Date: Tue, 14 Nov 2006 19:41:00 +0200 From: Kostik Belousov <kostikbel@gmail.com> To: Steve Wills <steve@stevenwills.com> Cc: freebsd-stable@freebsd.org, Robert Watson <rwatson@freebsd.org> Subject: Re: audit and quota don't get along Message-ID: <20061114174059.GB29623@deviant.kiev.zoral.com.ua> In-Reply-To: <FB65FCDB-8815-48FB-AF7D-41DF705DF23B@stevenwills.com> References: <9ABCABF7-2D44-496D-84A2-4C3CA4527355@stevenwills.com> <20061114092953.R50450@fledge.watson.org> <FB65FCDB-8815-48FB-AF7D-41DF705DF23B@stevenwills.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--1LKvkjL3sHcu1TtY Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Nov 14, 2006 at 12:02:43PM -0500, Steve Wills wrote: > On Nov 14, 2006, at 4:31 AM, Robert Watson wrote: >=20 > > > >A backtrace would be helpful. > > >=20 > Fatal trap 12: page fault while in kernel mode > fault virtual address =3D 0x0 > fault code =3D supervisor read, page not present > instruction pointer =3D 0x20:0xc06a1728 > stack pointer =3D 0x28:0xcdb68c34 > frame pointer =3D 0x28:0xcdb68c3c > code segment =3D base 0x0, limit 0xfffff, type 0x1b > =3D DPL 0, pres 1, def32 1, gran 1 > processor eflags =3D resume, IOPL =3D 0 > current process =3D 568 (auditd) > [thread pid 568 tid 100047 ] > Stopped at 0xc06a1728 =3D turnstile_broadcast+0x30: cmpl $0,0(%= =20 > esi) > db> bt > Tracing pid 568 tid 100047 td 0xc247bc00 > turnstile_broadcast(0,c247bc00,0,cdb68cdc,c07c1e1b,...) at 0xc06a1728 =20 > =3D turnstile_broadcast+0x30 > _mtx_unlock_sleep(c09f7780,0,0,0) at 0xc06776a7 =3D _mtx_unlock_sleep+0x3f > auditctl(c247bc00,cdb68d04) at 0xc07c1e1b =3D auditctl+0x14f > syscall(3b,3b,3b,8054200,7,...) at 0xc08a154b =3D syscall+0x2cf > Xint0x80_syscall() at 0xc088e94f =3D Xint0x80_syscall+0x1f > --- syscall (453, FreeBSD ELF32, auditctl), eip =3D 0x280cbcb7, esp =3D = =20 > 0xbfbfec1c, ebp =3D 0xbfbfec88 --- > db> >=20 > >Are you using quotas on the file system targeted by the audit =20 > >trail, or just on the system in general? >=20 > Just on the system, but I'd like to have them together. >=20 > >Is compiling quotas in sufficient to reproduce the problem, or must =20 > >quotas be enabled on at least one file system? >=20 > Compiling quotas in is sufficient. >=20 I'm wondering how many people are tripped over this feature of vn_open. Please, try the patch: Index: sys/security/audit/audit_syscalls.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/local/arch/ncvs/src/sys/security/audit/audit_syscalls.c,v retrieving revision 1.1.2.4 diff -u -r1.1.2.4 audit_syscalls.c --- sys/security/audit/audit_syscalls.c 16 Oct 2006 15:03:48 -0000 1.1.2.4 +++ sys/security/audit/audit_syscalls.c 14 Nov 2006 17:40:01 -0000 @@ -580,9 +580,9 @@ error =3D vn_open(&nd, &flags, 0, -1); if (error) return (error); - vfslocked =3D NDHASGIANT(&nd); - VOP_UNLOCK(nd.ni_vp, 0, td); vp =3D nd.ni_vp; + vfslocked =3D VFS_LOCK_GIANT(vp->v_mount); + VOP_UNLOCK(nd.ni_vp, 0, td); if (vp->v_type !=3D VREG) { vn_close(vp, AUDIT_CLOSE_FLAGS, td->td_ucred, td); VFS_UNLOCK_GIANT(vfslocked); --1LKvkjL3sHcu1TtY Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFWf+rC3+MBN1Mb4gRAnVjAJoDb0iLRH+NW155Vas7Rh8eISkfwQCdH2QE cToknSjg8/RvV6sAI+dCflQ= =jLn/ -----END PGP SIGNATURE----- --1LKvkjL3sHcu1TtY--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061114174059.GB29623>