Bug 230082
| Summary: | bhyve doesn't set process title | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | Base System | Reporter: | Yuichiro NAITO <naito.yuichiro> | ||||||
| Component: | kern | Assignee: | freebsd-virtualization (Nobody) <virtualization> | ||||||
| Status: | Closed FIXED | ||||||||
| Severity: | Affects Some People | CC: | emaste, instructionset, oshogbo, rgrimes, zeon | ||||||
| Priority: | --- | Keywords: | patch | ||||||
| Version: | CURRENT | ||||||||
| Hardware: | Any | ||||||||
| OS: | Any | ||||||||
| Attachments: |
|
||||||||
Reverting the MFC of r335939, r336088 'Add setproctitle_fast(3) for frequent callers.' solves this for me on 11-STABLE. I will look into it deeper. Created attachment 195717 [details]
bhyverun.patch
(In reply to Bill Sorenson from comment #1) Thanks for the advise. Reverting r335939 and r336088 works for me, too. And I found the attached `bhyverun.patch` works for me without reverting. Due to lack of my code study, I do not understand why my patch works. Created attachment 195754 [details]
kern.patch
I noticed this is caused by capability mode.
Since r335939, calling sysctlbyname("kern.ps_strings") become important.
A user proccess writes process title to the memory address returned from
sysctlbyname("kern.ps_strings"). But sysctlbyname("kern.ps_strings") is not
allowed in capability mode.
My `bhyverun.patch` calls setproctitle(3) before cap_enter(2),
so it works.
In my opinion, "kern.ps_string" can be read in capability mode
because the returned address is in its own process.
I wrote a small patch that allows to read "kern.ps_string" for my kernel.
Attached `kern.patch` works for me.
Adding emaste@ to this as a Capsicum expert. The setproctitle(3) looks fine with me - I will commit it. With the ps_string the problem is a little more complicated. In my opinion the title is a part of a global namespace so we should not be able to change it but I would like to discussed this. In this bug report can we only focus on the bhyve title issue? A commit references this bug: Author: oshogbo Date: Thu Aug 2 21:54:35 UTC 2018 New revision: 337189 URL: https://svnweb.freebsd.org/changeset/base/337189 Log: bhyve: set title before entering capability mode PR: 230082 Submitted by: Yuichiro NAITO <naito.yuichiro@gmail.com> Changes: head/usr.sbin/bhyve/bhyverun.c (In reply to Mariusz Zaborski from comment #7) > The setproctitle(3) looks fine with me - I will commit it. Thanks for the commit. > With the ps_string the problem is a little more complicated. > In my opinion the title is a part of a global namespace so we should not be ab\ le to change it but I would like to discussed this. I misunderstood sysctl behavior. I saw that original (before r335939) setproctitle(3) calls sysctl like this. ``` sysctl([CTL_KERN, KERN_PROC, KEN_PROC_ARGS, getpid()], ...) ``` This code works in capability mode all the time (independent of r335939). I thought calling sysctl("kern.ps_strings") was also safe in capability mode. But, the sysctl is allowed to write only... > In this bug report can we only focus on the bhyve title issue? Yes, I don't see any other problems for now. I will close this PR. Thank you! (In reply to Yuichiro NAITO from comment #9) Hello, Looks like the issue is exist still. 09:27:34)27[root@host ~]# ps wwwwwwax | grep Test01 3148 0 Is+ 0:00,04 /bin/sh /usr/local/sbin/vm -tf _run Test01 5531 0 SC+ 1:43,20 bhyve -c 1 -m 2G -AHP -U 7f86c10b-d8c9-11e7-ae5d-f04da2090b7b -u -s 0,hostbridge -s 31,lpc -s 4:0,virtio-blk,/usr/local/VM/ Test01 /disk0.img -s 5:0,virtio-net,tap1102,mac=58:9c:fc:07:1a:8b -l com1,stdio Test01 (09:27:40)27[root@host ~]# uname -a FreeBSD host.local.org 11.2-STABLE FreeBSD 11.2-STABLE #18 r337452: Wed Aug 8 15:06:59 EEST 2018 root@host.local.org:/usr/obj/usr/src/sys/CUSTOM amd64 ===== OLDER BEHAVIOR ===== Comparing to the older system ( r335977 ) (09:31:30)4[root@bohus docs]# ps wwwwwwax | grep Ubuntu 5053 1 IC+ 115:04,09 bhyve: Ubuntu (bhyve) (09:31:37)4[root@bohus docs]# uname -a FreeBSD bohus 11.2-STABLE FreeBSD 11.2-STABLE #7 r335977: Fri Jul 6 06:58:35 EEST 2018 root@bohus:/usr/obj/usr/src/sys/CUSTOM amd64 This wasn't integrated yet to the 11. I will do this today. Thanks. Hi Mariusz, Was this patch added to the 11? Thank you. A commit references this bug: Author: oshogbo Date: Fri Aug 10 14:47:17 UTC 2018 New revision: 337575 URL: https://svnweb.freebsd.org/changeset/base/337575 Log: MFC r337189: bhyve: set title before entering capability mode PR: 230082 Submitted by: Yuichiro NAITO <naito.yuichiro@gmail.com> Changes: _U stable/11/ stable/11/usr.sbin/bhyve/bhyverun.c Yes :) I'm confirming that it is working now. Thank you, Mariusz! |
On my FreeBSD head r336754, bhyve process title never be set. Bhyve calls setproctile(3) in usr.sbin/bhyve/bhyverun.c as follows. ``` /* * Change the proc title to include the VM name. */ setproctitle("%s", vmname); ``` So, I expect ps shows "bhyve: test". But my ps shows as follows. ``` 1770 1 SC 0:13.02 /usr/sbin/bhyve -c 2 -A -H -P -m 2G -s 0,hostbridge -s 1,lpc -s 2,ahci-hd,/dev/zvol/zpool/iohyve/test/disk0 `` I can see other processes set process title correctly. For example: ``` 571 - Is 0:00.00 dhclient: em0 [priv] (dhclient) 1001 - Is 0:00.00 nginx: master process /usr/local/sbin/nginx 1324 - Ss 0:00.01 sendmail: accepting connections (sendmail) ``` It seems only bhyve problem. My virtual machine on the bhyve works fine. No problem for the execution.