Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 4 Jan 2007 21:49:52 +0100
From:      Ed Schouten <ed@fxq.nl>
To:        bug-followup@FreeBSD.org, philippe.lang@attiksystem.ch
Cc:        FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject:   Re: kern/89528: [jail] impossible to kill a jail
Message-ID:  <20070104204952.GT1072@hoeg.nl>
In-Reply-To: <20070104201434.GS1072@hoeg.nl>
References:  <20070104201434.GS1072@hoeg.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 

--aE2Tjr+Wh4rS13mJ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* Ed Schouten <ed@fxq.nl> wrote:
> As long as pty's have been allocated that have been created by threads
> in a jail, the prison structure has more references, causing the zombie
> jails to exist.

We could change the make_dev_credv() routine to crcopy() everything
except the prison when we're creating a node in a jail. The following
patch fixes the zombie jail bug on my machine:

--- src/sys/kern/kern_conf.c	Fri Oct 20 09:59:50 2006
+++ src/sys/kern/kern_conf.c	Thu Jan  4 21:36:44 2007
@@ -42,6 +42,7 @@
 #include <sys/ctype.h>
 #include <sys/tty.h>
 #include <sys/ucred.h>
+#include <sys/jail.h>
 #include <machine/stdarg.h>
=20
 #include <fs/devfs/devfs_int.h>
@@ -563,7 +564,15 @@
 	=09
 	dev->si_flags |=3D SI_NAMED;
 	if (cr !=3D NULL)
-		dev->si_cred =3D crhold(cr);
+		if (cr->cr_prison =3D=3D NULL) {
+			dev->si_cred =3D crhold(cr);
+		} else {
+			/* Don't let the node depend on a prison */
+			dev->si_cred =3D crget();
+			crcopy(dev->si_cred, cr);
+			prison_free(dev->si_cred->cr_prison);
+			dev->si_cred->cr_prison =3D NULL;
+		}
 	else
 		dev->si_cred =3D NULL;
 	dev->si_uid =3D uid;

Could other people experiencing this problem as well give this patch a
try? Thanks a lot!

Yours,
--=20
 Ed Schouten <ed@fxq.nl>
 WWW: http://g-rave.nl/

--aE2Tjr+Wh4rS13mJ
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)

iD8DBQFFnWhw52SDGA2eCwURAnf9AJ47ZpkxiM8s2KznHU+NncdjiqjHpACcCzJQ
jfxOzPnh9zjiOAxisCY8e5A=
=TOCY
-----END PGP SIGNATURE-----

--aE2Tjr+Wh4rS13mJ--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070104204952.GT1072>