Date: Thu, 4 Jan 2007 21:14:34 +0100 From: Ed Schouten <ed@fxq.nl> To: bug-followup@FreeBSD.org, philippe.lang@attiksystem.ch Cc: freebsd-hackers@freebsd.org Subject: Re: kern/89528: [jail] impossible to kill a jail Message-ID: <20070104201434.GS1072@hoeg.nl>
next in thread | raw e-mail | index | archive | help
--OE5XN2KVoD5QaTkR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello everyone, I decided to investigate this bug because I think the bug is quite irritating. After adding some ddb show commands to the source and reading a lot of code, I think I understand the problem: The tty code doesn't leak any ucreds, it's the devfs code that crhold()'s an ucred structure. When a new pty is needed, the tty_pty code allocates a new pty. It also runs make_dev_cred(), to which it passes the thread's ucred. This function calls make_dev_credv(), which finally runs crhold(). As long as pty's have been allocated that have been created by threads in a jail, the prison structure has more references, causing the zombie jails to exist. Yours, --=20 Ed Schouten <ed@fxq.nl> WWW: http://g-rave.nl/ --OE5XN2KVoD5QaTkR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (FreeBSD) iD8DBQFFnWAq52SDGA2eCwURAukZAJ4lGKkBlyXrtMLY/nN1EpH35f68hgCdHWSS /KmDk8nFZrT/tyvNyQu2Zek= =6L9c -----END PGP SIGNATURE----- --OE5XN2KVoD5QaTkR--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070104201434.GS1072>