From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 17 22:09:22 2006 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A602816A4AB for ; Sun, 17 Sep 2006 22:09:22 +0000 (UTC) (envelope-from umka@sevcity.net) Received: from mail.sevcity.net (ns.sevcity.net [193.47.166.213]) by mx1.FreeBSD.org (Postfix) with ESMTP id ED28443DA5 for ; Sun, 17 Sep 2006 22:08:25 +0000 (GMT) (envelope-from umka@sevcity.net) Received: from mail.sevcity.net (service.sevcity [127.0.0.1]) by mail.sevcity.net (Postfix) with ESMTP id 156D417001A; Mon, 18 Sep 2006 01:08:50 +0300 (EEST) Received: from berloga.shadowland (umka.sevcity.net [193.47.166.138]) by mail.sevcity.net (Postfix) with ESMTP id F236F170004; Mon, 18 Sep 2006 01:08:49 +0300 (EEST) Received: from berloga.shadowland (berloga.shadowland [127.0.0.1]) by berloga.shadowland (8.12.11.20060308/8.12.11) with ESMTP id k8HM8O3W004959; Mon, 18 Sep 2006 01:08:24 +0300 Received: (from root@localhost) by berloga.shadowland (8.12.11.20060308/8.12.11/Submit) id k8HM8Ott004957; Mon, 18 Sep 2006 01:08:24 +0300 From: Alex Lyashkov To: Kris Kennaway In-Reply-To: <20060917211905.GA64182@xor.obsecurity.org> References: <1158407656.3215.33.camel@berloga.shadowland> <20060917211905.GA64182@xor.obsecurity.org> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: quoted-printable Organization: SevcityNet Message-Id: <1158530904.3213.1.camel@berloga.shadowland> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-17) Date: Mon, 18 Sep 2006 01:08:24 +0300 X-Virus-Scanned: ClamAV using ClamSMTP Cc: freebsd-hackers@freebsd.org Subject: Re: jail2 patchset 12 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Sep 2006 22:09:22 -0000 Thanks for you report. I really more test new jail2 API then old :( Please apply this patch. # p4 diff -du kern_jail.c =3D=3D=3D=3D //depot/projects/jail2/sys/kern/kern_jail.c#4 - /root/jail2/sys/kern/kern_jail.c =3D=3D=3D=3D @@ -316,6 +316,7 @@ if (error) return (error); + mtx_lock(&allprison_mtx); pr =3D prison_find(uap->jid); if (pr =3D=3D NULL) { return (ESRCH); =F7 =F0=CE=C4, 18.09.2006, =D7 00:19, Kris Kennaway =D0=C9=DB=C5=D4: > On Sat, Sep 16, 2006 at 02:54:16PM +0300, Alex Lyashkov wrote: > > Hello All, > >=20 > > Some time ago I finished the next public jail2 patchset. > > As of now, jail2 supports per-jail SYSV IPC namespaces. > > It is possible to configure which jails can and which cannot use > > SYSV IPC. The UID hash is also perl-jail now. > > he patchset also implements per-jail resource limits, such as: > > - number of SYSV IPC objects; > > - number of processes; > > - number of filedescriptors. > > In addition, all jail-related code was moved under 'options JAIL'. > >=20 > > The project's homepage: > > http://docs.freevps.com/doku.php?id=3Dfreebsd:index >=20 > I get the following panic when creating a jail: >=20 > panic: mutex allprison not owned at ../../../kern/kern_jail.c:374 > cpuid =3D 1 > KDB: enter: panic > [thread pid 930 tid 106142 ] > Stopped at kdb_enter+0x32: leave > db> wh > Tracing pid 930 tid 106142 td 0xd30841b0 > kdb_enter(c0756d95,1,c0755e9c,f17c9b80,d30841b0,...) at kdb_enter+0x32 > panic(c0755e9c,c075431c,c0754331,176,1,...) at panic+0x1b1 > _mtx_unlock_spin_flags(c07c6214,1,c0754331,176,0,...) at _mtx_unlock_spin= _flags > prison_find(1,0,0,d30841b0,c5bb9800,...) at prison_find+0x2e > jail_attach(d30841b0,f17c9bf0,c0754331,9f,c5bb992c,...) at jail_attach+0x= 38 > jail(d30841b0,f17c9d04,4,f17c9d38,1,...) at jail+0x3b5 > syscall(3b,3b,3b,bfbfe8c0,bfbfe904,...) at syscall+0x152 > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (338, FreeBSD ELF32, jail), eip =3D 0x280d1ee7, esp =3D 0xbfb= fe3ac, ebp =3D 0xbfbfe888 --- >=20 > 930 545 544 0 R CPU 1 jail >=20 > Kris