Bug 1196371
| Summary: | rpc.gssd segfaults in gssproxy (proxymech.so) | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Steve Dickson <steved> | ||||||||||
| Component: | gssproxy | Assignee: | Simo Sorce <ssorce> | ||||||||||
| Status: | CLOSED ERRATA | QA Contact: | Yongcheng Yang <yoyang> | ||||||||||
| Severity: | unspecified | Docs Contact: | |||||||||||
| Priority: | unspecified | ||||||||||||
| Version: | 7.2 | CC: | bcodding, dpal, eguan, nsoman, steved | ||||||||||
| Target Milestone: | rc | ||||||||||||
| Target Release: | --- | ||||||||||||
| Hardware: | Unspecified | ||||||||||||
| OS: | Unspecified | ||||||||||||
| Whiteboard: | |||||||||||||
| Fixed In Version: | gssproxy-0.4.1-2.el7 | Doc Type: | Bug Fix | ||||||||||
| Doc Text: | Story Points: | --- | |||||||||||
| Clone Of: | Environment: | ||||||||||||
| Last Closed: | 2015-11-19 09:30:39 UTC | Type: | Bug | ||||||||||
| Regression: | --- | Mount Type: | --- | ||||||||||
| Documentation: | --- | CRM: | |||||||||||
| Verified Versions: | Category: | --- | |||||||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||||||
| Embargoed: | |||||||||||||
| Attachments: |
|
||||||||||||
What nfs-utils and gssproxy package versions ? (In reply to Simo Sorce from comment #1) > What nfs-utils and gssproxy package versions ? See above... gssproxy-0.3.0-10.el7 nfs-utils-1.3.0-0.8.el7 to get the attached back trace I did the following: Restart rpc.gssd systemctl restart rpc-gssd Attached to the runnning process gdb -p $(pidof rpc.gssd) Set the following gdb things set follow-fork-mode child # gdb will follow the forked child handle SIG37 nostop # gdb will ignore SIG 37 c # continue In another window mount ganesha-server:/export /mnt Created attachment 995695 [details]
wireshark trace showing the AUTH_ERROR
Created attachment 995700 [details]
valgrid log
*** Bug 1196794 has been marked as a duplicate of this bug. *** Created attachment 995848 [details]
Fix for the double-free bug
Steve,
the attached patch is a more complete version of the scratch build you tested today, and it is the one sent upstream.
For reference.
Upstream ticket: https://fedorahosted.org/gss-proxy/ticket/144 Upstream ticket: https://fedorahosted.org/gss-proxy/ticket/137 Fixed in gssproxy-0.4.1-2.el7 ... ... marking bug as MODIFIED. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-2298.html |
Created attachment 995330 [details] Full Backtrace Description of problem: The following segfault happen in rpc.gssd when Red Hat Storage server (aka the ganesha server) #0 memmove_ssse3_back () at ../sysdeps/x86_64/multiarch/memcpy-ssse3-back.S:2588 #0 0x00007fb790aba8e3 in memmove (__len=103, __src=<optimized out>, __dest=<optimized out>) at /usr/include/bits/string3.h:57 #2 xdrmem_putbytes (xdrs=0x7fff5aa23880, addr=<optimized out>, len=103) at xdr_mem.c:145 #3 0x00007fb790ab9fda in gssrpc_xdr_opaque (xdrs=0x7fff5aa23880, cp=<optimized out>, cnt=<optimized out>) at xdr.c:414 The full back trace is attached. Version-Release number of selected component (if applicable): gssproxy-0.3.0-10.el7 How reproducible: 100% Steps to Reproduce: 1. start rpc.gssd with a valid keytab 2. mount the Red Hat storage server. 3. Additional info: The problem occurs because the rhel7 client is trying to set up a GSS context with the server. Security is not enabled on the server so the request is failed with an AUTH_ERROR error.