GPF when doing jail -r, possibly an use-after-free
Xin Li
delphij at delphij.net
Mon Jul 9 20:52:16 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 07/09/12 13:47, Mikolaj Golub wrote:
>
> On Mon, 9 Jul 2012 06:07:05 +0000 Bjoern A. Zeeb wrote:
>
> BAZ> On 9. Jul 2012, at 06:01 , Mikolaj Golub wrote:
>
>>>
>>> On Sun, 8 Jul 2012 20:52:55 +0000 Bjoern A. Zeeb wrote:
>>>
>>> BAZ> Situation 1)
>>>
>>> BAZ> epairNa is in base, eiparNb is jail foo BAZ>
>>> stop jail foo: jail -r foo BAZ> both epairN[ab] will
>>> live in base and can be destiryed without vnet switching
>>>
>>> BAZ> Situation 2)
>>>
>>> BAZ> epairNa is in base, eiparNb is jail foo BAZ>
>>> you are in jail foo and type epairNb destroy; that should not
>>> be allowed
>>>
>>> BAZ> Situation 3)
>>>
>>> BAZ> epairNa is in base, eiparNb is jail foo BAZ>
>>> you are in base and type ifconfig epairNa destroy
>>>
>>> BAZ> This is your case ... I am not sure what I'd
>>> expect in this case, BAZ> especailly given epair is
>>> special... You probably are right. BAZ> Ideally I'd
>>> not allow it to be destroyed unless both are in the BAZ>
>>> if_home_vnet. However it seems we allow this; so in that case
>>> BAZ> I definitively make sure to use the
>>> CURVNET_SET_QUIET() version BAZ> to avoid the expected
>>> noise otherwise.
>>>
>>> It looks like epair was expected to allow this, because in
>>> non-patched version it already did switching before freeing the
>>> interface. It just did not switch bere detaching.
>>>
>>> CURVNET_SET_QUIET() is used in the current version of the patch
>>> so I suppose I can commit it.
>>>
>>> But if you think that just not allowing to destroy unless both
>>> ends are in the f_home_vnet is a preferred solution and it is
>>> not late to change this I can provide the patch.
>
> BAZ> Get it in for now; it helps people. We should keep the other
> things in mind and BAZ> write down a proper policy; it's more
> interesting as you can do other things with BAZ> cloners you can
> create inside a vnet as well, today and later.
>
> Thank you for the discussion. The patch is committed.
Thanks!
Cheers,
- --
Xin LI <delphij at delphij.net> https://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)
iQEcBAEBCAAGBQJP+0R/AAoJEG80Jeu8UPuzhdUIAKYXIbwMSxEMmtqZVcLuWXqx
50f/ni+zkXkGgECMGclWcD5jDwJCCPBsUPg1aOl35pXlVZEKQY+gbMU53olz83fn
vkRZmS6PBPYgYY/vT0W8EmCk1Sb/DeGVnrltVPnHxOkQkcV6u0c8xzxxX36H7hFl
oJDYq3bXfEOQTlJYQHt42oPtJrPyAlG+yCQSIp2YbxZhlU+jF2qakG1FyqrP9jX8
rQAcfw0uLKGcI1JBfhzcW635CFVlTQZCkLWi//Djb0Wo/YgXpKD9fGWA54iN8qEm
bd6Io7w9vF6otk0JEkmySYEvAceOx0Ae8M8oMm+q4abUYnOJZtNyYul7IhGDkVM=
=Yr4X
-----END PGP SIGNATURE-----
More information about the freebsd-virtualization
mailing list