Page MenuHomeFreeBSD

jail: Handle jail removal in a dedicated thread
ClosedPublic

Authored by markj on Dec 8 2024, 7:37 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Dec 21, 7:24 PM
Unknown Object (File)
Sun, Dec 15, 7:04 AM
Unknown Object (File)
Sat, Dec 14, 10:41 PM
Unknown Object (File)
Sat, Dec 14, 4:55 PM

Details

Summary

Otherwise a deadlock is possible: the system taskqueue thread removes a
prison and calls vnet_destroy(), vnet_vlan_uninit() destroys the if_vlan
cloner, the vlan_clone_destroy() callback calls taskqueue_drain() on the
thread taskqueue.

Fix the problem by introducing a new thread for jail removals.

Ideally, the taskqueue interface would let consumers define queues
without having to map them to threads, as that'd make it possible to
avoid such deadlocks without extra threads; for now, this is the only
solution.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj requested review of this revision.Dec 8 2024, 7:37 PM

Longer term, I'd like to push some of vnet removal into the period between prison_cleanup() and the final jail destruction; interface removal is definitely part of that desire. But that's a mess of dependencies that hasn't found a solution yet, so I can see how we need this.

I don't suppose the one extra thread is a huge cost.

This revision is now accepted and ready to land.Dec 9 2024, 4:48 AM

Longer term, I'd like to push some of vnet removal into the period between prison_cleanup() and the final jail destruction; interface removal is definitely part of that desire. But that's a mess of dependencies that hasn't found a solution yet, so I can see how we need this.

I don't suppose the one extra thread is a huge cost.

It's not, but this isn't the first time we've had to resolve a deadlock this way, so it adds up over time. As I hinted in the review description, I believe the taskqueue interface needs to be simplified for low-frequency work.

Ideally, the taskqueue interface would let consumers define queues without having to map them to threads, as that'd make it possible to avoid such deadlocks without extra threads; for now, this is the only solution.

Is it worth extending the comment before TASKQUEUE_DEFINE_THREAD(jail_remove); with a brief note to this effect?

Ideally, the taskqueue interface would let consumers define queues without having to map them to threads, as that'd make it possible to avoid such deadlocks without extra threads; for now, this is the only solution.

Is it worth extending the comment before TASKQUEUE_DEFINE_THREAD(jail_remove); with a brief note to this effect?

I think the idea is too vague to be useful or actionable, so not really suited for a comment.