path: root/sys/sys
diff options
authorJamie Gritton <jamie@FreeBSD.org>2021-02-16 19:19:13 +0000
committerJamie Gritton <jamie@FreeBSD.org>2021-02-16 19:19:13 +0000
commitcc7b73065302005ebc4a19503188c8d6d5eb923d (patch)
tree0b36808af497706a50fdda177ce8efbe6ed80568 /sys/sys
parent922cf8ac43adc9983f9a9e05cfd838306c1ef483 (diff)
jail: Handle a possible race between jail_remove(2) and fork(2)
jail_remove(2) includes a loop that sends SIGKILL to all processes in a jail, but skips processes in PRS_NEW state. Thus it is possible the a process in mid-fork(2) during jail removal can survive the jail being removed. Add a prison flag PR_REMOVE, which is checked before the new process returns. If the jail is being removed, the process will then exit. Also check this flag in jail_attach(2) which has a similar issue. Reported by: trasz Approved by: kib MFC after: 3 days
Diffstat (limited to 'sys/sys')
1 files changed, 1 insertions, 0 deletions
diff --git a/sys/sys/jail.h b/sys/sys/jail.h
index 2d1a26787b99..2ac6aabdbd43 100644
--- a/sys/sys/jail.h
+++ b/sys/sys/jail.h
@@ -216,6 +216,7 @@ struct prison_racct {
/* primary jail address. */
/* Internal flag bits */
+#define PR_REMOVE 0x01000000 /* In process of being removed */
#define PR_IP4 0x02000000 /* IPv4 restricted or disabled */
/* by this jail or an ancestor */
#define PR_IP6 0x04000000 /* IPv6 restricted or disabled */