From owner-freebsd-current@FreeBSD.ORG Thu Jun 4 07:35:02 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 641F8106564A; Thu, 4 Jun 2009 07:35:02 +0000 (UTC) (envelope-from dfr@rabson.org) Received: from itchy.rabson.org (router.rabson.org [80.177.232.241]) by mx1.freebsd.org (Postfix) with ESMTP id D00CF8FC14; Thu, 4 Jun 2009 07:35:01 +0000 (UTC) (envelope-from dfr@rabson.org) Received: from [IPv6:2001:470:909f:1:225:ff:feed:9426] (unknown [IPv6:2001:470:909f:1:225:ff:feed:9426]) by itchy.rabson.org (Postfix) with ESMTP id 54FF75DB5; Thu, 4 Jun 2009 08:34:30 +0100 (BST) Message-Id: <942C18EE-0453-4568-B835-8379966F0B8A@rabson.org> From: Doug Rabson To: "Bjoern A. Zeeb" In-Reply-To: <20090603184215.L12292@maildrop.int.zabbadoz.net> Mime-Version: 1.0 (Apple Message framework v935.3) Date: Thu, 4 Jun 2009 08:34:30 +0100 References: <20090601182012.GA21543@darkthrone.kvedulv.de> <20090603121307.GA15659@hades.panopticon> <20090603152810.GA21014@atarininja.org> <20090603160945.GC21014@atarininja.org> <20090603184215.L12292@maildrop.int.zabbadoz.net> X-Mailer: Apple Mail (2.935.3) Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: dfr@freebsd.org, freebsd-current@freebsd.org, Michael Moll , Wesley Shields , Dmitry Marakasov , Jamie Gritton Subject: Re: Kernel panic when accessing ZFS-Filesystem via NFS X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jun 2009 07:35:02 -0000 On 3 Jun 2009, at 20:42, Bjoern A. Zeeb wrote: > On Wed, 3 Jun 2009, Wesley Shields wrote: > > Hi, > >>>>> ... > >> [ The panic message and backtrace from ddb is at >> http://people.freebsd.org/~wxs/crash.txt ] >> > ... >> cred->cr_prison is null? It is my understanding that when not jailed >> cred->cr_prison should be &prison0 with the new hierarchical jails. >> The >> fact that it is null is causing prison_priv_check to enter the switch >> statement, leading to the crash. >> >> I'm not sure why cred->cr_prison is null in this case. > > The question here is not if cred->cr_prison can be null but where is > the cred coming from? > > If you look at init_main.c around lines 440 - 457 you'll find prison0 > being further initialized (cpuset) and p_ucred->cr_prison being set to > &prsion0. And a bit further down in l470 td_ucred is initialized from > that. cr_prison should thus always be setup. > > What you are looking at above looks like a crget() with only > cr_ngroups updated. > > [removing a lot more text as I was going on debugging in a very small > window] > > I would start looking at svc_getcred() and blame at least the > AUTH_UNIX case; end of rpc/svc_auth.c. This looks like a big NO-NO. > I am pretty sure I'd also want to audit svc_rpc_gss(), just in case. The NFS server is creating a ucred which describes the privileges to be given to the remote user. What is the correct way to do this and where can I read the documentation?