From owner-freebsd-current@freebsd.org Mon Nov 9 21:15:41 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3FBA1A29F01 for ; Mon, 9 Nov 2015 21:15:41 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from bigwig.baldwin.cx (bigwig.baldwin.cx [IPv6:2001:470:1f11:75::1]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1D8831DFF; Mon, 9 Nov 2015 21:15:41 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from ralph.baldwin.cx (c-73-231-226-104.hsd1.ca.comcast.net [73.231.226.104]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id 37243B99A; Mon, 9 Nov 2015 16:15:40 -0500 (EST) From: John Baldwin To: freebsd-current@freebsd.org Cc: Daniel Dettlaff , 'Robert Watson' Subject: Re: Panic with MAC_PORTACL on current. Date: Mon, 09 Nov 2015 11:27:59 -0800 Message-ID: <1657323.OkOMLhHyvD@ralph.baldwin.cx> User-Agent: KMail/4.14.3 (FreeBSD/10.2-STABLE; KDE/4.14.3; amd64; ; ) In-Reply-To: <4317C155-B18D-4EFA-9017-033943950D35@gmail.com> References: <4317C155-B18D-4EFA-9017-033943950D35@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (bigwig.baldwin.cx); Mon, 09 Nov 2015 16:15:40 -0500 (EST) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Nov 2015 21:15:41 -0000 On Friday, November 06, 2015 01:34:26 AM Daniel Dettlaff wrote: > Hello. >=20 > I have my second kernel panic, related with =E2=80=9CMAC_PORTACL=E2=80= =9D kernel module loading in CURRENT. > The only thing to do is to put mac_portacl_load=3D=E2=80=9CYES=E2=80=9D= in loader.conf and boot machine. >=20 > I built kernel using this config: https://github.com/VerKnowSys/Serve= D-OS/blob/master/kernel/VERKNOWSYS-11.0 > My make.conf: https://github.com/VerKnowSys/ServeD-OS/blob/master/etc= /make.conf > My src.conf: https://github.com/VerKnowSys/ServeD-OS/blob/master/etc/= src.conf > My loader.conf: https://github.com/VerKnowSys/ServeD-OS/blob/master/e= tc/loader.conf.served > My sysctl.conf: https://github.com/VerKnowSys/ServeD-OS/blob/master/e= tc/sysctl.conf.served >=20 > I=E2=80=99m using Vmware Fusion 7.0 pro as host. >=20 > I catched that panic on main system console (verbose boot turned on):= >=20 > http://s.verknowsys.com/33551a89eda736059df6dcb35ea4eda3.png > with bt: > http://s.verknowsys.com/caeb3389d9e7399793a12c44f5760466.png >=20 > Thank you :) Hope this will help someone, let me know if I can help s= omehow further. The panic implies that the MAC policy wasn't initialized (rules_mtx has= n't been initialized). However, mac_portacl.c installs a module with a SYS= INIT ordering that is long before init() starts. To debug this further you = will want to trace mac_policy_modevent() to see when it is being called and = if it is failing to call the init() routine in mac_portacl.c. (Arguably the portacl code should register the sysctl dynamically in it= s init() routine) --=20 John Baldwin