Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 04 Jan 2016 13:28:37 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-amd64@FreeBSD.org
Subject:   [Bug 205873] pfctl -sr from a jail with vnet trigger Fatal trap 12 during pfioctl
Message-ID:  <bug-205873-6@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205873

            Bug ID: 205873
           Summary: pfctl -sr from a jail with vnet trigger Fatal trap 12
                    during pfioctl
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs@FreeBSD.org
          Reporter: sheda@fsfe.org
                CC: freebsd-amd64@FreeBSD.org
                CC: freebsd-amd64@FreeBSD.org

Created attachment 165051
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=165051&action=edit
Backtrace of the fatal trap triggered by the jailed pfctl -sr

Running "pfctl -sr" from within a jail having its own vnet trigger a "Fatal
trap 12: page fault while in kernel mode" (backtrace in the screenshot
attached).

Surprisingly, the "dump" command successfully generate a core dump that can be
read with kgdb but "bt" don't show any thread containing the pfioctl call.

Anyway, the jail is configured as follow:

$ head -n 17 /etc/jail.conf
allow.mount;
allow.mount.devfs;
allow.sysvipc;
devfs_ruleset = 5;
exec.clean;
exec.poststop = "/jail/etc/poststop $name";
exec.prestart = "/jail/etc/prestart $name";
exec.start    = "sh /etc/rc";
host.hostname = "$name.fb11.lab.local";
mount.devfs;
path          = /jail/$name;
persist;

left {
        vnet           = new;
        vnet.interface = epair0a;
}
[...]
$ grep -e pf -e jail /etc/rc.conf
jail_enable="NO"
# Set the jail list to "" to create all the jails found in jail.conf(5)
jail_list=""
pf_enable="YES"
pf_log="YES"
$ cat /etc/pf.conf 
pass from any to any
$ pfctl -sr
pass all flags S/SA keep state
$ cat /etc/devfs.rules 
[ruleset=5]
add include $devfsrules_jail
add path 'pf' unhide
$ ll -i /dev/pf
88 crw-------  1 root  wheel  0x58 Jan  4 14:30 /dev/pf
$ sudo jexec left ls -li /dev/pf
88 crw-------  1 root  wheel  0x58 Jan  4 13:30 /dev/pf
$

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-205873-6>