On Wed, Sep 01, 2021 at 01:19:15AM -0700, Théo BERTIN wrote:
>
> Hi everyone,
>
> We're currently experiencing kernel panics and reboots on several machines
> updated recently :
> */var/crash/info.0*
> Dump header from device: /dev/da1
> Architecture: amd64
> Architecture Version: 2
> Dump Length: 626298880
> Blocksize: 512
> Compression: none
> Dumptime: Tue Aug 31 14:22:24 2021
> Hostname: [redacted]
> Magic: FreeBSD Kernel Dump
> Version String: FreeBSD 12.2-STABLE-HBSD #0 : Tue Aug 10 20:14:33 UTC 2021
> ro...@ci-12.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD
>
> Panic String: pf_free_state: timeout 0
> Dump Parity: 436929362
> Bounds: 0
> Dump Status: good
>
> */var/log/messages :*
> *uname -a :*
> FreeBSD [redacted] 12.2-STABLE-HBSD FreeBSD 12.2-STABLE-HBSD #0 : Tue Aug
> 10 20:14:33 UTC 2021
> ro...@ci-12.md.hardenedbsd.lan:/usr/obj/usr/src/amd64.amd64/sys/HARDENEDBSD
> amd64
>
>
> *hbsd-update -C : *
> [+] Local version: hbsd-v1200060-41a52376cfffabfd43667d4f7ed01fc72959d2f7
> [+] Remote version: hbsd-v1200060-1969e37a92d528ce30ddf9e5b19481127532e4cd
> sha256 39f5a3a823c2431117599256b441deb18c1f7698f320b103ea9e308c7c55322d
>
> As I said, several machines have been reported to reboot following that
> same error, in them are several levels of update hashes (but always the
> same HBSD version 12.2-STABLE) using 'hbsd-update -C' :
> -
> hbsd-v1200060-1969e37a92d528ce30ddf9e5b19481127532e4cd (latest update to
> this day)
> -
> hbsd-v1200060-4fc0cb9290b0c219e2f981222d98a1fdc8eba97e
> -
> hbsd-v1200060-41a52376cfffabfd43667d4f7ed01fc72959d2f7
>
>
> This issue is possibly linked to the existing conversation here :
>
https://groups.google.com/a/hardenedbsd.org/g/users/c/i3OT7wcH8nQ/m/XU4LAFGFBwAJ
> But the version is different (13.0 instead of 12.2)
>
> All machines are virtualized, under several different engines and
> infrastructures.
> It would seem some machines with the latest update patch (or close to it)
> and not under heavy network load are not impacted by this problem.
>
From that panic string and the backtrace, it seems like the problem is
in pf's handling of outbound ipv6 tcp packets, specifically when
trying to connect to the remote host.
I'm wholly unfamiliar with pf's code, and HardenedBSD doesn't have any
changes that would impact pf. You might want to consider filing a bug
with FreeBSD.
Thanks,
--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD
https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc