Provide process space virtualisation functionality for jails.
Needs ReviewPublic
Actions

Authored by bz on Jun 17 2018, 2:55 PM.

Details

Reviewers

jamie
kib
jhb
andrew

Summary

This is the initial logic which will give a jail its own init,
have a dedicated kernel process "0" (swapper) per jail, its
own pid, etc. space if enabled.
Add ddb support to aid debugging as was done for vnet.

Obtained from: http://www.7he.at/freebsd/vps/files/diffs/vps-r215.diff

		(parts, originally as provided by iXsystems, Inc.)

Diff Detail

Lint

Lint Passed

Unit

No Test Coverage

Build Status

Buildable 17983
Build 17737: arc lint + arc unit

Event Timeline

bz created this revision.Jun 17 2018, 2:55 PM

Harbormaster completed remote builds in B17372: Diff 43944.Jun 17 2018, 2:55 PM

bz added a parent revision: D15570: Virtualization of basic variables and locks for jail+vps..Jun 18 2018, 3:24 PM

jamie added inline comments.Jun 18 2018, 6:51 PM

sys/kern/init_main.c
708	Panicking seems harsh when kproc_create can fail simply because the process limit has been hit. Is there a way to just fail the jail creation, or if not that to destroy the jail? Perhaps with a warning - a sort of VPS panic.
sys/kern/kern_resource.c
1277	Is this something you've found to happen? I know that zombie jails often sit around indefinitely waiting for a cred hold to go away; perhaps it's something like that?

bz edited parent revisions, added: D15906: Implement "global" process (and zombie) lists loops iterating over all vps instances and all processes in each.; removed: D15570: Virtualization of basic variables and locks for jail+vps..Jun 19 2018, 4:36 PM

Follow-up on comments to @jamie

sys/kern/init_main.c
708	Yes. There's a few such situations; we would need to add a flag to the vps structure, check in between every sysinit invokation; in case of error, undo the exact bits we already allocated/initialised, and the return an error to jail creation. We never did for vnets; maybe it's time; but the cleanup can be "complex" to get fully symmetric. For the moment having well-defined errors (panic) seems better while developing.
sys/kern/kern_resource.c
1277	Yes I have but so far no one has ever tried to cleanly shutdown process space so (as with vnet) we expect to find certain leaks. I am sure that the buffer cache is a major problem for process space references. One thing at a time though. At the moment I am seeing linger DYING jails around with plain HEAD and not even vnets; took something over 50 days for one to go. Need a more general "tracker" which I do not want to intermix with this work.

freqlabs added a subscriber: freqlabs.Jun 22 2018, 7:39 PM

swills added a subscriber: swills.Jul 4 2018, 4:41 PM

Merge branch 'p2' into p3

Herald added subscribers: emaste, ae. · View Herald TranscriptJul 11 2018, 3:50 PM

Harbormaster completed remote builds in B17983: Diff 45169.Jul 11 2018, 3:50 PM

marius.h_lden.org added a subscriber: marius.h_lden.org.Mar 18 2019, 11:31 PM

Herald added a subscriber: andrew. · View Herald TranscriptMar 18 2019, 11:31 PM

fabian.freyer_physik.tu-berlin.de added a subscriber: fabian.freyer_physik.tu-berlin.de.May 21 2019, 1:25 PM

zlei added a subscriber: zlei.Jan 15 2024, 9:07 AM

Herald added a reviewer: andrew. · View Herald TranscriptJan 15 2024, 9:07 AM

Herald added subscribers: linuxkpi, glebius, melifaro. · View Herald Transcript

freebsd_igalic.co added a subscriber: freebsd_igalic.co.Jan 22 2024, 12:27 AM

meka_tilda.center added a subscriber: meka_tilda.center.Jan 22 2024, 7:55 AM

crest_freebsd_rlwinm.de added a subscriber: crest_freebsd_rlwinm.de.Jan 30 2024, 6:29 PM

bz mentioned this in D46440: init: Add jail(8) support.Aug 26 2024, 7:21 PM

hrs added a subscriber: hrs.Aug 26 2024, 10:47 PM

Revision Contents
Changeset List

Path

Size

sys/

arm/

pmap-v6.c

6 lines

cddl/

contrib/

opensolaris/

uts/

intel/

dtrace/

fasttrap_isa.c

4 lines

compat/

linprocfs/

linprocfs.c

16 lines

linux/

linux_file.c

6 lines

linux_fork.c

4 lines

linux_misc.c

2 lines

linuxkpi/

common/

src/

linux_current.c

25 lines

conf/

files

1 line

ddb/

23 lines

3 lines

33 lines

77 lines

6 lines

2 lines

2 lines

1 line

dev/

filemon/

filemon.c

29 lines

hwpmc/

hwpmc_mod.c

36 lines

fs/

devfs/

devfs_vnops.c

10 lines

nfs/

nfsport.h

4 lines

pseudofs/

pseudofs_vnops.c

17 lines

i386/

pmap.c

6 lines

ibcs2/

ibcs2_sysvec.c

19 lines

kern/

23 lines

314 lines

4 lines

143 lines

32 lines

219 lines

97 lines

122 lines

137 lines

33 lines

83 lines

8 lines

325 lines

30 lines

21 lines

147 lines

178 lines

72 lines

59 lines

18 lines

12 lines

5 lines

20 lines

835 lines

25 lines

1 line

12 lines

26 lines

27 lines

22 lines

18 lines

18 lines

4 lines

net/

vnet.c

4 lines

sys/

3 lines

5 lines

62 lines

1 line

1 line

381 lines

vm/

66 lines

25 lines

141 lines

337 lines

Commit	Tree	Parents	Author	Summary	Date
432b58f45d70	aa4e18d71db8	be5a4864d283 bc394b711e23	Björn Zeeb	Merge branch 'p2' into p3	Jul 11 2018, 3:49 PM
bc394b711e23	079818616399	db8888928380	Björn Zeeb	Looks like there was an unlock lost during the merge.	Jul 11 2018, 3:46 PM
be5a4864d283	aa4e18d71db8	eca74a263d1a	Björn Zeeb	Looks like there was an unlock lost during a merge.	Jul 11 2018, 3:45 PM
eca74a263d1a	e11539f247c5	25d7288bbd50 db8888928380	Björn Zeeb	Merge branch 'p2' into p3	Jul 11 2018, 2:55 PM
db8888928380	3aa302aa3710	59b789c98a8f f987bac2b775	Björn Zeeb	Merge branch 'p1' into p2	Jul 11 2018, 2:53 PM
f987bac2b775	c8585908fe6c	1d613e259a43	Björn Zeeb	Maintanance on new code; add virtualisation where needed.	Jul 11 2018, 1:44 PM
1d613e259a43	a7c7ded5aa41	0913e1e47ebc e6f45c907952	Björn Zeeb	Merge branch 'p0' into p1	Jul 10 2018, 9:45 AM
e6f45c907952	12e64d65664e	e480898248da 93165a4a5967	Björn Zeeb	Merge branch 'master' into p0	Jul 7 2018, 2:34 PM
25d7288bbd50	64f3221c3c95	f4611dec2c9a	Björn Zeeb	Fix git mis-merges after rebase to p2.	Jun 19 2018, 7:52 PM
f4611dec2c9a	ffc7e5db86d9	59b789c98a8f	Björn Zeeb	Migrate the process space virtualisation bits from VPS to jail based setup. (Show More…)	Jun 17 2018, 2:49 PM
59b789c98a8f	80fd238d894d	0913e1e47ebc	Björn Zeeb	Implement "global" process (and zombie) lists loops iterating over all vps… (Show More…)	Jun 19 2018, 4:31 PM
0913e1e47ebc	af9c330aa383	ad13ceab6f9a	Björn Zeeb	Virtualise allproc_lock.	Jun 18 2018, 5:59 PM
ad13ceab6f9a	3ac7f207969a	59a8755d2fb8 e480898248da	Björn Zeeb	Merge branch 'p0' into p1	Jun 18 2018, 5:13 PM
e480898248da	e2a01fcd81a0	71e17e22e508 9a782459e87b	Björn Zeeb	Merge branch 'master' into p0	Jun 18 2018, 5:13 PM
59a8755d2fb8	9f606a0c81a9	9d711292dbfb 71e17e22e508	Björn Zeeb	Merge branch 'p0' into p1	Jun 18 2018, 4:37 PM
71e17e22e508	d0275857d4b2	8524ebad7afd	Björn Zeeb	Prevent attaching to a jail both from jail_attach() and from jaiL_set() by… (Show More…)	Jun 18 2018, 3:16 PM
9d711292dbfb	80caf6709514	8524ebad7afd	Björn Zeeb	Virtualization of basic variables and locks for jail+vps. (Show More…)	May 25 2018, 11:00 AM
8524ebad7afd	2b21f6490c92	62a6f842d17a 83df564237ec	Björn Zeeb	Merge branch 'master' into p0	May 24 2018, 5:18 PM
62a6f842d17a	89ff58427388	48b8348df1e4	Björn Zeeb	Update the static asserts to match again.	May 24 2018, 5:16 PM
48b8348df1e4	e00354d32609	554647942ab3	Björn Zeeb	Initial vps (virtual process space) framework for jails. (Show More…)	May 24 2018, 3:31 PM