HomeFreeBSD
Diffusion FreeBSD src repository cc7b73065302

jail: Handle a possible race between jail_remove(2) and fork(2)
cc7b73065302
Actions

Description

jail: Handle a possible race between jail_remove(2) and fork(2)

jail_remove(2) includes a loop that sends SIGKILL to all processes
in a jail, but skips processes in PRS_NEW state. Thus it is possible
the a process in mid-fork(2) during jail removal can survive the jail
being removed.

Add a prison flag PR_REMOVE, which is checked before the new process
returns. If the jail is being removed, the process will then exit.
Also check this flag in jail_attach(2) which has a similar issue.

Reported by: trasz
Approved by: kib
MFC after: 3 days

Details

Provenance
jamieAuthored on Feb 16 2021, 7:19 PM
Parents
rG922cf8ac43ad: Use iflib_if_init_locked() during media change instead of iflib_init_locked().
Branches
Unknown
Tags
Unknown

Event Timeline

jamie committed rGcc7b73065302: jail: Handle a possible race between jail_remove(2) and fork(2) (authored by jamie).Feb 16 2021, 7:19 PM
jamie mentioned this in rG894360bacd42: MFC jail: Handle a possible race between jail_remove(2) and fork(2).Feb 19 2021, 1:24 AM
jamie mentioned this in rGf7007a7d0525: MFC jail: Handle a possible race between jail_remove(2) and fork(2).Feb 19 2021, 9:45 PM
jamie mentioned this in rGc837631bd47a: MFC jail: Handle a possible race between jail_remove(2) and fork(2).Feb 19 2021, 9:50 PM
jamie mentioned this in rG9f00cb5fa8a4: MFS jail: Handle a possible race between jail_remove(2) and fork(2).Feb 19 2021, 9:53 PM
jamie mentioned this in D28419: Require allprison_lock and prison mutex when to free last prison reference.Feb 20 2021, 7:01 PM
jamie mentioned this in D27876: jail: Add pr_state to struct prison.Feb 20 2021, 7:05 PM
jamie mentioned this in D28458: Better locking in prison_deref, and hide invalid prisons..Feb 20 2021, 7:08 PM
jamie mentioned this in D28473: Add PD_KILL option to prison_deref().Feb 20 2021, 7:11 PM
jamie mentioned this in D28515: Don't allow jail "accidental" resurrection of dead jails..Feb 20 2021, 7:16 PM
jamie mentioned this in D28150: jail: Don't allow resurrection of dead jails.Feb 20 2021, 7:18 PM
markj mentioned this in rG491cafa96113: MFC jail: Handle a possible race between jail_remove(2) and fork(2).Feb 24 2021, 1:40 AM
markj mentioned this in rGb306be13a9c7: MFC jail: Handle a possible race between jail_remove(2) and fork(2).
mjg mentioned this in D34522: jail: add process iterator.Mar 12 2022, 7:09 PM

Changes (3)

PathSize
sys/
kern/
sys/

rGcc7b73065302

View Options

sys/kern/kern_fork.c

Loading...
View Options

sys/kern/kern_jail.c

Loading...
View Options

sys/sys/jail.h

Loading...