Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FS#3154 - XFRM state insert failure with AES-GCM #7902

Open
openwrt-bot opened this issue Jun 6, 2020 · 2 comments
Open

FS#3154 - XFRM state insert failure with AES-GCM #7902

openwrt-bot opened this issue Jun 6, 2020 · 2 comments
Labels
flyspray kernel release/19.07

Comments

@openwrt-bot
Copy link

@openwrt-bot openwrt-bot commented Jun 6, 2020

Thermi:

Supply the following if possible:

  • Device problem occurs on
  • Software versions of OpenWrt/LEDE release, packages, etc.
  • Steps to reproduce

X86_64 arch, kernel fails to insert XFRM states with AES-GCM as transform.
Testable with
ip x s add proto esp dst 14.0.0.70 src 14.0.0.52 spi 0x07 mode transport reqid 0x07 replay-window 32 aead 'rfc4106(gcm(aes))' 0x44434241343332312423222114131211f4f3f2f1 128 sel src 14.0.0.52/24 dst 14.0.0.70/24 proto tcp

Works on Arch.
Result on X86_64 OpenWRT 19.07.3:
RTNETLINK answers: No such file or directory

On Arch 5.6.15-arch1-1, works (no output, ip x s shows the state).
Also fails 100% of the time when tested using an IKE keying daemon, e.g. strongSwan

@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Jun 6, 2020

Thermi:

I received confirmation that this also pertains trunk, kernel 5.4.43

@openwrt-bot
Copy link
Author

@openwrt-bot openwrt-bot commented Jun 8, 2020

johnfzc:

I have tested with the mips architecture on a TP-LINK TL-WR842N/ND v2 and I can insert the xfrm, the issue appears to be x86 specific.

@aparcar aparcar added release/19.07 kernel labels Feb 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
flyspray kernel release/19.07
Projects
None yet
Development

No branches or pull requests

2 participants