Bug#498627: kernel: Kernel BUG mounting cifs with krb5i
Package: kernel
Severity: important
Subject: kernel: CIFS mount with krb5i Oops
Package: kernel
Severity: important
When attempting to mount a cifs share with Kerberos packet signing, the mount fails and the cifs module is no longer usable or removable until the system is restarted.
I'm using the heimdal clients package.
# mount -t cifs -o krb5i //testdc.test.local/myshare /mnt/test
dmesg output
[ 365.777016] BUG: unable to handle kernel NULL pointer dereference at 00000004
[ 365.779626] IP: [<c01a659e>] call_sbin_request_key+0x12c/0x21d
[ 365.780180] *pde = 00000000
[ 365.782122] Oops: 0000 [#1]
[ 365.783618] Modules linked in: nls_utf8 cifs nls_base video output battery loop snd_pcm snd_timer snd soundcore snd_page_alloc pcspkr psmouse serio_raw ac i2c_piix4 i2c_core button evdev ext3 jbd mbcache dm_mirror dm_log dm_snapshot dm_mod ide_cd_mod cdrom ide_disk ide_pci_generic floppy piix ide_core ata_generic libata pcnet32 mii scsi_mod dock thermal processor fan thermal_sys
[ 365.784276]
[ 365.784276] Pid: 2193, comm: mount.cifs Not tainted (2.6.26-1-486 #1)
[ 365.784276] EIP: 0060:[<c01a659e>] EFLAGS: 00010246 CPU: 0
[ 365.784276] EIP is at call_sbin_request_key+0x12c/0x21d
[ 365.784276] EAX: 00000000 EBX: 00000000 ECX: ce2edbd0 EDX: ce2edbd0
[ 365.784276] ESI: cf4b8400 EDI: ce2edbec EBP: ce132840 ESP: ce2edbd4
[ 365.784276] DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0069
[ 365.784276] Process mount.cifs (pid: 2193, ti=ce2ec000 task=cf4b8400 task.ti=ce2ec000)
[ 365.784276] Stack: c030944a cef369e0 ce132740 00000030 00000000 c034a780 ce130030 c03fffe4
[ 365.784276] ce132848 ce1327c0 00000000 ce1327c0 c01a3c08 00000000 ce2edc58 c034a7e0
[ 365.784276] 00000002 00000009 0000001d ce2edc58 d0a0a27e 7165725f 3931342e 37333736
[ 365.784276] Call Trace:
[ 365.784276] [<c01a3c08>] key_alloc+0x1e4/0x28d
[ 365.784276] [<c01a0039>] exit_sem+0x5c/0x179
[ 365.784276] [<c01a6472>] call_sbin_request_key+0x0/0x21d
[ 365.784276] [<c01a6364>] request_key_and_link+0x1f0/0x240
[ 365.784276] [<c01a66b7>] request_key+0x28/0x51
[ 365.784276] [<d09fad97>] cifs_get_spnego_key+0x1c0/0x1dd [cifs]
[ 365.784276] [<d09f9c2f>] CIFS_SessSetup+0x306/0x877 [cifs]
[ 365.784276] [<d09e7cf1>] cifs_setup_session+0xf1/0xae0 [cifs]
[ 365.784276] [<c01cd579>] sprintf+0x1d/0x20
[ 365.784276] [<d09eae6c>] cifs_mount+0x1874/0x203c [cifs]
[ 365.784276] [<d09eaef0>] cifs_mount+0x18f8/0x203c [cifs]
[ 365.784276] [<c021189c>] n_tty_set_termios+0x207/0x20c
[ 365.784276] [<c01c9946>] idr_get_new_above_int+0x35/0x3e
[ 365.784276] [<d09de6fc>] cifs_get_sb+0xef/0x217 [cifs]
[ 365.784276] [<c0166f3b>] vfs_kern_mount+0x7b/0xed
[ 365.784276] [<c0166feb>] do_kern_mount+0x2f/0xb4
[ 365.784276] [<c0177f24>] do_new_mount+0x55/0x89
[ 365.784276] [<c01780ea>] do_mount+0x192/0x1b1
[ 365.784276] [<c02a68da>] error_code+0x6a/0x70
[ 365.784276] [<c0176499>] copy_mount_options+0x90/0x109
[ 365.784276] [<c017816d>] sys_mount+0x64/0x97
[ 365.784276] [<c01037b2>] syscall_call+0x7/0xb
[ 365.784276] =======================
[ 365.784276] Code: 30 c0 57 e8 e1 6f 02 00 8b 86 e4 02 00 00 83 c4 0c 83 b8 9c 01 00 00 00 74 08 8b 80 9c 01 00 00 eb 09 8b 86 1c 02 00 00 8b 40 24 <8b> 40 04 8d 5c 24 24 50 68 38 7f 30 c0 53 e8 ab 6f 02 00 8b 44
[ 365.784276] EIP: [<c01a659e>] call_sbin_request_key+0x12c/0x21d SS:ESP 0069:ce2edbd4
[ 365.860436] ---[ end trace b1e8b68d32f79e1a ]---
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-486
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Reply to: