Page MenuHomeFreeBSD

jail: Fix regression panic from eb8dcdeac22d
ClosedPublic

Authored by zlei on Dec 30 2022, 4:18 AM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Jan 3, 3:00 PM
Unknown Object (File)
Fri, Dec 27, 7:41 PM
Unknown Object (File)
Thu, Dec 26, 4:57 PM
Unknown Object (File)
Wed, Dec 18, 9:05 PM
Unknown Object (File)
Sun, Dec 15, 4:20 AM
Unknown Object (File)
Fri, Dec 13, 8:04 AM
Unknown Object (File)
Dec 2 2024, 1:37 AM
Unknown Object (File)
Dec 2 2024, 1:37 AM
Subscribers

Details

Summary

And possibly infinite loop calling prison_ip_restrict() in kern_jail_set() [2].

[1] It is possible that prisons do not have any IPv4 or IPv6 addresses.
[2] If prison_ip_restrict() is not provided with prison_ip, when it allocates prison_ip successfully, then it should return false to indicate not redo prison_ip_restrict() later.

Fixes: eb8dcdeac22d jail: network epoch protection for IP address lists

Test Plan

Run the following script to verify no panic any more.

#!/bin/sh

ifconfig lo0 inet 172.16.0.1/32 alias

jail -c name=parent host.hostname=parent path=/ persist children.max=1 ip4.addr=172.16.0.1
jexec parent /bin/sh -s stdin << EOF
  jail -c name=c1 host.hostname=c1 path=/ persist
EOF

# The following will trigger panic
jail -m name=parent ip4.addr=

jexec parent.c1 ifconfig lo0

#jail -R parent

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

zlei requested review of this revision.Dec 30 2022, 4:18 AM
sys/kern/kern_jail.c
810

Remove this assignment, and ...

816
828

Remove this assignment, and ...

835–836

Do you have a script that triggers the issue ready? I want to check if I can code that without two booleans.

Do you have a script that triggers the issue ready? I want to check if I can code that without two booleans.

The following trigger infinite loop.

#!/bin/sh

ifconfig lo0 inet 172.16.0.1/32 alias
ifconfig lo0 inet 172.16.0.2/32 alias
ifconfig lo0 inet6 2001:db8::1/128 alias
ifconfig lo0 inet6 2001:db8::2/128 alias

jail -c name=parent host.hostname=parent path=/ persist children.max=2 ip4=inherit ip4.addr=172.16.0.1 ip6.addr=2001:db8::1
jexec parent /bin/sh -s stdin << EOF
  jail -c name=c1 host.hostname=c1 path=/ persist ip4=inherit ip6=inherit children.max=1
  jexec c1 ifconfig lo0
EOF

jexec parent.c1 /bin/sh -s stdin << EOF
  jail -c name=c2 host.hostname=c2 path=/ persist ip4=inherit ip6=inherit
  jexec c2 ifconfig lo0
EOF

echo "Modify parent, add extra IPv4 and IPv6 addresses ..."
jail -m name=parent ip4.addr=172.16.0.1 ip4.addr=172.16.0.2 ip6.addr=2001:db8::1 ip6.addr=2001:db8::2
jexec parent.c1 ifconfig lo0
jexec parent.c1.c2 ifconfig lo0

#jail -R parent

I dislike the multi-purpose return value of the function prison_ip_restrict(). I've an idea to prevent that and improve readability, but this one should go first.

Add assert for size of addresses of new and parent prison

zlei marked 4 inline comments as done.Dec 31 2022, 3:18 AM

I want to check if I can code that without two booleans.

Can D37918 fulfill ?

In D37906#862914, @zlei wrote:

Will look at this revision and all related today.

If you thought on combining this bugfix with D37918 into a single changeset, I'd support that.

This revision is now accepted and ready to land.Jan 9 2023, 8:48 PM
This revision was automatically updated to reflect the committed changes.