--===============1002108121== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable New submission from fanch <fanch@kekpar.net>: In devfs_rules.c, struct "devfs_rule_ioctl" member "rule_type" is tested as= an integer, but is a bitmask. So when both DEVFS_RULE_NAME and DEVFS_RULE_JAIL= are set, the member "name" in newly created devfs_rule is set to NULL. Later, devfs_rule_checkname() is called, and the kernel will panic in devfs_resolve_name_path(). See diff for a partial correction (len=3D=3D0 and invalid name or linkname = pointers need to be handled elsewhere). By the way, /dev/rc.d/devfs seems to be called too early in the boot proces= s: it does nothing. But calling it later (manually) works. ---------- files: devfs_rules.c.diff messages: 9161 nosy: fanch priority: bug status: unread title: Panic when mounting a jailed devfs with jail devfs.conf entries _____________________________________________________ DragonFly issue tracker <bugs@lists.dragonflybsd.org> <http://bugs.dragonflybsd.org/issue1885> _____________________________________________________ --===============1002108121== Content-Type: application/octet-stream MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="devfs_rules.c.diff" LS0tIHN5cy92ZnMvZGV2ZnMvZGV2ZnNfcnVsZXMuYy5vcmkJMjAxMC0xMC0xNiAyMjoxNjozNiAr MDIwMAorKysgc3lzL3Zmcy9kZXZmcy9kZXZmc19ydWxlcy5jCTIwMTAtMTAtMjQgMTc6MTI6NDkg KzAyMDAKQEAgLTk5LDcgKzk5LDcgQEAKIAkJcnVsZS0+bW50cG9pbnRsZW4gPSBsZW47CiAJfQog Ci0JaWYgKHRlbXBsLT5ydWxlX3R5cGUgPT0gREVWRlNfUlVMRV9OQU1FKSB7CisJaWYgKHRlbXBs LT5ydWxlX3R5cGUgJiBERVZGU19SVUxFX05BTUUpIHsKIAkJbGVuID0gc3RybGVuKHRlbXBsLT5u YW1lKTsKIAkJaWYgKGxlbiA+IDApIHsKIAkJCXJ1bGUtPm5hbWUgPSBrc3RyZHVwKHRlbXBsLT5u YW1lLCBNX0RFVkZTKTsK --===============1002108121==--