Kernel panic with pf
Max Laier
max at love2party.net
Sun Oct 24 12:28:26 PDT 2004
On Sunday 24 October 2004 21:14, Gilbert Cao wrote:
> On Sun, Oct 24, 2004 at 06:48:28PM +0200, Max Laier wrote:
> > Hmmm ... that's bad. Can you please test the attached patch. It is a wild
> > guess as I am currently not able to test. Please tell me if it helps.
> >
> > --
> > /"\ Best regards, | mlaier at freebsd.org
> > \ / Max Laier | ICQ #67774661
> > X http://pf4freebsd.love2party.net/ | mlaier at EFnet
> > / \ ASCII Ribbon Campaign | Against HTML Mail and News
> >
> > Index: pf.c
> > ===================================================================
> > RCS file: /usr/store/mlaier/fcvs/src/sys/contrib/pf/net/pf.c,v
> > retrieving revision 1.18.2.2
> > diff -u -r1.18.2.2 pf.c
> > --- pf.c 3 Oct 2004 17:04:39 -0000 1.18.2.2
> > +++ pf.c 24 Oct 2004 16:45:33 -0000
> > @@ -2506,6 +2506,11 @@
> > }
> > #ifdef __FreeBSD__
> > INP_LOCK(inp);
> > + if ((inp->inp_socket == NULL) || (inp->inp_socket->so_cred == NULL)) {
> > + INP_UNLOCK(inp);
> > + INP_INFO_RUNLOCK(pi);
> > + return (0);
> > + }
> > *uid = inp->inp_socket->so_cred->cr_uid;
> > *gid = inp->inp_socket->so_cred->cr_groups[0];
> > INP_UNLOCK(inp);
>
> Thanks.
> That works, no panic.
Thanks. Going to commit it.
> Should I also test with debug.mpsafenet=0, or is it useless ?
You should not use user/group rules in a debug.mpsafenet=1 environment. It
will cause hard lockups and the like. The fix for these lockups is non-
trivial and will take some more time.
--
/"\ Best regards, | mlaier at freebsd.org
\ / Max Laier | ICQ #67774661
X http://pf4freebsd.love2party.net/ | mlaier at EFnet
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20041024/64ff3e63/attachment.bin
More information about the freebsd-net
mailing list