Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 14 Nov 2006 19:41:00 +0200
From:      Kostik Belousov <kostikbel@gmail.com>
To:        Steve Wills <steve@stevenwills.com>
Cc:        freebsd-stable@freebsd.org, Robert Watson <rwatson@freebsd.org>
Subject:   Re: audit and quota don't get along
Message-ID:  <20061114174059.GB29623@deviant.kiev.zoral.com.ua>
In-Reply-To: <FB65FCDB-8815-48FB-AF7D-41DF705DF23B@stevenwills.com>
References:  <9ABCABF7-2D44-496D-84A2-4C3CA4527355@stevenwills.com> <20061114092953.R50450@fledge.watson.org> <FB65FCDB-8815-48FB-AF7D-41DF705DF23B@stevenwills.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--1LKvkjL3sHcu1TtY
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Nov 14, 2006 at 12:02:43PM -0500, Steve Wills wrote:
> On Nov 14, 2006, at 4:31 AM, Robert Watson wrote:
>=20
> >
> >A backtrace would be helpful.
> >
>=20
> Fatal trap 12: page fault while in kernel mode
> fault virtual address   =3D 0x0
> fault code              =3D supervisor read, page not present
> instruction pointer     =3D 0x20:0xc06a1728
> stack pointer           =3D 0x28:0xcdb68c34
> frame pointer           =3D 0x28:0xcdb68c3c
> code segment            =3D base 0x0, limit 0xfffff, type 0x1b
>                         =3D DPL 0, pres 1, def32 1, gran 1
> processor eflags        =3D resume, IOPL =3D 0
> current process         =3D 568 (auditd)
> [thread pid 568 tid 100047 ]
> Stopped at      0xc06a1728 =3D turnstile_broadcast+0x30:  cmpl    $0,0(%=
=20
> esi)
> db> bt
> Tracing pid 568 tid 100047 td 0xc247bc00
> turnstile_broadcast(0,c247bc00,0,cdb68cdc,c07c1e1b,...) at 0xc06a1728 =20
> =3D turnstile_broadcast+0x30
> _mtx_unlock_sleep(c09f7780,0,0,0) at 0xc06776a7 =3D _mtx_unlock_sleep+0x3f
> auditctl(c247bc00,cdb68d04) at 0xc07c1e1b =3D auditctl+0x14f
> syscall(3b,3b,3b,8054200,7,...) at 0xc08a154b =3D syscall+0x2cf
> Xint0x80_syscall() at 0xc088e94f =3D Xint0x80_syscall+0x1f
> --- syscall (453, FreeBSD ELF32, auditctl), eip =3D 0x280cbcb7, esp =3D =
=20
> 0xbfbfec1c, ebp =3D 0xbfbfec88 ---
> db>
>=20
> >Are you using quotas on the file system targeted by the audit =20
> >trail, or just on the system in general?
>=20
> Just on the system, but I'd like to have them together.
>=20
> >Is compiling quotas in sufficient to reproduce the problem, or must =20
> >quotas be enabled on at least one file system?
>=20
> Compiling quotas in is sufficient.
>=20
I'm wondering how many people are tripped over this feature of vn_open.

Please, try the patch:

Index: sys/security/audit/audit_syscalls.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
RCS file: /usr/local/arch/ncvs/src/sys/security/audit/audit_syscalls.c,v
retrieving revision 1.1.2.4
diff -u -r1.1.2.4 audit_syscalls.c
--- sys/security/audit/audit_syscalls.c	16 Oct 2006 15:03:48 -0000	1.1.2.4
+++ sys/security/audit/audit_syscalls.c	14 Nov 2006 17:40:01 -0000
@@ -580,9 +580,9 @@
 	error =3D vn_open(&nd, &flags, 0, -1);
 	if (error)
 		return (error);
-	vfslocked =3D NDHASGIANT(&nd);
-	VOP_UNLOCK(nd.ni_vp, 0, td);
 	vp =3D nd.ni_vp;
+	vfslocked =3D VFS_LOCK_GIANT(vp->v_mount);
+	VOP_UNLOCK(nd.ni_vp, 0, td);
 	if (vp->v_type !=3D VREG) {
 		vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td);
 		VFS_UNLOCK_GIANT(vfslocked);

--1LKvkjL3sHcu1TtY
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)

iD8DBQFFWf+rC3+MBN1Mb4gRAnVjAJoDb0iLRH+NW155Vas7Rh8eISkfwQCdH2QE
cToknSjg8/RvV6sAI+dCflQ=
=jLn/
-----END PGP SIGNATURE-----

--1LKvkjL3sHcu1TtY--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061114174059.GB29623>