lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 24 Mar 2013 04:04:14 -0700
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Caj Larsson <caj@...icloud.com>
Cc:	linux-kernel@...r.kernel.org,
	Andrew Morton <akpm@...ux-foundation.org>,
	Oleg Nesterov <oleg@...hat.com>
Subject: Re: Zombie stuck in zap_pid_ns_processes()


Caj Larsson <caj@...icloud.com> writes:

> Hello,
>
> We are setting up a container using a CLONE_NEWNS linux namespace.
> Previously we used the 3.4.4 kernel, which worked fine. After I
> upgraded i also experienced races in netlink, which has been resolved
> by placing a monitor around the namespace setup. When we upgraded to
> Linux 3.8.0 however our init processes does not get reaped when the
> namespace is killed and lingers as zombie process under the global
> init.
>
> The init has multiple threads when running and two remain in the
> zombie. One of them is hung in zap_pid_ns_processes() and has been set
> uninterruptible. The other one, which has Tgid=PID, is still in
> do_exit().

Doh.

Thank you for the detailed bug report it appears I goofed, and failed
to account for a multi-threaded init.

Will you please verify that the following patch fixes it for you.

Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com>
---
diff --git a/kernel/pid_namespace.c b/kernel/pid_namespace.c
index c1c3dc1..72b7722 100644
--- a/kernel/pid_namespace.c
+++ b/kernel/pid_namespace.c
@@ -181,6 +181,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
 	int nr;
 	int rc;
 	struct task_struct *task, *me = current;
+	int init_pids = task_pid_vnr(me) == 1 ? 1 : 2;
 
 	/* Don't allow any more processes into the pid namespace */
 	disable_pid_allocation(pid_ns);
@@ -230,7 +231,7 @@ void zap_pid_ns_processes(struct pid_namespace *pid_ns)
 	 */
 	for (;;) {
 		set_current_state(TASK_UNINTERRUPTIBLE);
-		if (pid_ns->nr_hashed == 1)
+		if (pid_ns->nr_hashed == init_pids)
 			break;
 		schedule();
 	}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists