --k8s-watcher-endpoint-selector='metadata.name!=kube-scheduler,metadata.name!=kube-controller-manager,metadata.name!=etcd-operator,metadata.name!=gcp-controller-manager'" subsys=daemon
level=info msg="  --keep-config='false'" subsys=daemon
level=info msg="  --kube-proxy-replacement='partial'" subsys=daemon
level=info msg="  --kube-proxy-replacement-healthz-bind-address=''" subsys=daemon
level=info msg="  --kvstore=''" subsys=daemon
level=info msg="  --kvstore-connectivity-timeout='2m0s'" subsys=daemon
level=info msg="  --kvstore-lease-ttl='15m0s'" subsys=daemon
level=info msg="  --kvstore-max-consecutive-quorum-errors='2'" subsys=daemon
level=info msg="  --kvstore-opt=''" subsys=daemon
level=info msg="  --kvstore-periodic-sync='5m0s'" subsys=daemon
level=info msg="  --label-prefix-file=''" subsys=daemon
level=info msg="  --labels=''" subsys=daemon
level=info msg="  --lib-dir='/var/lib/cilium'" subsys=daemon
level=info msg="  --local-router-ipv4=''" subsys=daemon
level=info msg="  --local-router-ipv6=''" subsys=daemon
level=info msg="  --log-driver=''" subsys=daemon
level=info msg="  --log-opt=''" subsys=daemon
level=info msg="  --log-system-load='false'" subsys=daemon
level=info msg="  --max-controller-interval='0'" subsys=daemon
level=info msg="  --metrics=''" subsys=daemon
level=info msg="  --mke-cgroup-mount=''" subsys=daemon
level=info msg="  --monitor-aggregation='medium'" subsys=daemon
level=info msg="  --monitor-aggregation-flags='all'" subsys=daemon
level=info msg="  --monitor-aggregation-interval='5s'" subsys=daemon
level=info msg="  --monitor-queue-size='0'" subsys=daemon
level=info msg="  --mtu='0'" subsys=daemon
level=info msg="  --nat46-range='0:0:0:0:0:FFFF::/96'" subsys=daemon
level=info msg="  --native-routing-cidr=''" subsys=daemon
level=info msg="  --node-port-acceleration='disabled'" subsys=daemon
level=info msg="  --node-port-algorithm='random'" subsys=daemon
level=info msg="  --node-port-bind-protection='true'" subsys=daemon
level=info msg="  --node-port-mode='snat'" subsys=daemon
level=info msg="  --node-port-range='30000,32767'" subsys=daemon
level=info msg="  --policy-audit-mode='false'" subsys=daemon
level=info msg="  --policy-queue-size='100'" subsys=daemon
level=info msg="  --policy-trigger-interval='1s'" subsys=daemon
level=info msg="  --pprof='false'" subsys=daemon
level=info msg="  --pprof-port='6060'" subsys=daemon
level=info msg="  --preallocate-bpf-maps='false'" subsys=daemon
level=info msg="  --prefilter-device='undefined'" subsys=daemon
level=info msg="  --prefilter-mode='native'" subsys=daemon
level=info msg="  --prepend-iptables-chains='true'" subsys=daemon
level=info msg="  --prometheus-serve-addr=':9090'" subsys=daemon
level=info msg="  --proxy-connect-timeout='1'" subsys=daemon
level=info msg="  --proxy-prometheus-port='9095'" subsys=daemon
level=info msg="  --read-cni-conf=''" subsys=daemon
level=info msg="  --restore='true'" subsys=daemon
level=info msg="  --route-metric='0'" subsys=daemon
level=info msg="  --sidecar-istio-proxy-image='cilium/istio_proxy'" subsys=daemon
level=info msg="  --single-cluster-route='false'" subsys=daemon
level=info msg="  --socket-path='/var/run/cilium/cilium.sock'" subsys=daemon
level=info msg="  --sockops-enable='false'" subsys=daemon
level=info msg="  --state-dir='/var/run/cilium'" subsys=daemon
level=info msg="  --tofqdns-dns-reject-response-code='refused'" subsys=daemon
level=info msg="  --tofqdns-enable-dns-compression='true'" subsys=daemon
level=info msg="  --tofqdns-endpoint-max-ip-per-hostname='50'" subsys=daemon
level=info msg="  --tofqdns-idle-connection-grace-period='0s'" subsys=daemon
level=info msg="  --tofqdns-max-deferred-connection-deletes='10000'" subsys=daemon
level=info msg="  --tofqdns-min-ttl='0'" subsys=daemon
level=info msg="  --tofqdns-pre-cache=''" subsys=daemon
level=info msg="  --tofqdns-proxy-port='0'" subsys=daemon
level=info msg="  --tofqdns-proxy-response-max-delay='100ms'" subsys=daemon
level=info msg="  --trace-payloadlen='128'" subsys=daemon
level=info msg="  --tunnel='disabled'" subsys=daemon
level=info msg="  --tunnel-port='0'" subsys=daemon
level=info msg="  --version='false'" subsys=daemon
level=info msg="  --vlan-bpf-bypass=''" subsys=daemon
level=info msg="  --write-cni-conf-when-ready=''" subsys=daemon
level=info msg="     _ _ _" subsys=daemon
level=info msg=" ___|_| |_|_ _ _____" subsys=daemon
level=info msg="|  _| | | | | |     |" subsys=daemon
level=info msg="|___|_|_|_|___|_|_|_|" subsys=daemon
level=info msg="Cilium 1.11.3 62aa82d542 2022-03-26T01:56:48+01:00 go version go1.17.8 linux/amd64" subsys=daemon
level=info msg="cilium-envoy  version: 9c0d933166ba192713f9e2fc3901f788557286ee/1.21.1/Distribution/RELEASE/BoringSSL" subsys=daemon
level=info msg="clang (10.0.0) and kernel (5.15.32) versions: OK!" subsys=linux-datapath
level=info msg="linking environment: OK!" subsys=linux-datapath
level=info msg="Detected mounted BPF filesystem at /sys/fs/bpf" subsys=bpf
level=info msg="Mounted cgroupv2 filesystem at /run/cilium/cgroupv2" subsys=cgroups
level=info msg="Parsing base label prefixes from default label list" subsys=labels-filter
level=info msg="Parsing additional label prefixes from user inputs: []" subsys=labels-filter
level=info msg="Final label prefixes to be used for identity evaluation:" subsys=labels-filter
level=info msg=" - reserved:.*" subsys=labels-filter
level=info msg=" - :io\\.kubernetes\\.pod\\.namespace" subsys=labels-filter
level=info msg=" - :io\\.cilium\\.k8s\\.namespace\\.labels" subsys=labels-filter
level=info msg=" - :app\\.kubernetes\\.io" subsys=labels-filter
level=info msg=" - !:io\\.kubernetes" subsys=labels-filter
level=info msg=" - !:kubernetes\\.io" subsys=labels-filter
level=info msg=" - !:.*beta\\.kubernetes\\.io" subsys=labels-filter
level=info msg=" - !:k8s\\.io" subsys=labels-filter
level=info msg=" - !:pod-template-generation" subsys=labels-filter
level=info msg=" - !:pod-template-hash" subsys=labels-filter
level=info msg=" - !:controller-revision-hash" subsys=labels-filter
level=info msg=" - !:annotation.*" subsys=labels-filter
level=info msg=" - !:etcd_node" subsys=labels-filter
level=info msg="Using autogenerated IPv4 allocation range" subsys=node v4Prefix=10.133.0.0/16
level=info msg="Initializing daemon" subsys=daemon
level=info msg="Establishing connection to apiserver" host="https://127.0.0.1:16443" subsys=k8s
level=info msg="Connected to apiserver" subsys=k8s
level=debug msg="Starting new controller" name=k8s-heartbeat subsys=controller uuid=cbf67811-478d-4a18-81ed-ca3496a77fcc
level=debug msg="Controller func execution time: 1.466µs" name=k8s-heartbeat subsys=controller uuid=cbf67811-478d-4a18-81ed-ca3496a77fcc
level=debug msg="Skipping Leases support fallback discovery" subsys=k8s
level=debug msg="Starting new controller" name=endpoint-gc subsys=controller uuid=2d4a23dc-6044-4fc1-8bb8-c79636a80d7b
level=debug msg="Controller func execution time: 1.933µs" name=endpoint-gc subsys=controller uuid=2d4a23dc-6044-4fc1-8bb8-c79636a80d7b
level=info msg="Inheriting MTU from external network interface" device=node0 ipAddr=10.69.1.133 mtu=1500 subsys=mtu
level=debug msg="creating new EventQueue" name=config-modify-queue numBufferedEvents=10 subsys=eventqueue
level=debug msg="getting identity cache for identity allocator manager" subsys=identity-cache
level=debug msg="creating new EventQueue" name=repository-change-queue numBufferedEvents=100 subsys=eventqueue
level=debug msg="creating new EventQueue" name=repository-reaction-queue numBufferedEvents=100 subsys=eventqueue
level=debug msg="event startUpdate msg start of config update" subsys=bgp-speaker
level=debug msg="Performing regular background work" subsys=nodemanager syncInterval=1m0s
level=debug msg="event peerAdded peer 127.0.0.1 msg peer configured, starting BGP session" subsys=bgp-speaker
level=debug msg="event endUpdate msg end of config update" subsys=bgp-speaker
level=info msg="Started BGP speaker" subsys=bgp-speaker
struct { Version uint8; ASN16 uint16; HoldTime uint16; RouterID uint32; OptsLen uint8 }{Version:0x4, ASN16:0xfcbb, HoldTime:0xf0, RouterID:0xa450185, OptsLen:0x18}
level=debug msg="peer 127.0.0.1:179 localASN peerASN event sessionUp msg BGP session established" subsys=bgp-speaker
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lxc subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ipcache subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_metrics subsys=ebpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_reverse_sk subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_reverse_sk subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_services_v2 subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_backends_v2 subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_reverse_nat subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_events subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_events subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_signals subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_signals subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_call_policy subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_call_policy subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ct4_global subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ct4_global subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ct_any4_global subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ct_any4_global subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_snat_v4_external subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_snat_v4_external subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_nodeport_neigh4 subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_nodeport_neigh4 subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ipv4_frag_datagrams subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_ipv4_frag_datagrams subsys=bpf
level=debug msg="Starting new controller" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="Controller func execution time: 51.9µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb_affinity_match subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_affinity subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_source_range subsys=bpf
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_lb4_maglev subsys=ebpf
level=info msg="Restored services from maps" failed=0 restored=0 subsys=service
level=info msg="Envoy: Starting xDS gRPC server listening on /var/run/cilium/xds.sock" subsys=envoy-manager
level=info msg="Reading old endpoints..." subsys=daemon
level=info msg="No old endpoints found." subsys=daemon
level=debug msg="Starting new controller" name=dns-garbage-collector-job subsys=controller uuid=af7e896c-7dfd-4fb7-8375-992bb7b7bbd9
level=debug msg="Controller func execution time: 5.172µs" name=dns-garbage-collector-job subsys=controller uuid=af7e896c-7dfd-4fb7-8375-992bb7b7bbd9
level=debug msg="DNS Proxy port is configured to 0. A random port will be assigned by the OS." subsys=fqdn/dnsproxy
level=debug msg="DNS Proxy bound to address" address="[::]:45629" subsys=fqdn/dnsproxy
level=info msg="Waiting until all Cilium CRDs are available" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="crd:ciliumclusterwidenetworkpolicies.cilium.io" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="crd:ciliumnetworkpolicies.cilium.io" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="crd:ciliumidentities.cilium.io" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="crd:ciliumnodes.cilium.io" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="crd:ciliumendpoints.cilium.io" subsys=k8s
level=debug msg="Controller func execution time: 24.87µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="Controller func execution time: 58.094µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="Controller func execution time: 156.148µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="cache synced" kubernetesResource="crd:ciliumnodes.cilium.io" subsys=k8s
level=debug msg="cache synced" kubernetesResource="crd:ciliumidentities.cilium.io" subsys=k8s
level=debug msg="cache synced" kubernetesResource="crd:ciliumnetworkpolicies.cilium.io" subsys=k8s
level=debug msg="cache synced" kubernetesResource="crd:ciliumendpoints.cilium.io" subsys=k8s
level=debug msg="cache synced" kubernetesResource="crd:ciliumclusterwidenetworkpolicies.cilium.io" subsys=k8s
level=debug msg="Controller func execution time: 36.533µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=info msg="All Cilium CRDs have been found and are available" subsys=k8s
level=info msg="Creating or updating CiliumNode resource" node=10.69.1.133 subsys=nodediscovery
level=debug msg="waiting for cache to synchronize" kubernetesResource="core/v1::Node" subsys=k8s
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnAddNode node=10.69.1.133 subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="syncing bgp sessions" cidrs="&[]" component=MetalLBSpeaker.handleNodeEvent labels="&map[beta.kubernetes.io/arch:amd64 beta.kubernetes.io/os:linux cke.cybozu.com/index-in-rack:5 cke.cybozu.com/master:true cke.cybozu.com/rack:2 cke.cybozu.com/role:cs kubernetes.io/arch:amd64 kubernetes.io/hostname:10.69.1.133 kubernetes.io/os:linux node-role.kubernetes.io/control-plane:true node-role.kubernetes.io/cs:true node-role.kubernetes.io/master:true sabakan.cke.cybozu.com/datacenter:dc1 sabakan.cke.cybozu.com/machine-type:qemu sabakan.cke.cybozu.com/product:vm topology.kubernetes.io/zone:rack2]" subsys=bgp-speaker
level=debug msg="event nodeLabelsChanged msg Node labels changed, resyncing BGP peers" subsys=bgp-speaker
level=debug msg="cache synced" kubernetesResource="core/v1::Node" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Node" subsys=k8s
level=debug msg="Missing io.cilium.network.ipv4-cilium-host. Annotation required when IPSec Enabled" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Missing io.cilium.network.ipv6-cilium-host. Annotation required when IPSec Enabled" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv4 CIDR annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv6 CIDR annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv4 health endpoint annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv6 health endpoint annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=info msg="Successfully created CiliumNode resource" subsys=nodediscovery
level=info msg="Retrieved node information from cilium node" nodeName=10.69.1.133 subsys=k8s
level=warning msg="Waiting for k8s node information" error="required IPv4 PodCIDR not available" subsys=k8s
level=debug msg="Sleeping with exponential backoff" attempt=1 fields.time=400ms name=k8s-node-retrieval subsys=backoff
level=info msg="Retrieved node information from cilium node" nodeName=10.69.1.133 subsys=k8s
level=warning msg="Waiting for k8s node information" error="required IPv4 PodCIDR not available" subsys=k8s
level=debug msg="Sleeping with exponential backoff" attempt=2 fields.time=800ms name=k8s-node-retrieval subsys=backoff
level=info msg="Retrieved node information from cilium node" nodeName=10.69.1.133 subsys=k8s
level=info msg="Received own node information from API server" ipAddr.ipv4=10.69.1.133 ipAddr.ipv6="<nil>" k8sNodeIP=10.69.1.133 labels="map[beta.kubernetes.io/arch:amd64 beta.kubernetes.io/os:linux cke.cybozu.com/index-in-rack:5 cke.cybozu.com/master:true cke.cybozu.com/rack:2 cke.cybozu.com/role:cs kubernetes.io/arch:amd64 kubernetes.io/hostname:10.69.1.133 kubernetes.io/os:linux node-role.kubernetes.io/control-plane:true node-role.kubernetes.io/cs:true node-role.kubernetes.io/master:true sabakan.cke.cybozu.com/datacenter:dc1 sabakan.cke.cybozu.com/machine-type:qemu sabakan.cke.cybozu.com/product:vm topology.kubernetes.io/zone:rack2]" nodeName=10.69.1.133 subsys=k8s v4Prefix=10.0.1.0/24 v6Prefix="<nil>"
level=info msg="k8s mode: Allowing localhost to reach local endpoints" subsys=daemon
level=info msg="Detected devices" devices="[eth0 eth1]" subsys=daemon
level=debug msg="Registered BPF map" path=/sys/fs/bpf/tc/globals/cilium_test subsys=bpf
level=debug msg="Unregistered BPF map" path=/sys/fs/bpf/tc/globals/cilium_test subsys=bpf
level=info msg="Enabling k8s event listener" subsys=k8s-watcher
level=debug msg="waiting for cache to synchronize" kubernetesResource="core/v1::Service" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="networking.k8s.io/v1::NetworkPolicy" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="discovery/v1::EndpointSlice" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="core/v1::Namespace" subsys=k8s
level=debug msg="waiting for cache to synchronize" kubernetesResource="core/v1::Pods" subsys=k8s
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=default/kubernetes subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/hubble-metrics subsys=bgp-speaker
level=debug msg="waiting for cache to synchronize" kubernetesResource="cilium/v2::CiliumClusterwideNetworkPolicy" subsys=k8s
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateEndpointSliceV1 slice-id=default/kubernetes subsys=bgp-speaker
level=debug msg="waiting for cache to synchronize" kubernetesResource="cilium/v2::CiliumNetworkPolicy" subsys=k8s
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints="10.69.0.197:6443/TCP,10.69.0.5:6443/TCP,10.69.1.133:6443/TCP" k8sNamespace=default k8sSvcName=kubernetes old-service=nil service="frontends:[10.68.0.1]/ports=[https]/selector=map[]" subsys=k8s-watcher
level=info msg="Removing stale endpoint interfaces" subsys=daemon
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=default/kubernetes subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=info msg="Waiting until all pre-existing resources have been received" subsys=k8s-watcher
level=info msg="Skipping kvstore configuration" subsys=daemon
level=debug msg="Starting new controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateEndpointSliceV1 slice-id=internet-egress/unbound subsys=bgp-speaker
level=debug msg="waiting for cache to synchronize" kubernetesResource="cilium/v2::CiliumEndpoint" subsys=k8s
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/hubble-metrics subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from endpoint" component=MetalLBSpeaker.do endpoint-id=default/kubernetes subsys=bgp-speaker
level=debug msg="Controller func execution time: 43.819µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=info msg="Initializing node addressing" subsys=daemon
level=debug msg="Controller run failed" consecutiveErrors=1 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=internet-egress/unbound subsys=bgp-speaker
level=info msg="Initializing cluster-pool IPAM" subsys=ipam v4Prefix=10.0.1.0/24 v6Prefix="<nil>"
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from endpoint" component=MetalLBSpeaker.do endpoint-id=internet-egress/unbound subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=internet-egress/unbound subsys=bgp-speaker
level=debug msg="waiting for cache to synchronize" kubernetesResource="cilium/v2::CiliumNode" subsys=k8s
level=warning msg="Failed to remove old router IPs (restored IP: <nil>) from cilium_host. Manual intervention is required to remove all other old IPs." error="Link not found" subsys=daemon
level=info msg="Restoring endpoints..." subsys=daemon
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateEndpointSliceV1 slice-id=kube-system/hubble-metrics subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/cilium-agent subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/coilv2-webhook-service subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/hubble-relay subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/cke-etcd subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=kube-system/cluster-dns subsys=bgp-speaker
level=debug msg="adding event to queue" component=MetalLBSpeaker.OnUpdateService service-id=internet-egress/squid subsys=bgp-speaker
level=info msg="Endpoints restored" failed=0 restored=0 subsys=daemon
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from endpoint" component=MetalLBSpeaker.do endpoint-id=kube-system/hubble-metrics subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="Allocated random IP" ip=10.0.1.18 owner=router subsys=ipam
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/cilium-agent subsys=bgp-speaker
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/coilv2-webhook-service subsys=bgp-speaker
level=info msg="Addressing information:" subsys=daemon
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=info msg="  Cluster-Name: default" subsys=daemon
level=info msg="  Cluster-ID: 0" subsys=daemon
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/hubble-relay subsys=bgp-speaker
level=info msg="  Local node-name: 10.69.1.133" subsys=daemon
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=info msg="  Node-IPv6: <nil>" subsys=daemon
level=info msg="  External-Node IPv4: 10.69.1.133" subsys=daemon
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/cke-etcd subsys=bgp-speaker
level=info msg="  Internal-Node IPv4: 10.0.1.18" subsys=daemon
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=info msg="  IPv4 allocation prefix: 10.0.1.0/24" subsys=daemon
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=kube-system/cluster-dns subsys=bgp-speaker
level=info msg="  Loopback IPv4: 169.254.42.1" subsys=daemon
level=info msg="processing new event." component=MetalLBSpeaker.run subsys=bgp-speaker
level=debug msg="announcing load balancer from service" component=MetalLBSpeaker.do service-id=internet-egress/squid subsys=bgp-speaker
level=debug msg="event startUpdate msg start of service update" subsys=bgp-speaker
level=debug msg="event endUpdate msg end of service update" subsys=bgp-speaker
level=debug msg="Upserting service" backends="[{0  {10.69.0.197 {TCP 6443} 0} false} {0  {10.69.0.5 {TCP 6443} 0} false} {0  {10.69.1.133 {TCP 6443} 0} false}]" loadBalancerSourceRanges="[]" serviceIP="{10.68.0.1 {TCP 443} 0}" serviceName=kubernetes serviceNamespace=default sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.0.1 L4Addr:{Protocol:TCP Port:443} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[{0  {10.69.0.197 {TCP 6443} 0} false} {0  {10.69.0.5 {TCP 6443} 0} false} {0  {10.69.1.133 {TCP 6443} 0} false}]" loadBalancerSourceRanges="[]" serviceID=1 serviceIP="{10.68.0.1 {TCP 443} 0}" serviceName=kubernetes serviceNamespace=default sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=info msg="  Local IPv4 addresses:" subsys=daemon
level=info msg="  - 10.69.1.133" subsys=daemon
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=1 subsys=service
level=debug msg="Adding new backend" backendID=1 backends="[{0  {10.69.0.197 {TCP 6443} 0} false} {0  {10.69.0.5 {TCP 6443} 0} false} {0  {10.69.1.133 {TCP 6443} 0} false}]" l3n4Addr="{10.69.0.197 {TCP 6443} 0}" loadBalancerSourceRanges="[]" serviceID=1 serviceIP="{10.68.0.1 {TCP 443} 0}" serviceName=kubernetes serviceNamespace=default sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Adding new backend" backendID=2 backends="[{0  {10.69.0.197 {TCP 6443} 0} false} {0  {10.69.0.5 {TCP 6443} 0} false} {0  {10.69.1.133 {TCP 6443} 0} false}]" l3n4Addr="{10.69.0.5 {TCP 6443} 0}" loadBalancerSourceRanges="[]" serviceID=1 serviceIP="{10.68.0.1 {TCP 443} 0}" serviceName=kubernetes serviceNamespace=default sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Adding new backend" backendID=3 backends="[{0  {10.69.0.197 {TCP 6443} 0} false} {0  {10.69.0.5 {TCP 6443} 0} false} {0  {10.69.1.133 {TCP 6443} 0} false}]" l3n4Addr="{10.69.1.133 {TCP 6443} 0}" loadBalancerSourceRanges="[]" serviceID=1 serviceIP="{10.68.0.1 {TCP 443} 0}" serviceName=kubernetes serviceNamespace=default sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Received node update event from local: types.Node{Name:\"10.69.1.133\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x1, 0x85}}, types.Address{Type:\"CiliumInternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x0, 0x1, 0x12}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc000406858), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"local\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"5\", \"cke.cybozu.com/master\":\"true\", \"cke.cybozu.com/rack\":\"2\", \"cke.cybozu.com/role\":\"cs\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.1.133\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/control-plane\":\"true\", \"node-role.kubernetes.io/cs\":\"true\", \"node-role.kubernetes.io/master\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack2\"}, NodeIdentity:0x1, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{host local false}" ipAddr=10.69.1.133 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{host local false}" ipAddr="{10.69.1.133 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=info msg="Adding local node to cluster" node="{10.69.1.133 default [{InternalIP 10.69.1.133} {CiliumInternalIP 10.0.1.18}] 10.0.1.0/24 <nil> <nil> <nil> 0 local 0 map[beta.kubernetes.io/arch:amd64 beta.kubernetes.io/os:linux cke.cybozu.com/index-in-rack:5 cke.cybozu.com/master:true cke.cybozu.com/rack:2 cke.cybozu.com/role:cs kubernetes.io/arch:amd64 kubernetes.io/hostname:10.69.1.133 kubernetes.io/os:linux node-role.kubernetes.io/control-plane:true node-role.kubernetes.io/cs:true node-role.kubernetes.io/master:true sabakan.cke.cybozu.com/datacenter:dc1 sabakan.cke.cybozu.com/machine-type:qemu sabakan.cke.cybozu.com/product:vm topology.kubernetes.io/zone:rack2] 1 }" subsys=nodediscovery
level=debug msg="Upserted service entry" backendSlot=1 subsys=map-lb svcKey="10.68.0.1:47873" svcVal="1 (256) [FLAGS: 0x0]"
level=debug msg="Upserted service entry" backendSlot=2 subsys=map-lb svcKey="10.68.0.1:47873" svcVal="2 (256) [FLAGS: 0x0]"
level=debug msg="Upserted service entry" backendSlot=3 subsys=map-lb svcKey="10.68.0.1:47873" svcVal="3 (256) [FLAGS: 0x0]"
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.0.1:47873" svcVal="0 (256) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=1 subsys=service
level=debug msg="Skip pod event using host networking" hostIP=10.69.1.133 k8sNamespace=kube-system k8sPodName=node-dns-rpswm podIP=10.69.1.133 podIPs="[{10.69.1.133}]" subsys=k8s-watcher
level=debug msg="Skip pod event using host networking" hostIP=10.69.1.133 k8sNamespace=kube-system k8sPodName=cilium-z54pw podIP=10.69.1.133 podIPs="[{10.69.1.133}]" subsys=k8s-watcher
level=debug msg="Skip pod event using host networking" hostIP=10.69.1.133 k8sNamespace=kube-system k8sPodName=coild-v2gws podIP=10.69.1.133 podIPs="[{10.69.1.133}]" subsys=k8s-watcher
level=debug msg="Upserting IP into ipcache layer" identity="{host local false}" ipAddr=10.0.1.18 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{host local false}" ipAddr="{10.0.1.18 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=internet-egress k8sSvcName=unbound old-service=nil service="frontends:[10.68.84.243]/ports=[dns dns-tcp]/selector=map[app.kubernetes.io/name:unbound]" subsys=k8s-watcher
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.68.84.243 {UDP 53} 0}" serviceName=unbound serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.84.243 L4Addr:{Protocol:UDP Port:53} Scope:0}" subsys=service
level=debug msg="Controller func execution time: 2.822µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=2 serviceIP="{10.68.84.243 {UDP 53} 0}" serviceName=unbound serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=2 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.84.243:13568" svcVal="0 (512) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=2 subsys=service
level=debug msg="Controller update time: 45.774µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=info msg="Creating or updating CiliumNode resource" node=10.69.1.133 subsys=nodediscovery
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=kube-system k8sSvcName=hubble-metrics old-service=nil service="frontends:[]/ports=[hubble-metrics]/selector=map[k8s-app:cilium]" subsys=k8s-watcher
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=kube-system k8sSvcName=cilium-agent old-service=nil service="frontends:[]/ports=[envoy-metrics]/selector=map[k8s-app:cilium]" subsys=k8s-watcher
level=debug msg="Controller run failed" consecutiveErrors=2 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=kube-system k8sSvcName=coilv2-webhook-service old-service=nil service="frontends:[10.68.174.166]/ports=[]/selector=map[app.kubernetes.io/component:coil-controller app.kubernetes.io/name:coil]" subsys=k8s-watcher
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.68.174.166 {TCP 443} 0}" serviceName=coilv2-webhook-service serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.174.166 L4Addr:{Protocol:TCP Port:443} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=3 serviceIP="{10.68.174.166 {TCP 443} 0}" serviceName=coilv2-webhook-service serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=3 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.174.166:47873" svcVal="0 (768) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=3 subsys=service
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=kube-system k8sSvcName=hubble-relay old-service=nil service="frontends:[10.68.138.229]/ports=[]/selector=map[k8s-app:hubble-relay]" subsys=k8s-watcher
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.68.138.229 {TCP 443} 0}" serviceName=hubble-relay serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.138.229 L4Addr:{Protocol:TCP Port:443} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=4 serviceIP="{10.68.138.229 {TCP 443} 0}" serviceName=hubble-relay serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=4 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.138.229:47873" svcVal="0 (1024) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=4 subsys=service
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints="10.69.0.197:2379/TCP,10.69.0.5:2379/TCP,10.69.1.133:2379/TCP" k8sNamespace=kube-system k8sSvcName=cke-etcd old-service=nil service="frontends:[]/ports=[]/selector=map[]" subsys=k8s-watcher
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=kube-system k8sSvcName=cluster-dns old-service=nil service="frontends:[10.68.12.86]/ports=[dns dns-tcp]/selector=map[cke.cybozu.com/appname:cluster-dns]" subsys=k8s-watcher
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.68.12.86 {UDP 53} 0}" serviceName=cluster-dns serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.12.86 L4Addr:{Protocol:UDP Port:53} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=5 serviceIP="{10.68.12.86 {UDP 53} 0}" serviceName=cluster-dns serviceNamespace=kube-system sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=5 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.12.86:13568" svcVal="0 (1280) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=5 subsys=service
level=debug msg="Kubernetes service definition changed" action=service-updated endpoints= k8sNamespace=internet-egress k8sSvcName=squid old-service=nil service="frontends:[10.68.71.251]/ports=[]/selector=map[app.kubernetes.io/name:squid]" subsys=k8s-watcher
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.68.71.251 {TCP 3128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Resolving service" l3n4Addr="{IP:10.68.71.251 L4Addr:{Protocol:TCP Port:3128} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=6 serviceIP="{10.68.71.251 {TCP 3128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=ClusterIP
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=6 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.68.71.251:14348" svcVal="0 (1536) [FLAGS: 0x0]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=6 subsys=service
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.72.32.0 {TCP 3128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=LoadBalancer
level=debug msg="Resolving service" l3n4Addr="{IP:10.72.32.0 L4Addr:{Protocol:TCP Port:3128} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=7 serviceIP="{10.72.32.0 {TCP 3128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=LoadBalancer
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=7 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.72.32.0:14348" svcVal="0 (1792) [FLAGS: 0x60]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=7 subsys=service
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{10.69.1.133 {TCP 30128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=NodePort
level=debug msg="Resolving service" l3n4Addr="{IP:10.69.1.133 L4Addr:{Protocol:TCP Port:30128} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=8 serviceIP="{10.69.1.133 {TCP 30128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=NodePort
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=8 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="10.69.1.133:45173" svcVal="0 (2048) [FLAGS: 0x42]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=8 subsys=service
level=debug msg="Upserting service" backends="[]" loadBalancerSourceRanges="[]" serviceIP="{0.0.0.0 {TCP 30128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=NodePort
level=debug msg="Resolving service" l3n4Addr="{IP:0.0.0.0 L4Addr:{Protocol:TCP Port:30128} Scope:0}" subsys=service
level=debug msg="Acquired service ID" backends="[]" loadBalancerSourceRanges="[]" serviceID=9 serviceIP="{0.0.0.0 {TCP 30128} 0}" serviceName=squid serviceNamespace=internet-egress sessionAffinity=false sessionAffinityTimeout=0 subsys=service svcHealthCheckNodePort=0 svcTrafficPolicy=Cluster svcType=NodePort
level=debug msg="Deleting backends from session affinity match" backends="[]" serviceID=9 subsys=service
level=debug msg="Upserted service entry" backendSlot=0 subsys=map-lb svcKey="0.0.0.0:45173" svcVal="0 (2304) [FLAGS: 0x2]"
level=debug msg="Adding backends to affinity match map" backends="[]" serviceID=9 subsys=service
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.0.5\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x0, 0x5}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc00252a050), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"5\", \"cke.cybozu.com/master\":\"true\", \"cke.cybozu.com/rack\":\"0\", \"cke.cybozu.com/role\":\"cs\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.0.5\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/control-plane\":\"true\", \"node-role.kubernetes.io/cs\":\"true\", \"node-role.kubernetes.io/master\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack0\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.0.5 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.0.5 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 14.644µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.1.134\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x1, 0x86}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc00252a058), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"6\", \"cke.cybozu.com/rack\":\"2\", \"cke.cybozu.com/role\":\"ss\", \"cke.cybozu.com/weight\":\"3.000000\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.1.134\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/ss\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack2\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.1.134 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.1.134 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller func execution time: 7.819µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run failed" consecutiveErrors=3 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 261.351µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.0.197\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x0, 0xc5}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc0022b2348), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"5\", \"cke.cybozu.com/master\":\"true\", \"cke.cybozu.com/rack\":\"1\", \"cke.cybozu.com/role\":\"cs\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.0.197\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/control-plane\":\"true\", \"node-role.kubernetes.io/cs\":\"true\", \"node-role.kubernetes.io/master\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack1\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.0.197 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.0.197 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 281.487µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller func execution time: 137.067µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run failed" consecutiveErrors=4 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller func execution time: 1.635µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.1.132\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x1, 0x84}}, types.Address{Type:\"CiliumInternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x0, 0x0, 0xbc}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc0022b2350), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"4\", \"cke.cybozu.com/rack\":\"2\", \"cke.cybozu.com/role\":\"cs\", \"cke.cybozu.com/weight\":\"3.000000\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.1.132\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/cs\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack2\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.1.132 key=0 subsys=ipcache
level=debug msg="Controller run failed" consecutiveErrors=5 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.1.132 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.0.0.188 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.0.0.188 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 12.62µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller func execution time: 1.294µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run failed" consecutiveErrors=6 error="failed to inject labels into ipcache: local identity allocator uninitialized" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Node" subsys=k8s
level=debug msg="Missing io.cilium.network.ipv4-cilium-host. Annotation required when IPSec Enabled" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Missing io.cilium.network.ipv6-cilium-host. Annotation required when IPSec Enabled" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv4 CIDR annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv6 CIDR annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv4 health endpoint annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="Empty IPv6 health endpoint annotation in node" k8sNodeID=a5481cd9-c1cb-4fb6-85df-f5e73a7fb29a nodeName=10.69.1.133 subsys=k8s
level=debug msg="cache synced" kubernetesResource="networking.k8s.io/v1::NetworkPolicy" subsys=k8s
level=debug msg="cache synced" kubernetesResource="core/v1::Service" subsys=k8s
level=info msg="Annotating k8s node" subsys=daemon v4CiliumHostIP.IPv4=10.0.1.18 v4Prefix=10.0.1.0/24 v4healthIP.IPv4="<nil>" v6CiliumHostIP.IPv6="<nil>" v6Prefix="<nil>" v6healthIP.IPv6="<nil>"
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Service" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="networking.k8s.io/v1::NetworkPolicy" subsys=k8s
level=debug msg="cache synced" kubernetesResource="discovery/v1::EndpointSlice" subsys=k8s
level=debug msg="Updating node annotations with node CIDRs" key=0 nodeName=10.69.1.133 subsys=k8s v4CiliumHostIP.IPv4=10.0.1.18 v4Prefix=10.0.1.0/24 v4healthIP.IPv4="<nil>" v6CiliumHostIP.IPv6="<nil>" v6Prefix="<nil>" v6healthIP.IPv6="<nil>"
level=debug msg="Starting new controller" name=update-k8s-node-annotations subsys=controller uuid=76caf3f3-5933-45b9-9c30-cc03942e1973
level=info msg="Initializing identity allocator" subsys=identity-cache
level=debug msg="cache synced" kubernetesResource="core/v1::Namespace" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Namespace" subsys=k8s
level=info msg="Cluster-ID is not specified, skipping ClusterMesh initialization" subsys=daemon
level=debug msg="Detach BPF Object:" args="[cgroup detach /run/cilium/cgroupv2 sock_ops pinned /sys/fs/bpf/bpf_sockops]" bpftool=bpftool subsys=sockops
level=debug msg="Identity allocation backed by CRD" subsys=identity-cache
level=debug msg="cache synced" kubernetesResource="core/v1::Pods" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Pods" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="core/v1::Node" subsys=k8s
level=debug msg="Starting new controller" name=template-dir-watcher subsys=controller uuid=3e76bb7d-f19c-4fb1-af89-44d35dc4fa49
level=debug msg="cache synced" kubernetesResource="cilium/v2::CiliumClusterwideNetworkPolicy" subsys=k8s
level=debug msg="cache synced" kubernetesResource="cilium/v2::CiliumNetworkPolicy" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="cilium/v2::CiliumNetworkPolicy" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="cilium/v2::CiliumClusterwideNetworkPolicy" subsys=k8s
level=debug msg="cache synced" kubernetesResource="cilium/v2::CiliumEndpoint" subsys=k8s
level=debug msg="cache synced" kubernetesResource="cilium/v2::CiliumNode" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="cilium/v2::CiliumNode" subsys=k8s
level=debug msg="stopped waiting for caches to be synced" kubernetesResource="cilium/v2::CiliumEndpoint" subsys=k8s
level=info msg="All pre-existing resources have been received; continuing" subsys=k8s-watcher
level=debug msg="writing configuration" file-path=netdev_config.h subsys=datapath-loader
level=info msg="Setting up BPF datapath" bpfClockSource=jiffies bpfInsnSet=v3 subsys=datapath-loader
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.core.bpf_jit_enable sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.all.rp_filter sysParamValue=0
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.fib_multipath_use_neigh sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=kernel.unprivileged_bpf_disabled sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=kernel.timer_migration sysParamValue=0
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_host.forwarding sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_host.rp_filter sysParamValue=0
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_host.accept_local sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_host.send_redirects sysParamValue=0
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_net.forwarding sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_net.rp_filter sysParamValue=0
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_net.accept_local sysParamValue=1
level=info msg="Setting sysctl" subsys=sysctl sysParamName=net.ipv4.conf.cilium_net.send_redirects sysParamValue=0
level=debug msg="Controller func execution time: 59.943424ms" name=update-k8s-node-annotations subsys=controller uuid=76caf3f3-5933-45b9-9c30-cc03942e1973
level=debug msg="Controller run succeeded; waiting for next controller update or stop" name=update-k8s-node-annotations subsys=controller uuid=76caf3f3-5933-45b9-9c30-cc03942e1973
level=debug msg="Launching compiler" args="[-emit-llvm -g -O2 -target bpf -std=gnu89 -nostdinc -D__NR_CPUS__=12 -Wall -Wextra -Werror -Wshadow -Wno-address-of-packed-member -Wno-unknown-warning-option -Wno-gnu-variable-sized-type-not-at-end -Wdeclaration-after-statement -DSECLABEL=2 -DNODE_MAC={.addr={0x52,0x54,0x0,0x85,0x7d,0x7d}} -DCALLS_MAP=cilium_calls_xdp -Dcapture_enabled=0 -DTHIS_MTU=1460 -DNATIVE_DEV_IFINDEX=2 -DDISABLE_LOOPBACK_LB -I/var/run/cilium/state/globals -I/var/run/cilium/state -I/var/lib/cilium/bpf -I/var/lib/cilium/bpf/include -c /var/lib/cilium/bpf/bpf_xdp.c -o -]" subsys=datapath-loader target=clang
level=debug msg="Initial list of identities received" subsys=allocator
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.0.5\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x0, 0x5}}, types.Address{Type:\"CiliumInternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x0, 0x2, 0x78}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc00252a098), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"5\", \"cke.cybozu.com/master\":\"true\", \"cke.cybozu.com/rack\":\"0\", \"cke.cybozu.com/role\":\"cs\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.0.5\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/control-plane\":\"true\", \"node-role.kubernetes.io/cs\":\"true\", \"node-role.kubernetes.io/master\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack0\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.0.5 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.0.5 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.0.2.120 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.0.2.120 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 29.331µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Resolving identity" identityLabels="reserved:host" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=1 ipAddr=10.0.1.18 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.134 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.132 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.0.188 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.2.120 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:host,reserved:kube-apiserver" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host,reserved:kube-apiserver" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="UpdateIdentities: Updating an existing identity" identity=host labels="[reserved:host]" labels(new)="[reserved:host reserved:kube-apiserver]" subsys=policy
level=debug msg="UpdateIdentities: Skipping add of an existing identical identity" identity=kube-apiserver subsys=policy
level=debug msg="Upserting IP into ipcache layer" identity="{host kube-apiserver false}" ipAddr=10.69.1.133 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{host kube-apiserver false}" ipAddr="{10.69.1.133 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.197 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.197 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.5 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.5 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Controller func execution time: 1.58704ms" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run succeeded; waiting for next controller update or stop" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Regenerating all endpoints" subsys=policy
level=info msg="regenerating all endpoints" reason="kube-apiserver identity updated" subsys=endpoint-manager
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.1.134\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x1, 0x86}}, types.Address{Type:\"CiliumInternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x0, 0x3, 0x67}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc0006021c8), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"6\", \"cke.cybozu.com/rack\":\"2\", \"cke.cybozu.com/role\":\"ss\", \"cke.cybozu.com/weight\":\"3.000000\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.1.134\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/ss\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack2\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.69.1.134 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.69.1.134 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.0.3.103 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.0.3.103 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 27.873µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.134 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.2.120 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.3.103 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:host,reserved:kube-apiserver" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host,reserved:kube-apiserver" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:host" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=1 ipAddr=10.0.1.18 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.132 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.0.188 subsys=ipcache
level=debug msg="UpdateIdentities: Skipping add of an existing identical identity" identity=host subsys=policy
level=debug msg="UpdateIdentities: Skipping add of an existing identical identity" identity=kube-apiserver subsys=policy
level=debug msg="Upserting IP into ipcache layer" identity="{host kube-apiserver false}" ipAddr=10.69.1.133 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{host kube-apiserver false}" ipAddr="{10.69.1.133 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.5 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.5 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.197 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.197 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Controller func execution time: 787.627µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run succeeded; waiting for next controller update or stop" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Received node update event from custom-resource: types.Node{Name:\"10.69.0.197\", Cluster:\"default\", IPAddresses:[]types.Address{types.Address{Type:\"InternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x45, 0x0, 0xc5}}, types.Address{Type:\"CiliumInternalIP\", IP:net.IP{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0xff, 0xa, 0x0, 0x4, 0x47}}}, IPv4AllocCIDR:(*cidr.CIDR)(0xc0006021d0), IPv6AllocCIDR:(*cidr.CIDR)(nil), IPv4HealthIP:net.IP(nil), IPv6HealthIP:net.IP(nil), ClusterID:0, Source:\"custom-resource\", EncryptionKey:0x0, Labels:map[string]string{\"beta.kubernetes.io/arch\":\"amd64\", \"beta.kubernetes.io/os\":\"linux\", \"cke.cybozu.com/index-in-rack\":\"5\", \"cke.cybozu.com/master\":\"true\", \"cke.cybozu.com/rack\":\"1\", \"cke.cybozu.com/role\":\"cs\", \"kubernetes.io/arch\":\"amd64\", \"kubernetes.io/hostname\":\"10.69.0.197\", \"kubernetes.io/os\":\"linux\", \"node-role.kubernetes.io/control-plane\":\"true\", \"node-role.kubernetes.io/cs\":\"true\", \"node-role.kubernetes.io/master\":\"true\", \"sabakan.cke.cybozu.com/datacenter\":\"dc1\", \"sabakan.cke.cybozu.com/machine-type\":\"qemu\", \"sabakan.cke.cybozu.com/product\":\"vm\", \"topology.kubernetes.io/zone\":\"rack1\"}, NodeIdentity:0x0, WireguardPubKey:\"\"}" subsys=nodemanager
level=debug msg="Upserting IP into ipcache layer" identity="{remote-node custom-resource false}" ipAddr=10.0.4.71 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{remote-node custom-resource false}" ipAddr="{10.0.4.71 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Skipping delete of identity from source custom-resource" ipAddr=10.69.0.197 source=kube-apiserver subsys=ipcache
level=debug msg="Updating existing controller" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller update time: 109.843µs" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.132 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.0.188 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.69.1.134 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.2.120 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.3.103 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=remote-node identityLabels="reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=6 ipAddr=10.0.4.71 subsys=ipcache
level=debug msg="Resolving identity" identityLabels="reserved:host,reserved:kube-apiserver" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host,reserved:kube-apiserver" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:kube-apiserver,reserved:remote-node" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=kube-apiserver identityLabels="reserved:kube-apiserver,reserved:remote-node" isNew=false subsys=identity-cache
level=debug msg="Resolving identity" identityLabels="reserved:host" subsys=identity-cache
level=debug msg="Resolved reserved identity" identity=host identityLabels="reserved:host" isNew=false subsys=identity-cache
level=debug msg="Released identity to balance reference counts" identity=1 ipAddr=10.0.1.18 subsys=ipcache
level=debug msg="UpdateIdentities: Skipping add of an existing identical identity" identity=kube-apiserver subsys=policy
level=debug msg="UpdateIdentities: Skipping add of an existing identical identity" identity=host subsys=policy
level=debug msg="Upserting IP into ipcache layer" identity="{host kube-apiserver false}" ipAddr=10.69.1.133 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{host kube-apiserver false}" ipAddr="{10.69.1.133 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.5 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.5 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Upserting IP into ipcache layer" identity="{kube-apiserver kube-apiserver false}" ipAddr=10.69.0.197 key=0 subsys=ipcache
level=debug msg="Daemon notified of IP-Identity cache state change" identity="{kube-apiserver kube-apiserver false}" ipAddr="{10.69.0.197 ffffffff}" modification=Upsert subsys=datapath-ipcache
level=debug msg="Controller func execution time: 1.359111ms" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Controller run succeeded; waiting for next controller update or stop" name=ipcache-inject-labels subsys=controller uuid=e4d81419-22fd-4c01-81be-dd80b7be330a
level=debug msg="Regenerating all endpoints" subsys=policy
level=info msg="regenerating all endpoints" reason="kube-apiserver identity updated" subsys=endpoint-manager
level=debug msg="Controller func execution time: 32.881µs" name=metricsmap-bpf-prom-sync subsys=controller uuid=84e272dc-f00f-45c0-ac39-03985ee0b547
level=debug msg="Regenerating all endpoints" subsys=policy
level=info msg="regenerating all endpoints" reason= subsys=endpoint-manager
level=debug msg="Finalizing bpffs map migration" device=eth0 objPath=/var/run/cilium/state/bpf_xdp.o subsys=datapath-loader
level=debug msg="Launching compiler" args="[-emit-llvm -g -O2 -target bpf -std=gnu89 -nostdinc -D__NR_CPUS__=12 -Wall -Wextra -Werror -Wshadow -Wno-address-of-packed-member -Wno-unknown-warning-option -Wno-gnu-variable-sized-type-not-at-end -Wdeclaration-after-statement -DSECLABEL=2 -DNODE_MAC={.addr={0x52,0x54,0x0,0xb8,0x10,0x9f}} -DCALLS_MAP=cilium_calls_xdp -Dcapture_enabled=0 -DTHIS_MTU=1460 -DNATIVE_DEV_IFINDEX=3 -DDISABLE_LOOPBACK_LB -I/var/run/cilium/state/globals -I/var/run/cilium/state -I/var/lib/cilium/bpf -I/var/lib/cilium/bpf/include -c /var/lib/cilium/bpf/bpf_xdp.c -o -]" subsys=datapath-loader target=clang
error: http2: client connection lost

ysksuzuki · 2022-04-15T14:45:03Z

I raised this issue on Flatcar as well.

borkmann · 2022-04-20T17:09:49Z

Thanks for the report, @ysksuzuki (cc @NikAleksandrov). Are you able to test e.g. latest Linus tree (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/) to see if this issue has been fixed upstream as well?

ysksuzuki · 2022-04-21T04:53:25Z

Hi, @borkmann I will try to do that and get back to you.

borkmann · 2022-04-21T10:40:43Z

Hi, @borkmann I will try to do that and get back to you.

Do you use virtio_net driver in your qemu setup? Have you ever seen this on a different driver, e.g. on bare metal?

ysksuzuki · 2022-04-21T12:26:37Z

Do you use virtio_net driver in your qemu setup?

Yes. Here are the qemu options.

$ qemu-system-x86_64 -version
QEMU emulator version 4.2.1 (Debian 1:4.2-3ubuntu6.21)
Copyright (c) 2003-2019 Fabrice Bellard and the QEMU Project developers

$ qemu-system-x86_64 \
  -enable-kvm \
  -smp 12 \
  -m 20G \
  -nographic \
  -serial unix:/tmp/rack0-cs1.socket,server,nowait \
  -smbios type=1,serial=ba49d9a971c5a0344edfda5c8116745ea16fa4dd \
  -netdev tap,id=r0-node1,ifname=pm_tap61bf8d3f,script=no,downscript=no,vhost=on,queues=24 \
  -device virtio-net-pci,host_mtu=1500,netdev=r0-node1,mac=52:54:00:77:d9:26,mq=on,vectors=50 \
  -netdev tap,id=r0-node2,ifname=pm_tap3015739e,script=no,downscript=no,vhost=on,queues=24 \
  -device virtio-net-pci,host_mtu=1500,netdev=r0-node2,mac=52:54:00:90:26:23,mq=on,vectors=50 \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data1.img \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data2.img \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data3.img \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data4.img \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data5.img \
  -drive if=virtio,cache=none,aio=native,format=raw,file=/var/scratch/placemat/volumes/rack0-cs1/data6.img \
  -chardev socket,id=chrtpm,path=/tmp/rack0-cs1/swtpm.socket \
  -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0 \
  -boot reboot-timeout=30000 \
  -chardev socket,id=char0,path=/tmp/rack0-cs1.guest,server,nowait \
  -device virtio-serial \
  -device virtserialport,chardev=char0,name=placemat \
  -qmp unix:/tmp/rack0-cs1.qmp,server,nowait \
  -object rng-random,id=rng0,filename=/dev/urandom \
  -device virtio-rng-pci,rng=rng0 \
  -cpu host

Have you ever seen this on a different driver, e.g. on bare metal?

I haven't checked if this occurs on bare metal. Will test it as well.

NikAleksandrov · 2022-04-21T19:57:52Z

Could you please follow the kernel messages just before the crash happens (e.g. dmesg -w) and watch out for something like:
XDP request X queues but max is Y. XDP_TX and XDP_REDIRECT will operate in a slower locked tx mode.
(X and Y change depending on config)
Or if you have crashdumps you could check the kernel message logs for it.
With 50 queues you shouldn't be seeing it, but it really depends on how the nic is initialized.

ysksuzuki · 2022-04-22T03:05:58Z

Hi @NikAleksandrov

XDP request queues but max is message didn't appear in the kernel message. I posted the result of 'dmesg -w' just before the crash in the Relevant log output section.

Multiqueue virtio-net is enabled and queues are vCPU*2 in our qemu set up so that TX queues per core dedicated to XDP are available. I referenced this commit. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=672aafd5d88a951f394334802b938b502010d9eb

  -netdev tap,id=r0-node1,ifname=pm_tap61bf8d3f,script=no,downscript=no,vhost=on,queues=24
  -device virtio-net-pci,host_mtu=1500,netdev=r0-node1,mac=52:54:00:77:d9:26,mq=on,vectors=50

NikAleksandrov · 2022-04-22T10:07:39Z

I just tested with a similar setup (no shared queues) and the problem I was suspecting is actually still there.
It would seem virtio_net + XDP for that use case hasn't been working since kernel 5.13. The culprit is this commit:
commit fb32856b16ad ("virtio-net: page_to_skb() use build_skb when there's sufficient tailroom")
reverting it fixes the issue. I'll look into a possible fix without revert as well.

We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. The story of the faulty commit is interesting because the patch was sent and applied twice (it seems the first one got lost during merge back in 5.13 window). The first version of the patch that was applied as: commit 7bf6446 ("virtio-net: get build_skb() buf by data ptr") was actually correct because it calculated the page starting address without relying on offset or headroom, but then the second version that was applied as: commit 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") was wrong and added the above calculation. An example xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ torvalds#37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ torvalds#37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ torvalds#37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ torvalds#37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>

We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ #37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ #37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>

NikAleksandrov · 2022-04-26T13:51:40Z

The fix I proposed[1] has been applied[2] and should also get backported to stable kernels (stable was CCed on it).
Closing the issue.

[1] https://patchwork.kernel.org/project/netdevbpf/patch/20220425103703.3067292-1-razor@blackwall.org/
[2] https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=acb16b395c3f3d7502443e0c799c2b42df645642

ysksuzuki · 2022-04-26T15:27:22Z

@NikAleksandrov Great work! Thank you so much!

commit acb16b3 upstream. We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ #37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ #37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

commit acb16b3 upstream. We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ torvalds#37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ torvalds#37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

commit acb16b3 upstream. We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ #37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ #37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ torvalds#37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ torvalds#37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com>

commit acb16b395c3f3d7502443e0c799c2b42df645642 upstream. We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ #37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ #37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

BugLink: https://bugs.launchpad.net/bugs/1978234 commit acb16b3 upstream. We received a report[1] of kernel crashes when Cilium is used in XDP mode with virtio_net after updating to newer kernels. After investigating the reason it turned out that when using mergeable bufs with an XDP program which adjusts xdp.data or xdp.data_meta page_to_buf() calculates the build_skb address wrong because the offset can become less than the headroom so it gets the address of the previous page (-X bytes depending on how lower offset is): page_to_skb: page addr ffff9eb2923e2000 buf ffff9eb2923e1ffc offset 252 headroom 256 This is a pr_err() I added in the beginning of page_to_skb which clearly shows offset that is less than headroom by adding 4 bytes of metadata via an xdp prog. The calculations done are: receive_mergeable(): headroom = VIRTIO_XDP_HEADROOM; // VIRTIO_XDP_HEADROOM == 256 bytes offset = xdp.data - page_address(xdp_page) - vi->hdr_len - metasize; page_to_skb(): p = page_address(page) + offset; ... buf = p - headroom; Now buf goes -4 bytes from the page's starting address as can be seen above which is set as skb->head and skb->data by build_skb later. Depending on what's done with the skb (when it's freed most often) we get all kinds of corruptions and BUG_ON() triggers in mm[2]. We have to recalculate the new headroom after the xdp program has run, similar to how offset and len are recalculated. Headroom is directly related to data_hard_start, data and data_meta, so we use them to get the new size. The result is correct (similar pr_err() in page_to_skb, one case of xdp_page and one case of virtnet buf): a) Case with 4 bytes of metadata [ 115.949641] page_to_skb: page addr ffff8b4dcfad2000 offset 252 headroom 252 [ 121.084105] page_to_skb: page addr ffff8b4dcf018000 offset 20732 headroom 252 b) Case of pushing data +32 bytes [ 153.181401] page_to_skb: page addr ffff8b4dd0c4d000 offset 288 headroom 288 [ 158.480421] page_to_skb: page addr ffff8b4dd00b0000 offset 24864 headroom 288 c) Case of pushing data -33 bytes [ 835.906830] page_to_skb: page addr ffff8b4dd3270000 offset 223 headroom 223 [ 840.839910] page_to_skb: page addr ffff8b4dcdd68000 offset 12511 headroom 223 Offset and headroom are equal because offset points to the start of reserved bytes for the virtio_net header which are at buf start + headroom, while data points at buf start + vnet hdr size + headroom so when data or data_meta are adjusted by the xdp prog both the headroom size and the offset change equally. We can use data_hard_start to compute the new headroom after the xdp prog (linearized / page start case, the virtnet buf case is similar just with bigger base offset): xdp.data_hard_start = page_address + vnet_hdr xdp.data = page_address + vnet_hdr + headroom new headroom after xdp prog = xdp.data - xdp.data_hard_start - metasize An example reproducer xdp prog[3] is below. [1] cilium/cilium#19453 [2] Two of the many traces: [ 40.437400] BUG: Bad page state in process swapper/0 pfn:14940 [ 40.916726] BUG: Bad page state in process systemd-resolve pfn:053b7 [ 41.300891] kernel BUG at include/linux/mm.h:720! [ 41.301801] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI [ 41.302784] CPU: 1 PID: 1181 Comm: kubelet Kdump: loaded Tainted: G B W 5.18.0-rc1+ #37 [ 41.304458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 41.306018] RIP: 0010:page_frag_free+0x79/0xe0 [ 41.306836] Code: 00 00 75 ea 48 8b 07 a9 00 00 01 00 74 e0 48 8b 47 48 48 8d 50 ff a8 01 48 0f 45 fa eb d0 48 c7 c6 18 b8 30 a6 e8 d7 f8 fc ff <0f> 0b 48 8d 78 ff eb bc 48 8b 07 a9 00 00 01 00 74 3a 66 90 0f b6 [ 41.310235] RSP: 0018:ffffac05c2a6bc78 EFLAGS: 00010292 [ 41.311201] RAX: 000000000000003e RBX: 0000000000000000 RCX: 0000000000000000 [ 41.312502] RDX: 0000000000000001 RSI: ffffffffa6423004 RDI: 00000000ffffffff [ 41.313794] RBP: ffff993c98823600 R08: 0000000000000000 R09: 00000000ffffdfff [ 41.315089] R10: ffffac05c2a6ba68 R11: ffffffffa698ca28 R12: ffff993c98823600 [ 41.316398] R13: ffff993c86311ebc R14: 0000000000000000 R15: 000000000000005c [ 41.317700] FS: 00007fe13fc56740(0000) GS:ffff993cdd900000(0000) knlGS:0000000000000000 [ 41.319150] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 41.320152] CR2: 000000c00008a000 CR3: 0000000014908000 CR4: 0000000000350ee0 [ 41.321387] Call Trace: [ 41.321819] <TASK> [ 41.322193] skb_release_data+0x13f/0x1c0 [ 41.322902] __kfree_skb+0x20/0x30 [ 41.343870] tcp_recvmsg_locked+0x671/0x880 [ 41.363764] tcp_recvmsg+0x5e/0x1c0 [ 41.384102] inet_recvmsg+0x42/0x100 [ 41.406783] ? sock_recvmsg+0x1d/0x70 [ 41.428201] sock_read_iter+0x84/0xd0 [ 41.445592] ? 0xffffffffa3000000 [ 41.462442] new_sync_read+0x148/0x160 [ 41.479314] ? 0xffffffffa3000000 [ 41.496937] vfs_read+0x138/0x190 [ 41.517198] ksys_read+0x87/0xc0 [ 41.535336] do_syscall_64+0x3b/0x90 [ 41.551637] entry_SYSCALL_64_after_hwframe+0x44/0xae [ 41.568050] RIP: 0033:0x48765b [ 41.583955] Code: e8 4a 35 fe ff eb 88 cc cc cc cc cc cc cc cc e8 fb 7a fe ff 48 8b 7c 24 10 48 8b 74 24 18 48 8b 54 24 20 48 8b 44 24 08 0f 05 <48> 3d 01 f0 ff ff 76 20 48 c7 44 24 28 ff ff ff ff 48 c7 44 24 30 [ 41.632818] RSP: 002b:000000c000a2f5b8 EFLAGS: 00000212 ORIG_RAX: 0000000000000000 [ 41.664588] RAX: ffffffffffffffda RBX: 000000c000062000 RCX: 000000000048765b [ 41.681205] RDX: 0000000000005e54 RSI: 000000c000e66000 RDI: 0000000000000016 [ 41.697164] RBP: 000000c000a2f608 R08: 0000000000000001 R09: 00000000000001b4 [ 41.713034] R10: 00000000000000b6 R11: 0000000000000212 R12: 00000000000000e9 [ 41.728755] R13: 0000000000000001 R14: 000000c000a92000 R15: ffffffffffffffff [ 41.744254] </TASK> [ 41.758585] Modules linked in: br_netfilter bridge veth netconsole virtio_net and [ 33.524802] BUG: Bad page state in process systemd-network pfn:11e60 [ 33.528617] page ffffe05dc0147b00 ffffe05dc04e7a00 ffff8ae9851ec000 (1) len 82 offset 252 metasize 4 hroom 0 hdr_len 12 data ffff8ae9851ec10c data_meta ffff8ae9851ec108 data_end ffff8ae9851ec14e [ 33.529764] page:000000003792b5ba refcount:0 mapcount:-512 mapping:0000000000000000 index:0x0 pfn:0x11e60 [ 33.532463] flags: 0xfffffc0000000(node=0|zone=1|lastcpupid=0x1fffff) [ 33.532468] raw: 000fffffc0000000 0000000000000000 dead000000000122 0000000000000000 [ 33.532470] raw: 0000000000000000 0000000000000000 00000000fffffdff 0000000000000000 [ 33.532471] page dumped because: nonzero mapcount [ 33.532472] Modules linked in: br_netfilter bridge veth netconsole virtio_net [ 33.532479] CPU: 0 PID: 791 Comm: systemd-network Kdump: loaded Not tainted 5.18.0-rc1+ #37 [ 33.532482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1.fc35 04/01/2014 [ 33.532484] Call Trace: [ 33.532496] <TASK> [ 33.532500] dump_stack_lvl+0x45/0x5a [ 33.532506] bad_page.cold+0x63/0x94 [ 33.532510] free_pcp_prepare+0x290/0x420 [ 33.532515] free_unref_page+0x1b/0x100 [ 33.532518] skb_release_data+0x13f/0x1c0 [ 33.532524] kfree_skb_reason+0x3e/0xc0 [ 33.532527] ip6_mc_input+0x23c/0x2b0 [ 33.532531] ip6_sublist_rcv_finish+0x83/0x90 [ 33.532534] ip6_sublist_rcv+0x22b/0x2b0 [3] XDP program to reproduce(xdp_pass.c): #include <linux/bpf.h> #include <bpf/bpf_helpers.h> SEC("xdp_pass") int xdp_pkt_pass(struct xdp_md *ctx) { bpf_xdp_adjust_head(ctx, -(int)32); return XDP_PASS; } char _license[] SEC("license") = "GPL"; compile: clang -O2 -g -Wall -target bpf -c xdp_pass.c -o xdp_pass.o load on virtio_net: ip link set enp1s0 xdpdrv obj xdp_pass.o sec xdp_pass CC: stable@vger.kernel.org CC: Jason Wang <jasowang@redhat.com> CC: Xuan Zhuo <xuanzhuo@linux.alibaba.com> CC: Daniel Borkmann <daniel@iogearbox.net> CC: "Michael S. Tsirkin" <mst@redhat.com> CC: virtualization@lists.linux-foundation.org Fixes: 8fb7da9 ("virtio_net: get build_skb() buf by data ptr") Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org> Reviewed-by: Xuan Zhuo <xuanzhuo@linux.alibaba.com> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Michael S. Tsirkin <mst@redhat.com> Acked-by: Jason Wang <jasowang@redhat.com> Link: https://lore.kernel.org/r/20220425103703.3067292-1-razor@blackwall.org Signed-off-by: Paolo Abeni <pabeni@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Kamal Mostafa <kamal@canonical.com> Signed-off-by: Stefan Bader <stefan.bader@canonical.com>

ysksuzuki added kind/bug This is a bug in the Cilium logic. needs/triage This issue requires triaging to establish severity and next steps. labels Apr 15, 2022

ysksuzuki mentioned this issue Apr 15, 2022

Cilium with loadBalancer.acceleration native fails on 3139.2.0 flatcar/Flatcar#721

Closed

tklauser added the kind/community-report This was reported by a user in the Cilium community, eg via Slack. label Apr 19, 2022

borkmann mentioned this issue Apr 22, 2022

FCOS v35 (kernel v5.16) kernel panic on cilium start up with XDP enabled #19213

Closed

2 tasks

borkmann mentioned this issue Apr 22, 2022

docs, kpr, maglev: Move Maglev out of beta #19541

Merged

NikAleksandrov closed this as completed Apr 26, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Kernel panic on flatcar 3139.2.0 with loadBalancer.acceleration native #19453

Kernel panic on flatcar 3139.2.0 with loadBalancer.acceleration native #19453

ysksuzuki commented Apr 15, 2022

ysksuzuki commented Apr 15, 2022

ysksuzuki commented Apr 15, 2022

borkmann commented Apr 20, 2022

ysksuzuki commented Apr 21, 2022

borkmann commented Apr 21, 2022

ysksuzuki commented Apr 21, 2022 •

edited

NikAleksandrov commented Apr 21, 2022 •

edited

ysksuzuki commented Apr 22, 2022

NikAleksandrov commented Apr 22, 2022 •

edited

NikAleksandrov commented Apr 26, 2022

ysksuzuki commented Apr 26, 2022

Kernel panic on flatcar 3139.2.0 with loadBalancer.acceleration native #19453

Kernel panic on flatcar 3139.2.0 with loadBalancer.acceleration native #19453

Comments

ysksuzuki commented Apr 15, 2022

Is there an existing issue for this?

What happened?

Test Result

Cilium Version

Kernel Version

Kubernetes Version

Sysdump

Relevant log output

Anything else?

Code of Conduct

ysksuzuki commented Apr 15, 2022

ysksuzuki commented Apr 15, 2022

borkmann commented Apr 20, 2022

ysksuzuki commented Apr 21, 2022

borkmann commented Apr 21, 2022

ysksuzuki commented Apr 21, 2022 • edited

NikAleksandrov commented Apr 21, 2022 • edited

ysksuzuki commented Apr 22, 2022

NikAleksandrov commented Apr 22, 2022 • edited

NikAleksandrov commented Apr 26, 2022

ysksuzuki commented Apr 26, 2022

ysksuzuki commented Apr 21, 2022 •

edited

NikAleksandrov commented Apr 21, 2022 •

edited

NikAleksandrov commented Apr 22, 2022 •

edited