Kernel panic when accessing ZFS-Filesystem via NFS
Doug Rabson
dfr at rabson.org
Thu Jun 4 07:35:02 UTC 2009
On 3 Jun 2009, at 20:42, Bjoern A. Zeeb wrote:
> On Wed, 3 Jun 2009, Wesley Shields wrote:
>
> Hi,
>
>>>>> ...
>
>> [ The panic message and backtrace from ddb is at
>> http://people.freebsd.org/~wxs/crash.txt ]
>>
> ...
>> cred->cr_prison is null? It is my understanding that when not jailed
>> cred->cr_prison should be &prison0 with the new hierarchical jails.
>> The
>> fact that it is null is causing prison_priv_check to enter the switch
>> statement, leading to the crash.
>>
>> I'm not sure why cred->cr_prison is null in this case.
>
> The question here is not if cred->cr_prison can be null but where is
> the cred coming from?
>
> If you look at init_main.c around lines 440 - 457 you'll find prison0
> being further initialized (cpuset) and p_ucred->cr_prison being set to
> &prsion0. And a bit further down in l470 td_ucred is initialized from
> that. cr_prison should thus always be setup.
>
> What you are looking at above looks like a crget() with only
> cr_ngroups updated.
>
> [removing a lot more text as I was going on debugging in a very small
> window]
>
> I would start looking at svc_getcred() and blame at least the
> AUTH_UNIX case; end of rpc/svc_auth.c. This looks like a big NO-NO.
> I am pretty sure I'd also want to audit svc_rpc_gss(), just in case.
The NFS server is creating a ucred which describes the privileges to
be given to the remote user. What is the correct way to do this and
where can I read the documentation?
More information about the freebsd-current
mailing list