Re: cfbe7a62dc62 - main - nfs, rpc: Ensure kernel credentials have at least one group
- Reply: Olivier Certner : "Re: cfbe7a62dc62 - main - nfs, rpc: Ensure kernel credentials have at least one group"
- Reply: Olivier Certner : "Re: cfbe7a62dc62 - main - nfs, rpc: Ensure kernel credentials have at least one group"
- In reply to: Ravi Pokala : "Re: cfbe7a62dc62 - main - nfs, rpc: Ensure kernel credentials have at least one group"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 03 Nov 2024 06:57:04 UTC
One of these commits causes a panic when yppasswd is started. The relevant
details are below.
However on my laptop the panic is in mountd. No core dump was captured on
that machine.
cwsys dumped core - see /var/crash/vmcore.22
Sat Nov 2 23:29:29 PDT 2024
FreeBSD cwsys 15.0-CURRENT FreeBSD 15.0-CURRENT #59
komquats-n273418-0f5116d7efe3: Sat Nov 2 19:32:30 PDT 2024
root@slippy:/export/obj/opt/src/git-src/amd64.amd64/sys/BREAK amd64
panic: page fault
Reading symbols from /boot/kernel/kernel...
Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug...
Reading symbols from /boot/kernel/geom_mirror.ko...
Reading symbols from /usr/lib/debug//boot/kernel/geom_mirror.ko.debug...
Reading symbols from /boot/kernel/sem.ko...
Reading symbols from /usr/lib/debug//boot/kernel/sem.ko.debug...
Reading symbols from /boot/kernel/zfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug...
Reading symbols from /boot/kernel/amdtemp.ko...
Reading symbols from /usr/lib/debug//boot/kernel/amdtemp.ko.debug...
Reading symbols from /boot/kernel/amdsmn.ko...
Reading symbols from /usr/lib/debug//boot/kernel/amdsmn.ko.debug...
Reading symbols from /boot/kernel/if_nfe.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_nfe.ko.debug...
Reading symbols from /boot/kernel/aibs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/aibs.ko.debug...
Reading symbols from /boot/kernel/filemon.ko...
Reading symbols from /usr/lib/debug//boot/kernel/filemon.ko.debug...
Reading symbols from /boot/kernel/dtraceall.ko...
Reading symbols from /usr/lib/debug//boot/kernel/dtraceall.ko.debug...
Reading symbols from /boot/kernel/profile.ko...
Reading symbols from /usr/lib/debug//boot/kernel/profile.ko.debug...
Reading symbols from /boot/kernel/opensolaris.ko...
Reading symbols from /usr/lib/debug//boot/kernel/opensolaris.ko.debug...
Reading symbols from /boot/kernel/dtrace.ko...
Reading symbols from /usr/lib/debug//boot/kernel/dtrace.ko.debug...
Reading symbols from /boot/kernel/systrace_freebsd32.ko...
Reading symbols from /usr/lib/debug//boot/kernel/systrace_freebsd32.ko.debug
...
Reading symbols from /boot/kernel/systrace.ko...
Reading symbols from /usr/lib/debug//boot/kernel/systrace.ko.debug...
Reading symbols from /boot/kernel/sdt.ko...
Reading symbols from /usr/lib/debug//boot/kernel/sdt.ko.debug...
Reading symbols from /boot/kernel/kinst.ko...
Reading symbols from /usr/lib/debug//boot/kernel/kinst.ko.debug...
Reading symbols from /boot/kernel/fasttrap.ko...
Reading symbols from /usr/lib/debug//boot/kernel/fasttrap.ko.debug...
Reading symbols from /boot/kernel/fbt.ko...
Reading symbols from /usr/lib/debug//boot/kernel/fbt.ko.debug...
Reading symbols from /boot/kernel/dtnfscl.ko...
Reading symbols from /usr/lib/debug//boot/kernel/dtnfscl.ko.debug...
Reading symbols from /boot/kernel/dtmalloc.ko...
Reading symbols from /usr/lib/debug//boot/kernel/dtmalloc.ko.debug...
Reading symbols from /boot/kernel/dtaudit.ko...
Reading symbols from /usr/lib/debug//boot/kernel/dtaudit.ko.debug...
Reading symbols from /boot/kernel/if_sk.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_sk.ko.debug...
Reading symbols from /boot/kernel/cpufreq.ko...
Reading symbols from /usr/lib/debug//boot/kernel/cpufreq.ko.debug...
Reading symbols from /boot/kernel/if_lagg.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_lagg.ko.debug...
Reading symbols from /boot/kernel/if_infiniband.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_infiniband.ko.debug...
Reading symbols from /boot/kernel/fdescfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/fdescfs.ko.debug...
Reading symbols from /boot/kernel/nullfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/nullfs.ko.debug...
Reading symbols from /boot/kernel/if_bridge.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_bridge.ko.debug...
Reading symbols from /boot/kernel/bridgestp.ko...
Reading symbols from /usr/lib/debug//boot/kernel/bridgestp.ko.debug...
Reading symbols from /boot/kernel/fusefs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/fusefs.ko.debug...
Reading symbols from /boot/kernel/geom_uzip.ko...
Reading symbols from /usr/lib/debug//boot/kernel/geom_uzip.ko.debug...
Reading symbols from /boot/kernel/autofs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/autofs.ko.debug...
__curthread () at /opt/src/git-src/sys/amd64/include/pcpu_aux.h:57
57 __asm("movq %%gs:%c1,%0" : "=r" (td)
(kgdb) #0 __curthread () at /opt/src/git-src/sys/amd64/include/pcpu_aux.h:5
7
td = <optimized out>
#1 doadump (textdump=textdump@entry=1)
at /opt/src/git-src/sys/kern/kern_shutdown.c:404
error = 0
coredump = <optimized out>
#2 0xffffffff806dafee in kern_reboot (howto=260)
at /opt/src/git-src/sys/kern/kern_shutdown.c:524
once = 0
#3 0xffffffff806db517 in vpanic (fmt=0xffffffff80b03e2b "%s",
ap=ap@entry=0xfffffe008ed86890)
at /opt/src/git-src/sys/kern/kern_shutdown.c:979
buf = "page fault", '\000' <repeats 245 times>
__pc = 0x0
__pc = 0x0
__pc = 0x0
other_cpus = {__bits = {13, 0 <repeats 15 times>}}
td = 0xfffff80009381740
bootopt = <unavailable>
newpanic = <optimized out>
#4 0xffffffff806db343 in panic (fmt=<unavailable>)
at /opt/src/git-src/sys/kern/kern_shutdown.c:892
ap = {{gp_offset = 16, fp_offset = 48,
overflow_arg_area = 0xfffffe008ed868c0,
reg_save_area = 0xfffffe008ed86860}}
#5 0xffffffff80a81aab in trap_fatal (frame=0xfffffe008ed86970, eva=40)
at /opt/src/git-src/sys/amd64/amd64/trap.c:950
__pc = 0x0
__pc = 0x0
__pc = 0x0
softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27,
ssd_dpl = 0, ssd_p = 1, ssd_long = 1, ssd_def32 = 0, ssd_gran = 1}
code = 0
ss = 40
type = <optimized out>
gdt = <optimized out>
handled = <optimized out>
#6 0xffffffff80a81af6 in trap_pfault (frame=<unavailable>, usermode=false,
signo=<optimized out>, ucode=<optimized out>)
at /opt/src/git-src/sys/amd64/amd64/trap.c:758
__pc = 0x0
__pc = 0x0
__pc = 0x0
td = 0xfffff80009381740
p = <optimized out>
eva = <unavailable>
map = <optimized out>
ftype = <optimized out>
rv = <optimized out>
#7 <signal handler called>
No locals.
#8 0xffffffff807b6de0 in vfs_hang_addrlist (mp=0xfffffe008517c100,
argp=0xfffffe008ed86b60, nep=<optimized out>)
at /opt/src/git-src/sys/kern/vfs_export.c:141
smask = 0x0
np = <optimized out>
i = <optimized out>
saddr = <optimized out>
error = <optimized out>
rnh = <optimized out>
off = <optimized out>
rn = <optimized out>
_tid = <optimized out>
_v = <optimized out>
_v = <optimized out>
_size = <optimized out>
_malloc_item = <optimized out>
#9 vfs_export (mp=mp@entry=0xfffffe008517c100,
argp=argp@entry=0xfffffe008ed86b60, do_exjail=true)
at /opt/src/git-src/sys/kern/vfs_export.c:408
error = <optimized out>
pr = 0xffffffff80e60260 <prison0>
nep = 0xfffff8001d04dd00
cr = <optimized out>
new_nep = <optimized out>
#10 0xffffffff807c3ad9 in vfs_domount_update (td=td@entry=0xfffff80009381740
,
vp=0xfffff8002ab30370, fsflags=<optimized out>, fsflags@entry=2167056,
jail_export=<optimized out>, optlist=optlist@entry=0xfffffe008ed86d70)
at /opt/src/git-src/sys/kern/vfs_mount.c:1515
o2export = {ex_flags = 964, ex_root = 4294967295, ex_anon = {
cr_version = 0, cr_uid = 0, cr_ngroups = -16128, cr_groups = {
4294966784, 0, 0, 137604104, 4294965248, 2396547888,
4294966784,
2155596019, 4294967295, 101272584, 4294965248, 716374896,
4294965248, 2396548144, 4294966784, 2396548144}, {
_cr_unused1 = 0xfffffe008ed86b30, cr_pid = -1898419408}},
ex_addr = 0xffffffff807bc7db <VOP_UNLOCK+43>, ex_addrlen = 88
'X',
ex_mask = 0xfffff80006093370, ex_masklen = 176 '\260',
ex_indexfile = 0xffffffff807bc0c1 <vfs_lookup+2753> "=",
ex_numsecflavors = 4, ex_secflavors = {0, 1866625232, -2048,
-2131875320, -1}}
export = {ex_flags = 384, ex_root = 0, ex_uid = 0, ex_ngroups = 3,
ex_groups = 0xfffff80005876d80, ex_addr = 0x0,
ex_addrlen = 0 '\000', ex_mask = 0x0, ex_masklen = 0 '\000',
ex_indexfile = 0x0, ex_numsecflavors = 1, ex_secflavors = {1, 0,
0,
0, 0}}
mp = 0xfffffe008517c100
flag = 4297068560
vfs_suser_failed = <optimized out>
error = <optimized out>
rootvp = 0xfffff8002ab30370
fsid_up = <optimized out>
mnt_union = 0
export_error = 0
len = <optimized out>
bufp = <optimized out>
i = <optimized out>
grps = 0xfffff80005876d80
fsid_up_len = <optimized out>
#11 0xffffffff807bee30 in vfs_domount (td=0xfffff80009381740,
fstype=fstype@entry=0xfffff8006f4270b0 "ufs",
fspath=fspath@entry=0xfffff8006f427090 "/usr",
fsflags=fsflags@entry=2167056, jail_export=false,
optlist=optlist@entry=0xfffffe008ed86d70)
at /opt/src/git-src/sys/kern/vfs_mount.c:1692
nd = {ni_dirp = 0xfffff8006f427090 "/usr", ni_segflg =
UIO_SYSSPACE,
ni_rightsneeded = 0xffffffff80e00538 <cap_no_rights>,
ni_startdir = 0x0, ni_rootdir = 0xfffff80006094c08, ni_topdir =
0x0,
ni_dirfd = -100, ni_lcf = 0, ni_filecaps = {fc_rights = {
cr_rights = {0, 0}}, fc_ioctls = 0x0, fc_nioctls = -1,
fc_fcntls = 0}, ni_vp = 0xfffff8002ab30370,
ni_dvp = 0xfffff80006093370, ni_resflags = 1, ni_debugflags =
63488,
ni_loopcnt = 0, ni_pathlen = 1, ni_next = 0xfffff800085ae404 "",
ni_cnd = {cn_flags = 335806548, cn_cred = 0xfffff80003215100,
cn_nameiop = LOOKUP, cn_lkflags = 524288,
cn_pnbuf = 0xfffff800085ae400 "/usr",
cn_nameptr = 0xfffff800085ae401 "usr", cn_namelen = 3},
ni_cap_tracker = {tqh_first = 0x0, tqh_last =
0xfffffe008ed86ce0},
ni_dvp_seqc = 64, ni_vp_seqc = 0}
error = 0
vfsp = 0x0
vp = 0x3
pathbuf = <optimized out>
#12 0xffffffff807bdf36 in vfs_donmount (td=td@entry=0xfffff80009381740,
fsflags=<optimized out>, fsflags@entry=2101264,
fsoptions=0xfffff8002aa90900) at /opt/src/git-src/sys/kern/vfs_mount.c:9
97
optlist = 0xfffff8006f4270d0
fspath = 0xfffff8006f427090 "/usr"
errmsg = <optimized out>
fspathlen = <optimized out>
errmsg_len = <optimized out>
errmsg_pos = 5
autoro = false
error = 0
fstypelen = <optimized out>
fstype = 0xfffff8006f4270b0 "ufs"
has_nonexport = <optimized out>
jail_export = <optimized out>
opt = <optimized out>
tmp_opt = <optimized out>
#13 0xffffffff807bd5a0 in sys_nmount (td=0xfffff80009381740,
uap=<optimized out>) at /opt/src/git-src/sys/kern/vfs_mount.c:474
auio = 0xfffff8002aa90900
flags = 2101264
iovcnt = <optimized out>
error = 0
#14 0xffffffff80a82365 in syscallenter (td=0xfffff80009381740)
at /opt/src/git-src/sys/amd64/amd64/../../kern/subr_syscall.c:189
se = 0xffffffff80e59ba0 <sysent+12096>
p = 0xfffffe0085179060
sa = <optimized out>
error = <optimized out>
sy_thr_static = true
traced = <optimized out>
_tid = <optimized out>
_v = <optimized out>
_v = <optimized out>
_audit_entered = <optimized out>
_tid = <optimized out>
_v = <optimized out>
_v = <optimized out>
_tid = <optimized out>
_v = <optimized out>
_v = <optimized out>
#15 amd64_syscall (td=0xfffff80009381740, traced=0)
at /opt/src/git-src/sys/amd64/amd64/trap.c:1192
ksi = {ksi_link = {tqe_next = 0xffffffff80a81548 <trap+1880>,
tqe_prev = 0xfffffe008ed86ed0}, ksi_info = {
si_signo = -2140252247, si_errno = -1, si_code = 154670912,
si_pid = -2048, si_uid = 3064555200, si_status = 284,
si_addr = 0xfffffe008ed86e80, si_value = {sival_int =
-2140785242,
sival_ptr = 0xffffffff806635a6 <hardclock+278>,
sigval_int = -2140785242,
sigval_ptr = 0xffffffff806635a6 <hardclock+278>}, _reason = {
_fault = {_trapno = -1898418560}, _timer = {
_timerid = -1898418560, _overrun = -512}, _mesgq = {
_mqd = -1898418560}, _poll = {_band = -2196626706816},
_capsicum = {_syscall = -1898418560}, __spare__ = {
__spare1__ = -2196626706816, __spare2__ = {-2140783412, -1,
0,
0, 70, 0, 0}}}}, ksi_flags = 15,
ksi_sigq = 0xfffffe008ed86ec0}
#16 <signal handler called>
No locals.
#17 0x0000276f876440aa in ?? ()
No symbol table info available.
Backtrace stopped: Cannot access memory at address 0x276f84b0a718
(kgdb) (kgdb) Tracing command "clock", '\000' <repeats 14 times> pid 2 tid
100038 (CPU 0)
#0 cpustop_handler () at /opt/src/git-src/sys/x86/x86/mp_x86.c:1525
#1 0xffffffff80a4f958 in ipi_nmi_handler ()
at /opt/src/git-src/sys/x86/x86/mp_x86.c:1482
#2 0xffffffff80a80e2f in trap (frame=0xffffffff811b9440 <nmi0_stack+3888>)
at /opt/src/git-src/sys/amd64/amd64/trap.c:235
#3 <signal handler called>
#4 rdtsc () at /opt/src/git-src/sys/amd64/include/cpufunc.h:309
#5 delay_tsc (n=1) at /opt/src/git-src/sys/x86/x86/delay.c:64
#6 delay_tc (n=1) at /opt/src/git-src/sys/x86/x86/delay.c:84
#7 DELAY (n=1) at /opt/src/git-src/sys/x86/x86/delay.c:113
#8 0xffffffff81c2668a in sk_marv_miibus_readreg (sc_if=0xfffffe0091018000,
phy=<optimized out>, reg=<optimized out>)
at /opt/src/git-src/sys/dev/sk/if_sk.c:597
#9 sk_miibus_readreg (dev=<optimized out>, phy=<optimized out>,
reg=<optimized out>) at /opt/src/git-src/sys/dev/sk/if_sk.c:447
#10 0xffffffff8049921a in MIIBUS_READREG (dev=0xfffff800057fb900, phy=0,
reg=1)
at ./miibus_if.h:27
#11 e1000phy_status (sc=0xfffff80005807000)
at /opt/src/git-src/sys/dev/mii/e1000phy.c:417
#12 0xffffffff80499187 in e1000phy_service (sc=0xfffff80005807000,
mii=<optimized out>, cmd=1) at /opt/src/git-src/sys/dev/mii/e1000phy.c:4
01
#13 0xffffffff8049cd77 in mii_tick (mii=0xfffff80005807080)
at /opt/src/git-src/sys/dev/mii/mii.c:597
#14 0xffffffff81c252ea in sk_yukon_tick (
xsc_if=xsc_if@entry=0xfffffe0091018000)
at /opt/src/git-src/sys/dev/sk/if_sk.c:2883
#15 0xffffffff806fa1dd in softclock_call_cc (c=0xfffffe0091018038,
cc=cc@entry=0xffffffff81f290c0, direct=direct@entry=0)
at /opt/src/git-src/sys/kern/kern_timeout.c:729
#16 0xffffffff806fb8b4 in softclock_thread (arg=arg@entry=0xffffffff81f290c0
)
at /opt/src/git-src/sys/kern/kern_timeout.c:861
#17 0xffffffff80692abb in fork_exit (
callout=0xffffffff806fb7c0 <softclock_thread>, arg=0xffffffff81f290c0,
frame=0xfffffe008e8aef40) at /opt/src/git-src/sys/kern/kern_fork.c:1151
#18 <signal handler called>
Tracing command "mountd", '\000' <repeats 13 times> pid 3196 tid 100515
(CPU 1)
#0 __curthread () at /opt/src/git-src/sys/amd64/include/pcpu_aux.h:57
#1 doadump (textdump=textdump@entry=1)
at /opt/src/git-src/sys/kern/kern_shutdown.c:404
#2 0xffffffff806dafee in kern_reboot (howto=260)
at /opt/src/git-src/sys/kern/kern_shutdown.c:524
#3 0xffffffff806db517 in vpanic (fmt=0xffffffff80b03e2b "%s",
ap=ap@entry=0xfffffe008ed86890)
at /opt/src/git-src/sys/kern/kern_shutdown.c:979
#4 0xffffffff806db343 in panic (fmt=<unavailable>)
at /opt/src/git-src/sys/kern/kern_shutdown.c:892
#5 0xffffffff80a81aab in trap_fatal (frame=0xfffffe008ed86970, eva=40)
at /opt/src/git-src/sys/amd64/amd64/trap.c:950
#6 0xffffffff80a81af6 in trap_pfault (frame=<unavailable>, usermode=false,
signo=<optimized out>, ucode=<optimized out>)
at /opt/src/git-src/sys/amd64/amd64/trap.c:758
#7 <signal handler called>
#8 0xffffffff807b6de0 in vfs_hang_addrlist (mp=0xfffffe008517c100,
argp=0xfffffe008ed86b60, nep=<optimized out>)
at /opt/src/git-src/sys/kern/vfs_export.c:141
#9 vfs_export (mp=mp@entry=0xfffffe008517c100,
argp=argp@entry=0xfffffe008ed86b60, do_exjail=true)
at /opt/src/git-src/sys/kern/vfs_export.c:408
#10 0xffffffff807c3ad9 in vfs_domount_update (td=td@entry=0xfffff80009381740
,
vp=0xfffff8002ab30370, fsflags=<optimized out>, fsflags@entry=2167056,
jail_export=<optimized out>, optlist=optlist@entry=0xfffffe008ed86d70)
at /opt/src/git-src/sys/kern/vfs_mount.c:1515
#11 0xffffffff807bee30 in vfs_domount (td=0xfffff80009381740,
fstype=fstype@entry=0xfffff8006f4270b0 "ufs",
fspath=fspath@entry=0xfffff8006f427090 "/usr",
fsflags=fsflags@entry=2167056, jail_export=false,
optlist=optlist@entry=0xfffffe008ed86d70)
at /opt/src/git-src/sys/kern/vfs_mount.c:1692
#12 0xffffffff807bdf36 in vfs_donmount (td=td@entry=0xfffff80009381740,
fsflags=<optimized out>, fsflags@entry=2101264,
fsoptions=0xfffff8002aa90900) at /opt/src/git-src/sys/kern/vfs_mount.c:9
97
#13 0xffffffff807bd5a0 in sys_nmount (td=0xfffff80009381740,
uap=<optimized out>) at /opt/src/git-src/sys/kern/vfs_mount.c:474
#14 0xffffffff80a82365 in syscallenter (td=0xfffff80009381740)
at /opt/src/git-src/sys/amd64/amd64/../../kern/subr_syscall.c:189
#15 amd64_syscall (td=0xfffff80009381740, traced=0)
at /opt/src/git-src/sys/amd64/amd64/trap.c:1192
#16 <signal handler called>
#17 0x0000276f876440aa in ?? ()
Backtrace stopped: Cannot access memory at address 0x276f84b0a718
Tracing command "kernel", '\000' <repeats 13 times> pid 0 tid 100248 (CPU 2)
#0 cpustop_handler () at /opt/src/git-src/sys/x86/x86/mp_x86.c:1525
#1 0xffffffff80a4f958 in ipi_nmi_handler ()
at /opt/src/git-src/sys/x86/x86/mp_x86.c:1482
#2 0xffffffff80a80e2f in trap (frame=0xfffffe0011185f30)
at /opt/src/git-src/sys/amd64/amd64/trap.c:235
#3 <signal handler called>
#4 LZ4_compressCtx (ctx=0xfffffe00b3c40000,
source=0xfffffe00bd371000 <error: Cannot access memory at address
0xfffffe00bd371000>,
dest=0xfffffe00c895d004 <error: Cannot access memory at address
0xfffffe00c895d004>, isize=131072, osize=114684)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:532
#5 real_LZ4_compress (
source=0xfffffe00bd371000 <error: Cannot access memory at address
0xfffffe00bd371000>,
dest=0xfffffe00c895d004 <error: Cannot access memory at address
0xfffffe00c895d004>, isize=131072, osize=114684)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:863
#6 zfs_lz4_compress_buf (s_start=0xfffffe00bd371000,
d_start=0xfffffe00c895d000, s_len=131072, d_len=114688, n=<optimized
out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:66
#7 zfs_lz4_compress (src=0xfffff80022646080, dst=0xfffff80075509f00,
s_len=131072, d_len=114688, n=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:104
#8 0xffffffff816a3231 in zio_compress_data (c=<optimized out>,
src=0xfffff80022646080, dst=dst@entry=0xfffffe008eafcdd0, s_len=131072,
d_len=114688, level=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio_compress.c:155
#9 0xffffffff8169b8fa in zio_write_compress (zio=0xfffffe00bdc374c0)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:1916
#10 0xffffffff816996d8 in __zio_execute (zio=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:2427
#11 zio_execute (zio=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:2338
#12 0xffffffff80741e62 in taskqueue_run_locked (
queue=queue@entry=0xfffff800061db800)
at /opt/src/git-src/sys/kern/subr_taskqueue.c:517
#13 0xffffffff80743052 in taskqueue_thread_loop (
arg=arg@entry=0xfffff800057e1d60)
at /opt/src/git-src/sys/kern/subr_taskqueue.c:829
#14 0xffffffff80692abb in fork_exit (
callout=0xffffffff80742f90 <taskqueue_thread_loop>,
arg=0xfffff800057e1d60, frame=0xfffffe008eafcf40)
at /opt/src/git-src/sys/kern/kern_fork.c:1151
#15 <signal handler called>
Tracing command "kernel", '\000' <repeats 13 times> pid 0 tid 100247 (CPU 3)
#0 cpustop_handler () at /opt/src/git-src/sys/x86/x86/mp_x86.c:1525
#1 0xffffffff80a4f958 in ipi_nmi_handler ()
at /opt/src/git-src/sys/x86/x86/mp_x86.c:1482
#2 0xffffffff80a80e2f in trap (frame=0xfffffe0011193f30)
at /opt/src/git-src/sys/amd64/amd64/trap.c:235
#3 <signal handler called>
#4 0xffffffff8158e5e9 in LZ4_compressCtx (ctx=0xfffffe00b3c3c000,
source=0xfffffe00bd0d1000 <error: Cannot access memory at address
0xfffffe00bd0d1000>,
dest=0xfffffe00c829d004 <error: Cannot access memory at address
0xfffffe00c829d004>, isize=131072, osize=114684)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:617
#5 real_LZ4_compress (
source=0xfffffe00bd0d1000 <error: Cannot access memory at address
0xfffffe00bd0d1000>,
dest=0xfffffe00c829d004 <error: Cannot access memory at address
0xfffffe00c829d004>, isize=131072, osize=114684)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:863
#6 zfs_lz4_compress_buf (s_start=0xfffffe00bd0d1000,
d_start=0xfffffe00c829d000, s_len=131072, d_len=114688, n=<optimized
out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:66
#7 zfs_lz4_compress (src=0xfffff80075fab880, dst=0xfffff80022c4be00,
s_len=131072, d_len=114688, n=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/lz4_zfs.c:104
#8 0xffffffff816a3231 in zio_compress_data (c=<optimized out>,
src=0xfffff80075fab880, dst=dst@entry=0xfffffe008eb01dd0, s_len=131072,
d_len=114688, level=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio_compress.c:155
#9 0xffffffff8169b8fa in zio_write_compress (zio=0xfffffe00be1d0980)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:1916
#10 0xffffffff816996d8 in __zio_execute (zio=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:2427
#11 zio_execute (zio=<optimized out>)
at /opt/src/git-src/sys/contrib/openzfs/module/zfs/zio.c:2338
#12 0xffffffff80741e62 in taskqueue_run_locked (
queue=queue@entry=0xfffff800061db800)
at /opt/src/git-src/sys/kern/subr_taskqueue.c:517
#13 0xffffffff80743052 in taskqueue_thread_loop (
arg=arg@entry=0xfffff800057e1d60)
at /opt/src/git-src/sys/kern/subr_taskqueue.c:829
#14 0xffffffff80692abb in fork_exit (
callout=0xffffffff80742f90 <taskqueue_thread_loop>,
arg=0xfffff800057e1d60, frame=0xfffffe008eb01f40)
at /opt/src/git-src/sys/kern/kern_fork.c:1151
#15 <signal handler called>
(kgdb)
--
Cheers,
Cy Schubert <Cy.Schubert@cschubert.com>
FreeBSD UNIX: <cy@FreeBSD.org> Web: https://FreeBSD.org
NTP: <cy@nwtime.org> Web: https://nwtime.org
e^(i*pi)+1=0
In message <9307D0CC-6D10-4F86-AE3B-43E7D6DA19A9@panasas.com>, Ravi Pokala
writ
es:
> Hi Olivier,
>
> This appears to break amd64.MINIMAL and amd64.MINIMALUP:
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
> 3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> % less _.amd64.MINIMAL
> linking kernel.full
> ld: error: undefined symbol: vnet_entry_nfsrv_defaultgid
> >>> referenced by vfs_export.c:141 (sys/kern/vfs_export.c:141)
> >>> vfs_export.o:(vfs_export)
> >>> referenced by vfs_export.c:220 (sys/kern/vfs_export.c:220)
> >>> vfs_export.o:(vfs_export)
> --- kernel.full ---
> *** [kernel.full] Error code 1
>
> make[5]: stopped making "all" in amd64.amd64/sys/MINIMAL
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3
> D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
> 3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> Thanks,
>
> Ravi (rpokala@)
>
> =EF=BB=BF-----Original Message-----
> From: <owner-src-committers@freebsd.org <mailto:owner-src-committers@freebs=
> d.org>> on behalf of Olivier Certner <olce@FreeBSD.org <mailto:olce@FreeBSD.=
> org>>
> Date: Saturday, November 2, 2024 at 13:39
> To: <src-committers@FreeBSD.org <mailto:src-committers@FreeBSD.org>>, <dev-=
> commits-src-all@FreeBSD.org <mailto:dev-commits-src-all@FreeBSD.org>>, <dev-=
> commits-src-main@FreeBSD.org <mailto:dev-commits-src-main@FreeBSD.org>>
> Subject: git: cfbe7a62dc62 - main - nfs, rpc: Ensure kernel credentials hav=
> e at least one group
>
>
> The branch main has been updated by olce:
>
>
> URL: https://cgit.FreeBSD.org/src/commit/?id=3Dcfbe7a62dc62e8a5d7520cb5eb8ad7
> =
> c4a9418e26 <https://cgit.FreeBSD.org/src/commit/?id=3Dcfbe7a62dc62e8a5d7520cb
> 5=
> eb8ad7c4a9418e26>
>
>
> commit cfbe7a62dc62e8a5d7520cb5eb8ad7c4a9418e26
> Author: Olivier Certner <olce@FreeBSD.org <mailto:olce@FreeBSD.org>>
> AuthorDate: 2024-10-02 14:28:59 +0000
> Commit: Olivier Certner <olce@FreeBSD.org <mailto:olce@FreeBSD.org>>
> CommitDate: 2024-11-02 20:37:42 +0000
>
>
> nfs, rpc: Ensure kernel credentials have at least one group
>
>
> This fixes several bugs where some 'struct ucred' in the kernel,
> constructed from user input (via nmount(2)) or obtained from other
> servers (e.g., gssd(8)), could have an unfilled 'cr_groups' field and
> whose 'cr_groups[0]' (or 'cr_gid', which is an alias) was later
> accessed, causing an uninitialized access giving random access rights.
>
>
> Use crsetgroups_fallback() to enforce a fallback group when possible.
> For NFS, the chosen fallback group is that of the NFS server in the
> current VNET (NFSD_VNET(nfsrv_defaultgid)).
>
>
> There does not seem to be any sensible fallback available in rpc code
> (sys/rpc/svc_auth.c, svc_getcred()) on AUTH_UNIX (TLS or not), so just
> fail credential retrieval there. Stock NSS sources, rpc.tlsservd(8) or
> rpc.tlsclntd(8) provide non-empty group lists, so will not be impacted.
>
>
> Discussed with: rmacklem (by mail)
> Approved by: markj (mentor)
> MFC after: 3 days
> Differential Revision: https://reviews.freebsd.org/D46918 <https://reviews.=
> freebsd.org/D46918>
> ---
> sys/fs/nfs/nfs_commonport.c | 4 +++-
> sys/fs/nfs/nfs_commonsubs.c | 5 +++--
> sys/fs/nfsserver/nfs_nfsdport.c | 6 +++++-
> sys/fs/nfsserver/nfs_nfsdsocket.c | 6 ++----
> sys/kern/vfs_export.c | 12 ++++++++----
> sys/rpc/rpcsec_gss/svc_rpcsec_gss.c | 2 +-
> sys/rpc/svc_auth.c | 8 ++++++--
> 7 files changed, 28 insertions(+), 15 deletions(-)
>
>
> diff --git a/sys/fs/nfs/nfs_commonport.c b/sys/fs/nfs/nfs_commonport.c
> index 2db9af5b9ea9..11f31d1a0e9f 100644
> --- a/sys/fs/nfs/nfs_commonport.c
> +++ b/sys/fs/nfs/nfs_commonport.c
> @@ -75,6 +75,7 @@ NFSD_VNET_DEFINE(struct nfsstatsv1 *, nfsstatsv1_p);
>
>
> NFSD_VNET_DECLARE(struct nfssockreq, nfsrv_nfsuserdsock);
> NFSD_VNET_DECLARE(nfsuserd_state, nfsrv_nfsuserd);
> +NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid);
>
>
> int nfs_pnfsio(task_fn_t *, void *);
>
>
> @@ -258,7 +259,8 @@ newnfs_copycred(struct nfscred *nfscr, struct ucred *cr=
> )
> KASSERT(nfscr->nfsc_ngroups >=3D 0,
> ("newnfs_copycred: negative nfsc_ngroups"));
> cr->cr_uid =3D nfscr->nfsc_uid;
> - crsetgroups(cr, nfscr->nfsc_ngroups, nfscr->nfsc_groups);
> + crsetgroups_fallback(cr, nfscr->nfsc_ngroups, nfscr->nfsc_groups,
> + NFSD_VNET(nfsrv_defaultgid));
> }
>
>
> /*
> diff --git a/sys/fs/nfs/nfs_commonsubs.c b/sys/fs/nfs/nfs_commonsubs.c
> index 90b30f462106..ce4b0052714e 100644
> --- a/sys/fs/nfs/nfs_commonsubs.c
> +++ b/sys/fs/nfs/nfs_commonsubs.c
> @@ -4051,8 +4051,9 @@ nfssvc_idname(struct nfsd_idargs *nidp)
> */
> cr =3D crget();
> cr->cr_uid =3D cr->cr_ruid =3D cr->cr_svuid =3D nidp->nid_uid;
> - crsetgroups(cr, nidp->nid_ngroup, grps);
> - cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_groups[0];
> + crsetgroups_fallback(cr, nidp->nid_ngroup, grps,
> + NFSD_VNET(nfsrv_defaultgid));
> + cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_gid;
> cr->cr_prison =3D curthread->td_ucred->cr_prison;
> prison_hold(cr->cr_prison);
> #ifdef MAC
> diff --git a/sys/fs/nfsserver/nfs_nfsdport.c b/sys/fs/nfsserver/nfs_nfsdpor=
> t.c
> index 8a2a39052506..5160645ad73c 100644
> --- a/sys/fs/nfsserver/nfs_nfsdport.c
> +++ b/sys/fs/nfsserver/nfs_nfsdport.c
> @@ -3311,7 +3311,11 @@ nfsd_excred(struct nfsrv_descript *nd, struct nfsexs=
> tuff *exp,
> NFSVNO_EXPORTANON(exp) ||
> (nd->nd_flag & ND_AUTHNONE) !=3D 0) {
> nd->nd_cred->cr_uid =3D credanon->cr_uid;
> - nd->nd_cred->cr_gid =3D credanon->cr_gid;
> + /*
> + * 'credanon' is already a 'struct ucred' that was built
> + * internally with calls to crsetgroups_fallback(), so
> + * we don't need a fallback here.
> + */
> crsetgroups(nd->nd_cred, credanon->cr_ngroups,
> credanon->cr_groups);
> } else if ((nd->nd_flag & ND_GSS) =3D=3D 0) {
> diff --git a/sys/fs/nfsserver/nfs_nfsdsocket.c b/sys/fs/nfsserver/nfs_nfsds=
> ocket.c
> index df0c0edd1b59..d1b6198ba0e1 100644
> --- a/sys/fs/nfsserver/nfs_nfsdsocket.c
> +++ b/sys/fs/nfsserver/nfs_nfsdsocket.c
> @@ -1422,13 +1422,11 @@ static struct ucred *
> nfsrv_createrootcred(void)
> {
> struct ucred *cr;
> - gid_t grp;
>
>
> cr =3D crget();
> cr->cr_uid =3D cr->cr_ruid =3D cr->cr_svuid =3D UID_ROOT;
> - grp =3D GID_WHEEL;
> - crsetgroups(cr, 1, &grp);
> - cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_groups[0];
> + crsetgroups_fallback(cr, 0, NULL, GID_WHEEL);
> + cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_gid;
> cr->cr_prison =3D curthread->td_ucred->cr_prison;
> prison_hold(cr->cr_prison);
> #ifdef MAC
> diff --git a/sys/kern/vfs_export.c b/sys/kern/vfs_export.c
> index 996f3f74193f..c0337b1fe858 100644
> --- a/sys/kern/vfs_export.c
> +++ b/sys/kern/vfs_export.c
> @@ -61,6 +61,10 @@
> #include <rpc/types.h>
> #include <rpc/auth.h>
>
>
> +#include <fs/nfs/nfsport.h>
> +
> +NFSD_VNET_DECLARE(gid_t, nfsrv_defaultgid);
> +
> static MALLOC_DEFINE(M_NETADDR, "export_host", "Export host address structu=
> re");
>
>
> #if defined(INET) || defined(INET6)
> @@ -133,8 +137,8 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *n=
> ep,
> np->netc_exflags =3D argp->ex_flags;
> np->netc_anon =3D crget();
> np->netc_anon->cr_uid =3D argp->ex_uid;
> - crsetgroups(np->netc_anon, argp->ex_ngroups,
> - argp->ex_groups);
> + crsetgroups_fallback(np->netc_anon, argp->ex_ngroups,
> + argp->ex_groups, NFSD_VNET(nfsrv_defaultgid));
> np->netc_anon->cr_prison =3D &prison0;
> prison_hold(np->netc_anon->cr_prison);
> np->netc_numsecflavors =3D argp->ex_numsecflavors;
> @@ -212,8 +216,8 @@ vfs_hang_addrlist(struct mount *mp, struct netexport *n=
> ep,
> np->netc_exflags =3D argp->ex_flags;
> np->netc_anon =3D crget();
> np->netc_anon->cr_uid =3D argp->ex_uid;
> - crsetgroups(np->netc_anon, argp->ex_ngroups,
> - argp->ex_groups);
> + crsetgroups_fallback(np->netc_anon, argp->ex_ngroups, argp->ex_groups,
> + NFSD_VNET(nfsrv_defaultgid));
> np->netc_anon->cr_prison =3D &prison0;
> prison_hold(np->netc_anon->cr_prison);
> np->netc_numsecflavors =3D argp->ex_numsecflavors;
> diff --git a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c b/sys/rpc/rpcsec_gss/svc_r=
> pcsec_gss.c
> index 1e6e71fa10ac..b1790dd167d5 100644
> --- a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
> +++ b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
> @@ -537,7 +537,7 @@ rpc_gss_svc_getcred(struct svc_req *req, struct ucred *=
> *crp, int *flavorp)
> cr =3D client->cl_cred =3D crget();
> cr->cr_uid =3D cr->cr_ruid =3D cr->cr_svuid =3D uc->uid;
> cr->cr_rgid =3D cr->cr_svgid =3D uc->gid;
> - crsetgroups(cr, uc->gidlen, uc->gidlist);
> + crsetgroups_fallback(cr, uc->gidlen, uc->gidlist, uc->gid);
> cr->cr_prison =3D curthread->td_ucred->cr_prison;
> prison_hold(cr->cr_prison);
> *crp =3D crhold(cr);
> diff --git a/sys/rpc/svc_auth.c b/sys/rpc/svc_auth.c
> index 6acb1fb0d4b9..92f1ee0f2844 100644
> --- a/sys/rpc/svc_auth.c
> +++ b/sys/rpc/svc_auth.c
> @@ -187,10 +187,12 @@ svc_getcred(struct svc_req *rqst, struct ucred **crp,=
> int *flavorp)
> if ((xprt->xp_tls & (RPCTLS_FLAGS_CERTUSER |
> RPCTLS_FLAGS_DISABLED)) =3D=3D RPCTLS_FLAGS_CERTUSER &&
> flavor =3D=3D AUTH_UNIX) {
> + if (xprt->xp_ngrps <=3D 0)
> + return (FALSE);
> cr =3D crget();
> cr->cr_uid =3D cr->cr_ruid =3D cr->cr_svuid =3D xprt->xp_uid;
> crsetgroups(cr, xprt->xp_ngrps, xprt->xp_gidp);
> - cr->cr_rgid =3D cr->cr_svgid =3D xprt->xp_gidp[0];
> + cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_gid;
> cr->cr_prison =3D curthread->td_ucred->cr_prison;
> prison_hold(cr->cr_prison);
> *crp =3D cr;
> @@ -200,10 +202,12 @@ svc_getcred(struct svc_req *rqst, struct ucred **crp,=
> int *flavorp)
> switch (flavor) {
> case AUTH_UNIX:
> xcr =3D (struct xucred *) rqst->rq_clntcred;
> + if (xcr->cr_ngroups <=3D 0)
> + return (FALSE);
> cr =3D crget();
> cr->cr_uid =3D cr->cr_ruid =3D cr->cr_svuid =3D xcr->cr_uid;
> crsetgroups(cr, xcr->cr_ngroups, xcr->cr_groups);
> - cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_groups[0];
> + cr->cr_rgid =3D cr->cr_svgid =3D cr->cr_gid;
> cr->cr_prison =3D curthread->td_ucred->cr_prison;
> prison_hold(cr->cr_prison);
> *crp =3D cr;
>
>
>
>