From owner-freebsd-current@FreeBSD.ORG Thu Jun 4 15:54:17 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 97053106564A; Thu, 4 Jun 2009 15:54:16 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from esa-annu.mail.uoguelph.ca (esa-annu.mail.uoguelph.ca [131.104.91.36]) by mx1.freebsd.org (Postfix) with ESMTP id C88028FC29; Thu, 4 Jun 2009 15:54:14 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: ApoEALuKJ0qDaFvK/2dsb2JhbADRNIQMBQ X-IronPort-AV: E=Sophos;i="4.41,306,1241409600"; d="scan'208";a="35407895" Received: from fraser.cs.uoguelph.ca ([131.104.91.202]) by esa-annu-pri.mail.uoguelph.ca with ESMTP; 04 Jun 2009 11:54:13 -0400 Received: from localhost (localhost.localdomain [127.0.0.1]) by fraser.cs.uoguelph.ca (Postfix) with ESMTP id 5F26B109C257; Thu, 4 Jun 2009 11:54:13 -0400 (EDT) X-Virus-Scanned: amavisd-new at fraser.cs.uoguelph.ca Received: from fraser.cs.uoguelph.ca ([127.0.0.1]) by localhost (fraser.cs.uoguelph.ca [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0X2fe+j8qnm2; Thu, 4 Jun 2009 11:54:13 -0400 (EDT) Received: from muncher.cs.uoguelph.ca (muncher.cs.uoguelph.ca [131.104.91.102]) by fraser.cs.uoguelph.ca (Postfix) with ESMTP id DE61D109C24A; Thu, 4 Jun 2009 11:54:12 -0400 (EDT) Received: from localhost (rmacklem@localhost) by muncher.cs.uoguelph.ca (8.11.7p3+Sun/8.11.6) with ESMTP id n54FtSB03365; Thu, 4 Jun 2009 11:55:28 -0400 (EDT) X-Authentication-Warning: muncher.cs.uoguelph.ca: rmacklem owned process doing -bs Date: Thu, 4 Jun 2009 11:55:28 -0400 (EDT) From: Rick Macklem X-X-Sender: rmacklem@muncher.cs.uoguelph.ca To: Robert Watson In-Reply-To: Message-ID: References: <20090601182012.GA21543@darkthrone.kvedulv.de> <20090603121307.GA15659@hades.panopticon> <20090603152810.GA21014@atarininja.org> <20090603160945.GC21014@atarininja.org> <20090603184215.L12292@maildrop.int.zabbadoz.net> <942C18EE-0453-4568-B835-8379966F0B8A@rabson.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: dfr@FreeBSD.org, Dmitry Marakasov , Michael Moll , Wesley Shields , "Bjoern A. Zeeb" , freebsd-current@FreeBSD.org, Jamie Gritton Subject: Re: Kernel panic when accessing ZFS-Filesystem via NFS X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 04 Jun 2009 15:54:17 -0000 On Thu, 4 Jun 2009, Robert Watson wrote: [good stuff snipped] > > Possibly we should actually add MAC and audit functions along similar lines, > and initialize cr_prison to &prison0 for the NFS creds? On the other hand, > if they may be used for network I/O, perhaps cr_prison and the others should > be initialized based on the context in which nfsd is started, so that it > takes on those security attributes. > The experimental server crdup()'s the credentials that nfsd has, but I have no idea if that's the correct thing to do? (and I've never done ZFS, so I don't know if that fixes the crashes, either). rick