From owner-freebsd-bugs@freebsd.org Sun Mar 7 21:40:09 2021 Return-Path: Delivered-To: freebsd-bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 929965758AD for ; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 4Dtvyd3S9kz3rFy for ; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: by mailman.nyi.freebsd.org (Postfix) id 76799575915; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) Delivered-To: bugs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 76335575914 for ; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dtvyd2jQgz3r6w for ; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4FF041D2DF for ; Sun, 7 Mar 2021 21:40:09 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 127Le9E5016634 for ; Sun, 7 Mar 2021 21:40:09 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from bugzilla@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 127Le9oV016633 for bugs@FreeBSD.org; Sun, 7 Mar 2021 21:40:09 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: bugzilla set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 253724] FreeBSD 13.0-BETA3: jail: cpuset: setaffinity: Resource deadlock avoided Date: Sun, 07 Mar 2021 21:40:09 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: commit-hook@FreeBSD.org X-Bugzilla-Status: In Progress X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: kevans@freebsd.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Mar 2021 21:40:09 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253724 --- Comment #9 from commit-hook@FreeBSD.org --- A commit in branch stable/13 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3Dbdd61b6914f1f961b5f414b2d5cc623a5= a829b89 commit bdd61b6914f1f961b5f414b2d5cc623a5a829b89 Author: Kyle Evans AuthorDate: 2021-03-04 19:28:53 +0000 Commit: Kyle Evans CommitDate: 2021-03-07 21:39:29 +0000 jail(8): reset to root cpuset before attaching to run commands Recent changes have made it such that attaching to a jail will augment the attaching process' cpu mask with the jail's cpuset. While this is convenient for allowing the administrator to cpuset arbitrary programs that will attach to a jail, this is decidedly not convenient for executing long-running daemons during jail creation. This change inserts a reset of the process cpuset to the root cpuset between the fork and attach to execute a command. This allows commands executed to have the widest mask possible, and the administrator can cpuset(1) it back down inside the jail as needed. With this applied, one should be able to change a jail's cpuset at exec.poststart in addition to exec.created. The former was made difficult if jail(8) itself was running with a constrained set, as then some processes may have been spawned inside the jail with a non-root set. The latter is the preferred option so that processes starting in the jail are constrained appropriately up front. Note that all system commands are still run with the process' initial cpuset applied. PR: 253724 (cherry picked from commit 466df976babed65f8a8de9e36d7f016a444609af) usr.sbin/jail/command.c | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) --=20 You are receiving this mail because: You are on the CC list for the bug.=