Panic in kern_access
Mel Flynn
mel.flynn+fbsd.current at mailing.thruhere.net
Tue Sep 15 12:03:55 UTC 2009
On Tuesday 15 September 2009 13:14:31 Kostik Belousov wrote:
> On Mon, Sep 14, 2009 at 08:24:49PM +0200, Mel Flynn wrote:
> > Hi,
> >
> > below some crash info. However, since kib@ made some fixes that seem
> > to relate to this, I shall rebuild my kernel with new sources.
>
> No my fixes were related to the issue, AFAIR.
>
> > At the time I was building various ports in a jail and asleep, so no
> > other contributing factors.
> >
> > panic: free: address 0xc62e0e00(0xc62e0000) has not been allocated.
> >
> > #0 doadump () at pcpu.h:246
> > 246 pcpu.h: No such file or directory.
> > in pcpu.h
> > (kgdb) #0 doadump () at pcpu.h:246
> > #1 0xc0642b57 in boot (howto=260) at
> > /usr/src/sys/kern/kern_shutdown.c:416 #2 0xc0642e49 in panic
> > (fmt=Variable "fmt" is not available.
> > ) at /usr/src/sys/kern/kern_shutdown.c:579
> > #3 0xc062fcfe in free (addr=0x0, mtp=0xc091c330)
> > at /usr/src/sys/kern/kern_malloc.c:444
> > #4 0xc063b018 in crfree (cr=0xc795ea80) at
> > /usr/src/sys/kern/kern_prot.c:1840
>
> I want to see the output of
> p/x cr
> and
> p/x cr->cr_groups
> from the frame 4.
(kgdb) p/x cr
$1 = 0xc795ea80
(kgdb) p/x cr->cr_groups
$2 = 0xc62e0e00
(kgdb) p/x *cr->cr_groups
$3 = 0x0
(kgdb) p/x *cr
$4 = {cr_ref = 0x0, cr_uid = 0x0, cr_ruid = 0x0, cr_svuid = 0x0, cr_ngroups = 0x2,
cr_rgid = 0x0, cr_svgid = 0x0, cr_uidinfo = 0xc5523380, cr_ruidinfo = 0xc5523380,
cr_prison = 0xcc3a0800, cr_pspare = 0x0, cr_flags = 0x0, cr_pspare2 = {0x0, 0x0},
cr_label = 0x0, cr_audit = {ai_auid = 0xffffffff, ai_mask = {am_success = 0x0,
am_failure = 0x0}, ai_termid = {at_port = 0x0, at_type = 0x4, at_addr = {0x0, 0x0,
0x0, 0x0}}, ai_asid = 0x0, ai_flags = 0x0}, cr_groups = 0xc62e0e00,
cr_agroups = 0x10}
Hmm, since this is in credentials, would it be relevant that I have patched kern_jail.c
to allow /dev/io access? I don't touch credentials,though and X wasn't running in the jail
at the crash time. Just in case, patch is below.
--
Mel
Index: sys/kern/kern_jail.c
===================================================================
--- sys/kern/kern_jail.c (revision 197210)
+++ sys/kern/kern_jail.c (working copy)
@@ -160,6 +160,7 @@
"allow.mount",
"allow.quotas",
"allow.socket_af",
+ "allow.dev_io",
};
static char *pr_allow_nonames[] = {
@@ -170,6 +171,7 @@
"allow.nomount",
"allow.noquotas",
"allow.nosocket_af",
+ "allow.nodev_io",
};
#define JAIL_DEFAULT_ALLOW PR_ALLOW_SET_HOSTNAME
@@ -3738,6 +3740,17 @@
case PRIV_NETINET_GETCRED:
return (0);
+ /*
+ * Allow access to /dev/io in a jail if the non-jailed admin
+ * requests this and if /dev/io exists in the jail. This
+ * allows Xorg to probe a card.
+ */
+ case PRIV_IO:
+ if (cred->cr_prison->pr_allow & PR_ALLOW_DEV_IO)
+ return (0);
+ else
+ return (EPERM);
+
default:
/*
* In all remaining cases, deny the privilege request. This
@@ -3988,6 +4001,10 @@
CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
NULL, PR_ALLOW_MOUNT, sysctl_jail_default_allow, "I",
"Processes in jail can mount/unmount jail-friendly file systems");
+SYSCTL_PROC(_security_jail, OID_AUTO, dev_io_allow,
+ CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE,
+ NULL, PR_ALLOW_DEV_IO, sysctl_jail_default_allow, "I",
+ "Processes in jail can access /dev/io");
static int
sysctl_jail_default_level(SYSCTL_HANDLER_ARGS)
@@ -4114,6 +4131,8 @@
"B", "Jail may set file quotas");
SYSCTL_JAIL_PARAM(_allow, socket_af, CTLTYPE_INT | CTLFLAG_RW,
"B", "Jail may create sockets other than just UNIX/IPv4/IPv6/route");
+SYSCTL_JAIL_PARAM(_allow, dev_io, CTLTYPE_INT | CTLFLAG_RW,
+ "B", "Jail can access /dev/io if present");
#ifdef DDB
Index: sys/sys/jail.h
===================================================================
--- sys/sys/jail.h (revision 197210)
+++ sys/sys/jail.h (working copy)
@@ -207,7 +207,8 @@
#define PR_ALLOW_MOUNT 0x0010
#define PR_ALLOW_QUOTAS 0x0020
#define PR_ALLOW_SOCKET_AF 0x0040
-#define PR_ALLOW_ALL 0x007f
+#define PR_ALLOW_DEV_IO 0x0080
+#define PR_ALLOW_ALL 0x00ff
/*
* OSD methods
More information about the freebsd-current
mailing list