From owner-freebsd-hackers@FreeBSD.ORG  Fri Dec  1 12:43:46 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B575816A40F
	for <freebsd-hackers@freebsd.org>; Fri,  1 Dec 2006 12:43:46 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DBD6E43CB8
	for <freebsd-hackers@freebsd.org>; Fri,  1 Dec 2006 12:43:28 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 062CD46E88;
	Fri,  1 Dec 2006 07:43:42 -0500 (EST)
Date: Fri, 1 Dec 2006 12:43:41 +0000 (GMT)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: Steven Hartland <killing@multiplay.co.uk>
In-Reply-To: <011c01c7153d$9c5e1bb0$b3db87d4@multiplay.co.uk>
Message-ID: <20061201124226.O79653@fledge.watson.org>
References: <00c001c71535$7e7d7670$b3db87d4@multiplay.co.uk><20061201104809.P91892@maildrop.int.zabbadoz.net>
	<20061201111209.M79653@fledge.watson.org>
	<011c01c7153d$9c5e1bb0$b3db87d4@multiplay.co.uk>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>,
	freebsd-hackers@freebsd.org
Subject: Re: Unable to stop a jail
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Dec 2006 12:43:46 -0000


On Fri, 1 Dec 2006, Steven Hartland wrote:

>> In essence, this would move to having two reference counts on the prison: a 
>> "strong" reference that has to do with having process members, and a "weak" 
>> reference that has to do with ucreds pointing at the prison.
>
> The proposal sounds like a good idea but I'm sure there's an argument that 
> would say thats just hiding the real underlieing issue?

Well, there are two things going on here:

(1) Jails that last a long time due to being referenced by data structures
     that last a long time.  I.e., time-wait TCP connections.

(2) Leaks in credentials or jails resulting in jails that never go away.

What I describe is intended to address the former issue, which is one that 
exists for a reason.  The latter issues are clearly bugs and just need to be 
fixed.

Robert N M Watson
Computer Laboratory
University of Cambridge