From nobody@FreeBSD.org  Thu Feb 16 17:18:32 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9CFF5106564A
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 16 Feb 2012 17:18:32 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id 770A28FC0A
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 16 Feb 2012 17:18:32 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q1GHIWkK056237
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 16 Feb 2012 17:18:32 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q1GHIWiX056235;
	Thu, 16 Feb 2012 17:18:32 GMT
	(envelope-from nobody)
Message-Id: <201202161718.q1GHIWiX056235@red.freebsd.org>
Date: Thu, 16 Feb 2012 17:18:32 GMT
From: Brent <brent@beanfield.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: rctl(8) cannot identify jails via modified name
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         165207
>Category:       bin
>Synopsis:       rctl(8) cannot identify jails via modified name
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Feb 16 17:20:09 UTC 2012
>Closed-Date:    Sun Sep 16 23:22:36 UTC 2012
>Last-Modified:  Sun Sep 16 23:22:36 UTC 2012
>Originator:     Brent
>Release:        9.0-RELEASE
>Organization:
>Environment:
FreeBSD freebsd 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Tue Feb 14 11:01:47 EST 2012     root@freebsd:/usr/obj/usr/src/sys/RCTL  amd64
>Description:
rctl(8) man page examples state:

           rctl -hu jail:www

     Display resource usage information for jail named "www".

If a jail is started with -n "name", rctl can correctly identify it. If a running jail's name is modified with `jail -m name="name"`, rctl cannot identify it, and continues to use the previous jail name. If no jail name was set upon jail creation, rctl can only identify it via its JID.
>How-To-Repeat:
JID 5 was started with -n "test1":

freebsd# jls
   JID  IP Address      Hostname                      Path
     5  10.1.1.1        test1                         /usr/jails/test1

Accessible via name:
freebsd# jexec test1 tcsh
test1#

Show stats for jail named "test1":
freebsd# rctl -hu jail:test1|head
cputime=1681
datasize=16M
stacksize=0
coredumpsize=0
memoryuse=57M
memorylocked=0
maxproc=10
openfiles=0
vmemoryuse=937M
pseudoterminals=0

Modify jail name to "test2":
freebsd# jail -m name=test2 jid=5

Accessible via modified name "test2":
freebsd# jexec test2 tcsh
test1#

`rctl` has no knowledge of "test2":
freebsd# rctl -hu jail:test2|head
cputime=0
datasize=0
stacksize=0
coredumpsize=0
memoryuse=0
memorylocked=0
maxproc=0
openfiles=0
vmemoryuse=0
pseudoterminals=0

`rctl` still believes it's "test1":
freebsd# rctl -hu jail:test1|head
cputime=1900
datasize=16M
stacksize=0
coredumpsize=0
memoryuse=57M
memorylocked=0
maxproc=10
openfiles=0
vmemoryuse=937M
pseudoterminals=0
>Fix:


>Release-Note:
>Audit-Trail:

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/165207: commit references a PR
Date: Tue,  6 Mar 2012 11:06:05 +0000 (UTC)

 Author: trasz
 Date: Tue Mar  6 11:05:50 2012
 New Revision: 232598
 URL: http://svn.freebsd.org/changeset/base/232598
 
 Log:
   Make racct and rctl correctly handle jail renaming.  Previously
   they would continue using old name, the one jail was created with.
   
   PR:		bin/165207
 
 Modified:
   head/sys/kern/kern_jail.c
   head/sys/kern/kern_racct.c
   head/sys/sys/racct.h
 
 Modified: head/sys/kern/kern_jail.c
 ==============================================================================
 --- head/sys/kern/kern_jail.c	Tue Mar  6 10:51:53 2012	(r232597)
 +++ head/sys/kern/kern_jail.c	Tue Mar  6 11:05:50 2012	(r232598)
 @@ -130,6 +130,7 @@ static char *prison_path(struct prison *
  static void prison_remove_one(struct prison *pr);
  #ifdef RACCT
  static void prison_racct_attach(struct prison *pr);
 +static void prison_racct_modify(struct prison *pr);
  static void prison_racct_detach(struct prison *pr);
  #endif
  #ifdef INET
 @@ -1830,6 +1831,12 @@ kern_jail_set(struct thread *td, struct 
  		if (!(flags & JAIL_ATTACH))
  			sx_sunlock(&allprison_lock);
  	}
 +
 +#ifdef RACCT
 +	if (!created)
 +		prison_racct_modify(pr);
 +#endif
 +
  	td->td_retval[0] = pr->pr_id;
  	goto done_errmsg;
  
 @@ -4427,24 +4434,32 @@ prison_racct_hold(struct prison_racct *p
  	refcount_acquire(&prr->prr_refcount);
  }
  
 +static void
 +prison_racct_free_locked(struct prison_racct *prr)
 +{
 +
 +	sx_assert(&allprison_lock, SA_XLOCKED);
 +
 +	if (refcount_release(&prr->prr_refcount)) {
 +		racct_destroy(&prr->prr_racct);
 +		LIST_REMOVE(prr, prr_next);
 +		free(prr, M_PRISON_RACCT);
 +	}
 +}
 +
  void
  prison_racct_free(struct prison_racct *prr)
  {
  	int old;
  
 +	sx_assert(&allprison_lock, SA_UNLOCKED);
 +
  	old = prr->prr_refcount;
  	if (old > 1 && atomic_cmpset_int(&prr->prr_refcount, old, old - 1))
  		return;
  
  	sx_xlock(&allprison_lock);
 -	if (refcount_release(&prr->prr_refcount)) {
 -		racct_destroy(&prr->prr_racct);
 -		LIST_REMOVE(prr, prr_next);
 -		sx_xunlock(&allprison_lock);
 -		free(prr, M_PRISON_RACCT);
 -
 -		return;
 -	}
 +	prison_racct_free_locked(prr);
  	sx_xunlock(&allprison_lock);
  }
  
 @@ -4454,15 +4469,63 @@ prison_racct_attach(struct prison *pr)
  {
  	struct prison_racct *prr;
  
 +	sx_assert(&allprison_lock, SA_XLOCKED);
 +
  	prr = prison_racct_find_locked(pr->pr_name);
  	KASSERT(prr != NULL, ("cannot find prison_racct"));
  
  	pr->pr_prison_racct = prr;
  }
  
 +/*
 + * Handle jail renaming.  From the racct point of view, renaming means
 + * moving from one prison_racct to another.
 + */
 +static void
 +prison_racct_modify(struct prison *pr)
 +{
 +	struct proc *p;
 +	struct ucred *cred;
 +	struct prison_racct *oldprr;
 +
 +	sx_slock(&allproc_lock);
 +	sx_xlock(&allprison_lock);
 +
 +	if (strcmp(pr->pr_name, pr->pr_prison_racct->prr_name) == 0)
 +		return;
 +
 +	oldprr = pr->pr_prison_racct;
 +	pr->pr_prison_racct = NULL;
 +
 +	prison_racct_attach(pr);
 +
 +	/*
 +	 * Move resource utilisation records.
 +	 */
 +	racct_move(pr->pr_prison_racct->prr_racct, oldprr->prr_racct);
 +
 +	/*
 +	 * Force rctl to reattach rules to processes.
 +	 */
 +	FOREACH_PROC_IN_SYSTEM(p) {
 +		PROC_LOCK(p);
 +		cred = crhold(p->p_ucred);
 +		PROC_UNLOCK(p);
 +		racct_proc_ucred_changed(p, cred, cred);
 +		crfree(cred);
 +	}
 +
 +	sx_sunlock(&allproc_lock);
 +	prison_racct_free_locked(oldprr);
 +	sx_xunlock(&allprison_lock);
 +}
 +
  static void
  prison_racct_detach(struct prison *pr)
  {
 +
 +	sx_assert(&allprison_lock, SA_UNLOCKED);
 +
  	prison_racct_free(pr->pr_prison_racct);
  	pr->pr_prison_racct = NULL;
  }
 
 Modified: head/sys/kern/kern_racct.c
 ==============================================================================
 --- head/sys/kern/kern_racct.c	Tue Mar  6 10:51:53 2012	(r232597)
 +++ head/sys/kern/kern_racct.c	Tue Mar  6 11:05:50 2012	(r232598)
 @@ -697,6 +697,18 @@ racct_proc_ucred_changed(struct proc *p,
  #endif
  }
  
 +void
 +racct_move(struct racct *dest, struct racct *src)
 +{
 +
 +	mtx_lock(&racct_lock);
 +
 +	racct_add_racct(dest, src);
 +	racct_sub_racct(src, src);
 +
 +	mtx_unlock(&racct_lock);
 +}
 +
  static void
  racctd(void)
  {
 
 Modified: head/sys/sys/racct.h
 ==============================================================================
 --- head/sys/sys/racct.h	Tue Mar  6 10:51:53 2012	(r232597)
 +++ head/sys/sys/racct.h	Tue Mar  6 11:05:50 2012	(r232598)
 @@ -142,5 +142,6 @@ void	racct_proc_exit(struct proc *p);
  
  void	racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred,
  	    struct ucred *newcred);
 +void	racct_move(struct racct *dest, struct racct *src);
  
  #endif /* !_RACCT_H_ */
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: jh 
State-Changed-When: Fri Mar 23 07:24:54 UTC 2012 
State-Changed-Why:  
Patched in head (r232598). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=165207 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/165207: commit references a PR
Date: Tue, 29 May 2012 19:47:16 +0000 (UTC)

 Author: trasz
 Date: Tue May 29 19:47:06 2012
 New Revision: 236253
 URL: http://svn.freebsd.org/changeset/base/236253
 
 Log:
   MFC r232598:
   
   Make racct and rctl correctly handle jail renaming.  Previously
   they would continue using old name, the one jail was created with.
   
   PR:		bin/165207
   
   MFC r235795:
   
   Don't leak locks in prison_racct_modify().
   
   MFC r235803:
   
   Fix use-after-free in kern_jail_set() triggered e.g. by attempts
   to clear "persist" flag from empty persistent jail, like this:
   
   jail -c persist=1
   jail -n 1 -m persist=0
 
 Modified:
   stable/9/sys/kern/kern_jail.c
   stable/9/sys/kern/kern_racct.c
   stable/9/sys/sys/racct.h
 Directory Properties:
   stable/9/sys/   (props changed)
 
 Modified: stable/9/sys/kern/kern_jail.c
 ==============================================================================
 --- stable/9/sys/kern/kern_jail.c	Tue May 29 19:46:42 2012	(r236252)
 +++ stable/9/sys/kern/kern_jail.c	Tue May 29 19:47:06 2012	(r236253)
 @@ -130,6 +130,7 @@ static char *prison_path(struct prison *
  static void prison_remove_one(struct prison *pr);
  #ifdef RACCT
  static void prison_racct_attach(struct prison *pr);
 +static void prison_racct_modify(struct prison *pr);
  static void prison_racct_detach(struct prison *pr);
  #endif
  #ifdef INET
 @@ -1810,6 +1811,16 @@ kern_jail_set(struct thread *td, struct 
  		}
  	}
  
 +#ifdef RACCT
 +	if (!created) {
 +		sx_sunlock(&allprison_lock);
 +		prison_racct_modify(pr);
 +		sx_slock(&allprison_lock);
 +	}
 +#endif
 +
 +	td->td_retval[0] = pr->pr_id;
 +
  	/*
  	 * Now that it is all there, drop the temporary reference from existing
  	 * prisons.  Or add a reference to newly created persistent prisons
 @@ -1830,7 +1841,7 @@ kern_jail_set(struct thread *td, struct 
  		if (!(flags & JAIL_ATTACH))
  			sx_sunlock(&allprison_lock);
  	}
 -	td->td_retval[0] = pr->pr_id;
 +
  	goto done_errmsg;
  
   done_deref_locked:
 @@ -4427,24 +4438,32 @@ prison_racct_hold(struct prison_racct *p
  	refcount_acquire(&prr->prr_refcount);
  }
  
 +static void
 +prison_racct_free_locked(struct prison_racct *prr)
 +{
 +
 +	sx_assert(&allprison_lock, SA_XLOCKED);
 +
 +	if (refcount_release(&prr->prr_refcount)) {
 +		racct_destroy(&prr->prr_racct);
 +		LIST_REMOVE(prr, prr_next);
 +		free(prr, M_PRISON_RACCT);
 +	}
 +}
 +
  void
  prison_racct_free(struct prison_racct *prr)
  {
  	int old;
  
 +	sx_assert(&allprison_lock, SA_UNLOCKED);
 +
  	old = prr->prr_refcount;
  	if (old > 1 && atomic_cmpset_int(&prr->prr_refcount, old, old - 1))
  		return;
  
  	sx_xlock(&allprison_lock);
 -	if (refcount_release(&prr->prr_refcount)) {
 -		racct_destroy(&prr->prr_racct);
 -		LIST_REMOVE(prr, prr_next);
 -		sx_xunlock(&allprison_lock);
 -		free(prr, M_PRISON_RACCT);
 -
 -		return;
 -	}
 +	prison_racct_free_locked(prr);
  	sx_xunlock(&allprison_lock);
  }
  
 @@ -4454,15 +4473,66 @@ prison_racct_attach(struct prison *pr)
  {
  	struct prison_racct *prr;
  
 +	sx_assert(&allprison_lock, SA_XLOCKED);
 +
  	prr = prison_racct_find_locked(pr->pr_name);
  	KASSERT(prr != NULL, ("cannot find prison_racct"));
  
  	pr->pr_prison_racct = prr;
  }
  
 +/*
 + * Handle jail renaming.  From the racct point of view, renaming means
 + * moving from one prison_racct to another.
 + */
 +static void
 +prison_racct_modify(struct prison *pr)
 +{
 +	struct proc *p;
 +	struct ucred *cred;
 +	struct prison_racct *oldprr;
 +
 +	sx_slock(&allproc_lock);
 +	sx_xlock(&allprison_lock);
 +
 +	if (strcmp(pr->pr_name, pr->pr_prison_racct->prr_name) == 0) {
 +		sx_xunlock(&allprison_lock);
 +		sx_sunlock(&allproc_lock);
 +		return;
 +	}
 +
 +	oldprr = pr->pr_prison_racct;
 +	pr->pr_prison_racct = NULL;
 +
 +	prison_racct_attach(pr);
 +
 +	/*
 +	 * Move resource utilisation records.
 +	 */
 +	racct_move(pr->pr_prison_racct->prr_racct, oldprr->prr_racct);
 +
 +	/*
 +	 * Force rctl to reattach rules to processes.
 +	 */
 +	FOREACH_PROC_IN_SYSTEM(p) {
 +		PROC_LOCK(p);
 +		cred = crhold(p->p_ucred);
 +		PROC_UNLOCK(p);
 +		racct_proc_ucred_changed(p, cred, cred);
 +		crfree(cred);
 +	}
 +
 +	sx_sunlock(&allproc_lock);
 +	prison_racct_free_locked(oldprr);
 +	sx_xunlock(&allprison_lock);
 +}
 +
  static void
  prison_racct_detach(struct prison *pr)
  {
 +
 +	sx_assert(&allprison_lock, SA_UNLOCKED);
 +
  	prison_racct_free(pr->pr_prison_racct);
  	pr->pr_prison_racct = NULL;
  }
 
 Modified: stable/9/sys/kern/kern_racct.c
 ==============================================================================
 --- stable/9/sys/kern/kern_racct.c	Tue May 29 19:46:42 2012	(r236252)
 +++ stable/9/sys/kern/kern_racct.c	Tue May 29 19:47:06 2012	(r236253)
 @@ -679,6 +679,18 @@ racct_proc_ucred_changed(struct proc *p,
  #endif
  }
  
 +void
 +racct_move(struct racct *dest, struct racct *src)
 +{
 +
 +	mtx_lock(&racct_lock);
 +
 +	racct_add_racct(dest, src);
 +	racct_sub_racct(src, src);
 +
 +	mtx_unlock(&racct_lock);
 +}
 +
  static void
  racctd(void)
  {
 
 Modified: stable/9/sys/sys/racct.h
 ==============================================================================
 --- stable/9/sys/sys/racct.h	Tue May 29 19:46:42 2012	(r236252)
 +++ stable/9/sys/sys/racct.h	Tue May 29 19:47:06 2012	(r236253)
 @@ -142,5 +142,6 @@ void	racct_proc_exit(struct proc *p);
  
  void	racct_proc_ucred_changed(struct proc *p, struct ucred *oldcred,
  	    struct ucred *newcred);
 +void	racct_move(struct racct *dest, struct racct *src);
  
  #endif /* !_RACCT_H_ */
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: trasz 
State-Changed-When: Sun Sep 16 23:22:34 UTC 2012 
State-Changed-Why:  
MFC-ed before 9.1. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=165207 
>Unformatted:
