[Bug 253724] FreeBSD 13.0-BETA3: jail: cpuset: setaffinity: Resource deadlock avoided

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Mar 7 21:40:09 UTC 2021 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253724

--- Comment #9 from commit-hook at FreeBSD.org ---
A commit in branch stable/13 references this bug:

URL:
https://cgit.FreeBSD.org/src/commit/?id=bdd61b6914f1f961b5f414b2d5cc623a5a829b89

commit bdd61b6914f1f961b5f414b2d5cc623a5a829b89
Author:     Kyle Evans <kevans at FreeBSD.org>
AuthorDate: 2021-03-04 19:28:53 +0000
Commit:     Kyle Evans <kevans at FreeBSD.org>
CommitDate: 2021-03-07 21:39:29 +0000

    jail(8): reset to root cpuset before attaching to run commands

    Recent changes have made it such that attaching to a jail will augment
    the attaching process' cpu mask with the jail's cpuset. While this is
    convenient for allowing the administrator to cpuset arbitrary programs
    that will attach to a jail, this is decidedly not convenient for
    executing long-running daemons during jail creation.

    This change inserts a reset of the process cpuset to the root cpuset
    between the fork and attach to execute a command. This allows commands
    executed to have the widest mask possible, and the administrator can
    cpuset(1) it back down inside the jail as needed.

    With this applied, one should be able to change a jail's cpuset at
    exec.poststart in addition to exec.created.  The former was made
    difficult if jail(8) itself was running with a constrained set, as then
    some processes may have been spawned inside the jail with a non-root
    set.  The latter is the preferred option so that processes starting in
    the jail are constrained appropriately up front.

    Note that all system commands are still run with the process' initial
    cpuset applied.

    PR:             253724

    (cherry picked from commit 466df976babed65f8a8de9e36d7f016a444609af)

 usr.sbin/jail/command.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

More information about the freebsd-bugs mailing list