272958 – jail creation failure with vnet epair leaves host interface lingering

Bug 272958 - jail creation failure with vnet epair leaves host interface lingering

Summary: jail creation failure with vnet epair leaves host interface lingering

Status:	New

Alias:	None

Product:	Base System
Classification:	Unclassified
Component:	kern (show other bugs)
Version:	13.2-RELEASE
Hardware:	amd64 Any

Importance:	--- Affects Some People
Assignee:	freebsd-jail (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-08-05 16:18 UTC by Alex Seitsinger
Modified:	2023-11-03 11:38 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
/etc/jail.conf (880 bytes, text/plain) 2023-08-06 18:33 UTC, Alex Seitsinger	no flags	Details
logs0/scripts/created (1.03 KB, text/plain) 2023-08-06 18:35 UTC, Alex Seitsinger	no flags	Details
create-bridge.sh (1.06 KB, text/plain) 2023-08-06 18:37 UTC, Alex Seitsinger	no flags	Details
bridge-jail-epair.sh (2.71 KB, text/plain) 2023-08-06 18:37 UTC, Alex Seitsinger	no flags	Details
create-jail-epair.sh (817 bytes, text/plain) 2023-08-06 18:38 UTC, Alex Seitsinger	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alex Seitsinger 2023-08-05 16:18:28 UTC

Failure to start a jail successfully leads to lingering epair interface on host while the jail (and its epair interface) disappear. Destroying the lingering epair interface on the host leads to a kernel panic second to minutes later.

Comment 1 Antranig Vartanian 2023-08-06 06:24:14 UTC

Can you send a jail.conf and commands that you use for replication?

I just tried this on my machine and it worked fine.

Comment 2 Alex Seitsinger 2023-08-06 18:33:41 UTC

Created attachment 243902 [details]
/etc/jail.conf

bastille jail

Comment 3 Alex Seitsinger 2023-08-06 18:35:36 UTC

Created attachment 243903 [details]
logs0/scripts/created

Comment 4 Alex Seitsinger 2023-08-06 18:37:08 UTC

Created attachment 243904 [details]
create-bridge.sh

Comment 5 Alex Seitsinger 2023-08-06 18:37:31 UTC

Created attachment 243905 [details]
bridge-jail-epair.sh

Comment 6 Alex Seitsinger 2023-08-06 18:38:04 UTC

Created attachment 243906 [details]
create-jail-epair.sh

Comment 7 Alex Seitsinger 2023-08-06 20:47:28 UTC

1. Start a jail
2. Using exec.created/exec.poststart, successfully move the epair interface into the jail via ifconfig vnet.
3. Run another script via exec.created/exec.poststart, but have it fail, causing the jail's creation to fail and exit.
4. Observe that the first epair interface still exists on the host via ifconfig.
5. Some seconds to minutes following this, the kernel will panic and reboot the system.

Comment 8 Alex Seitsinger 2023-08-12 15:03:42 UTC

(In reply to Antranig Vartanian from comment #1)

ping