svn commit: r194707 - head/sys/kern
Author: jamie Date: Tue Jun 23 14:39:21 2009 New Revision: 194707 URL: http://svn.freebsd.org/changeset/base/194707 Log: Remove unnecessary/redundant includes. Approved by: bz (mentor) Modified: head/sys/kern/kern_cpuset.c head/sys/kern/uipc_usrreq.c Modified: head/sys/kern/kern_cpuset.c == --- head/sys/kern/kern_cpuset.c Tue Jun 23 14:37:07 2009(r194706) +++ head/sys/kern/kern_cpuset.c Tue Jun 23 14:39:21 2009(r194707) @@ -49,7 +49,6 @@ __FBSDID($FreeBSD$); #include sys/syscallsubr.h #include sys/cpuset.h #include sys/sx.h -#include sys/refcount.h #include sys/queue.h #include sys/limits.h #include sys/bus.h Modified: head/sys/kern/uipc_usrreq.c == --- head/sys/kern/uipc_usrreq.c Tue Jun 23 14:37:07 2009(r194706) +++ head/sys/kern/uipc_usrreq.c Tue Jun 23 14:39:21 2009(r194707) @@ -67,7 +67,6 @@ __FBSDID($FreeBSD$); #include sys/eventhandler.h #include sys/file.h #include sys/filedesc.h -#include sys/jail.h #include sys/kernel.h #include sys/lock.h #include sys/mbuf.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194708 - head/usr.sbin/jail
Author: jamie Date: Tue Jun 23 14:39:51 2009 New Revision: 194708 URL: http://svn.freebsd.org/changeset/base/194708 Log: Remove obsolete comment describing how the command line is no longer parsed. Approved by: bz (mentor) Modified: head/usr.sbin/jail/jail.c Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Tue Jun 23 14:39:21 2009(r194707) +++ head/usr.sbin/jail/jail.c Tue Jun 23 14:39:51 2009(r194708) @@ -210,11 +210,6 @@ main(int argc, char **argv) if (uflag) GET_USER_INFO; - /* -* If the first argument (path) starts with a slash, and the third -* argument (IP address) starts with a digit, it is likely to be -* an old-style fixed-parameter command line. -*/ if (jailname) set_param(name, jailname); if (securelevel) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194709 - head/usr.sbin/jexec
Author: jamie Date: Tue Jun 23 14:40:08 2009 New Revision: 194709 URL: http://svn.freebsd.org/changeset/base/194709 Log: Whitespace fix. Approved by: bz (mentor) Modified: head/usr.sbin/jexec/jexec.c Modified: head/usr.sbin/jexec/jexec.c == --- head/usr.sbin/jexec/jexec.c Tue Jun 23 14:39:51 2009(r194708) +++ head/usr.sbin/jexec/jexec.c Tue Jun 23 14:40:08 2009(r194709) @@ -75,9 +75,9 @@ main(int argc, char *argv[]) int ch, ngroups, uflag, Uflag; long ngroups_max; char *ep, *username; + ch = uflag = Uflag = 0; username = NULL; - ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) err(1, malloc); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194762 - in head: lib/libc/sys sys/kern sys/sys usr.sbin/jail
Author: jamie Date: Tue Jun 23 20:35:51 2009 New Revision: 194762 URL: http://svn.freebsd.org/changeset/base/194762 Log: Add a limit for child jails via the children.cur and children.max parameters. This replaces the simple allow.jails permission. Approved by: bz (mentor) Modified: head/lib/libc/sys/jail.2 head/sys/kern/kern_jail.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8 Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Tue Jun 23 20:22:34 2009(r194761) +++ head/lib/libc/sys/jail.2Tue Jun 23 20:35:51 2009(r194762) @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd May 27, 2009 +.Dd June 23, 2009 .Dt JAIL 2 .Os .Sh NAME @@ -293,9 +293,9 @@ will fail if: .Bl -tag -width Er .It Bq Er EPERM This process is not allowed to create a jail, either because it is not -the super-user, or because it is in a jail where the -.Va allow.jails -parameter is not set. +the super-user, or because it would exceed the jail's +.Va children.max +limit. .It Bq Er EFAULT .Fa jail points to an address outside the allocated address space of the process. @@ -312,9 +312,9 @@ will fail if: .Bl -tag -width Er .It Bq Er EPERM This process is not allowed to create a jail, either because it is not -the super-user, or because it is in a jail where the -.Va allow.jails -parameter is not set. +the super-user, or because it would exceed the jail's +.Va children.max +limit. .It Bq Er EPERM A jail parameter was set to a less restrictive value then the current environment. Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Tue Jun 23 20:22:34 2009(r194761) +++ head/sys/kern/kern_jail.c Tue Jun 23 20:35:51 2009(r194762) @@ -80,6 +80,7 @@ struct prison prison0 = { .pr_uref= 1, .pr_path= /, .pr_securelevel = -1, + .pr_childmax= JAIL_MAX, .pr_hostuuid= ----, .pr_children= LIST_HEAD_INITIALIZER(prison0.pr_children), .pr_flags = PR_HOST, @@ -152,7 +153,6 @@ static char *pr_allow_names[] = { allow.chflags, allow.mount, allow.quotas, - allow.jails, allow.socket_af, }; @@ -163,7 +163,6 @@ static char *pr_allow_nonames[] = { allow.nochflags, allow.nomount, allow.noquotas, - allow.nojails, allow.nosocket_af, }; @@ -479,8 +478,8 @@ kern_jail_set(struct thread *td, struct unsigned long hid; size_t namelen, onamelen; int created, cuflags, descend, enforce, error, errmsg_len, errmsg_pos; - int gotenforce, gothid, gotslevel, fi, jid, len; - int slevel, vfslocked; + int gotchildmax, gotenforce, gothid, gotslevel, fi, jid, len, level; + int childmax, slevel, vfslocked; #if defined(INET) || defined(INET6) int ii, ij; #endif @@ -500,7 +499,7 @@ kern_jail_set(struct thread *td, struct if (error) return (error); mypr = ppr = td-td_ucred-cr_prison; - if ((flags JAIL_CREATE) !(mypr-pr_allow PR_ALLOW_JAILS)) + if ((flags JAIL_CREATE) mypr-pr_childmax == 0) return (EPERM); if (flags ~JAIL_SET_MASK) return (EINVAL); @@ -544,6 +543,15 @@ kern_jail_set(struct thread *td, struct else gotslevel = 1; + error = + vfs_copyopt(opts, children.max, childmax, sizeof(childmax)); + if (error == ENOENT) + gotchildmax = 0; + else if (error != 0) + goto done_free; + else + gotchildmax = 1; + error = vfs_copyopt(opts, enforce_statfs, enforce, sizeof(enforce)); gotenforce = (error == 0); if (gotenforce) { @@ -1023,6 +1031,12 @@ kern_jail_set(struct thread *td, struct /* If there's no prison to update, create a new one and link it in. */ if (pr == NULL) { + for (tpr = mypr; tpr != NULL; tpr = tpr-pr_parent) + if (tpr-pr_childcount = tpr-pr_childmax) { + error = EPERM; + vfs_opterror(opts, prison limit exceeded); + goto done_unlock_list; + } created = 1; mtx_lock(ppr-pr_mtx); if (ppr-pr_ref == 0 || (ppr-pr_flags PR_REMOVE)) { @@ -1076,7 +1090,7 @@ kern_jail_set(struct thread *td, struct TAILQ_INSERT_TAIL(allprison, pr, pr_list); LIST_INSERT_HEAD(ppr-pr_children, pr, pr_sibling); for (tpr = ppr; tpr != NULL; tpr = tpr-pr_parent) - tpr-pr_prisoncount++; + tpr-pr_childcount++; pr-pr_parent = ppr; pr-pr_id = jid; @@
svn commit: r194841 - head/sys/kern
Author: jamie Date: Wed Jun 24 15:29:36 2009 New Revision: 194841 URL: http://svn.freebsd.org/changeset/base/194841 Log: Fix a race in vi_if_move, where a vnet is used after the prison that referred to it has been released. Approved by: bz (mentor) Modified: head/sys/kern/kern_vimage.c Modified: head/sys/kern/kern_vimage.c == --- head/sys/kern/kern_vimage.c Wed Jun 24 15:24:51 2009(r194840) +++ head/sys/kern/kern_vimage.c Wed Jun 24 15:29:36 2009(r194841) @@ -117,9 +117,11 @@ vi_if_move(struct thread *td, struct ifn struct prison *pr; struct vimage *new_vip, *my_vip; struct vnet *new_vnet; + int error; if (vi_req != NULL) { /* SIOCSIFVIMAGE */ + pr = NULL; /* Check for API / ABI version mismatch. */ if (vi_req-vi_api_cookie != VI_API_COOKIE) return (EDOOFUS); @@ -148,6 +150,7 @@ vi_if_move(struct thread *td, struct ifn sx_sunlock(allprison_lock); if (pr == NULL) return (ENXIO); + prison_hold_locked(pr); mtx_unlock(pr-pr_mtx); if (ifp != NULL) { /* SIOCSIFVNET */ @@ -158,31 +161,35 @@ vi_if_move(struct thread *td, struct ifn CURVNET_SET(pr-pr_vnet); ifp = ifunit(ifname); CURVNET_RESTORE(); - if (ifp == NULL) + if (ifp == NULL) { + prison_free(pr); return (ENXIO); + } } - - /* No-op if the target jail has the same vnet. */ - if (new_vnet == ifp-if_vnet) - return (0); } - /* -* Check for naming clashes in target vnet. Not locked so races -* are possible. -*/ - CURVNET_SET_QUIET(new_vnet); - t_ifp = ifunit(ifname); - CURVNET_RESTORE(); - if (t_ifp != NULL) - return (EEXIST); - - /* Detach from curvnet and attach to new_vnet. */ - if_vmove(ifp, new_vnet); + error = 0; + if (new_vnet != ifp-if_vnet) { + /* +* Check for naming clashes in target vnet. Not locked so races +* are possible. +*/ + CURVNET_SET_QUIET(new_vnet); + t_ifp = ifunit(ifname); + CURVNET_RESTORE(); + if (t_ifp != NULL) + error = EEXIST; + else { + /* Detach from curvnet and attach to new_vnet. */ + if_vmove(ifp, new_vnet); - /* Report the new if_xname back to the userland */ - sprintf(ifname, %s, ifp-if_xname); - return (0); + /* Report the new if_xname back to the userland */ + sprintf(ifname, %s, ifp-if_xname); + } + } + if (pr != NULL) + prison_free(pr); + return (error); } /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194842 - head/sys/sys
Author: jamie Date: Wed Jun 24 15:32:57 2009 New Revision: 194842 URL: http://svn.freebsd.org/changeset/base/194842 Log: Clean up struct prison, with the recent fields in more logical places, and room for future expansion. Approved by: bz (mentor) Modified: head/sys/sys/jail.h Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Wed Jun 24 15:29:36 2009(r194841) +++ head/sys/sys/jail.h Wed Jun 24 15:32:57 2009(r194842) @@ -149,30 +149,32 @@ struct prison { int pr_ref;/* (p) refcount */ int pr_uref; /* (p) user (alive) refcount */ unsigned pr_flags; /* (p) PR_* flags */ - char pr_path[MAXPATHLEN]; /* (c) chroot path */ - struct cpuset *pr_cpuset; /* (p) cpuset */ - struct vnode*pr_root; /* (c) vnode to rdir */ - char pr_hostname[MAXHOSTNAMELEN]; /* (p) jail hostname */ - char pr_name[MAXHOSTNAMELEN]; /* (p) admin jail name */ + LIST_HEAD(, prison) pr_children;/* (a) list of child jails */ + LIST_ENTRY(prison) pr_sibling; /* (a) next in parent's list */ struct prison *pr_parent; /* (c) containing jail */ - int pr_securelevel;/* (p) securelevel */ - struct task pr_task; /* (d) destroy task */ struct mtx pr_mtx; + struct task pr_task; /* (d) destroy task */ struct osd pr_osd;/* (p) additional data */ + struct cpuset *pr_cpuset; /* (p) cpuset */ + struct vnet *pr_vnet; /* (c) network stack */ + struct vnode*pr_root; /* (c) vnode to rdir */ int pr_ip4s; /* (p) number of v4 IPs */ - struct in_addr *pr_ip4;/* (p) v4 IPs of jail */ int pr_ip6s; /* (p) number of v6 IPs */ + struct in_addr *pr_ip4;/* (p) v4 IPs of jail */ struct in6_addr *pr_ip6;/* (p) v6 IPs of jail */ - LIST_HEAD(, prison) pr_children;/* (a) list of child jails */ - LIST_ENTRY(prison) pr_sibling; /* (a) next in parent's list */ + void*pr_sparep[4]; int pr_childcount; /* (a) number of child jails */ + int pr_childmax; /* (p) maximum child jails */ unsigned pr_allow; /* (p) PR_ALLOW_* flags */ + int pr_securelevel;/* (p) securelevel */ int pr_enforce_statfs; /* (p) statfs permission */ + int pr_spare[5]; + unsigned longpr_hostid; /* (p) jail hostid */ + char pr_name[MAXHOSTNAMELEN]; /* (p) admin jail name */ + char pr_path[MAXPATHLEN]; /* (c) chroot path */ + char pr_hostname[MAXHOSTNAMELEN]; /* (p) jail hostname */ char pr_domainname[MAXHOSTNAMELEN]; /* (p) jail domainname */ char pr_hostuuid[HOSTUUIDLEN]; /* (p) jail hostuuid */ - unsigned longpr_hostid; /* (p) jail hostid */ - struct vnet *pr_vnet; /* (c) network stack */ - int pr_childmax; /* (p) maximum child jails */ }; #endif /* _KERNEL || _WANT_PRISON */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194869 - in head: gnu/usr.bin/groff/tmac lib lib/libjail share/mk usr.bin/killall usr.sbin/jail usr.sbin/jexec usr.sbin/jls
Author: jamie Date: Wed Jun 24 18:18:35 2009 New Revision: 194869 URL: http://svn.freebsd.org/changeset/base/194869 Log: Add libjail, a (somewhat) simpler interface to the jail_set and jail_get system calls and the security.jail.param sysctls. Approved by: bz (mentor) Added: head/lib/libjail/ head/lib/libjail/Makefile (contents, props changed) head/lib/libjail/jail.3 (contents, props changed) head/lib/libjail/jail.c (contents, props changed) head/lib/libjail/jail.h (contents, props changed) head/lib/libjail/jail_getid.c (contents, props changed) Modified: head/gnu/usr.bin/groff/tmac/mdoc.local head/lib/Makefile head/share/mk/bsd.libnames.mk head/usr.bin/killall/Makefile head/usr.bin/killall/killall.c head/usr.sbin/jail/Makefile head/usr.sbin/jail/jail.c head/usr.sbin/jexec/Makefile head/usr.sbin/jexec/jexec.c head/usr.sbin/jls/Makefile head/usr.sbin/jls/jls.c Modified: head/gnu/usr.bin/groff/tmac/mdoc.local == --- head/gnu/usr.bin/groff/tmac/mdoc.local Wed Jun 24 18:12:16 2009 (r194868) +++ head/gnu/usr.bin/groff/tmac/mdoc.local Wed Jun 24 18:18:35 2009 (r194869) @@ -47,6 +47,7 @@ .ds doc-str-Lb-libfetchFile Transfer Library (libfetch, \-lfetch) .ds doc-str-Lb-libgeom Userland API Library for kernel GEOM subsystem (libgeom, \-lgeom) .ds doc-str-Lb-libipx IPX Address Conversion Support Library (libipx, \-lipx) +.ds doc-str-Lb-libjail Jail Library (libjail, \-ljail) .ds doc-str-Lb-libkiconv Kernel side iconv library (libkiconv, \-lkiconv) .ds doc-str-Lb-libkse N:M Threading Library (libkse, \-lkse) .ds doc-str-Lb-libmd Message Digest (MD4, MD5, etc.) Support Library (libmd, \-lmd) Modified: head/lib/Makefile == --- head/lib/Makefile Wed Jun 24 18:12:16 2009(r194868) +++ head/lib/Makefile Wed Jun 24 18:18:35 2009(r194869) @@ -35,8 +35,8 @@ SUBDIR= ${_csu} libc libbsm libauditd li libcalendar libcam libcompat libdevinfo libdevstat libdisk \ libdwarf libedit libexpat libfetch libftpio libgeom ${_libgpib} \ ${_libgssapi} ${_librpcsec_gss} libipsec \ - ${_libipx} libkiconv libmagic libmemstat ${_libmilter} ${_libmp} \ - ${_libncp} ${_libngatm} libopie libpam libpcap \ + ${_libipx} libjail libkiconv libmagic libmemstat ${_libmilter} \ + ${_libmp} ${_libncp} ${_libngatm} libopie libpam libpcap \ ${_libpmc} libproc librt ${_libsdp} ${_libsm} ${_libsmb} \ ${_libsmdb} \ ${_libsmutil} libstand ${_libtelnet} ${_libthr} libthread_db libufs \ Added: head/lib/libjail/Makefile == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libjail/Makefile Wed Jun 24 18:18:35 2009(r194869) @@ -0,0 +1,29 @@ +# $FreeBSD$ + +LIB= jail +SHLIBDIR?= /lib +SHLIB_MAJOR= 1 +SRCS= jail.c jail_getid.c +INCS= jail.h + +MAN= jail.3 + +MLINKS+=jail.3 jail_getid.3 +MLINKS+=jail.3 jail_getname.3 +MLINKS+=jail.3 jail_getv.3 +MLINKS+=jail.3 jail_setv.3 +MLINKS+=jail.3 jailparam.3 +MLINKS+=jail.3 jailparam_all.3 +MLINKS+=jail.3 jailparam_init.3 +MLINKS+=jail.3 jailparam_import.3 +MLINKS+=jail.3 jailparam_import_raw.3 +MLINKS+=jail.3 jailparam_get.3 +MLINKS+=jail.3 jailparam_set.3 +MLINKS+=jail.3 jailparam_export.3 +MLINKS+=jail.3 jailparam_free.3 + +CFLAGS+=-I${.CURDIR} + +WARNS?=6 + +.include bsd.lib.mk Added: head/lib/libjail/jail.3 == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/lib/libjail/jail.3 Wed Jun 24 18:18:35 2009(r194869) @@ -0,0 +1,275 @@ +.\ Copyright (c) 2009 James Gritton. +.\ All rights reserved. +.\ +.\ Redistribution and use in source and binary forms, with or without +.\ modification, are permitted provided that the following conditions +.\ are met: +.\ 1. Redistributions of source code must retain the above copyright +.\notice, this list of conditions and the following disclaimer. +.\ 2. Redistributions in binary form must reproduce the above copyright +.\notice, this list of conditions and the following disclaimer in the +.\documentation and/or other materials provided with the distribution. +.\ +.\ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
svn commit: r194870 - head/tools/build/mk
Author: jamie Date: Wed Jun 24 18:19:55 2009 New Revision: 194870 URL: http://svn.freebsd.org/changeset/base/194870 Log: Add libjail, a (somewhat) simpler interface to the jail_set and jail_get system calls and the security.jail.param sysctls. Approved by: bz (mentor) Modified: head/tools/build/mk/OptionalObsoleteFiles.inc Modified: head/tools/build/mk/OptionalObsoleteFiles.inc == --- head/tools/build/mk/OptionalObsoleteFiles.inc Wed Jun 24 18:18:35 2009(r194869) +++ head/tools/build/mk/OptionalObsoleteFiles.inc Wed Jun 24 18:19:55 2009(r194870) @@ -1023,6 +1023,7 @@ OLD_FILES+=usr/lib/libhdb_p.a OLD_FILES+=usr/lib/libhistory_p.a OLD_FILES+=usr/lib/libipsec_p.a OLD_FILES+=usr/lib/libipx_p.a +OLD_FILES+=usr/lib/libjail_p.a OLD_FILES+=usr/lib/libkadm5clnt_p.a OLD_FILES+=usr/lib/libkadm5srv_p.a OLD_FILES+=usr/lib/libkafs5_p.a ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194871 - in head: rescue/rescue sbin/ifconfig
Author: jamie Date: Wed Jun 24 18:21:37 2009 New Revision: 194871 URL: http://svn.freebsd.org/changeset/base/194871 Log: Add the vnet and -vnet options, to allow moving interfaces between jails with VIMAGE. Approved by: bz (mentor) Modified: head/rescue/rescue/Makefile head/sbin/ifconfig/Makefile head/sbin/ifconfig/ifconfig.8 head/sbin/ifconfig/ifconfig.c Modified: head/rescue/rescue/Makefile == --- head/rescue/rescue/Makefile Wed Jun 24 18:19:55 2009(r194870) +++ head/rescue/rescue/Makefile Wed Jun 24 18:21:37 2009(r194871) @@ -143,7 +143,7 @@ CRUNCH_LIBS+= -lipx .if ${MK_ZFS} != no CRUNCH_LIBS+= -lzfs -lnvpair -luutil -lavl .endif -CRUNCH_LIBS+= -lgeom -lbsdxml -lkiconv -lmd -lreadline -lsbuf -lufs -lz +CRUNCH_LIBS+= -lgeom -lbsdxml -ljail -lkiconv -lmd -lreadline -lsbuf -lufs -lz .if ${MACHINE_ARCH} == i386 CRUNCH_PROGS_sbin+= bsdlabel sconfig fdisk Modified: head/sbin/ifconfig/Makefile == --- head/sbin/ifconfig/Makefile Wed Jun 24 18:19:55 2009(r194870) +++ head/sbin/ifconfig/Makefile Wed Jun 24 18:21:37 2009(r194871) @@ -27,8 +27,8 @@ SRCS+=ifgre.c # GRE keys etc SRCS+= ifgif.c # GIF reversed header workaround SRCS+= ifieee80211.c regdomain.c # SIOC[GS]IEEE80211 support -DPADD+=${LIBBSDXML} ${LIBSBUF} -LDADD+=-lbsdxml -lsbuf +DPADD+=${LIBBSDXML} ${LIBSBUF} ${LIBJAIL} +LDADD+=-lbsdxml -ljail -lsbuf SRCS+= ifcarp.c# SIOC[GS]VH support SRCS+= ifgroup.c # ... Modified: head/sbin/ifconfig/ifconfig.8 == --- head/sbin/ifconfig/ifconfig.8 Wed Jun 24 18:19:55 2009 (r194870) +++ head/sbin/ifconfig/ifconfig.8 Wed Jun 24 18:21:37 2009 (r194871) @@ -28,7 +28,7 @@ .\ From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 .\ $FreeBSD$ .\ -.Dd January 7, 2009 +.Dd June 24, 2009 .Dt IFCONFIG 8 .Os .Sh NAME @@ -417,6 +417,18 @@ If the driver offers user-configurable V reception of extended frames, tag processing in hardware, or frame filtering in hardware, respectively. +.It Cm vnet Ar jail +Move the interface to the +.Xr jail 8 , +specified by name or JID. +If the jail has a virtual network stack, the interface will disappear +from the current environment and become visible to the jail. +.It Fl vnet Ar jail +Reclaim the interface from the +.Xr jail 8 , +specified by name or JID. +If the jail has a virtual network stack, the interface will disappear +from the jail, and become visible to the current network environment. .It Cm polling Turn on .Xr polling 4 @@ -2367,6 +2379,7 @@ tried to alter an interface's configurat .\ .Xr eon 5 , .Xr rc 8 , .Xr routed 8 , +.Xr jail 8 , .Xr sysctl 8 .Sh HISTORY The Modified: head/sbin/ifconfig/ifconfig.c == --- head/sbin/ifconfig/ifconfig.c Wed Jun 24 18:19:55 2009 (r194870) +++ head/sbin/ifconfig/ifconfig.c Wed Jun 24 18:21:37 2009 (r194871) @@ -67,6 +67,7 @@ static const char rcsid[] = #include err.h #include errno.h #include fcntl.h +#include jail.h #include stdio.h #include stdlib.h #include string.h @@ -629,6 +630,34 @@ deletetunnel(const char *vname, int para } static void +setifvnet(const char *jname, int dummy __unused, int s, +const struct afswtch *afp) +{ + struct ifreq my_ifr; + + memcpy(my_ifr, ifr, sizeof(my_ifr)); + ifr.ifr_jid = jail_getid(jname); + if (ifr.ifr_jid 0) + errx(1, %s, jail_errmsg); + if (ioctl(s, SIOCSIFVNET, ifr) 0) + err(1, SIOCSIFVNET); +} + +static void +setifrvnet(const char *jname, int dummy __unused, int s, +const struct afswtch *afp) +{ + struct ifreq my_ifr; + + memcpy(my_ifr, ifr, sizeof(my_ifr)); + ifr.ifr_jid = jail_getid(jname); + if (ifr.ifr_jid 0) + errx(1, %s, jail_errmsg); + if (ioctl(s, SIOCSIFRVNET, ifr) 0) + err(1, SIOCSIFRVNET); +} + +static void setifnetmask(const char *addr, int dummy __unused, int s, const struct afswtch *afp) { @@ -1012,6 +1041,8 @@ static struct cmd basic_cmds[] = { DEF_CMD_ARG2(tunnel, settunnel), DEF_CMD(-tunnel, 0, deletetunnel), DEF_CMD(deletetunnel, 0, deletetunnel), + DEF_CMD_ARG(vnet, setifvnet), + DEF_CMD_ARG(-vnet,setifrvnet), DEF_CMD(link0,IFF_LINK0, setifflags), DEF_CMD(-link0, -IFF_LINK0, setifflags), DEF_CMD(link1,IFF_LINK1, setifflags), ___ svn-src-all@freebsd.org mailing list
svn commit: r194915 - head/sys/kern
Author: jamie Date: Wed Jun 24 21:39:50 2009 New Revision: 194915 URL: http://svn.freebsd.org/changeset/base/194915 Log: In case of prisons with their own network stack, permit additional privileges as well as not restricting the type of sockets a user can open. Note: the VIMAGE/vnet fetaure of of jails is still considered experimental and cannot guarantee that privileged users can be kept imprisoned if enabled. Reviewed by: rwatson Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Jun 24 21:37:38 2009(r194914) +++ head/sys/kern/kern_jail.c Wed Jun 24 21:39:50 2009(r194915) @@ -3151,6 +3151,10 @@ prison_check_af(struct ucred *cred, int KASSERT(cred != NULL, (%s: cred is NULL, __func__)); pr = cred-cr_prison; + /* Prisons with their own network stack are not limited. */ + if (pr-pr_flags PR_VNET) + return (0); + error = 0; switch (af) { @@ -3412,6 +3416,130 @@ prison_priv_check(struct ucred *cred, in if (!jailed(cred)) return (0); +#ifdef VIMAGE + /* +* Privileges specific to prisons with a virtual network stack. +* There might be a duplicate entry here in case the privilege +* is only granted conditionally in the legacy jail case. +*/ + switch (priv) { +#ifdef notyet + /* +* NFS-specific privileges. +*/ + case PRIV_NFS_DAEMON: + case PRIV_NFS_LOCKD: +#endif + /* +* Network stack privileges. +*/ + case PRIV_NET_BRIDGE: + case PRIV_NET_GRE: + case PRIV_NET_BPF: + case PRIV_NET_RAW: /* Dup, cond. in legacy jail case. */ + case PRIV_NET_ROUTE: + case PRIV_NET_TAP: + case PRIV_NET_SETIFMTU: + case PRIV_NET_SETIFFLAGS: + case PRIV_NET_SETIFCAP: + case PRIV_NET_SETIFNAME : + case PRIV_NET_SETIFMETRIC: + case PRIV_NET_SETIFPHYS: + case PRIV_NET_SETIFMAC: + case PRIV_NET_ADDMULTI: + case PRIV_NET_DELMULTI: + case PRIV_NET_HWIOCTL: + case PRIV_NET_SETLLADDR: + case PRIV_NET_ADDIFGROUP: + case PRIV_NET_DELIFGROUP: + case PRIV_NET_IFCREATE: + case PRIV_NET_IFDESTROY: + case PRIV_NET_ADDIFADDR: + case PRIV_NET_DELIFADDR: + case PRIV_NET_LAGG: + case PRIV_NET_GIF: + case PRIV_NET_SETIFVNET: + + /* +* 802.11-related privileges. +*/ + case PRIV_NET80211_GETKEY: +#ifdef notyet + case PRIV_NET80211_MANAGE: /* XXX-BZ discuss with sam@ */ +#endif + +#ifdef notyet + /* +* AppleTalk privileges. +*/ + case PRIV_NETATALK_RESERVEDPORT: + + /* +* ATM privileges. +*/ + case PRIV_NETATM_CFG: + case PRIV_NETATM_ADD: + case PRIV_NETATM_DEL: + case PRIV_NETATM_SET: + + /* +* Bluetooth privileges. +*/ + case PRIV_NETBLUETOOTH_RAW: +#endif + + /* +* Netgraph and netgraph module privileges. +*/ + case PRIV_NETGRAPH_CONTROL: +#ifdef notyet + case PRIV_NETGRAPH_TTY: +#endif + + /* +* IPv4 and IPv6 privileges. +*/ + case PRIV_NETINET_IPFW: + case PRIV_NETINET_DIVERT: + case PRIV_NETINET_PF: + case PRIV_NETINET_DUMMYNET: + case PRIV_NETINET_CARP: + case PRIV_NETINET_MROUTE: + case PRIV_NETINET_RAW: + case PRIV_NETINET_ADDRCTRL6: + case PRIV_NETINET_ND6: + case PRIV_NETINET_SCOPE6: + case PRIV_NETINET_ALIFETIME6: + case PRIV_NETINET_IPSEC: + case PRIV_NETINET_BINDANY: + +#ifdef notyet + /* +* IPX/SPX privileges. +*/ + case PRIV_NETIPX_RESERVEDPORT: + case PRIV_NETIPX_RAW: + + /* +* NCP privileges. +*/ + case PRIV_NETNCP: + + /* +* SMB privileges. +*/ + case PRIV_NETSMB: +#endif + + /* +* No default: or deny here. +* In case of no permit fall through to next switch(). +*/ + if (cred-cr_prison-pr_flags PR_VNET) + return (0); + } +#endif /* VIMAGE */ + switch (priv) { /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194923 - head/sys/kern
Author: jamie Date: Wed Jun 24 22:06:56 2009 New Revision: 194923 URL: http://svn.freebsd.org/changeset/base/194923 Log: Wrap a PR_VNET inside #ifdef VIMAGE since that the only place it applies. bz wants the blame for this. Noticed by: rwatson Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Jun 24 22:04:04 2009(r194922) +++ head/sys/kern/kern_jail.c Wed Jun 24 22:06:56 2009(r194923) @@ -3151,9 +3151,11 @@ prison_check_af(struct ucred *cred, int KASSERT(cred != NULL, (%s: cred is NULL, __func__)); pr = cred-cr_prison; +#ifdef VIMAGE /* Prisons with their own network stack are not limited. */ if (pr-pr_flags PR_VNET) return (0); +#endif error = 0; switch (af) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195011 - head/lib/libjail
Author: jamie Date: Thu Jun 25 22:42:19 2009 New Revision: 195011 URL: http://svn.freebsd.org/changeset/base/195011 Log: Fix dynamic (re)allocation logic in jailparam_set and jailparam_get. Touch up jailparam_import a bit while I'm at it. Approved by: bz (mentor) Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Thu Jun 25 22:24:13 2009(r195010) +++ head/lib/libjail/jail.c Thu Jun 25 22:42:19 2009(r195011) @@ -248,14 +248,14 @@ jailparam_import(struct jailparam *jp, c int i, nval, fw; if (!jp-jp_ctltype jailparam_type(jp) 0) - goto error; + return (-1); if (value == NULL) return (0); if ((jp-jp_ctltype CTLTYPE) == CTLTYPE_STRING) { jp-jp_value = strdup(value); - if (!jp-jp_value) { + if (jp-jp_value == NULL) { strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); - goto error; + return (-1); } return (0); } @@ -263,9 +263,9 @@ jailparam_import(struct jailparam *jp, c if (jp-jp_elemlen) { if (value[0] == '\0' || (value[0] == '-' value[1] == '\0')) { jp-jp_value = strdup(); - if (value == NULL) { + if (jp-jp_value == NULL) { strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); - goto error; + return (-1); } jp-jp_valuelen = 0; return (0); @@ -275,9 +275,9 @@ jailparam_import(struct jailparam *jp, c jp-jp_valuelen = jp-jp_elemlen * nval; } jp-jp_value = malloc(jp-jp_valuelen); - if (!jp-jp_value) { + if (jp-jp_value == NULL) { strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); - goto error; + return (-1); } avalue = value; for (i = 0; i nval; i++) { @@ -395,17 +395,18 @@ jailparam_set(struct jailparam *jp, unsi { struct iovec *jiov; char *nname; - int i, jid; + int i, jid, bool0; unsigned j; jiov = alloca(sizeof(struct iovec) * 2 * (njp + 1)); + bool0 = 0; for (i = j = 0; j njp; j++) { jiov[i].iov_base = jp[j].jp_name; jiov[i].iov_len = strlen(jp[j].jp_name) + 1; i++; if (jp[j].jp_flags (JP_BOOL | JP_NOBOOL)) { /* -* Set booleans without values. If one have a value of +* Set booleans without values. If one has a value of * zero, change it to (or from) its no counterpart. */ jiov[i].iov_base = NULL; @@ -413,13 +414,18 @@ jailparam_set(struct jailparam *jp, unsi if (jp[j].jp_value != NULL jp[j].jp_valuelen == sizeof(int) !*(int *)jp[j].jp_value) { + bool0 = 1; nname = jp[j].jp_flags JP_BOOL - ? noname(jiov[i].iov_base) - : nononame(jiov[i].iov_base); - if (nname == NULL) - return (-1); - free(jp[j].jp_name); - jiov[i].iov_base = jp[j].jp_name = nname; + ? noname(jp[j].jp_name) + : nononame(jp[j].jp_name); + if (nname == NULL) { + njp = j; + jid = -1; + goto done; + } + jiov[i - 1].iov_base = nname; + jiov[i - 1].iov_len = strlen(nname) + 1; + } } else { jiov[i].iov_base = jp[j].jp_value; @@ -441,6 +447,14 @@ jailparam_set(struct jailparam *jp, unsi if (jid 0 !jail_errmsg[0]) snprintf(jail_errmsg, sizeof(jail_errmsg), jail_set: %s, strerror(errno)); + done: + if (bool0) + for (j = 0; j njp; j++) + if ((jp[j].jp_flags (JP_BOOL | JP_NOBOOL)) + jp[j].jp_value != NULL + jp[j].jp_valuelen == sizeof(int) + !*(int *)jp[j].jp_value) + free(jiov[j * 2].iov_base); return (jid); }
svn commit: r195156 - in head/release: amd64 i386 ia64 pc98 powerpc sparc64 sun4v
Author: jamie Date: Mon Jun 29 13:59:30 2009 New Revision: 195156 URL: http://svn.freebsd.org/changeset/base/195156 Log: Add libjail to the boot_crunch binaries (for ifconfig). PR: 136071 Submitted by: Scot Hetzel Approved by: re (kensmith), bz (mentor) Modified: head/release/amd64/boot_crunch.conf head/release/i386/boot_crunch.conf head/release/ia64/boot_crunch.conf head/release/pc98/boot_crunch.conf head/release/powerpc/boot_crunch.conf head/release/sparc64/boot_crunch.conf head/release/sun4v/boot_crunch.conf Modified: head/release/amd64/boot_crunch.conf == --- head/release/amd64/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/amd64/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -42,4 +42,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lsbuf -lufs -ldevinfo -libs -lbsdxml -larchive -lbz2 -lusb +libs -lbsdxml -larchive -lbz2 -lusb -ljail Modified: head/release/i386/boot_crunch.conf == --- head/release/i386/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/i386/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -42,4 +42,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lsbuf -lufs -ldevinfo -libs -lbsdxml -larchive -lbz2 -lusb +libs -lbsdxml -larchive -lbz2 -lusb -ljail Modified: head/release/ia64/boot_crunch.conf == --- head/release/ia64/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/ia64/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -46,4 +46,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lkiconv -lsbuf -lufs -ldevinfo -libs -lgeom -lbsdxml -larchive -lbz2 -lusb +libs -lgeom -lbsdxml -larchive -lbz2 -lusb -ljail Modified: head/release/pc98/boot_crunch.conf == --- head/release/pc98/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/pc98/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -41,4 +41,4 @@ progs sysinstall libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lsbuf -lufs -lbsdxml -libs -larchive -lbz2 +libs -larchive -lbz2 -ljail Modified: head/release/powerpc/boot_crunch.conf == --- head/release/powerpc/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/powerpc/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -44,4 +44,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lkiconv -lsbuf -lufs -libs -lbsdxml -larchive -lbz2 -lusb +libs -lbsdxml -larchive -lbz2 -lusb -ljail Modified: head/release/sparc64/boot_crunch.conf == --- head/release/sparc64/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/sparc64/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -42,4 +42,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lsbuf -lufs -lbsdxml -libs -larchive -lbz2 -lusb +libs -larchive -lbz2 -lusb -ljail Modified: head/release/sun4v/boot_crunch.conf == --- head/release/sun4v/boot_crunch.conf Mon Jun 29 10:59:36 2009 (r195155) +++ head/release/sun4v/boot_crunch.conf Mon Jun 29 13:59:30 2009 (r195156) @@ -42,4 +42,4 @@ progs usbconfig libs -ll -ledit -lutil -lmd -lcrypt -lftpio -lz -lnetgraph libs -ldialog -lncurses -ldisk -lcam -lsbuf -lufs -lbsdxml -libs -larchive -lbz2 -lusb +libs -larchive -lbz2 -lusb -ljail ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195285 - head/sys/kern
Author: jamie Date: Thu Jul 2 14:19:33 2009 New Revision: 195285 URL: http://svn.freebsd.org/changeset/base/195285 Log: Call prison_check from vfs_suser rather than re-implementing it. Approved by: re (kib), bz (mentor) Modified: head/sys/kern/vfs_subr.c Modified: head/sys/kern/vfs_subr.c == --- head/sys/kern/vfs_subr.cThu Jul 2 12:41:21 2009(r195284) +++ head/sys/kern/vfs_subr.cThu Jul 2 14:19:33 2009(r195285) @@ -461,8 +461,7 @@ vfs_suser(struct mount *mp, struct threa * If the file system was mounted outside the jail of the calling * thread, deny immediately. */ - if (mp-mnt_cred-cr_prison != td-td_ucred-cr_prison - !prison_ischild(td-td_ucred-cr_prison, mp-mnt_cred-cr_prison)) + if (prison_check(td-td_ucred, mp-mnt_cred) != 0) return (EPERM); /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195462 - head/usr.sbin/jls
Author: jamie Date: Wed Jul 8 15:57:22 2009 New Revision: 195462 URL: http://svn.freebsd.org/changeset/base/195462 Log: Give a more expected behavior to -[hns] options, defaulting to all parameters instead of ignoring the options and giving the old-style default output. Approved by: re (kib), bz (mentor) Modified: head/usr.sbin/jls/jls.8 head/usr.sbin/jls/jls.c Modified: head/usr.sbin/jls/jls.8 == --- head/usr.sbin/jls/jls.8 Wed Jul 8 15:46:29 2009(r195461) +++ head/usr.sbin/jls/jls.8 Wed Jul 8 15:57:22 2009(r195462) @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd May 27, 2009 +.Dd July 8, 2009 .Dt JLS 8 .Os .Sh NAME @@ -54,6 +54,8 @@ for a description of some core parameter .Pp If no .Ar parameters +or any of the options +.Fl hns are given, the following four columns will be printed: jail identifier (jid), IP address (ip4.addr), hostname (host.hostname), and path (path). @@ -66,17 +68,20 @@ List as well as active jails. .It Fl h Print a header line containing the parameters listed. -If no parameters are given on the command line, the default output always -contains a header. +If no parameters are given on the command line, +.Va all +is assumed. .It Fl n Print parameters in .Dq name=value format, where each parameter is preceded by its name. -This option is ignored for the default four-column output. +If no parameters are given on the command line, +.Va all +is assumed. .It Fl q Put quotes around parameters if they contain spaces or quotes, or are the empty string. -.It Fl c +.It Fl s Print parameters suitable for passing to .Xr jail 8 , skipping read-only and unused parameters. Modified: head/usr.sbin/jls/jls.c == --- head/usr.sbin/jls/jls.c Wed Jul 8 15:46:29 2009(r195461) +++ head/usr.sbin/jls/jls.c Wed Jul 8 15:57:22 2009(r195462) @@ -88,7 +88,8 @@ main(int argc, char **argv) jname = optarg; break; case 'h': - pflags = (pflags ~PRINT_SKIP) | PRINT_HEADER; + pflags = (pflags ~(PRINT_SKIP | PRINT_VERBOSE)) | + PRINT_HEADER; break; case 'n': pflags = (pflags ~PRINT_VERBOSE) | PRINT_NAMEVAL; @@ -101,7 +102,8 @@ main(int argc, char **argv) PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP; break; case 'v': - pflags = (pflags ~(PRINT_NAMEVAL | PRINT_SKIP)) | + pflags = (pflags + ~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) | PRINT_VERBOSE; break; default: @@ -110,7 +112,9 @@ main(int argc, char **argv) /* Add the parameters to print. */ if (optind == argc) { - if (pflags PRINT_VERBOSE) { + if (pflags (PRINT_HEADER | PRINT_NAMEVAL)) + add_param(all, NULL, (size_t)0, NULL, JP_USER); + else if (pflags PRINT_VERBOSE) { add_param(jid, NULL, (size_t)0, NULL, JP_USER); add_param(host.hostname, NULL, (size_t)0, NULL, JP_USER); @@ -122,9 +126,7 @@ main(int argc, char **argv) add_param(ip6.addr, NULL, (size_t)0, NULL, JP_USER | JP_OPT); } else { - pflags = (pflags - ~(PRINT_NAMEVAL | PRINT_SKIP | PRINT_VERBOSE)) | - PRINT_DEFAULT; + pflags |= PRINT_DEFAULT; add_param(jid, NULL, (size_t)0, NULL, JP_USER); add_param(ip4.addr, NULL, (size_t)0, NULL, JP_USER); add_param(host.hostname, NULL, (size_t)0, NULL, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195741 - in head: sys/kern sys/net sys/sys tools/tools/vimage
Author: jamie Date: Fri Jul 17 14:48:21 2009 New Revision: 195741 URL: http://svn.freebsd.org/changeset/base/195741 Log: Remove the interim vimage containers, struct vimage and struct procg, and the ioctl-based interface that supported them. Approved by: re (kib), bz (mentor) Modified: head/sys/kern/init_main.c head/sys/kern/kern_exit.c head/sys/kern/kern_fork.c head/sys/kern/kern_jail.c head/sys/kern/kern_linker.c head/sys/kern/kern_prot.c head/sys/kern/kern_vimage.c head/sys/net/if.c head/sys/sys/sockio.h head/sys/sys/ucred.h head/sys/sys/vimage.h head/tools/tools/vimage/Makefile head/tools/tools/vimage/vimage.c Modified: head/sys/kern/init_main.c == --- head/sys/kern/init_main.c Fri Jul 17 14:02:20 2009(r195740) +++ head/sys/kern/init_main.c Fri Jul 17 14:48:21 2009(r195741) @@ -74,7 +74,6 @@ __FBSDID($FreeBSD$); #include sys/malloc.h #include sys/conf.h #include sys/cpuset.h -#include sys/vimage.h #include machine/cpu.h @@ -454,12 +453,6 @@ proc0_init(void *dummy __unused) p-p_ucred-cr_uidinfo = uifind(0); p-p_ucred-cr_ruidinfo = uifind(0); p-p_ucred-cr_prison = prison0; -#ifdef VIMAGE - KASSERT(LIST_FIRST(vimage_head) != NULL, (vimage_head empty)); - P_TO_VIMAGE(p) = LIST_FIRST(vimage_head); /* set ucred-cr_vimage */ - refcount_acquire(P_TO_VIMAGE(p)-vi_ucredrefc); - LIST_FIRST(vprocg_head)-nprocs++; -#endif #ifdef AUDIT audit_cred_kproc0(p-p_ucred); #endif Modified: head/sys/kern/kern_exit.c == --- head/sys/kern/kern_exit.c Fri Jul 17 14:02:20 2009(r195740) +++ head/sys/kern/kern_exit.c Fri Jul 17 14:48:21 2009(r195741) @@ -69,7 +69,6 @@ __FBSDID($FreeBSD$); #include sys/sdt.h #include sys/shm.h #include sys/sem.h -#include sys/vimage.h #ifdef KTRACE #include sys/ktrace.h #endif @@ -687,7 +686,6 @@ static void proc_reap(struct thread *td, struct proc *p, int *status, int options, struct rusage *rusage) { - INIT_VPROCG(P_TO_VPROCG(p)); struct proc *q, *t; sx_assert(proctree_lock, SA_XLOCKED); @@ -791,9 +789,6 @@ proc_reap(struct thread *td, struct proc uma_zfree(proc_zone, p); sx_xlock(allproc_lock); nprocs--; -#ifdef VIMAGE - vprocg-nprocs--; -#endif sx_xunlock(allproc_lock); } Modified: head/sys/kern/kern_fork.c == --- head/sys/kern/kern_fork.c Fri Jul 17 14:02:20 2009(r195740) +++ head/sys/kern/kern_fork.c Fri Jul 17 14:48:21 2009(r195741) @@ -67,7 +67,6 @@ __FBSDID($FreeBSD$); #include sys/sdt.h #include sys/sx.h #include sys/signalvar.h -#include sys/vimage.h #include security/audit/audit.h #include security/mac/mac_framework.h @@ -363,9 +362,6 @@ norfproc_fail: * are hard-limits as to the number of processes that can run. */ nprocs++; -#ifdef VIMAGE - P_TO_VPROCG(p1)-nprocs++; -#endif /* * Find an unused process ID. We remember a range of unused IDs Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Jul 17 14:02:20 2009(r195740) +++ head/sys/kern/kern_jail.c Fri Jul 17 14:48:21 2009(r195741) @@ -3243,10 +3243,6 @@ int prison_check(struct ucred *cred1, struct ucred *cred2) { -#ifdef VIMAGE - if (cred2-cr_vimage-v_procg != cred1-cr_vimage-v_procg) - return (ESRCH); -#endif return ((cred1-cr_prison == cred2-cr_prison || prison_ischild(cred1-cr_prison, cred2-cr_prison)) ? 0 : ESRCH); } Modified: head/sys/kern/kern_linker.c == --- head/sys/kern/kern_linker.c Fri Jul 17 14:02:20 2009(r195740) +++ head/sys/kern/kern_linker.c Fri Jul 17 14:48:21 2009(r195741) @@ -992,12 +992,6 @@ kern_kldload(struct thread *td, const ch if ((error = priv_check(td, PRIV_KLD_LOAD)) != 0) return (error); -#ifdef VIMAGE - /* Only the default vimage is permitted to kldload modules. */ - if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td))) - return (EPERM); -#endif - /* * It is possible that kldloaded module will attach a new ifnet, * so vnet context must be set when this ocurs. @@ -1069,12 +1063,6 @@ kern_kldunload(struct thread *td, int fi if ((error = priv_check(td, PRIV_KLD_UNLOAD)) != 0) return (error); -#ifdef VIMAGE - /* Only the default vimage is permitted to kldunload modules. */ - if (!IS_DEFAULT_VIMAGE(TD_TO_VIMAGE(td))) - return (EPERM); -#endif - CURVNET_SET(TD_TO_VNET(td)); KLD_LOCK(); lf =
svn commit: r195870 - in head: lib/libjail sys/compat/linux sys/kern sys/sys usr.sbin/jail usr.sbin/jls
Author: jamie Date: Sat Jul 25 14:48:57 2009 New Revision: 195870 URL: http://svn.freebsd.org/changeset/base/195870 Log: Some jail parameters (in particular, ip4 and ip6 for IP address restrictions) were found to be inadequately described by a boolean. Define a new parameter type with three values (disable, new, inherit) to handle these and future cases. Approved by: re (kib), bz (mentor) Discussed with: rwatson Modified: head/lib/libjail/jail.c head/lib/libjail/jail.h head/sys/compat/linux/linux_mib.c head/sys/kern/kern_jail.c head/sys/sys/jail.h head/usr.sbin/jail/jail.8 head/usr.sbin/jls/jls.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Sat Jul 25 14:33:21 2009(r195869) +++ head/lib/libjail/jail.c Sat Jul 25 14:48:57 2009(r195870) @@ -54,6 +54,8 @@ __FBSDID($FreeBSD$); #define ARRAY_SLOP 5 +static int jailparam_import_enum(const char **values, int nvalues, +const char *valstr, size_t valsize, int *value); static int jailparam_vlist(struct jailparam **jpp, va_list ap); static int jailparam_type(struct jailparam *jp); static char *noname(const char *name); @@ -61,6 +63,9 @@ static char *nononame(const char *name); char jail_errmsg[JAIL_ERRMSGLEN]; +static const char *bool_values[] = { false, true }; +static const char *jailsys_values[] = { disable, new, inherit }; + /* * Import a null-terminated parameter list and set a jail with the flags @@ -140,7 +145,6 @@ int jailparam_all(struct jailparam **jpp) { struct jailparam *jp; - char *nname; size_t mlen1, mlen2, buflen; int njp, nlist; int mib1[CTL_MAXNAME], mib2[CTL_MAXNAME - 2]; @@ -182,6 +186,8 @@ jailparam_all(struct jailparam **jpp) sysctl(0.1): %s, strerror(errno)); goto error; } + if (buf[buflen - 2] == '.') + buf[buflen - 2] = '\0'; /* Add the parameter to the list */ if (njp = nlist) { nlist *= 2; @@ -197,17 +203,6 @@ jailparam_all(struct jailparam **jpp) njp++; goto error; } - /* Convert nobool parameters to bool. */ - if (jp[njp].jp_flags JP_NOBOOL) { - nname = nononame(jp[njp].jp_name); - if (nname == NULL) { - njp++; - goto error; - } - free(jp[njp].jp_name); - jp[njp].jp_name = nname; - jp[njp].jp_flags ^= JP_BOOL | JP_NOBOOL; - } mib1[1] = 2; } jp = realloc(jp, njp * sizeof(*jp)); @@ -285,14 +280,31 @@ jailparam_import(struct jailparam *jp, c switch (jp-jp_ctltype CTLTYPE) { case CTLTYPE_INT: if (jp-jp_flags (JP_BOOL | JP_NOBOOL)) { - if (!strncasecmp(avalue, true, 4)) - ((int *)jp-jp_value)[i] = 1; - else if (!strncasecmp(avalue, false, 5)) - ((int *)jp-jp_value)[i] = 0; - else { + if (!jailparam_import_enum(bool_values, 2, + avalue, fw, ((int *)jp-jp_value)[i])) { snprintf(jail_errmsg, - JAIL_ERRMSGLEN, - %s: unknown boolean value \%.*s\, + JAIL_ERRMSGLEN, %s: + unknown boolean value \%.*s\, + jp-jp_name, fw, avalue); + errno = EINVAL; + goto error; + } + break; + } + if (jp-jp_flags JP_JAILSYS) { + /* +* Allow setting a jailsys parameter to new +* in a booleanesque fashion. +*/ + if (value[0] == '\0') + ((int *)jp-jp_value)[i] = JAIL_SYS_NEW; + else if (!jailparam_import_enum(jailsys_values, + sizeof(jailsys_values) / + sizeof(jailsys_values[0]), avalue, fw, + ((int *)jp-jp_value)[i])) { + snprintf(jail_errmsg, + JAIL_ERRMSGLEN, %s:
svn commit: r195944 - head/sys/kern
Author: jamie Date: Wed Jul 29 16:41:02 2009 New Revision: 195944 URL: http://svn.freebsd.org/changeset/base/195944 Log: Change the default value of the ip4 and ip6 jail parameters to disable, which only allows access to the parent/physical system's IP addresses when specifically directed. Change the default value of host to new, and don't copy the parent host values, to insulate jails from the parent hostname et al. Approved by: re (kib), bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Jul 29 14:50:31 2009(r195943) +++ head/sys/kern/kern_jail.c Wed Jul 29 16:41:02 2009(r195944) @@ -70,6 +70,8 @@ __FBSDID($FreeBSD$); #include security/mac/mac_framework.h +#defineDEFAULT_HOSTUUID---- + MALLOC_DEFINE(M_PRISON, prison, Prison structures); /* prison0 describes what is real about the system. */ @@ -81,7 +83,7 @@ struct prison prison0 = { .pr_path= /, .pr_securelevel = -1, .pr_childmax= JAIL_MAX, - .pr_hostuuid= ----, + .pr_hostuuid= DEFAULT_HOSTUUID, .pr_children= LIST_HEAD_INITIALIZER(prison0.pr_children), .pr_flags = PR_HOST, .pr_allow = PR_ALLOW_ALL, @@ -1128,40 +1130,18 @@ kern_jail_set(struct thread *td, struct /* Set some default values, and inherit some from the parent. */ if (name == NULL) name = ; - if (host != NULL || domain != NULL || uuid != NULL || gothid) { - if (host == NULL) - host = ppr-pr_hostname; - if (domain == NULL) - domain = ppr-pr_domainname; - if (uuid == NULL) - uuid = ppr-pr_hostuuid; - if (!gothid) - hid = ppr-pr_hostid; - } if (path == NULL) { path = /; root = mypr-pr_root; vref(root); } + strlcpy(pr-pr_hostuuid, DEFAULT_HOSTUUID, HOSTUUIDLEN); + pr-pr_flags |= PR_HOST; #ifdef INET - pr-pr_flags |= ppr-pr_flags PR_IP4; - pr-pr_ip4s = ppr-pr_ip4s; - if (ppr-pr_ip4 != NULL) { - pr-pr_ip4 = malloc(pr-pr_ip4s * - sizeof(struct in_addr), M_PRISON, M_WAITOK); - bcopy(ppr-pr_ip4, pr-pr_ip4, - pr-pr_ip4s * sizeof(*pr-pr_ip4)); - } + pr-pr_flags |= PR_IP4 | PR_IP4_USER | PR_IP4_DISABLE; #endif #ifdef INET6 - pr-pr_flags |= ppr-pr_flags PR_IP6; - pr-pr_ip6s = ppr-pr_ip6s; - if (ppr-pr_ip6 != NULL) { - pr-pr_ip6 = malloc(pr-pr_ip6s * - sizeof(struct in6_addr), M_PRISON, M_WAITOK); - bcopy(ppr-pr_ip6, pr-pr_ip6, - pr-pr_ip6s * sizeof(*pr-pr_ip6)); - } + pr-pr_flags |= PR_IP6 | PR_IP6_USER | PR_IP6_DISABLE; #endif pr-pr_securelevel = ppr-pr_securelevel; pr-pr_allow = JAIL_DEFAULT_ALLOW ppr-pr_allow; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195945 - head/sys/kern
Author: jamie Date: Wed Jul 29 16:46:59 2009 New Revision: 195945 URL: http://svn.freebsd.org/changeset/base/195945 Log: Don't allow mixing the vnet and ip4/6 jail parameters, since vnet jails have their own IP stack and don't have access to the parent IP addresses anyway. Note that a virtual network stack forms a break between prisons with regard to the list of allowed IP addresses. Approved by: re (kib), bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Wed Jul 29 16:41:02 2009(r195944) +++ head/sys/kern/kern_jail.c Wed Jul 29 16:46:59 2009(r195945) @@ -468,7 +468,7 @@ kern_jail_set(struct thread *td, struct #endif struct vfsopt *opt; struct vfsoptlist *opts; - struct prison *pr, *deadpr, *mypr, *ppr, *tpr; + struct prison *pr, *deadpr, *mypr, *ppr, *tpr, *tppr; struct vnode *root; char *domain, *errmsg, *host, *name, *p, *path, *uuid; #if defined(INET) || defined(INET6) @@ -821,6 +821,15 @@ kern_jail_set(struct thread *td, struct } #endif +#if defined(VIMAGE) (defined(INET) || defined(INET6)) + if ((ch_flags PR_VNET) (ch_flags (PR_IP4_USER | PR_IP6_USER))) { + error = EINVAL; + vfs_opterror(opts, + vnet jails cannot have IP address restrictions); + goto done_errmsg; + } +#endif + root = NULL; error = vfs_getopt(opts, path, (void **)path, len); if (error == ENOENT) @@ -1137,11 +1146,18 @@ kern_jail_set(struct thread *td, struct } strlcpy(pr-pr_hostuuid, DEFAULT_HOSTUUID, HOSTUUIDLEN); pr-pr_flags |= PR_HOST; +#if defined(INET) || defined(INET6) +#ifdef VIMAGE + if (!(pr_flags PR_VNET)) +#endif + { #ifdef INET - pr-pr_flags |= PR_IP4 | PR_IP4_USER | PR_IP4_DISABLE; + pr-pr_flags |= PR_IP4 | PR_IP4_USER | PR_IP4_DISABLE; #endif #ifdef INET6 - pr-pr_flags |= PR_IP6 | PR_IP6_USER | PR_IP6_DISABLE; + pr-pr_flags |= PR_IP6 | PR_IP6_USER | PR_IP6_DISABLE; +#endif + } #endif pr-pr_securelevel = ppr-pr_securelevel; pr-pr_allow = JAIL_DEFAULT_ALLOW ppr-pr_allow; @@ -1173,6 +1189,15 @@ kern_jail_set(struct thread *td, struct */ } else { created = 0; +#if defined(VIMAGE) (defined(INET) || defined(INET6)) + if ((pr-pr_flags PR_VNET) + (ch_flags (PR_IP4_USER | PR_IP6_USER))) { + error = EINVAL; + vfs_opterror(opts, + vnet jails cannot have IP address restrictions); + goto done_deref_locked; + } +#endif /* * Grab a reference for existing prisons, to ensure they * continue to exist for the duration of the call. @@ -1299,8 +1324,19 @@ kern_jail_set(struct thread *td, struct * there is a duplicate on a jail with more than one * IP stop checking and return error. */ - FOREACH_PRISON_DESCENDANT(prison0, tpr, descend) { - if (tpr == pr || tpr-pr_uref == 0) { + tppr = ppr; +#ifdef VIMAGE + for (; tppr != prison0; tppr = tppr-pr_parent) + if (tppr-pr_flags PR_VNET) + break; +#endif + FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { + if (tpr == pr || +#ifdef VIMAGE + (tpr != tppr +(tpr-pr_flags PR_VNET)) || +#endif + tpr-pr_uref == 0) { descend = 0; continue; } @@ -1407,8 +1443,19 @@ kern_jail_set(struct thread *td, struct } if (ip6s 0) { /* Check for conflicting IP addresses. */ - FOREACH_PRISON_DESCENDANT(prison0, tpr, descend) { - if (tpr == pr || tpr-pr_uref == 0) { + tppr = ppr; +#ifdef VIMAGE + for (; tppr != prison0; tppr = tppr-pr_parent) + if (tppr-pr_flags PR_VNET) + break; +#endif + FOREACH_PRISON_DESCENDANT(tppr, tpr, descend) { + if (tpr == pr || +#ifdef VIMAGE + (tpr != tppr +(tpr-pr_flags PR_VNET)) || +#endif
Re: svn commit: r195944 - head/sys/kern
Sam Leffler wrote: Jamie Gritton wrote: Author: jamie Date: Wed Jul 29 16:41:02 2009 New Revision: 195944 URL: http://svn.freebsd.org/changeset/base/195944 Log: Change the default value of the ip4 and ip6 jail parameters to disable, which only allows access to the parent/physical system's IP addresses when specifically directed. Change the default value of host to new, and don't copy the parent host values, to insulate jails from the parent hostname et al. This does not say why you're making these changes; please explain. My apologies. The ip4/6 change fixed an error with the old-style command line of jail(8), where specifying IPv4 address(es) but not IPv6 addresses would allow access to the full IPv6 stack, a regression from 7.2 which allows only specifically noted IPv6 addresses. This could have been fixed in jail(8), but the default to act like the current jail implementation even for new-style command lines made more sense, and the kernel is the place for such policy points. The host change arose from a discrepancy between the it and the linux parameters that control the Linux MIB entries. These had different defaults for no reason other than I coded them at different times without a lot of thought as to what the most reasonable default would be. I also made a cleaner break with the parent system when one value (typically host.hostname) is set and the others aren't - it didn't make sense to copy some and set others. - Jamie ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195969 - stable/7/usr.sbin/jexec
Author: jamie Date: Thu Jul 30 05:36:31 2009 New Revision: 195969 URL: http://svn.freebsd.org/changeset/base/195969 Log: Preset errno to zero before calling strtol(), so the check afterwards will be valid. This is required since the malloc call from r195859 leaves errno in an unknown state. For STABLE-7 only, as CURRENT doesn't make this strtol call. Reported by: Michael Butler Approved by: bz (mentor) Modified: stable/7/usr.sbin/jexec/jexec.c Modified: stable/7/usr.sbin/jexec/jexec.c == --- stable/7/usr.sbin/jexec/jexec.c Thu Jul 30 00:57:54 2009 (r195968) +++ stable/7/usr.sbin/jexec/jexec.c Thu Jul 30 05:36:31 2009 (r195969) @@ -248,6 +248,7 @@ main(int argc, char *argv[]) if (argc 2) usage(); if (strlen(argv[0]) 0) { + errno = 0; jid = (int)strtol(argv[0], NULL, 10); if (errno) err(1, Unable to parse jail ID.); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r195974 - head/sys/kern
Author: jamie Date: Thu Jul 30 14:28:56 2009 New Revision: 195974 URL: http://svn.freebsd.org/changeset/base/195974 Log: Remove a LOR, where the the sleepable allprison_lock was being obtained in prison_equal_ip4/6 while an inp mutex was held. Locking allprison_lock can be avoided by making a restriction on the IP addresses associated with jails: Don't allow the ip4 and ip6 parameters to be changed after a jail is created. Setting the ip4.addr and ip6.addr parameters is allowed, but only if the jail was already created with either ip4/6=new or ip4/6=disable. With this restriction, the prison flags in question (PR_IP4_USER and PR_IP6_USER) become read-only and can be checked without locking. This also allows the simplification of a messy code path that was needed to handle an existing prison gaining an IP address list. PR: kern/136899 Reported by: Dirk Meyer Approved by: re (kib), bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Jul 30 13:19:12 2009(r195973) +++ head/sys/kern/kern_jail.c Thu Jul 30 14:28:56 2009(r195974) @@ -484,10 +484,10 @@ kern_jail_set(struct thread *td, struct int ii, ij; #endif #ifdef INET - int ip4s, ip4a, redo_ip4; + int ip4s, redo_ip4; #endif #ifdef INET6 - int ip6s, ip6a, redo_ip6; + int ip6s, redo_ip6; #endif unsigned pr_flags, ch_flags; unsigned pr_allow, ch_allow, tallow; @@ -518,17 +518,12 @@ kern_jail_set(struct thread *td, struct if (error) return (error); #ifdef INET - ip4a = 0; ip4 = NULL; #endif #ifdef INET6 - ip6a = 0; ip6 = NULL; #endif -#if defined(INET) || defined(INET6) - again: -#endif error = vfs_copyopt(opts, jid, jid, sizeof(jid)); if (error == ENOENT) jid = 0; @@ -610,6 +605,20 @@ kern_jail_set(struct thread *td, struct goto done_errmsg; } #endif +#ifdef INET + if ((flags JAIL_UPDATE) (ch_flags PR_IP4_USER)) { + error = EINVAL; + vfs_opterror(opts, ip4 cannot be changed after creation); + goto done_errmsg; + } +#endif +#ifdef INET6 + if ((flags JAIL_UPDATE) (ch_flags PR_IP6_USER)) { + error = EINVAL; + vfs_opterror(opts, ip6 cannot be changed after creation); + goto done_errmsg; + } +#endif pr_allow = ch_allow = 0; for (fi = 0; fi sizeof(pr_allow_names) / sizeof(pr_allow_names[0]); @@ -708,7 +717,6 @@ kern_jail_set(struct thread *td, struct pr_flags |= PR_HOST; } - /* This might be the second time around for this option. */ #ifdef INET error = vfs_getopt(opts, ip4.addr, op, ip4s); if (error == ENOENT) @@ -730,14 +738,7 @@ kern_jail_set(struct thread *td, struct vfs_opterror(opts, too many IPv4 addresses); goto done_errmsg; } - if (ip4a ip4s) { - ip4a = ip4s; - free(ip4, M_PRISON); - ip4 = NULL; - } - if (ip4 == NULL) - ip4 = malloc(ip4a * sizeof(*ip4), M_PRISON, - M_WAITOK); + ip4 = malloc(ip4s * sizeof(*ip4), M_PRISON, M_WAITOK); bcopy(op, ip4, ip4s * sizeof(*ip4)); /* * IP addresses are all sorted but ip[0] to preserve @@ -793,14 +794,7 @@ kern_jail_set(struct thread *td, struct vfs_opterror(opts, too many IPv6 addresses); goto done_errmsg; } - if (ip6a ip6s) { - ip6a = ip6s; - free(ip6, M_PRISON); - ip6 = NULL; - } - if (ip6 == NULL) - ip6 = malloc(ip6a * sizeof(*ip6), M_PRISON, - M_WAITOK); + ip6 = malloc(ip6s * sizeof(*ip6), M_PRISON, M_WAITOK); bcopy(op, ip6, ip6s * sizeof(*ip6)); if (ip6s 1) qsort(ip6 + 1, ip6s - 1, sizeof(*ip6), qcmp_v6); @@ -1152,10 +1146,36 @@ kern_jail_set(struct thread *td, struct #endif { #ifdef INET - pr-pr_flags |= PR_IP4 | PR_IP4_USER | PR_IP4_DISABLE; + if (!(ch_flags PR_IP4_USER)) + pr-pr_flags |= + PR_IP4 | PR_IP4_USER |
svn commit: r195998 - head/usr.sbin/jail
Author: jamie Date: Fri Jul 31 14:30:06 2009 New Revision: 195998 URL: http://svn.freebsd.org/changeset/base/195998 Log: Handle kernels that don't have IPv6 by not sending an ip6.addr parameter unless a (numeric) IPv6 address is given. Even the default binaries built with -DINET6 will work with IPv6-less kernels. With an eye to the future, similarly handle the possibility of an IPv4-less kernel. Approved by: re (kib), bz (mentor) Modified: head/usr.sbin/jail/jail.c Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Fri Jul 31 14:19:57 2009(r195997) +++ head/usr.sbin/jail/jail.c Fri Jul 31 14:30:06 2009(r195998) @@ -231,10 +231,11 @@ main(int argc, char **argv) set_param(host.hostname, argv[1]); if (hflag) add_ip_addrinfo(0, argv[1]); + if (argv[2][0] != '\0') #ifdef INET6 - add_ip_addr46(argv[2]); + add_ip_addr46(argv[2]); #else - add_ip_addr(ip4_addr, argv[2]); + add_ip_addr(ip4_addr, argv[2]); #endif cmdarg = 3; /* Emulate the defaults from security.jail.* sysctls */ @@ -374,11 +375,6 @@ add_ip_addr46(char *value) { char *p, *np; - if (!value[0]) { - add_ip_addr(ip4_addr, value); - add_ip_addr(ip6_addr, value); - return; - } for (p = value;; p = np + 1) { np = strchr(p, ','); @@ -396,10 +392,13 @@ add_ip_addrinfo(int ai_flags, char *valu { struct addrinfo hints, *ai0, *ai; struct in_addr addr4; - int error; + size_t size; + int error, ip4ok; + int mib[4]; char avalue4[INET_ADDRSTRLEN]; #ifdef INET6 struct in6_addr addr6; + int ip6ok; char avalue6[INET6_ADDRSTRLEN]; #endif @@ -415,11 +414,34 @@ add_ip_addrinfo(int ai_flags, char *valu error = getaddrinfo(value, NULL, hints, ai0); if (error != 0) errx(1, hostname %s: %s, value, gai_strerror(error)); + + /* +* Silently ignore unsupported address families from DNS lookups. +* But if this is a numeric address, let the kernel give the error. +*/ + if (ai_flags AI_NUMERICHOST) + ip4ok = +#ifdef INET6 + ip6ok = +#endif + 1; + else { + size = 4; + ip4ok = (sysctlnametomib(security.jail.param.ip4, mib, + size) == 0); +#ifdef INET6 + size = 4; + ip6ok = (sysctlnametomib(security.jail.param.ip6, mib, + size) == 0); +#endif + } /* Convert the addresses to ASCII so set_param can convert them back. */ for (ai = ai0; ai; ai = ai-ai_next) switch (ai-ai_family) { case AF_INET: + if (!ip4ok) + break; memcpy(addr4, ((struct sockaddr_in *) (void *)ai-ai_addr)-sin_addr, sizeof(addr4)); if (inet_ntop(AF_INET, addr4, avalue4, @@ -429,6 +451,8 @@ add_ip_addrinfo(int ai_flags, char *valu break; #ifdef INET6 case AF_INET6: + if (!ip6ok) + break; memcpy(addr6, ((struct sockaddr_in6 *) (void *)ai-ai_addr)-sin6_addr, sizeof(addr6)); if (inet_ntop(AF_INET6, addr6, avalue6, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r196002 - head/sys/kern
Author: jamie Date: Fri Jul 31 16:00:41 2009 New Revision: 196002 URL: http://svn.freebsd.org/changeset/base/196002 Log: Make the enforce_statfs default 2 (most restrictive) in jail_set(2), instead of whatever the parent/system has (which is generally 0). This mirrors the old-style default used for jail(2) in conjunction with the security.jail.enforce_statfs sysctl. Approved by: re (kib), bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Jul 31 15:27:14 2009(r196001) +++ head/sys/kern/kern_jail.c Fri Jul 31 16:00:41 2009(r196002) @@ -165,9 +165,10 @@ static char *pr_allow_nonames[] = { allow.nosocket_af, }; -#defineJAIL_DEFAULT_ALLOW PR_ALLOW_SET_HOSTNAME +#defineJAIL_DEFAULT_ALLOW PR_ALLOW_SET_HOSTNAME +#defineJAIL_DEFAULT_ENFORCE_STATFS 2 static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; -static int jail_default_enforce_statfs = 2; +static int jail_default_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; #if defined(INET) || defined(INET6) static unsigned jail_max_af_ips = 255; #endif @@ -1181,7 +1182,7 @@ kern_jail_set(struct thread *td, struct #endif pr-pr_securelevel = ppr-pr_securelevel; pr-pr_allow = JAIL_DEFAULT_ALLOW ppr-pr_allow; - pr-pr_enforce_statfs = ppr-pr_enforce_statfs; + pr-pr_enforce_statfs = JAIL_DEFAULT_ENFORCE_STATFS; LIST_INIT(pr-pr_children); mtx_init(pr-pr_mtx, jail mutex, NULL, MTX_DEF | MTX_DUPOK); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r196592 - head/sys/kern
Author: jamie Date: Thu Aug 27 16:15:51 2009 New Revision: 196592 URL: http://svn.freebsd.org/changeset/base/196592 Log: Fix a LOR between allprison_lock and vnode locks by releasing allprison_lock before releasing a prison's root vnode. PR: kern/138004 Reviewed by: kib Approved by: bz (mentor) MFC after:3 days Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Aug 27 16:15:32 2009(r196591) +++ head/sys/kern/kern_jail.c Thu Aug 27 16:15:51 2009(r196592) @@ -2453,7 +2453,7 @@ prison_deref(struct prison *pr, int flag ppr = pr-pr_parent; for (tpr = ppr; tpr != NULL; tpr = tpr-pr_parent) tpr-pr_childcount--; - sx_downgrade(allprison_lock); + sx_xunlock(allprison_lock); #ifdef VIMAGE if (pr-pr_vnet != ppr-pr_vnet) @@ -2479,7 +2479,7 @@ prison_deref(struct prison *pr, int flag /* Removing a prison frees a reference on its parent. */ pr = ppr; mtx_lock(pr-pr_mtx); - flags = PD_DEREF | PD_LIST_SLOCKED; + flags = PD_DEREF; } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r196699 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/xen/xenpci kern
Author: jamie Date: Mon Aug 31 14:13:45 2009 New Revision: 196699 URL: http://svn.freebsd.org/changeset/base/196699 Log: MFC r196592: Fix a LOR between allprison_lock and vnode locks by releasing allprison_lock before releasing a prison's root vnode. PR: kern/138004 Reviewed by: kib Approved by: re (rwatson), bz (mentor) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/kern/kern_jail.c Modified: stable/8/sys/kern/kern_jail.c == --- stable/8/sys/kern/kern_jail.c Mon Aug 31 14:06:59 2009 (r196698) +++ stable/8/sys/kern/kern_jail.c Mon Aug 31 14:13:45 2009 (r196699) @@ -2453,7 +2453,7 @@ prison_deref(struct prison *pr, int flag ppr = pr-pr_parent; for (tpr = ppr; tpr != NULL; tpr = tpr-pr_parent) tpr-pr_childcount--; - sx_downgrade(allprison_lock); + sx_xunlock(allprison_lock); #ifdef VIMAGE if (pr-pr_vnet != ppr-pr_vnet) @@ -2479,7 +2479,7 @@ prison_deref(struct prison *pr, int flag /* Removing a prison frees a reference on its parent. */ pr = ppr; mtx_lock(pr-pr_mtx); - flags = PD_DEREF | PD_LIST_SLOCKED; + flags = PD_DEREF; } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r196835 - head/sys/kern
Author: jamie Date: Fri Sep 4 19:00:48 2009 New Revision: 196835 URL: http://svn.freebsd.org/changeset/base/196835 Log: Allow a jail's name to be the same as its jid (which is the default if no name is specified), but still disallow other numeric names. Reviewed by: zec Approved by: bz (mentor) MFC after:3 days Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Sep 4 18:57:40 2009(r196834) +++ head/sys/kern/kern_jail.c Fri Sep 4 19:00:48 2009(r196835) @@ -478,7 +478,7 @@ kern_jail_set(struct thread *td, struct struct vfsoptlist *opts; struct prison *pr, *deadpr, *mypr, *ppr, *tpr; struct vnode *root; - char *domain, *errmsg, *host, *name, *p, *path, *uuid; + char *domain, *errmsg, *host, *name, *namelc, *p, *path, *uuid; #if defined(INET) || defined(INET6) struct prison *tppr; void *op; @@ -907,6 +907,13 @@ kern_jail_set(struct thread *td, struct goto done_unlock_list; } pr = NULL; + namelc = NULL; + if (cuflags == JAIL_CREATE jid == 0 name != NULL) { + namelc = strrchr(name, '.'); + jid = strtoul(namelc != NULL ? namelc + 1 : name, p, 10); + if (*p != '\0') + jid = 0; + } if (jid != 0) { /* * See if a requested jid already exists. There is an @@ -973,17 +980,19 @@ kern_jail_set(struct thread *td, struct * because that is the jail being updated). */ if (name != NULL) { - p = strrchr(name, '.'); - if (p != NULL) { + namelc = strrchr(name, '.'); + if (namelc == NULL) + namelc = name; + else { /* * This is a hierarchical name. Split it into the * parent and child names, and make sure the parent * exists or matches an already found jail. */ - *p = '\0'; + *namelc = '\0'; if (pr != NULL) { - if (strncmp(name, ppr-pr_name, p - name) || - ppr-pr_name[p - name] != '\0') { + if (strncmp(name, ppr-pr_name, namelc - name) + || ppr-pr_name[namelc - name] != '\0') { mtx_unlock(pr-pr_mtx); error = EINVAL; vfs_opterror(opts, @@ -1000,7 +1009,7 @@ kern_jail_set(struct thread *td, struct } mtx_unlock(ppr-pr_mtx); } - name = p + 1; + name = ++namelc; } if (name[0] != '\0') { namelen = @@ -1412,9 +1421,11 @@ kern_jail_set(struct thread *td, struct /* Give a default name of the jid. */ if (name[0] == '\0') snprintf(name = numbuf, sizeof(numbuf), %d, jid); - else if (strtoul(name, p, 10) != jid *p == '\0') { + else if (*namelc == '0' || (strtoul(namelc, p, 10) != jid + *p == '\0')) { error = EINVAL; - vfs_opterror(opts, name cannot be numeric); + vfs_opterror(opts, + name cannot be numeric (unless it is the jid)); goto done_deref_locked; } /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r196989 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/xen/xenpci kern
Author: jamie Date: Tue Sep 8 19:18:02 2009 New Revision: 196989 URL: http://svn.freebsd.org/changeset/base/196989 Log: MFC r196835: Allow a jail's name to be the same as its jid (which is the default if no name is specified), and let a numeric name specify the jid for a new jail when the jid isn't otherwise set. Still disallow other numeric names. Reviewed by: zec Approved by: re (kib), bz (mentor) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/kern/kern_jail.c Modified: stable/8/sys/kern/kern_jail.c == --- stable/8/sys/kern/kern_jail.c Tue Sep 8 19:15:29 2009 (r196988) +++ stable/8/sys/kern/kern_jail.c Tue Sep 8 19:18:02 2009 (r196989) @@ -478,7 +478,7 @@ kern_jail_set(struct thread *td, struct struct vfsoptlist *opts; struct prison *pr, *deadpr, *mypr, *ppr, *tpr; struct vnode *root; - char *domain, *errmsg, *host, *name, *p, *path, *uuid; + char *domain, *errmsg, *host, *name, *namelc, *p, *path, *uuid; #if defined(INET) || defined(INET6) struct prison *tppr; void *op; @@ -907,6 +907,13 @@ kern_jail_set(struct thread *td, struct goto done_unlock_list; } pr = NULL; + namelc = NULL; + if (cuflags == JAIL_CREATE jid == 0 name != NULL) { + namelc = strrchr(name, '.'); + jid = strtoul(namelc != NULL ? namelc + 1 : name, p, 10); + if (*p != '\0') + jid = 0; + } if (jid != 0) { /* * See if a requested jid already exists. There is an @@ -973,17 +980,19 @@ kern_jail_set(struct thread *td, struct * because that is the jail being updated). */ if (name != NULL) { - p = strrchr(name, '.'); - if (p != NULL) { + namelc = strrchr(name, '.'); + if (namelc == NULL) + namelc = name; + else { /* * This is a hierarchical name. Split it into the * parent and child names, and make sure the parent * exists or matches an already found jail. */ - *p = '\0'; + *namelc = '\0'; if (pr != NULL) { - if (strncmp(name, ppr-pr_name, p - name) || - ppr-pr_name[p - name] != '\0') { + if (strncmp(name, ppr-pr_name, namelc - name) + || ppr-pr_name[namelc - name] != '\0') { mtx_unlock(pr-pr_mtx); error = EINVAL; vfs_opterror(opts, @@ -1000,7 +1009,7 @@ kern_jail_set(struct thread *td, struct } mtx_unlock(ppr-pr_mtx); } - name = p + 1; + name = ++namelc; } if (name[0] != '\0') { namelen = @@ -1412,9 +1421,11 @@ kern_jail_set(struct thread *td, struct /* Give a default name of the jid. */ if (name[0] == '\0') snprintf(name = numbuf, sizeof(numbuf), %d, jid); - else if (strtoul(name, p, 10) != jid *p == '\0') { + else if (*namelc == '0' || (strtoul(namelc, p, 10) != jid + *p == '\0')) { error = EINVAL; - vfs_opterror(opts, name cannot be numeric); + vfs_opterror(opts, + name cannot be numeric (unless it is the jid)); goto done_deref_locked; } /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r197581 - in head/sys: kern rpc/rpcsec_gss
Author: jamie Date: Mon Sep 28 18:07:16 2009 New Revision: 197581 URL: http://svn.freebsd.org/changeset/base/197581 Log: Set the prison in NFS anon and GSS SVC creds. Reviewed by: marcel MFC after:3 days Modified: head/sys/kern/vfs_export.c head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Modified: head/sys/kern/vfs_export.c == --- head/sys/kern/vfs_export.c Mon Sep 28 17:10:27 2009(r197580) +++ head/sys/kern/vfs_export.c Mon Sep 28 18:07:16 2009(r197581) @@ -40,6 +40,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/dirent.h #include sys/domain.h +#include sys/jail.h #include sys/kernel.h #include sys/lock.h #include sys/malloc.h @@ -122,6 +123,8 @@ vfs_hang_addrlist(struct mount *mp, stru np-netc_anon-cr_uid = argp-ex_anon.cr_uid; crsetgroups(np-netc_anon, argp-ex_anon.cr_ngroups, argp-ex_anon.cr_groups); + np-netc_anon-cr_prison = prison0; + prison_hold(np-netc_anon-cr_prison); np-netc_numsecflavors = argp-ex_numsecflavors; bcopy(argp-ex_secflavors, np-netc_secflavors, sizeof(np-netc_secflavors)); @@ -206,6 +209,8 @@ vfs_hang_addrlist(struct mount *mp, stru np-netc_anon-cr_uid = argp-ex_anon.cr_uid; crsetgroups(np-netc_anon, argp-ex_anon.cr_ngroups, np-netc_anon-cr_groups); + np-netc_anon-cr_prison = prison0; + prison_hold(np-netc_anon-cr_prison); np-netc_numsecflavors = argp-ex_numsecflavors; bcopy(argp-ex_secflavors, np-netc_secflavors, sizeof(np-netc_secflavors)); Modified: head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c == --- head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 17:10:27 2009 (r197580) +++ head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 18:07:16 2009 (r197581) @@ -1,6 +1,11 @@ /*- - * Copyright (c) 2008 Doug Rabson - * All rights reserved. + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * (c) UNIX System Laboratories, Inc. + * All or some portions of this file are derived from material licensed + * to the University of California by American Telephone and Telegraph + * Co. or Unix System Laboratories, Inc. and are reproduced herein with + * the permission of UNIX System Laboratories, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -10,11 +15,14 @@ * 2. Redistributions in binary form must reproduce the above copyright *notice, this list of conditions and the following disclaimer in the *documentation and/or other materials provided with the distribution. + * 4. Neither the name of the University nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) @@ -22,1465 +30,463 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - */ -/* - svc_rpcsec_gss.c - - Copyright (c) 2000 The Regents of the University of Michigan. - All rights reserved. - - Copyright (c) 2000 Dug Song dugs...@umich.edu. - All rights reserved, all wrongs reversed. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions - are met: - - 1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - 3. Neither the name of the University nor the names of its - contributors may be used to endorse or promote products derived - from this software without specific prior written permission. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR
svn commit: r197583 - head/sys/rpc/rpcsec_gss
Author: jamie Date: Mon Sep 28 18:54:26 2009 New Revision: 197583 URL: http://svn.freebsd.org/changeset/base/197583 Log: Back out r197581, which replaced this file witk sys/kern/vfs_export.c. Who knew that svn export was an actual command, or that I would have vfs_export.c stuck in my mind deep enough to type export instead of commit? Pointy Hat to: jamie Modified: head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Modified: head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c == --- head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 18:32:28 2009 (r197582) +++ head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 18:54:26 2009 (r197583) @@ -1,11 +1,6 @@ /*- - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * (c) UNIX System Laboratories, Inc. - * All or some portions of this file are derived from material licensed - * to the University of California by American Telephone and Telegraph - * Co. or Unix System Laboratories, Inc. and are reproduced herein with - * the permission of UNIX System Laboratories, Inc. + * Copyright (c) 2008 Doug Rabson + * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions @@ -15,14 +10,11 @@ * 2. Redistributions in binary form must reproduce the above copyright *notice, this list of conditions and the following disclaimer in the *documentation and/or other materials provided with the distribution. - * 4. Neither the name of the University nor the names of its contributors - *may be used to endorse or promote products derived from this software - *without specific prior written permission. * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) @@ -30,463 +22,1465 @@ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)vfs_subr.c 8.31 (Berkeley) 5/26/95 + */ +/* + svc_rpcsec_gss.c + + Copyright (c) 2000 The Regents of the University of Michigan. + All rights reserved. + + Copyright (c) 2000 Dug Song dugs...@umich.edu. + All rights reserved, all wrongs reversed. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of the University nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + $Id: svc_auth_gss.c,v 1.27 2002/01/15 15:43:00 andros Exp $ */ #include sys/cdefs.h __FBSDID($FreeBSD$); #include sys/param.h -#include sys/dirent.h -#include sys/domain.h +#include sys/systm.h #include sys/jail.h #include sys/kernel.h +#include sys/kobj.h #include sys/lock.h #include sys/malloc.h #include sys/mbuf.h -#include sys/mount.h #include sys/mutex.h -#include sys/rwlock.h -#include sys/refcount.h -#include sys/socket.h -#include sys/systm.h -#include sys/vnode.h +#include sys/proc.h +#include sys/sx.h +#include
svn commit: r197584 - head/sys/rpc/rpcsec_gss
Author: jamie Date: Mon Sep 28 18:55:29 2009 New Revision: 197584 URL: http://svn.freebsd.org/changeset/base/197584 Log: Set the prison in NFS anon and GSS SVC creds (as I indended to in r197581). Reviewed by: marcel Modified: head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Modified: head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c == --- head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 18:54:26 2009 (r197583) +++ head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cMon Sep 28 18:55:29 2009 (r197584) @@ -449,6 +449,8 @@ rpc_gss_svc_getcred(struct svc_req *req, cr-cr_uid = cr-cr_ruid = cr-cr_svuid = uc-uid; cr-cr_rgid = cr-cr_svgid = uc-gid; crsetgroups(cr, uc-gidlen, uc-gidlist); + cr-cr_prison = prison0; + prison_hold(cr-cr_prison); *crp = crhold(cr); return (TRUE); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r197581 - in head/sys: kern rpc/rpcsec_gss
Marcel Moolenaar wrote: On Sep 28, 2009, at 11:07 AM, Jamie Gritton wrote: Author: jamie Date: Mon Sep 28 18:07:16 2009 New Revision: 197581 URL: http://svn.freebsd.org/changeset/base/197581 Log: Set the prison in NFS anon and GSS SVC creds. Reviewed by:marcel MFC after:3 days Modified: head/sys/kern/vfs_export.c head/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Did you intend to change so much of svc_rpcsec_gss.c? What was wrong with the 2 line change you posted before? Big goof on my part - sorry to imply that you reviewed that :-). I meant to type svn commit kern/vfs_export.c sys/rpc/rpcsec_gss/svc_rpcsec_gss.c but typed svn export ... instead. I then saw my mistake and typed the proper commit line instead. What I didn't see was that svn export was an actual command that actually did something I didn't want done. - Jamie ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r197667 - in stable/8/sys: . amd64/include/xen cddl/contrib/opensolaris contrib/dev/acpica contrib/pf dev/xen/xenpci kern rpc/rpcsec_gss
Author: jamie Date: Thu Oct 1 13:11:45 2009 New Revision: 197667 URL: http://svn.freebsd.org/changeset/base/197667 Log: MFC r197581, r197583, r197584: Set the prison in NFS anon and GSS SVC creds. Reviewed by: marcel Approved by: re (kib) Modified: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/kern/vfs_export.c stable/8/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c Modified: stable/8/sys/kern/vfs_export.c == --- stable/8/sys/kern/vfs_export.c Thu Oct 1 13:03:17 2009 (r197666) +++ stable/8/sys/kern/vfs_export.c Thu Oct 1 13:11:45 2009 (r197667) @@ -40,6 +40,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/dirent.h #include sys/domain.h +#include sys/jail.h #include sys/kernel.h #include sys/lock.h #include sys/malloc.h @@ -122,6 +123,8 @@ vfs_hang_addrlist(struct mount *mp, stru np-netc_anon-cr_uid = argp-ex_anon.cr_uid; crsetgroups(np-netc_anon, argp-ex_anon.cr_ngroups, argp-ex_anon.cr_groups); + np-netc_anon-cr_prison = prison0; + prison_hold(np-netc_anon-cr_prison); np-netc_numsecflavors = argp-ex_numsecflavors; bcopy(argp-ex_secflavors, np-netc_secflavors, sizeof(np-netc_secflavors)); @@ -206,6 +209,8 @@ vfs_hang_addrlist(struct mount *mp, stru np-netc_anon-cr_uid = argp-ex_anon.cr_uid; crsetgroups(np-netc_anon, argp-ex_anon.cr_ngroups, np-netc_anon-cr_groups); + np-netc_anon-cr_prison = prison0; + prison_hold(np-netc_anon-cr_prison); np-netc_numsecflavors = argp-ex_numsecflavors; bcopy(argp-ex_secflavors, np-netc_secflavors, sizeof(np-netc_secflavors)); Modified: stable/8/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c == --- stable/8/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cThu Oct 1 13:03:17 2009(r197666) +++ stable/8/sys/rpc/rpcsec_gss/svc_rpcsec_gss.cThu Oct 1 13:11:45 2009(r197667) @@ -449,6 +449,8 @@ rpc_gss_svc_getcred(struct svc_req *req, cr-cr_uid = cr-cr_ruid = cr-cr_svuid = uc-uid; cr-cr_rgid = cr-cr_svgid = uc-gid; crsetgroups(cr, uc-gidlen, uc-gidlist); + cr-cr_prison = prison0; + prison_hold(cr-cr_prison); *crp = crhold(cr); return (TRUE); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r209820 - head/usr.sbin/jls
Author: jamie Date: Thu Jul 8 19:22:52 2010 New Revision: 209820 URL: http://svn.freebsd.org/changeset/base/209820 Log: Properly recognize a number followed by non-digits as a jail name. Call 0 a name because zero is used to indicate no specified jid. MFC after:3 days Modified: head/usr.sbin/jls/jls.c Modified: head/usr.sbin/jls/jls.c == --- head/usr.sbin/jls/jls.c Thu Jul 8 19:15:26 2010(r209819) +++ head/usr.sbin/jls/jls.c Thu Jul 8 19:22:52 2010(r209820) @@ -84,8 +84,10 @@ main(int argc, char **argv) break; case 'j': jid = strtoul(optarg, ep, 10); - if (!*optarg || *ep) + if (!jid || *ep) { + jid = 0; jname = optarg; + } break; case 'h': pflags = (pflags ~(PRINT_SKIP | PRINT_VERBOSE)) | ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r209899 - stable/8/usr.sbin/jls
Author: jamie Date: Sun Jul 11 15:32:20 2010 New Revision: 209899 URL: http://svn.freebsd.org/changeset/base/209899 Log: MFC r209820: Properly recognize a number followed by non-digits as a jail name. Call 0 a name because zero is used to indicate no specified jid. Modified: stable/8/usr.sbin/jls/jls.c Directory Properties: stable/8/usr.sbin/jls/ (props changed) Modified: stable/8/usr.sbin/jls/jls.c == --- stable/8/usr.sbin/jls/jls.c Sun Jul 11 12:06:42 2010(r209898) +++ stable/8/usr.sbin/jls/jls.c Sun Jul 11 15:32:20 2010(r209899) @@ -84,8 +84,10 @@ main(int argc, char **argv) break; case 'j': jid = strtoul(optarg, ep, 10); - if (!*optarg || *ep) + if (!jid || *ep) { + jid = 0; jname = optarg; + } break; case 'h': pflags = (pflags ~(PRINT_SKIP | PRINT_VERBOSE)) | ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r210133 - head/lib/libjail
Author: jamie Date: Thu Jul 15 19:21:07 2010 New Revision: 210133 URL: http://svn.freebsd.org/changeset/base/210133 Log: Don't import parameter values in jail_getv, except for the search key. Remove the internal jailparam_vlist, in favor of using variants of its logic separately in jail_setv and jail_getv. Free the temporary parameter list and exported values in jail_setv and jail_getv. Noted by: Stanislav Uzunchev MFC after:3 days Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Thu Jul 15 18:44:58 2010(r210132) +++ head/lib/libjail/jail.c Thu Jul 15 19:21:07 2010(r210133) @@ -56,7 +56,6 @@ __FBSDID($FreeBSD$); static int jailparam_import_enum(const char **values, int nvalues, const char *valstr, size_t valsize, int *value); -static int jailparam_vlist(struct jailparam **jpp, va_list ap); static int jailparam_type(struct jailparam *jp); static char *noname(const char *name); static char *nononame(const char *name); @@ -74,16 +73,31 @@ static const char *jailsys_values[] = { int jail_setv(int flags, ...) { - va_list ap; + va_list ap, tap; struct jailparam *jp; - int njp; + const char *name, *value; + int njp, jid; + /* Create the parameter list and import the parameters. */ va_start(ap, flags); - njp = jailparam_vlist(jp, ap); + va_copy(tap, ap); + for (njp = 0; va_arg(tap, char *) != NULL; njp++) + (void)va_arg(tap, char *); + va_end(tap); + jp = alloca(njp * sizeof(struct jailparam)); + for (njp = 0; (name = va_arg(ap, char *)) != NULL; njp++) { + value = va_arg(ap, char *); + if (jailparam_init(jp + njp, name) 0 || + jailparam_import(jp + njp, value) 0) { + jailparam_free(jp, njp); + va_end(ap); + return (-1); + } + } va_end(ap); - if (njp 0) - return (njp); - return (jailparam_set(jp, njp, flags)); + jid = jailparam_set(jp, njp, flags); + jailparam_free(jp, njp); + return (jid); } /* @@ -94,48 +108,85 @@ int jail_getv(int flags, ...) { va_list ap, tap; - struct jailparam *jp; - char *valarg; - const char *value; - int njp, i, jid, namekey, zero; + struct jailparam *jp, *jp_lastjid, *jp_jid, *jp_name, *jp_key; + char *valarg, *value; + const char *name, *key_value, *lastjid_value, *jid_value, *name_value; + int njp, i, jid; + /* Create the parameter list and find the key. */ va_start(ap, flags); va_copy(tap, ap); - njp = jailparam_vlist(jp, tap); + for (njp = 0; va_arg(tap, char *) != NULL; njp++) + (void)va_arg(tap, char *); va_end(tap); - if (njp 0) - return (njp); - /* -* See if the name is the search key. If so, we don't want to write -* it back in case it's a read-only string. -*/ - namekey = 1; - zero = 0; - for (i = 0; i njp; i++) { - if (!strcmp(jp-jp_name, lastjid) || - (!strcmp(jp-jp_name, jid) -memcmp(jp-jp_value, zero, sizeof(zero - namekey = 0; + + jp = alloca(njp * sizeof(struct jailparam)); + va_copy(tap, ap); + jp_lastjid = jp_jid = jp_name = NULL; + lastjid_value = jid_value = name_value = NULL; + for (njp = 0; (name = va_arg(tap, char *)) != NULL; njp++) { + value = va_arg(tap, char *); + if (jailparam_init(jp + njp, name) 0) { + va_end(tap); + goto error; + } + if (!strcmp(jp[njp].jp_name, lastjid)) { + jp_lastjid = jp + njp; + lastjid_value = value; + } else if (!strcmp(jp[njp].jp_name, jid)) { + jp_jid = jp + njp; + jid_value = value; + } if (!strcmp(jp[njp].jp_name, name)) { + jp_name = jp + njp; + name_value = value; + } } - jid = jailparam_get(jp, njp, flags); - if (jid 0) { - va_end(ap); - return (-1); + va_end(tap); + /* Import the key parameter. */ + if (jp_lastjid != NULL) { + jp_key = jp_lastjid; + key_value = lastjid_value; + } else if (jp_jid != NULL strtol(jid_value, NULL, 10) != 0) { + jp_key = jp_jid; + key_value = jid_value; + } else if (jp_name != NULL) { + jp_key = jp_name; + key_value = name_value; + } else { + strlcpy(jail_errmsg, no jail
svn commit: r210134 - head/lib/libjail
Author: jamie Date: Thu Jul 15 19:21:33 2010 New Revision: 210134 URL: http://svn.freebsd.org/changeset/base/210134 Log: Don't copy and return a potentially unset buffer when jail_get fails. Modified: head/lib/libjail/jail_getid.c Modified: head/lib/libjail/jail_getid.c == --- head/lib/libjail/jail_getid.c Thu Jul 15 19:21:07 2010 (r210133) +++ head/lib/libjail/jail_getid.c Thu Jul 15 19:21:33 2010 (r210134) @@ -94,11 +94,15 @@ jail_getname(int jid) jiov[5].iov_len = JAIL_ERRMSGLEN; jail_errmsg[0] = 0; jid = jail_get(jiov, 6, 0); - if (jid 0 !jail_errmsg[0]) - snprintf(jail_errmsg, JAIL_ERRMSGLEN, jail_get: %s, - strerror(errno)); - name = strdup(namebuf); - if (name == NULL) - strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); + if (jid 0) { + if (!jail_errmsg[0]) + snprintf(jail_errmsg, JAIL_ERRMSGLEN, jail_get: %s, + strerror(errno)); + return NULL; + } else { + name = strdup(namebuf); + if (name == NULL) + strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); + } return name; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r210251 - stable/8/lib/libjail
Author: jamie Date: Mon Jul 19 19:51:17 2010 New Revision: 210251 URL: http://svn.freebsd.org/changeset/base/210251 Log: MFC r210133: Don't import parameter values in jail_getv, except for the search key. Remove the internal jailparam_vlist, in favor of using variants of its logic separately in jail_setv and jail_getv. Free the temporary parameter list and exported values in jail_setv and jail_getv. Noted by: Stanislav Uzunchev Modified: stable/8/lib/libjail/jail.c Directory Properties: stable/8/lib/libjail/ (props changed) Modified: stable/8/lib/libjail/jail.c == --- stable/8/lib/libjail/jail.c Mon Jul 19 19:40:38 2010(r210250) +++ stable/8/lib/libjail/jail.c Mon Jul 19 19:51:17 2010(r210251) @@ -56,7 +56,6 @@ __FBSDID($FreeBSD$); static int jailparam_import_enum(const char **values, int nvalues, const char *valstr, size_t valsize, int *value); -static int jailparam_vlist(struct jailparam **jpp, va_list ap); static int jailparam_type(struct jailparam *jp); static char *noname(const char *name); static char *nononame(const char *name); @@ -74,16 +73,31 @@ static const char *jailsys_values[] = { int jail_setv(int flags, ...) { - va_list ap; + va_list ap, tap; struct jailparam *jp; - int njp; + const char *name, *value; + int njp, jid; + /* Create the parameter list and import the parameters. */ va_start(ap, flags); - njp = jailparam_vlist(jp, ap); + va_copy(tap, ap); + for (njp = 0; va_arg(tap, char *) != NULL; njp++) + (void)va_arg(tap, char *); + va_end(tap); + jp = alloca(njp * sizeof(struct jailparam)); + for (njp = 0; (name = va_arg(ap, char *)) != NULL; njp++) { + value = va_arg(ap, char *); + if (jailparam_init(jp + njp, name) 0 || + jailparam_import(jp + njp, value) 0) { + jailparam_free(jp, njp); + va_end(ap); + return (-1); + } + } va_end(ap); - if (njp 0) - return (njp); - return (jailparam_set(jp, njp, flags)); + jid = jailparam_set(jp, njp, flags); + jailparam_free(jp, njp); + return (jid); } /* @@ -94,48 +108,85 @@ int jail_getv(int flags, ...) { va_list ap, tap; - struct jailparam *jp; - char *valarg; - const char *value; - int njp, i, jid, namekey, zero; + struct jailparam *jp, *jp_lastjid, *jp_jid, *jp_name, *jp_key; + char *valarg, *value; + const char *name, *key_value, *lastjid_value, *jid_value, *name_value; + int njp, i, jid; + /* Create the parameter list and find the key. */ va_start(ap, flags); va_copy(tap, ap); - njp = jailparam_vlist(jp, tap); + for (njp = 0; va_arg(tap, char *) != NULL; njp++) + (void)va_arg(tap, char *); va_end(tap); - if (njp 0) - return (njp); - /* -* See if the name is the search key. If so, we don't want to write -* it back in case it's a read-only string. -*/ - namekey = 1; - zero = 0; - for (i = 0; i njp; i++) { - if (!strcmp(jp-jp_name, lastjid) || - (!strcmp(jp-jp_name, jid) -memcmp(jp-jp_value, zero, sizeof(zero - namekey = 0; + + jp = alloca(njp * sizeof(struct jailparam)); + va_copy(tap, ap); + jp_lastjid = jp_jid = jp_name = NULL; + lastjid_value = jid_value = name_value = NULL; + for (njp = 0; (name = va_arg(tap, char *)) != NULL; njp++) { + value = va_arg(tap, char *); + if (jailparam_init(jp + njp, name) 0) { + va_end(tap); + goto error; + } + if (!strcmp(jp[njp].jp_name, lastjid)) { + jp_lastjid = jp + njp; + lastjid_value = value; + } else if (!strcmp(jp[njp].jp_name, jid)) { + jp_jid = jp + njp; + jid_value = value; + } if (!strcmp(jp[njp].jp_name, name)) { + jp_name = jp + njp; + name_value = value; + } } - jid = jailparam_get(jp, njp, flags); - if (jid 0) { - va_end(ap); - return (-1); + va_end(tap); + /* Import the key parameter. */ + if (jp_lastjid != NULL) { + jp_key = jp_lastjid; + key_value = lastjid_value; + } else if (jp_jid != NULL strtol(jid_value, NULL, 10) != 0) { + jp_key = jp_jid; + key_value = jid_value; + } else if (jp_name != NULL) { + jp_key = jp_name; + key_value =
svn commit: r210252 - stable/8/lib/libjail
Author: jamie Date: Mon Jul 19 19:52:02 2010 New Revision: 210252 URL: http://svn.freebsd.org/changeset/base/210252 Log: MFC r210134: Don't copy and return a potentially unset buffer when jail_get fails. Modified: stable/8/lib/libjail/jail_getid.c Directory Properties: stable/8/lib/libjail/ (props changed) Modified: stable/8/lib/libjail/jail_getid.c == --- stable/8/lib/libjail/jail_getid.c Mon Jul 19 19:51:17 2010 (r210251) +++ stable/8/lib/libjail/jail_getid.c Mon Jul 19 19:52:02 2010 (r210252) @@ -94,11 +94,15 @@ jail_getname(int jid) jiov[5].iov_len = JAIL_ERRMSGLEN; jail_errmsg[0] = 0; jid = jail_get(jiov, 6, 0); - if (jid 0 !jail_errmsg[0]) - snprintf(jail_errmsg, JAIL_ERRMSGLEN, jail_get: %s, - strerror(errno)); - name = strdup(namebuf); - if (name == NULL) - strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); + if (jid 0) { + if (!jail_errmsg[0]) + snprintf(jail_errmsg, JAIL_ERRMSGLEN, jail_get: %s, + strerror(errno)); + return NULL; + } else { + name = strdup(namebuf); + if (name == NULL) + strerror_r(errno, jail_errmsg, JAIL_ERRMSGLEN); + } return name; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r192644 - head/sys/kern
Author: jamie Date: Sat May 23 16:13:26 2009 New Revision: 192644 URL: http://svn.freebsd.org/changeset/base/192644 Log: Delay an error message until the variable it uses gets initialized. Found with: Coverity Prevent(tm) CID: 4316 Reported by: trasz Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Sat May 23 16:11:36 2009(r192643) +++ head/sys/kern/kern_jail.c Sat May 23 16:13:26 2009(r192644) @@ -1196,14 +1196,6 @@ kern_jail_get(struct thread *td, struct if (flags ~JAIL_GET_MASK) return (EINVAL); - if (jailed(td-td_ucred)) { - /* -* Don't allow a jailed process to see any jails, -* not even its own. -*/ - vfs_opterror(opts, jail not found); - return (ENOENT); - } /* Get the parameter list. */ error = vfs_buildopts(optuio, opts); @@ -1211,6 +1203,12 @@ kern_jail_get(struct thread *td, struct return (error); errmsg_pos = vfs_getopt_pos(opts, errmsg); + /* Don't allow a jailed process to see any jails, not even its own. */ + if (jailed(td-td_ucred)) { + vfs_opterror(opts, jail not found); + return (ENOENT); + } + /* * Find the prison specified by one of: lastjid, jid, name. */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r192895 - in head: . lib/libc/sys sys/compat/freebsd32 sys/compat/linux sys/contrib/ipfilter/netinet sys/fs/procfs sys/kern sys/net sys/netinet sys/netinet6 sys/nfsserver sys/security/m...
Author: jamie Date: Wed May 27 14:11:23 2009 New Revision: 192895 URL: http://svn.freebsd.org/changeset/base/192895 Log: Add hierarchical jails. A jail may further virtualize its environment by creating a child jail, which is visible to that jail and to any parent jails. Child jails may be restricted more than their parents, but never less. Jail names reflect this hierarchy, being MIB-style dot-separated strings. Every thread now points to a jail, the default being prison0, which contains information about the physical system. Prison0's root directory is the same as rootvnode; its hostname is the same as the global hostname, and its securelevel replaces the global securelevel. Note that the variable securelevel has actually gone away, which should not cause any problems for code that properly uses securelevel_gt() and securelevel_ge(). Some jail-related permissions that were kept in global variables and set via sysctls are now per-jail settings. The sysctls still exist for backward compatibility, used only by the now-deprecated jail(2) system call. Approved by: bz (mentor) Modified: head/UPDATING head/lib/libc/sys/jail.2 head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/linux/linux_mib.c head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c head/sys/contrib/ipfilter/netinet/ip_nat.c head/sys/fs/procfs/procfs_status.c head/sys/kern/init_main.c head/sys/kern/kern_cpuset.c head/sys/kern/kern_descrip.c head/sys/kern/kern_exit.c head/sys/kern/kern_fork.c head/sys/kern/kern_jail.c head/sys/kern/kern_linker.c head/sys/kern/kern_mib.c head/sys/kern/kern_proc.c head/sys/kern/kern_prot.c head/sys/kern/sysv_msg.c head/sys/kern/sysv_sem.c head/sys/kern/sysv_shm.c head/sys/kern/vfs_lookup.c head/sys/kern/vfs_mount.c head/sys/kern/vfs_subr.c head/sys/kern/vfs_syscalls.c head/sys/net/rtsock.c head/sys/netinet/in_pcb.c head/sys/netinet/udp_usrreq.c head/sys/netinet6/in6.c head/sys/netinet6/in6_ifattach.c head/sys/netinet6/in6_pcb.c head/sys/nfsserver/nfs_srvsock.c head/sys/security/mac_bsdextended/mac_bsdextended.c head/sys/sys/cpuset.h head/sys/sys/jail.h head/sys/sys/param.h head/sys/sys/syscallsubr.h head/sys/sys/systm.h head/sys/ufs/ufs/ufs_vnops.c Modified: head/UPDATING == --- head/UPDATING Wed May 27 13:59:17 2009(r192894) +++ head/UPDATING Wed May 27 14:11:23 2009(r192895) @@ -22,6 +22,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. to maximize performance. (To disable malloc debugging, run ln -s aj /etc/malloc.conf.) +20090527: + Add support for hierarchical jails. Remove global securelevel. + Bump __FreeBSD_version to 800091. + 20090523: The layout of struct vnet_net has changed, therefore modules need to be rebuilt. Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Wed May 27 13:59:17 2009(r192894) +++ head/lib/libc/sys/jail.2Wed May 27 14:11:23 2009(r192895) @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd April 29, 2009 +.Dd May 27, 2009 .Dt JAIL 2 .Os .Sh NAME @@ -283,7 +283,7 @@ of the jail for the given address family It is possible to identify a process as jailed by examining .Dq Li /proc/pid/status : it will show a field near the end of the line, either as -a single hyphen for a process at large, or the hostname currently +a single hyphen for a process at large, or the name currently set for the prison for jailed processes. .Sh ERRORS The @@ -292,7 +292,10 @@ system call will fail if: .Bl -tag -width Er .It Bq Er EPERM -This process is not allowed to create a jail. +This process is not allowed to create a jail, either because it is not +the super-user, or because it is in a jail where the +.Va allow.jails +parameter is not set. .It Bq Er EFAULT .Fa jail points to an address outside the allocated address space of the process. @@ -308,7 +311,10 @@ system call will fail if: .Bl -tag -width Er .It Bq Er EPERM -This process is not allowed to create a jail. +This process is not allowed to create a jail, either because it is not +the super-user, or because it is in a jail where the +.Va allow.jails +parameter is not set. .It Bq Er EPERM A jail parameter was set to a less restrictive value then the current environment. @@ -324,6 +330,11 @@ or parameter does not exist, and the .Dv JAIL_CREATE flag is not set. +.It Bq Er ENOENT +The jail referred to by a +.Va jid +is not accessible by the process, because the process is in a different +jail. .It Bq Er EEXIST The jail referred to by a .Va jid @@ -368,6 +379,11 @@ or .Va name parameter does not exist. .It Bq Er ENOENT +The jail referred to by a +.Va jid +is not accessible by the process, because the process is in a different +jail. +.It Bq Er
svn commit: r192896 - in head: sys/sys usr.bin/killall usr.sbin/jail usr.sbin/jexec usr.sbin/jls
Author: jamie Date: Wed May 27 14:30:26 2009 New Revision: 192896 URL: http://svn.freebsd.org/changeset/base/192896 Log: Add support for the arbitrary named jail parameters used by jail_set(2) and jail_get(2). Jail(8) can now create jails using a name=value format instead of just specifying a limited set of fixed parameters; it can also modify parameters of existing jails. Jls(8) can display all parameters of jails, or a specified set of parameters. The available parameters are gathered from the kernel, and not hard-coded into these programs. Small patches on killall(1) and jexec(8) to support jail names with jail_get(2). Approved by: bz (mentor) Modified: head/sys/sys/jail.h head/usr.bin/killall/killall.1 head/usr.bin/killall/killall.c head/usr.sbin/jail/jail.8 head/usr.sbin/jail/jail.c head/usr.sbin/jexec/Makefile head/usr.sbin/jexec/jexec.8 head/usr.sbin/jexec/jexec.c head/usr.sbin/jls/Makefile head/usr.sbin/jls/jls.8 head/usr.sbin/jls/jls.c Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Wed May 27 14:11:23 2009(r192895) +++ head/sys/sys/jail.h Wed May 27 14:30:26 2009(r192896) @@ -84,19 +84,11 @@ struct xprison { struct in6_addr pr_ip6[]; #endif }; -#defineXPRISON_VERSION 3 +#defineXPRISON_VERSION 3 -static const struct prison_state { - int pr_state; - const char *state_name; -} prison_states[] = { -#definePRISON_STATE_INVALID0 - { PRISON_STATE_INVALID, INVALID }, -#definePRISON_STATE_ALIVE 1 - { PRISON_STATE_ALIVE, ALIVE }, -#definePRISON_STATE_DYING 2 - { PRISON_STATE_DYING, DYING }, -}; +#definePRISON_STATE_INVALID0 +#definePRISON_STATE_ALIVE 1 +#definePRISON_STATE_DYING 2 /* * Flags for jail_set and jail_get. Modified: head/usr.bin/killall/killall.1 == --- head/usr.bin/killall/killall.1 Wed May 27 14:11:23 2009 (r192895) +++ head/usr.bin/killall/killall.1 Wed May 27 14:30:26 2009 (r192896) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd November 9, 2007 +.Dd May 27, 2009 .Os .Dt KILLALL 1 .Sh NAME @@ -34,7 +34,7 @@ .Nm .Op Fl delmsvz .Op Fl help -.Op Fl j Ar jid +.Op Fl j Ar jail .Op Fl u Ar user .Op Fl t Ar tty .Op Fl c Ar procname @@ -91,9 +91,9 @@ The signal may be specified either as a (with or without a leading .Dq Li SIG ) , or numerically. -.It Fl j Ar jid -Kill processes in the jail specified by -.Ar jid . +.It Fl j Ar jail +Kill processes in the specified +.Ar jail . .It Fl u Ar user Limit potentially matching processes to those belonging to the specified Modified: head/usr.bin/killall/killall.c == --- head/usr.bin/killall/killall.c Wed May 27 14:11:23 2009 (r192895) +++ head/usr.bin/killall/killall.c Wed May 27 14:30:26 2009 (r192896) @@ -31,6 +31,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/jail.h #include sys/stat.h +#include sys/uio.h #include sys/user.h #include sys/sysctl.h #include fcntl.h @@ -51,7 +52,7 @@ static void __dead2 usage(void) { - fprintf(stderr, usage: killall [-delmsvz] [-help] [-j jid]\n); + fprintf(stderr, usage: killall [-delmsvz] [-help] [-j jail]\n); fprintf(stderr, [-u user] [-t tty] [-c cmd] [-SIGNAL] [cmd]...\n); fprintf(stderr, At least one option or argument to specify processes must be given.\n); @@ -100,6 +101,7 @@ nosig(char *name) int main(int ac, char **av) { + struct iovecjparams[2]; struct kinfo_proc *procs = NULL, *newprocs; struct stat sb; struct passwd *pw; @@ -159,12 +161,21 @@ main(int ac, char **av) } jflag++; if (*av == NULL) - errx(1, must specify jid); - jid = strtol(*av, ep, 10); - if (!*av || *ep) - errx(1, illegal jid: %s, *av); + errx(1, must specify jail); + jid = strtoul(*av, ep, 10); + if (!**av || *ep) { + *(const void **)jparams[0].iov_base = + name; + jparams[0].iov_len = sizeof(name); + jparams[1].iov_base = *av; + jparams[1].iov_len = strlen(*av) + 1; + jid = jail_get(jparams,
svn commit: r193065 - head/usr.sbin/jail
Author: jamie Date: Fri May 29 21:17:22 2009 New Revision: 193065 URL: http://svn.freebsd.org/changeset/base/193065 Log: Fix some inaccuracies in the extensible parameter addition. Approved by: bz (mentor) Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Fri May 29 20:45:42 2009(r193064) +++ head/usr.sbin/jail/jail.8 Fri May 29 21:17:22 2009(r193065) @@ -201,7 +201,7 @@ parameters aren't in this list, this mod the .Fl c and -.Fl o +.Fl m options don't apply (and must not exist). .Pp Jails have a set a core parameters, and modules can add their own jail @@ -298,7 +298,7 @@ A new jail must have either the parameter or .Va command pseudo-parameter set. -.It Va cpuset +.It Va cpuset.id The ID of the cpuset associated with this jail (read-only). .It Va dying This is true if the jail is in the process of shutting down (read-only). ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r193066 - in head: sys/amd64/amd64 sys/arm/arm sys/cddl/compat/opensolaris/kern sys/compat/linux sys/compat/svr4 sys/ddb sys/dev/firewire sys/dev/syscons/daemon sys/fs/cd9660 sys/fs/nfs...
Author: jamie Date: Fri May 29 21:27:12 2009 New Revision: 193066 URL: http://svn.freebsd.org/changeset/base/193066 Log: Place hostnames and similar information fully under the prison system. The system hostname is now stored in prison0, and the global variable hostname has been removed, as has the hostname_mtx mutex. Jails may have their own host information, or they may inherit it from the parent/system. The proper way to read the hostname is via getcredhostname(), which will copy either the hostname associated with the passed cred, or the system hostname if you pass NULL. The system hostname can still be accessed directly (and without locking) at prison0.pr_host, but that should be avoided where possible. The similar information referred to is domainname, hostid, and hostuuid, which have also become prison parameters and had their associated global variables removed. Approved by: bz (mentor) Modified: head/sys/amd64/amd64/dump_machdep.c head/sys/amd64/amd64/minidump_machdep.c head/sys/arm/arm/dump_machdep.c head/sys/cddl/compat/opensolaris/kern/opensolaris.c head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c head/sys/compat/linux/linux_misc.c head/sys/compat/svr4/svr4_stat.c head/sys/ddb/db_textdump.c head/sys/dev/firewire/firewire.c head/sys/dev/syscons/daemon/daemon_saver.c head/sys/fs/cd9660/cd9660_rrip.c head/sys/fs/nfs/nfsport.h head/sys/fs/nfsclient/nfs_clstate.c head/sys/fs/nfsclient/nfs_clvfsops.c head/sys/geom/vinum/geom_vinum_create.c head/sys/geom/vinum/geom_vinum_drive.c head/sys/i386/i386/dump_machdep.c head/sys/i386/i386/minidump_machdep.c head/sys/i386/ibcs2/ibcs2_socksys.c head/sys/ia64/ia64/dump_machdep.c head/sys/kern/kern_jail.c head/sys/kern/kern_mib.c head/sys/kern/kern_shutdown.c head/sys/kern/kern_xxx.c head/sys/kgssapi/gsstest.c head/sys/netinet6/icmp6.c head/sys/netinet6/in6_ifattach.c head/sys/nfsclient/bootp_subr.c head/sys/nfsclient/nfs_vfsops.c head/sys/nfsserver/nfs_srvkrpc.c head/sys/nlm/nlm_advlock.c head/sys/rpc/authunix_prot.c head/sys/sparc64/sparc64/dump_machdep.c head/sys/sun4v/sun4v/dump_machdep.c head/sys/sys/jail.h head/sys/sys/kernel.h head/sys/sys/priv.h head/sys/sys/vimage.h head/usr.sbin/jail/jail.8 Modified: head/sys/amd64/amd64/dump_machdep.c == --- head/sys/amd64/amd64/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/amd64/amd64/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID($FreeBSD$); #include sys/sysctl.h #include sys/kernel.h #include sys/kerneldump.h -#include sys/vimage.h #include vm/vm.h #include vm/pmap.h #include machine/elf.h Modified: head/sys/amd64/amd64/minidump_machdep.c == --- head/sys/amd64/amd64/minidump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/amd64/amd64/minidump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -34,7 +34,6 @@ __FBSDID($FreeBSD$); #include sys/kernel.h #include sys/kerneldump.h #include sys/msgbuf.h -#include sys/vimage.h #include vm/vm.h #include vm/pmap.h #include machine/atomic.h Modified: head/sys/arm/arm/dump_machdep.c == --- head/sys/arm/arm/dump_machdep.c Fri May 29 21:17:22 2009 (r193065) +++ head/sys/arm/arm/dump_machdep.c Fri May 29 21:27:12 2009 (r193066) @@ -35,7 +35,6 @@ __FBSDID($FreeBSD$); #include sys/kernel.h #include sys/proc.h #include sys/kerneldump.h -#include sys/vimage.h #include vm/vm.h #include vm/pmap.h #include machine/elf.h Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris.c == --- head/sys/cddl/compat/opensolaris/kern/opensolaris.c Fri May 29 21:17:22 2009(r193065) +++ head/sys/cddl/compat/opensolaris/kern/opensolaris.c Fri May 29 21:27:12 2009(r193066) @@ -31,11 +31,11 @@ #include sys/conf.h #include sys/cpuvar.h #include sys/errno.h +#include sys/jail.h #include sys/kernel.h #include sys/misc.h #include sys/module.h #include sys/mutex.h -#include sys/vimage.h cpu_core_t cpu_core[MAXCPU]; kmutex_t cpu_lock; @@ -83,7 +83,7 @@ opensolaris_modevent(module_t mod __unus switch (type) { case MOD_LOAD: - utsname.nodename = G_hostname; + utsname.nodename = prison0.pr_host; break; case MOD_UNLOAD: Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.c == --- head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.cFri May 29 21:17:22 2009(r193065) +++ head/sys/cddl/compat/opensolaris/kern/opensolaris_misc.cFri May 29
svn commit: r193865 - head/sys/kern
Author: jamie Date: Tue Jun 9 22:09:29 2009 New Revision: 193865 URL: http://svn.freebsd.org/changeset/base/193865 Log: Fix some overflow errors: a signed allocation and an insufficiant array size. Reported by: pho Tested by:pho Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Tue Jun 9 21:58:14 2009(r193864) +++ head/sys/kern/kern_jail.c Tue Jun 9 22:09:29 2009(r193865) @@ -165,7 +165,7 @@ static char *pr_allow_nonames[] = { static unsigned jail_default_allow = JAIL_DEFAULT_ALLOW; static int jail_default_enforce_statfs = 2; #if defined(INET) || defined(INET6) -static int jail_max_af_ips = 255; +static unsigned jail_max_af_ips = 255; #endif #ifdef INET @@ -273,11 +273,19 @@ jail(struct thread *td, struct jail_args int kern_jail(struct thread *td, struct jail *j) { - struct iovec optiov[24]; + struct iovec optiov[2 * (4 + + sizeof(pr_allow_names) / sizeof(pr_allow_names[0]) +#ifdef INET + + 1 +#endif +#ifdef INET6 + + 1 +#endif + )]; struct uio opt; char *u_path, *u_hostname, *u_name; #ifdef INET - int ip4s; + uint32_t ip4s; struct in_addr *u_ip4; #endif #ifdef INET6 @@ -3671,7 +3679,7 @@ SYSCTL_PROC(_security_jail, OID_AUTO, ja sysctl_jail_jailed, I, Process in jail?); #if defined(INET) || defined(INET6) -SYSCTL_INT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, +SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, jail_max_af_ips, 0, Number of IP addresses a jail may have at most per address family); #endif ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r193929 - head/usr.sbin/jail
Author: jamie Date: Wed Jun 10 15:26:35 2009 New Revision: 193929 URL: http://svn.freebsd.org/changeset/base/193929 Log: In the old-style jail command line, explicitly set parameters from the security.jail.* sysctls since jail_set(2) doesn't do it implicitly. Approved by: bz (mentor) Modified: head/usr.sbin/jail/jail.c Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Wed Jun 10 14:52:34 2009(r193928) +++ head/usr.sbin/jail/jail.c Wed Jun 10 15:26:35 2009(r193929) @@ -76,6 +76,21 @@ static void quoted_print(FILE *fp, char static void set_param(const char *name, char *value); static void usage(void); +static const char *perm_sysctl[][3] = { + { security.jail.set_hostname_allowed, + allow.noset_hostname, allow.set_hostname }, + { security.jail.sysvipc_allowed, + allow.nosysvipc, allow.sysvipc }, + { security.jail.allow_raw_sockets, + allow.noraw_sockets, allow.raw_sockets }, + { security.jail.chflags_allowed, + allow.nochflags, allow.chflags }, + { security.jail.mount_allowed, + allow.nomount, allow.mount }, + { security.jail.socket_unixiproute_only, + allow.socket_af, allow.nosocket_af }, +}; + extern char **environ; #define GET_USER_INFO do { \ @@ -101,10 +116,12 @@ main(int argc, char **argv) struct iovec rparams[2]; struct passwd *pwd = NULL; gid_t groups[NGROUPS]; - int ch, cmdarg, i, jail_set_flags, jid, ngroups; + size_t sysvallen; + int ch, cmdarg, i, jail_set_flags, jid, ngroups, sysval; int hflag, iflag, Jflag, lflag, rflag, uflag, Uflag; + unsigned pi; char *ep, *jailname, *securelevel, *username, *JidFile; - char errmsg[ERRMSG_SIZE]; + char errmsg[ERRMSG_SIZE], enforce_statfs[4]; static char *cleanenv; const char *shell, *p = NULL; FILE *fp; @@ -236,6 +253,26 @@ main(int argc, char **argv) add_ip_addr(ip4_addr, argv[2]); #endif cmdarg = 3; + /* Emulate the defaults from security.jail.* sysctls */ + sysvallen = sizeof(sysval); + if (sysctlbyname(security.jail.jailed, sysval, sysvallen, + NULL, 0) == 0 sysval == 0) { + for (pi = 0; pi sizeof(perm_sysctl) / +sizeof(perm_sysctl[0]); pi++) { + sysvallen = sizeof(sysval); + if (sysctlbyname(perm_sysctl[pi][0], + sysval, sysvallen, NULL, 0) == 0) + set_param(perm_sysctl[pi] + [sysval ? 2 : 1], NULL); + } + sysvallen = sizeof(sysval); + if (sysctlbyname(security.jail.enforce_statfs, + sysval, sysvallen, NULL, 0) == 0) { + snprintf(enforce_statfs, + sizeof(enforce_statfs), %d, sysval); + set_param(enforce_statfs, enforce_statfs); + } + } } if (ip4_addr != NULL) set_param(ip4.addr, ip4_addr); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r194012 - in head: . sys/netgraph sys/sys
Marko Zec wrote: On Thursday 11 June 2009 21:01:40 Pawel Jakub Dawidek wrote: On Thu, Jun 11, 2009 at 04:50:49PM +, Marko Zec wrote: Author: zec Date: Thu Jun 11 16:50:49 2009 New Revision: 194012 URL: http://svn.freebsd.org/changeset/base/194012 Log: Introduce a mechanism for detecting calls from outbound path of the network stack when reentering the inbound path from netgraph, and force queueing of mbufs at the outbound netgraph node. The mechanism relies on two components. First, in netgraph nodes where outbound path of the network stack calls into netgraph, the current thread has to be appropriately marked using the new NG_OUTBOUND_THREAD_REF() macro before proceeding to call further into the netgraph topology, and unmarked using the NG_OUTBOUND_THREAD_UNREF() macro before returning to the caller. Second, netgraph nodes which can potentially reenter the network stack in the inbound path have to mark their inbound hooks using NG_HOOK_SET_TO_INBOUND() macro. The netgraph framework will then detect when there is a danger of a call graph looping back from outbound to inbound path via netgraph, and defer handing off the mbufs to the inbound node to a worker thread with a clean stack. In this first pass only the most obvious netgraph nodes have been updated to ensure no outbound to inbound calls can occur. Nodes such as ng_ipfw, ng_gif etc. should be further examined whether a potential for outbound to inbound call looping exists. This commit changes the layout of struct thread, but due to __FreeBSD_version number shortage a version bump has been omitted at this time, nevertheless kernel and modules have to be rebuilt. Are you sure Marko that you can't use sys/sys/osd.h instead of adding yet another field to the thread structure? Netgraph is optional component and optional components could take advantage of allocating stuff they need dynamically. The OSD (Object-Specific Data) KPI is designed for use by optional components - you can add your data to a thread, you can get it when you want and OSD will call your callback when thread dies, so you can clean up. Maybe you can't, but it's worth checking. Hmm how much locking overhead do osd_set() / osd_get() methods introduce? We have to bump the refcount on each entry to netgraph, and then check it potentially on each hop to next ng node, and finally drop the refcount when done with the function call into netgraph. Accessing td_ng_outbound directly via curthread is as cheap as it gets performancewise as it requires no locking whatsoever... Very little, especially for threads. They lock an rmlock for reading (even for osd_set), one that's essentially never locked for writing. The assumption is that you're operating on curthread (which is the case here) that doesn't need any other synchronization. The first time you set something on a thread it'll take a malloc; after that set and get are simple array lookups with the aforementioned rmlock. The only problem with OSD in its current state is it's possible for osd_set to fail because it uses malloc(M_NOWAIT). But I plan on fixing that at some point anyway. Cheers, Marko PS. Currently OSD works for threads and jails, but it is ready to be extended to work with other object types, eg. vnodes, ifnets, etc. Even if you can't use it in this particular case, keep it in mind, as it might be useful for other vimage-related stuff. Modified: head/sys/sys/proc.h = = --- head/sys/sys/proc.h Thu Jun 11 16:48:59 2009(r194011) +++ head/sys/sys/proc.h Thu Jun 11 16:50:49 2009(r194012) @@ -235,6 +235,7 @@ struct thread { chartd_name[MAXCOMLEN + 1]; /* (*) Thread name. */ struct file *td_fpop; /* (k) file referencing cdev under op */ int td_dbgflags;/* (c) Userland debugger flags */ + int td_ng_outbound; /* (k) Thread entered ng from above. */ struct osd td_osd; /* (k) Object specific data. */ #definetd_endzero td_base_pri ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194090 - in head/sys: compat/linux compat/svr4 kern sys
Author: jamie Date: Sat Jun 13 00:12:02 2009 New Revision: 194090 URL: http://svn.freebsd.org/changeset/base/194090 Log: Add counterparts to getcredhostname: getcreddomainname, getcredhostuuid, getcredhostid Suggested by: rmacklem Approved by: bz Modified: head/sys/compat/linux/linux_misc.c head/sys/compat/svr4/svr4_stat.c head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/compat/linux/linux_misc.c == --- head/sys/compat/linux/linux_misc.c Sat Jun 13 00:06:52 2009 (r194089) +++ head/sys/compat/linux/linux_misc.c Sat Jun 13 00:12:02 2009 (r194090) @@ -716,7 +716,6 @@ linux_newuname(struct thread *td, struct struct l_new_utsname utsname; char osname[LINUX_MAX_UTSNAME]; char osrelease[LINUX_MAX_UTSNAME]; - struct prison *pr; char *p; #ifdef DEBUG @@ -730,6 +729,7 @@ linux_newuname(struct thread *td, struct bzero(utsname, sizeof(utsname)); strlcpy(utsname.sysname, osname, LINUX_MAX_UTSNAME); getcredhostname(td-td_ucred, utsname.nodename, LINUX_MAX_UTSNAME); + getcreddomainname(td-td_ucred, utsname.domainname, LINUX_MAX_UTSNAME); strlcpy(utsname.release, osrelease, LINUX_MAX_UTSNAME); strlcpy(utsname.version, version, LINUX_MAX_UTSNAME); for (p = utsname.version; *p != '\0'; ++p) @@ -739,11 +739,6 @@ linux_newuname(struct thread *td, struct } strlcpy(utsname.machine, linux_platform, LINUX_MAX_UTSNAME); - pr = td-td_ucred-cr_prison; - mtx_lock(pr-pr_mtx); - strlcpy(utsname.domainname, pr-pr_domain, LINUX_MAX_UTSNAME); - mtx_unlock(pr-pr_mtx); - return (copyout(utsname, args-buf, sizeof(utsname))); } Modified: head/sys/compat/svr4/svr4_stat.c == --- head/sys/compat/svr4/svr4_stat.cSat Jun 13 00:06:52 2009 (r194089) +++ head/sys/compat/svr4/svr4_stat.cSat Jun 13 00:12:02 2009 (r194090) @@ -411,10 +411,10 @@ svr4_sys_systeminfo(td, uap) struct thread *td; struct svr4_sys_systeminfo_args *uap; { - struct prison *pr; char*str = NULL; int error = 0; register_t *retval = td-td_retval; + u_long hostid; size_t len = 0; charbuf[MAXHOSTNAMELEN]; u_int rlen = uap-len; @@ -458,10 +458,8 @@ svr4_sys_systeminfo(td, uap) break; case SVR4_SI_HW_SERIAL: - pr = td-td_ucred-cr_prison; - mtx_lock(pr-pr_mtx); - snprintf(buf, sizeof(buf), %lu, pr-pr_hostid); - mtx_unlock(pr-pr_mtx); + getcredhostid(td-td_ucred, hostid); + snprintf(buf, sizeof(buf), %lu, hostid); str = buf; break; @@ -470,10 +468,7 @@ svr4_sys_systeminfo(td, uap) break; case SVR4_SI_SRPC_DOMAIN: - pr = td-td_ucred-cr_prison; - mtx_lock(pr-pr_mtx); - strlcpy(buf, pr-pr_domain, sizeof(buf)); - mtx_unlock(pr-pr_mtx); + getcreddomainname(td-td_ucred, buf, sizeof(buf)); str = buf; break; Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Sat Jun 13 00:06:52 2009(r194089) +++ head/sys/kern/kern_jail.c Sat Jun 13 00:12:02 2009(r194090) @@ -3207,19 +3207,50 @@ jailed(struct ucred *cred) } /* - * Return the correct hostname for the passed credential. + * Return the correct hostname (domainname, et al) for the passed credential. */ void getcredhostname(struct ucred *cred, char *buf, size_t size) { struct prison *pr; + /* +* A NULL credential can be used to shortcut to the physical +* system's hostname. +*/ pr = (cred != NULL) ? cred-cr_prison : prison0; mtx_lock(pr-pr_mtx); strlcpy(buf, pr-pr_host, size); mtx_unlock(pr-pr_mtx); } +void +getcreddomainname(struct ucred *cred, char *buf, size_t size) +{ + + mtx_lock(cred-cr_prison-pr_mtx); + strlcpy(buf, cred-cr_prison-pr_domain, size); + mtx_unlock(cred-cr_prison-pr_mtx); +} + +void +getcredhostuuid(struct ucred *cred, char *buf, size_t size) +{ + + mtx_lock(cred-cr_prison-pr_mtx); + strlcpy(buf, cred-cr_prison-pr_uuid, size); + mtx_unlock(cred-cr_prison-pr_mtx); +} + +void +getcredhostid(struct ucred *cred, unsigned long *hostid) +{ + + mtx_lock(cred-cr_prison-pr_mtx); + *hostid = cred-cr_prison-pr_hostid; + mtx_unlock(cred-cr_prison-pr_mtx); +} + /* * Determine whether the subject represented by cred can see * status of a mount point. Modified: head/sys/sys/jail.h
svn commit: r194117 - head/sys/fs/nfsclient
Author: jamie Date: Sat Jun 13 15:35:22 2009 New Revision: 194117 URL: http://svn.freebsd.org/changeset/base/194117 Log: Use getcredhostuuid instead of accessing the prison directly. Approved by: bz (mentor) Modified: head/sys/fs/nfsclient/nfs_clstate.c Modified: head/sys/fs/nfsclient/nfs_clstate.c == --- head/sys/fs/nfsclient/nfs_clstate.c Sat Jun 13 15:00:29 2009 (r194116) +++ head/sys/fs/nfsclient/nfs_clstate.c Sat Jun 13 15:35:22 2009 (r194117) @@ -676,16 +676,12 @@ nfscl_getcl(vnode_t vp, struct ucred *cr struct nfsclclient *newclp = NULL; struct nfscllockowner *lp, *nlp; struct nfsmount *nmp = VFSTONFS(vnode_mount(vp)); - struct prison *pr; char uuid[HOSTUUIDLEN]; int igotlock = 0, error, trystalecnt, clidinusedelay, i; u_int16_t idlen = 0; if (cred != NULL) { - pr = cred-cr_prison; - mtx_lock(pr-pr_mtx); - strlcpy(uuid, pr-pr_uuid, sizeof uuid); - mtx_unlock(pr-pr_mtx); + getcredhostuuid(cred, uuid, sizeof uuid); idlen = strlen(uuid); if (idlen 0) idlen += sizeof (u_int64_t); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r194118 - in head/sys: cddl/compat/opensolaris/kern cddl/contrib/opensolaris/uts/common/fs/zfs dev/firewire dev/syscons/daemon fs/nfsclient kern netinet6 nfsclient nlm sys
Author: jamie Date: Sat Jun 13 15:39:12 2009 New Revision: 194118 URL: http://svn.freebsd.org/changeset/base/194118 Log: Rename the host-related prison fields to be the same as the host.* parameters they represent, and the variables they replaced, instead of abbreviated versions of them. Approved by: bz (mentor) Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris.c head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa_history.c head/sys/dev/firewire/firewire.c head/sys/dev/syscons/daemon/daemon_saver.c head/sys/fs/nfsclient/nfs_clvfsops.c head/sys/kern/kern_jail.c head/sys/kern/kern_mib.c head/sys/kern/kern_shutdown.c head/sys/netinet6/icmp6.c head/sys/netinet6/in6_ifattach.c head/sys/nfsclient/bootp_subr.c head/sys/nfsclient/nfs_vfsops.c head/sys/nlm/nlm_advlock.c head/sys/sys/jail.h Modified: head/sys/cddl/compat/opensolaris/kern/opensolaris.c == --- head/sys/cddl/compat/opensolaris/kern/opensolaris.c Sat Jun 13 15:35:22 2009(r194117) +++ head/sys/cddl/compat/opensolaris/kern/opensolaris.c Sat Jun 13 15:39:12 2009(r194118) @@ -83,7 +83,7 @@ opensolaris_modevent(module_t mod __unus switch (type) { case MOD_LOAD: - utsname.nodename = prison0.pr_host; + utsname.nodename = prison0.pr_hostname; break; case MOD_UNLOAD: Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa_history.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa_history.c Sat Jun 13 15:35:22 2009(r194117) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/spa_history.c Sat Jun 13 15:39:12 2009(r194118) @@ -179,9 +179,9 @@ static char * spa_history_zone() { #ifdef _KERNEL - /* XXX: pr_host can be changed by default from within a jail! */ + /* XXX: pr_hostname can be changed by default from within a jail! */ if (jailed(curthread-td_ucred)) - return (curthread-td_ucred-cr_prison-pr_host); + return (curthread-td_ucred-cr_prison-pr_hostname); #endif return (global); } Modified: head/sys/dev/firewire/firewire.c == --- head/sys/dev/firewire/firewire.cSat Jun 13 15:35:22 2009 (r194117) +++ head/sys/dev/firewire/firewire.cSat Jun 13 15:39:12 2009 (r194118) @@ -724,7 +724,7 @@ fw_reset_crom(struct firewire_comm *fc) crom_add_entry(root, CSRKEY_HW, __FreeBSD_version); #endif mtx_lock(prison0.pr_mtx); - crom_add_simple_text(src, root, buf-hw, prison0.pr_host); + crom_add_simple_text(src, root, buf-hw, prison0.pr_hostname); mtx_unlock(prison0.pr_mtx); } Modified: head/sys/dev/syscons/daemon/daemon_saver.c == --- head/sys/dev/syscons/daemon/daemon_saver.c Sat Jun 13 15:35:22 2009 (r194117) +++ head/sys/dev/syscons/daemon/daemon_saver.c Sat Jun 13 15:39:12 2009 (r194118) @@ -353,10 +353,10 @@ daemon_init(video_adapter_t *adp) { mtx_lock(prison0.pr_mtx); - messagelen = strlen(prison0.pr_host) + 3 + strlen(ostype) + 1 + + messagelen = strlen(prison0.pr_hostname) + 3 + strlen(ostype) + 1 + strlen(osrelease); message = malloc(messagelen + 1, M_DEVBUF, M_WAITOK); - sprintf(message, %s - %s %s, prison0.pr_host, ostype, osrelease); + sprintf(message, %s - %s %s, prison0.pr_hostname, ostype, osrelease); mtx_unlock(prison0.pr_mtx); blanked = 0; switch (adp-va_mode) { Modified: head/sys/fs/nfsclient/nfs_clvfsops.c == --- head/sys/fs/nfsclient/nfs_clvfsops.cSat Jun 13 15:35:22 2009 (r194117) +++ head/sys/fs/nfsclient/nfs_clvfsops.cSat Jun 13 15:39:12 2009 (r194118) @@ -478,7 +478,8 @@ ncl_mountroot(struct mount *mp) * mount the right /var based upon its preset value. */ mtx_lock(prison0.pr_mtx); - strlcpy(prison0.pr_host, nd-my_hostnam, sizeof(prison0.pr_host)); + strlcpy(prison0.pr_hostname, nd-my_hostnam, + sizeof(prison0.pr_hostname)); mtx_unlock(prison0.pr_mtx); inittodr(ntohl(nd-root_time)); return (0); Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Sat Jun 13 15:35:22 2009(r194117) +++ head/sys/kern/kern_jail.c Sat Jun 13 15:39:12 2009(r194118) @@ -80,7 +80,7 @@ struct prison prison0 = { .pr_uref= 1, .pr_path= /, .pr_securelevel = -1, - .pr_uuid= ----, +
svn commit: r194251 - in head/sys: kern net sys
Author: jamie Date: Mon Jun 15 18:59:29 2009 New Revision: 194251 URL: http://svn.freebsd.org/changeset/base/194251 Log: Manage vnets via the jail system. If a jail is given the boolean parameter vnet when it is created, a new vnet instance will be created along with the jail. Networks interfaces can be moved between prisons with an ioctl similar to the one that moves them between vimages. For now vnets will co-exist under both jails and vimages, but soon struct vimage will be going away. Reviewed by: zec, julian Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c head/sys/kern/kern_vimage.c head/sys/net/if.c head/sys/net/if.h head/sys/sys/jail.h head/sys/sys/priv.h head/sys/sys/sockio.h head/sys/sys/vimage.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Mon Jun 15 18:49:06 2009(r194250) +++ head/sys/kern/kern_jail.c Mon Jun 15 18:59:29 2009(r194251) @@ -126,6 +126,9 @@ static char *pr_flag_names[] = { #ifdef INET6 [3] = ip6, #endif +#ifdef VIMAGE + [4] = vnet, +#endif }; static char *pr_flag_nonames[] = { @@ -137,6 +140,9 @@ static char *pr_flag_nonames[] = { #ifdef INET6 [3] = noip6, #endif +#ifdef VIMAGE + [4] = novnet, +#endif }; static char *pr_allow_names[] = { @@ -561,6 +567,13 @@ kern_jail_set(struct thread *td, struct vfs_opterror(opts, new jail must persist or attach); goto done_errmsg; } +#ifdef VIMAGE + if ((flags JAIL_UPDATE) (ch_flags PR_VNET)) { + error = EINVAL; + vfs_opterror(opts, vnet cannot be changed after creation); + goto done_errmsg; + } +#endif pr_allow = ch_allow = 0; for (fi = 0; fi sizeof(pr_allow_names) / sizeof(pr_allow_names[0]); @@ -1113,6 +1126,11 @@ kern_jail_set(struct thread *td, struct LIST_INIT(pr-pr_children); mtx_init(pr-pr_mtx, jail mutex, NULL, MTX_DEF | MTX_DUPOK); +#ifdef VIMAGE + /* Allocate a new vnet if specified. */ + pr-pr_vnet = (pr_flags PR_VNET) + ? vnet_alloc() : ppr-pr_vnet; +#endif /* * Allocate a dedicated cpuset for each jail. * Unlike other initial settings, this may return an erorr. @@ -2410,6 +2428,10 @@ prison_deref(struct prison *pr, int flag tpr-pr_prisoncount--; sx_downgrade(allprison_lock); +#ifdef VIMAGE + if (pr-pr_flags PR_VNET) + vnet_destroy(pr-pr_vnet); +#endif if (pr-pr_root != NULL) { vfslocked = VFS_LOCK_GIANT(pr-pr_root-v_mount); vrele(pr-pr_root); @@ -3849,6 +3871,10 @@ SYSCTL_JAIL_PARAM(, enforce_statfs, CTLT I, Jail cannot see all mounted file systems); SYSCTL_JAIL_PARAM(, persist, CTLTYPE_INT | CTLFLAG_RW, B, Jail persistence); +#ifdef VIMAGE +SYSCTL_JAIL_PARAM(, vnet, CTLTYPE_INT | CTLFLAG_RDTUN, +B, Virtual network stack); +#endif SYSCTL_JAIL_PARAM(, dying, CTLTYPE_INT | CTLFLAG_RD, B, Jail is in the process of shutting down); @@ -3923,6 +3949,9 @@ db_show_prison(struct prison *pr) db_printf( path= %s\n, pr-pr_path); db_printf( cpuset = %d\n, pr-pr_cpuset ? pr-pr_cpuset-cs_id : -1); +#ifdef VIMAGE + db_printf( vnet= %p\n, pr-pr_vnet); +#endif db_printf( root= %p\n, pr-pr_root); db_printf( securelevel = %d\n, pr-pr_securelevel); db_printf( child = %p\n, LIST_FIRST(pr-pr_children)); Modified: head/sys/kern/kern_vimage.c == --- head/sys/kern/kern_vimage.c Mon Jun 15 18:49:06 2009(r194250) +++ head/sys/kern/kern_vimage.c Mon Jun 15 18:59:29 2009(r194251) @@ -34,6 +34,7 @@ __FBSDID($FreeBSD$); #include opt_ddb.h #include sys/param.h +#include sys/jail.h #include sys/kernel.h #include sys/linker.h #include sys/lock.h @@ -96,7 +97,6 @@ struct mtx vnet_list_refc_mtx; int vnet_list_refc = 0; static u_int last_vi_id = 0; -static u_int last_vnet_id = 0; static u_int last_vprocg_id = 0; struct vnet *vnet0; @@ -105,69 +105,90 @@ struct vnet *vnet0; #ifdef VIMAGE /* - * Interim userspace interface - will be replaced by jail soon. - */ - -/* - * Move an ifnet to another vnet. The ifnet can be specified either - * by ifp argument, or by name contained in vi_req-vi_if_xname if NULL is - * passed as ifp. The target vnet can be specified either by vnet - * argument or by name. If vnet name equals to .. or vi_req is set to - * NULL the interface is moved to the parent vnet. + * Move an ifnet to or from another vnet, specified by the jail id. If a + * vi_req is passed in, it is used to find the interface
svn commit: r194252 - in head/sys: compat/linprocfs compat/linux kern net netinet sys
Author: jamie Date: Mon Jun 15 19:01:53 2009 New Revision: 194252 URL: http://svn.freebsd.org/changeset/base/194252 Log: Get vnets from creds instead of threads where they're available, and from passed threads instead of curthread. Reviewed by: zec, julian Approved by: bz (mentor) Modified: head/sys/compat/linprocfs/linprocfs.c head/sys/compat/linux/linux_ioctl.c head/sys/kern/kern_sysctl.c head/sys/kern/uipc_socket.c head/sys/net/if_tun.c head/sys/netinet/tcp_subr.c head/sys/sys/sysctl.h Modified: head/sys/compat/linprocfs/linprocfs.c == --- head/sys/compat/linprocfs/linprocfs.c Mon Jun 15 18:59:29 2009 (r194251) +++ head/sys/compat/linprocfs/linprocfs.c Mon Jun 15 19:01:53 2009 (r194252) @@ -1079,7 +1079,7 @@ linprocfs_doprocmaps(PFS_FILL_ARGS) static int linprocfs_donetdev(PFS_FILL_ARGS) { - INIT_VNET_NET(TD_TO_VNET(curthread)); + INIT_VNET_NET(TD_TO_VNET(td)); char ifname[16]; /* XXX LINUX_IFNAMSIZ */ struct ifnet *ifp; Modified: head/sys/compat/linux/linux_ioctl.c == --- head/sys/compat/linux/linux_ioctl.c Mon Jun 15 18:59:29 2009 (r194251) +++ head/sys/compat/linux/linux_ioctl.c Mon Jun 15 19:01:53 2009 (r194252) @@ -2091,9 +2091,9 @@ linux_ifname(struct ifnet *ifp, char *bu */ static struct ifnet * -ifname_linux_to_bsd(const char *lxname, char *bsdname) +ifname_linux_to_bsd(struct thread *td, const char *lxname, char *bsdname) { - INIT_VNET_NET(TD_TO_VNET(curthread)); + INIT_VNET_NET(TD_TO_VNET(td)); struct ifnet *ifp; int len, unit; char *ep; @@ -2379,7 +2379,7 @@ linux_ioctl_socket(struct thread *td, st printf(%s(): ioctl %d on %.*s\n, __func__, args-cmd 0x, LINUX_IFNAMSIZ, lifname); #endif - ifp = ifname_linux_to_bsd(lifname, ifname); + ifp = ifname_linux_to_bsd(td, lifname, ifname); if (ifp == NULL) return (EINVAL); /* Modified: head/sys/kern/kern_sysctl.c == --- head/sys/kern/kern_sysctl.c Mon Jun 15 18:59:29 2009(r194251) +++ head/sys/kern/kern_sysctl.c Mon Jun 15 19:01:53 2009(r194252) @@ -1599,7 +1599,7 @@ userland_sysctl(struct thread *td, int * sx_xlock(sysctlmemlock); } else memlocked = 0; - CURVNET_SET(TD_TO_VNET(curthread)); + CURVNET_SET(TD_TO_VNET(td)); for (;;) { req.oldidx = 0; Modified: head/sys/kern/uipc_socket.c == --- head/sys/kern/uipc_socket.c Mon Jun 15 18:59:29 2009(r194251) +++ head/sys/kern/uipc_socket.c Mon Jun 15 19:01:53 2009(r194252) @@ -359,7 +359,7 @@ socreate(int dom, struct socket **aso, i if (prp-pr_type != type) return (EPROTOTYPE); - so = soalloc(TD_TO_VNET(td)); + so = soalloc(CRED_TO_VNET(cred)); if (so == NULL) return (ENOBUFS); Modified: head/sys/net/if_tun.c == --- head/sys/net/if_tun.c Mon Jun 15 18:59:29 2009(r194251) +++ head/sys/net/if_tun.c Mon Jun 15 19:01:53 2009(r194252) @@ -226,7 +226,7 @@ tunclone(void *arg, struct ucred *cred, else append_unit = 0; - CURVNET_SET(TD_TO_VNET(curthread)); + CURVNET_SET(CRED_TO_VNET(cred)); /* find any existing device, or allocate new unit number */ i = clone_create(tunclones, tun_cdevsw, u, dev, 0); if (i) { Modified: head/sys/netinet/tcp_subr.c == --- head/sys/netinet/tcp_subr.c Mon Jun 15 18:59:29 2009(r194251) +++ head/sys/netinet/tcp_subr.c Mon Jun 15 19:01:53 2009(r194252) @@ -131,7 +131,7 @@ static int tcp_inflight_stab; static int sysctl_net_inet_tcp_mss_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); + INIT_VNET_INET(TD_TO_VNET(req-td)); int error, new; new = V_tcp_mssdflt; @@ -154,7 +154,7 @@ SYSCTL_V_PROC(V_NET, vnet_inet, _net_ine static int sysctl_net_inet_tcp_mss_v6_check(SYSCTL_HANDLER_ARGS) { - INIT_VNET_INET(curvnet); + INIT_VNET_INET(TD_TO_VNET(req-td)); int error, new; new = V_tcp_v6mssdflt; Modified: head/sys/sys/sysctl.h == --- head/sys/sys/sysctl.h Mon Jun 15 18:59:29 2009(r194251) +++ head/sys/sys/sysctl.h Mon Jun 15 19:01:53 2009(r194252) @@ -456,7 +456,7 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_e
Re: svn commit: r194251 - in head/sys: kern net sys
Julian Elischer wrote: Jamie Gritton wrote: Author: jamie Date: Mon Jun 15 18:59:29 2009 New Revision: 194251 URL: http://svn.freebsd.org/changeset/base/194251 Log: Manage vnets via the jail system. If a jail is given the boolean parameter vnet when it is created, a new vnet instance will be created along with the jail. Networks interfaces can be moved between prisons with an ioctl similar to the one that moves them between vimages. For now vnets will co-exist under both jails and vimages, but soon struct vimage will be going away. Reviewed by:zec, julian Approved by:bz (mentor) Modified: head/sys/kern/kern_jail.c head/sys/kern/kern_vimage.c head/sys/net/if.c head/sys/net/if.h head/sys/sys/jail.h head/sys/sys/priv.h head/sys/sys/sockio.h head/sys/sys/vimage.h the ioctl will be in ifcofig right? ifconfig em0 jail {Jail-ID} ?? Right. Perhaps jail and unjail. Some pair to move an interface into a vnetted jail and to reclaim it from one. - Jamie ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r194251 - in head/sys: kern net sys
Julian Elischer wrote: Jamie Gritton wrote: Julian Elischer wrote: the ioctl will be in ifconfig right? ifconfig em0 jail {Jail-ID} ?? Right. Perhaps jail and unjail. Some pair to move an interface into a vnetted jail and to reclaim it from one. - Jamie interesting.. I hadn't thought about unjail (just assumed it went back to parent when jail dies). It does. But there's also an allowance for it going back before then. Vimage has the ability to give the interface back to the parent, which is the same thing from a different direction. - Jamie ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r190318 - in stable/7: sbin/ifconfig sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/net
Author: jamie Date: Mon Mar 23 12:07:29 2009 New Revision: 190318 URL: http://svn.freebsd.org/changeset/base/190318 Log: MFC: r189864: Default to AF_LOCAL instead of AF_INET sockets for non-family-specific operations. This allows the query operations to work in non-IPv4 jails, and will be necessary in a future of possible non-INET networking. (reprise r189970) r190151: Call the interface's if_ioctl from ifioctl(), if the protocol didn't handle the ioctl. There are other paths that already call it, but this allows for a non-interface socket (like AF_LOCAL which ifconfig now uses) to use a broader class of interface ioctls. Approved by: bz (mentor) Modified: stable/7/sbin/ifconfig/ (props changed) stable/7/sbin/ifconfig/ifclone.c stable/7/sbin/ifconfig/ifconfig.c stable/7/sbin/ifconfig/ifgroup.c stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/net/if.c Modified: stable/7/sbin/ifconfig/ifclone.c == --- stable/7/sbin/ifconfig/ifclone.cMon Mar 23 11:07:34 2009 (r190317) +++ stable/7/sbin/ifconfig/ifclone.cMon Mar 23 12:07:29 2009 (r190318) @@ -53,9 +53,9 @@ list_cloners(void) int idx; int s; - s = socket(AF_INET, SOCK_DGRAM, 0); + s = socket(AF_LOCAL, SOCK_DGRAM, 0); if (s == -1) - err(1, socket(AF_INET,SOCK_DGRAM)); + err(1, socket(AF_LOCAL,SOCK_DGRAM)); memset(ifcr, 0, sizeof(ifcr)); Modified: stable/7/sbin/ifconfig/ifconfig.c == --- stable/7/sbin/ifconfig/ifconfig.c Mon Mar 23 11:07:34 2009 (r190317) +++ stable/7/sbin/ifconfig/ifconfig.c Mon Mar 23 12:07:29 2009 (r190318) @@ -434,21 +434,22 @@ static const struct cmd setifdstaddr_cmd DEF_CMD(ifdstaddr, 0, setifdstaddr); static int -ifconfig(int argc, char *const *argv, int iscreate, const struct afswtch *afp) +ifconfig(int argc, char *const *argv, int iscreate, const struct afswtch *uafp) { - const struct afswtch *nafp; + const struct afswtch *afp, *nafp; struct callback *cb; int s; strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name); + afp = uafp != NULL ? uafp : af_getbyname(inet); top: - if (afp == NULL) - afp = af_getbyname(inet); ifr.ifr_addr.sa_family = afp-af_af == AF_LINK || afp-af_af == AF_UNSPEC ? - AF_INET : afp-af_af; + AF_LOCAL : afp-af_af; - if ((s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0)) 0) + if ((s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0)) 0 + (uafp != NULL || errno != EPROTONOSUPPORT || +(s = socket(AF_LOCAL, SOCK_DGRAM, 0)) 0)) err(1, socket(family %u,SOCK_DGRAM, ifr.ifr_addr.sa_family); while (argc 0) { @@ -792,11 +793,12 @@ status(const struct afswtch *afp, const if (afp == NULL) { allfamilies = 1; - afp = af_getbyname(inet); - } else + ifr.ifr_addr.sa_family = AF_LOCAL; + } else { allfamilies = 0; - - ifr.ifr_addr.sa_family = afp-af_af == AF_LINK ? AF_INET : afp-af_af; + ifr.ifr_addr.sa_family = + afp-af_af == AF_LINK ? AF_LOCAL : afp-af_af; + } strncpy(ifr.ifr_name, name, sizeof(ifr.ifr_name)); s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0); Modified: stable/7/sbin/ifconfig/ifgroup.c == --- stable/7/sbin/ifconfig/ifgroup.cMon Mar 23 11:07:34 2009 (r190317) +++ stable/7/sbin/ifconfig/ifgroup.cMon Mar 23 12:07:29 2009 (r190318) @@ -131,9 +131,9 @@ printgroup(const char *groupname) int len, cnt = 0; int s; - s = socket(AF_INET, SOCK_DGRAM, 0); + s = socket(AF_LOCAL, SOCK_DGRAM, 0); if (s == -1) - err(1, socket(AF_INET,SOCK_DGRAM)); + err(1, socket(AF_LOCAL,SOCK_DGRAM)); bzero(ifgr, sizeof(ifgr)); strlcpy(ifgr.ifgr_name, groupname, sizeof(ifgr.ifgr_name)); if (ioctl(s, SIOCGIFGMEMB, (caddr_t)ifgr) == -1) { Modified: stable/7/sys/net/if.c == --- stable/7/sys/net/if.c Mon Mar 23 11:07:34 2009(r190317) +++ stable/7/sys/net/if.c Mon Mar 23 12:07:29 2009(r190318) @@ -1968,6 +1968,8 @@ ifioctl(struct socket *so, u_long cmd, c error = ((*so-so_proto-pr_usrreqs-pru_control)(so, cmd, data,
svn commit: r190466 - in head/sys: compat/freebsd32 kern sys
Author: jamie Date: Fri Mar 27 13:13:59 2009 New Revision: 190466 URL: http://svn.freebsd.org/changeset/base/190466 Log: Whitespace/spelling fixes in advance of upcoming functional changes. Approved by: bz (mentor) Modified: head/sys/compat/freebsd32/freebsd32_misc.c head/sys/kern/kern_jail.c head/sys/sys/jail.h Modified: head/sys/compat/freebsd32/freebsd32_misc.c == --- head/sys/compat/freebsd32/freebsd32_misc.c Fri Mar 27 13:05:29 2009 (r190465) +++ head/sys/compat/freebsd32/freebsd32_misc.c Fri Mar 27 13:13:59 2009 (r190466) @@ -2043,8 +2043,9 @@ freebsd32_jail(struct thread *td, struct error = copyin(uap-jail, version, sizeof(uint32_t)); if (error) return (error); + switch (version) { - case 0: + case 0: { /* FreeBSD single IPv4 jails. */ struct jail32_v0 j32_v0; Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Fri Mar 27 13:05:29 2009(r190465) +++ head/sys/kern/kern_jail.c Fri Mar 27 13:13:59 2009(r190466) @@ -2,7 +2,7 @@ * Copyright (c) 1999 Poul-Henning Kamp. * Copyright (c) 2008 Bjoern A. Zeeb. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -119,14 +119,14 @@ structsx allprison_lock; intlastprid = 0; intprisoncount = 0; -static void init_prison(void *); -static void prison_complete(void *context, int pending); -static int sysctl_jail_list(SYSCTL_HANDLER_ARGS); +static void init_prison(void *); +static void prison_complete(void *context, int pending); +static int sysctl_jail_list(SYSCTL_HANDLER_ARGS); #ifdef INET -static int _prison_check_ip4(struct prison *, struct in_addr *); +static int _prison_check_ip4(struct prison *pr, struct in_addr *ia); #endif #ifdef INET6 -static int _prison_check_ip6(struct prison *, struct in6_addr *); +static int _prison_check_ip6(struct prison *pr, struct in6_addr *ia6); #endif static void @@ -177,7 +177,7 @@ qcmp_v6(const void *ip1, const void *ip2 ia6b = (const struct in6_addr *)ip2; rc = 0; - for (i=0; rc == 0 i sizeof(struct in6_addr); i++) { + for (i = 0; rc == 0 i sizeof(struct in6_addr); i++) { if (ia6a-s6_addr[i] ia6b-s6_addr[i]) rc = 1; else if (ia6a-s6_addr[i] ia6b-s6_addr[i]) @@ -240,7 +240,7 @@ static int jail_copyin_ips(struct jail *j) { #ifdef INET - struct in_addr *ip4; + struct in_addr *ip4; #endif #ifdef INET6 struct in6_addr *ip6; @@ -348,7 +348,7 @@ jail_handle_ips(struct jail *j) * Finish conversion for older versions, copyin and setup IPs. */ switch (j-version) { - case 0: + case 0: { #ifdef INET /* FreeBSD single IPv4 jails. */ @@ -594,6 +594,7 @@ e_killmtx: return (error); } + /* * struct jail_attach_args { * int jid; @@ -807,7 +808,7 @@ prison_proc_free(struct prison *pr) * Pass back primary IPv4 address of this jail. * * If not jailed return success but do not alter the address. Caller has to - * make sure to intialize it correctly (e.g. INADDR_ANY). + * make sure to initialize it correctly (e.g. INADDR_ANY). * * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv4. * Address returned in NBO. @@ -822,7 +823,6 @@ prison_get_ip4(struct ucred *cred, struc if (!jailed(cred)) /* Do not change address passed in. */ return (0); - if (cred-cr_prison-pr_ip4 == NULL) return (EAFNOSUPPORT); @@ -956,7 +956,7 @@ prison_check_ip4(struct ucred *cred, str * Pass back primary IPv6 address for this jail. * * If not jailed return success but do not alter the address. Caller has to - * make sure to intialize it correctly (e.g. IN6ADDR_ANY_INIT). + * make sure to initialize it correctly (e.g. IN6ADDR_ANY_INIT). * * Returns 0 on success, EAFNOSUPPORT if the jail doesn't allow IPv6. */ Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Fri Mar 27 13:05:29 2009(r190465) +++ head/sys/sys/jail.h Fri Mar 27 13:13:59 2009(r190466) @@ -7,7 +7,6 @@ * * * $FreeBSD$ - * */ #ifndef _SYS_JAIL_H_ @@ -32,7 +31,7 @@ struct jail { struct in_addr *ip4; struct in6_addr *ip6; }; -#defineJAIL_API_VERSION 2 +#defineJAIL_API_VERSION2 /* * For all xprison structs, always keep the pr_version an int and @@ -54,8
svn commit: r191668 - in head: lib/libc/sys sys/sys usr.sbin/jail
Author: jamie Date: Wed Apr 29 16:02:52 2009 New Revision: 191668 URL: http://svn.freebsd.org/changeset/base/191668 Log: With the permission of phk@ change the license on remaining jail code to a 2 clause BSD license. Approved by: phk Approved by: bz (mentor) Modified: head/lib/libc/sys/jail.2 head/sys/sys/jail.h head/usr.sbin/jail/jail.c Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Wed Apr 29 15:22:58 2009(r191667) +++ head/lib/libc/sys/jail.2Wed Apr 29 16:02:52 2009(r191668) @@ -1,10 +1,26 @@ +.\ Copyright (c) 1999 Poul-Henning Kamp. +.\ All rights reserved. .\ -.\ -.\ THE BEER-WARE LICENSE (Revision 42): -.\ p...@freebsd.org wrote this file. As long as you retain this notice you -.\ can do whatever you want with this stuff. If we meet some day, and you think -.\ this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp -.\ +.\ Redistribution and use in source and binary forms, with or without +.\ modification, are permitted provided that the following conditions +.\ are met: +.\ 1. Redistributions of source code must retain the above copyright +.\notice, this list of conditions and the following disclaimer. +.\ 2. Redistributions in binary form must reproduce the above copyright +.\notice, this list of conditions and the following disclaimer in the +.\documentation and/or other materials provided with the distribution. +.\ +.\ THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\ ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\ IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\ ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\ FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\ DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\ OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\ SUCH DAMAGE. .\ .\ $FreeBSD$ .\ Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Wed Apr 29 15:22:58 2009(r191667) +++ head/sys/sys/jail.h Wed Apr 29 16:02:52 2009(r191668) @@ -1,10 +1,27 @@ /*- - * - * THE BEER-WARE LICENSE (Revision 42): - * p...@freebsd.org wrote this file. As long as you retain this notice you - * can do whatever you want with this stuff. If we meet some day, and you think - * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp - * + * Copyright (c) 1999 Poul-Henning Kamp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. * * $FreeBSD$ */ Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Wed Apr 29 15:22:58 2009(r191667) +++ head/usr.sbin/jail/jail.c Wed Apr 29 16:02:52 2009(r191668) @@ -1,10 +1,27 @@ -/* - * - * THE BEER-WARE LICENSE (Revision 42):
svn commit: r191675 - in head/sys: compat/freebsd32 kern sys
Author: jamie Date: Wed Apr 29 21:50:13 2009 New Revision: 191675 URL: http://svn.freebsd.org/changeset/base/191675 Log: Regen for new jail system calls in r191673. Approved by: bz (mentor) Modified: head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_syscall.h head/sys/compat/freebsd32/freebsd32_syscalls.c head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/kern/init_sysent.c head/sys/kern/syscalls.c head/sys/kern/systrace_args.c head/sys/sys/syscall.h head/sys/sys/syscall.mk head/sys/sys/sysproto.h Modified: head/sys/compat/freebsd32/freebsd32_proto.h == --- head/sys/compat/freebsd32/freebsd32_proto.h Wed Apr 29 21:17:18 2009 (r191674) +++ head/sys/compat/freebsd32/freebsd32_proto.h Wed Apr 29 21:50:13 2009 (r191675) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 190621 2009-04-01 13:11:50Z kib + * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 191673 2009-04-29 21:14:15Z jamie */ #ifndef _FREEBSD32_SYSPROTO_H_ @@ -443,6 +443,16 @@ struct freebsd32_futimesat_args { char path_l_[PADL_(char *)]; char * path; char path_r_[PADR_(char *)]; char times_l_[PADL_(struct timeval *)]; struct timeval * times; char times_r_[PADR_(struct timeval *)]; }; +struct freebsd32_jail_get_args { + char iovp_l_[PADL_(struct iovec32 *)]; struct iovec32 * iovp; char iovp_r_[PADR_(struct iovec32 *)]; + char iovcnt_l_[PADL_(unsigned int)]; unsigned int iovcnt; char iovcnt_r_[PADR_(unsigned int)]; + char flags_l_[PADL_(int)]; int flags; char flags_r_[PADR_(int)]; +}; +struct freebsd32_jail_set_args { + char iovp_l_[PADL_(struct iovec32 *)]; struct iovec32 * iovp; char iovp_r_[PADR_(struct iovec32 *)]; + char iovcnt_l_[PADL_(unsigned int)]; unsigned int iovcnt; char iovcnt_r_[PADR_(unsigned int)]; + char flags_l_[PADL_(int)]; int flags; char flags_r_[PADR_(int)]; +}; intfreebsd32_wait4(struct thread *, struct freebsd32_wait4_args *); intfreebsd32_recvmsg(struct thread *, struct freebsd32_recvmsg_args *); intfreebsd32_sendmsg(struct thread *, struct freebsd32_sendmsg_args *); @@ -524,6 +534,8 @@ int freebsd32_cpuset_setaffinity(struct intfreebsd32_fexecve(struct thread *, struct freebsd32_fexecve_args *); intfreebsd32_fstatat(struct thread *, struct freebsd32_fstatat_args *); intfreebsd32_futimesat(struct thread *, struct freebsd32_futimesat_args *); +intfreebsd32_jail_get(struct thread *, struct freebsd32_jail_get_args *); +intfreebsd32_jail_set(struct thread *, struct freebsd32_jail_set_args *); #ifdef COMPAT_43 @@ -751,6 +763,8 @@ int freebsd6_freebsd32_ftruncate(struct #defineFREEBSD32_SYS_AUE_freebsd32_fexecve AUE_FEXECVE #defineFREEBSD32_SYS_AUE_freebsd32_fstatat AUE_FSTATAT #defineFREEBSD32_SYS_AUE_freebsd32_futimesat AUE_FUTIMESAT +#defineFREEBSD32_SYS_AUE_freebsd32_jail_getAUE_NULL +#defineFREEBSD32_SYS_AUE_freebsd32_jail_setAUE_NULL #undef PAD_ #undef PADL_ Modified: head/sys/compat/freebsd32/freebsd32_syscall.h == --- head/sys/compat/freebsd32/freebsd32_syscall.h Wed Apr 29 21:17:18 2009(r191674) +++ head/sys/compat/freebsd32/freebsd32_syscall.h Wed Apr 29 21:50:13 2009(r191675) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 190621 2009-04-01 13:11:50Z kib + * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 191673 2009-04-29 21:14:15Z jamie */ #defineFREEBSD32_SYS_syscall 0 @@ -368,4 +368,7 @@ #defineFREEBSD32_SYS_symlinkat 502 #defineFREEBSD32_SYS_unlinkat 503 #defineFREEBSD32_SYS_posix_openpt 504 -#defineFREEBSD32_SYS_MAXSYSCALL506 +#defineFREEBSD32_SYS_freebsd32_jail_get506 +#defineFREEBSD32_SYS_freebsd32_jail_set507 +#defineFREEBSD32_SYS_jail_remove 508 +#defineFREEBSD32_SYS_MAXSYSCALL509 Modified: head/sys/compat/freebsd32/freebsd32_syscalls.c == --- head/sys/compat/freebsd32/freebsd32_syscalls.c Wed Apr 29 21:17:18 2009(r191674) +++ head/sys/compat/freebsd32/freebsd32_syscalls.c Wed Apr 29 21:50:13 2009(r191675) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 190621 2009-04-01 13:11:50Z kib + * created from FreeBSD: head/sys/compat/freebsd32/syscalls.master 191673 2009-04-29 21:14:15Z jamie */
Re: svn commit: r191673 - in head: lib/libc/sys sys/cddl/compat/opensolaris/kern sys/compat/freebsd32 sys/kern sys/sys
Alexander Leidinger wrote: Quoting Jamie Gritton ja...@freebsd.org (from Wed, 29 Apr 2009 21:14:16 + (UTC)): Author: jamie Date: Wed Apr 29 21:14:15 2009 New Revision: 191673 URL: http://svn.freebsd.org/changeset/base/191673 Log: Introduce the extensible jail framework, using the same name=value interface as nmount(2). Three new system calls are added: * jail_set, to create jails and change the parameters of existing jails. This replaces jail(2). * jail_get, to read the parameters of existing jails. This replaces the security.jail.list sysctl. * jail_remove to kill off a jail's processes and remove the jail. Most jail parameters may now be changed after creation, and jails may be set to exist without any attached processes. The current jail(2) system call still exists, though it is now a stub to jail_set(2). Does this mean it is theoretically possible now to add/remove IP addresses to/from a running jail? If yes, are you going to implement the corresponding ifconfig feature? I would expect this in ifconfig, as on Solaris ifconfig is able to do this with zones, I haven't looked if the jail utility is able to do it. Yes and maybe. Jails can get IP addresses added and removed midstream. But the userland interface remains to be done. I had no plans to specify a jail in ifconfig but I could do that at some point. There's no specific tie between interfaces and jails like there appears to be for zones, so it would be something different than Solaris has. For now I'll just be modifying jail(8) to assign existing addresses to jails, the way they're done now upon creation. - Jamie ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r191711 - head/sys/kern
Author: jamie Date: Thu Apr 30 22:43:21 2009 New Revision: 191711 URL: http://svn.freebsd.org/changeset/base/191711 Log: Don't call the OSD destructor if the data slot is NULL (since it's already not done on unused slots, which are indistinguishable to the caller). Approved by: bz (mentor) Modified: head/sys/kern/kern_osd.c Modified: head/sys/kern/kern_osd.c == --- head/sys/kern/kern_osd.cThu Apr 30 22:30:01 2009(r191710) +++ head/sys/kern/kern_osd.cThu Apr 30 22:43:21 2009(r191711) @@ -297,8 +297,10 @@ do_osd_del(u_int type, struct osd *osd, OSD_DEBUG(Slot doesn't exist (type=%u, slot=%u)., type, slot); return; } - osd_destructors[type][slot - 1](osd-osd_slots[slot - 1]); - osd-osd_slots[slot - 1] = NULL; + if (osd-osd_slots[slot - 1] != NULL) { + osd_destructors[type][slot - 1](osd-osd_slots[slot - 1]); + osd-osd_slots[slot - 1] = NULL; + } for (i = osd-osd_nslots - 1; i = 0; i--) { if (osd-osd_slots[i] != NULL) { OSD_DEBUG(Slot still has a value (type=%u, slot=%u)., ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r191792 - head/sys/compat/linux
Author: jamie Date: Mon May 4 19:06:05 2009 New Revision: 191792 URL: http://svn.freebsd.org/changeset/base/191792 Log: Mark Linux MIB sysctls MPSAFE. Reviewed by: dchagin, kib Approved by: bz (mentor) Modified: head/sys/compat/linux/linux_mib.c Modified: head/sys/compat/linux/linux_mib.c == --- head/sys/compat/linux/linux_mib.c Mon May 4 19:00:25 2009 (r191791) +++ head/sys/compat/linux/linux_mib.c Mon May 4 19:06:05 2009 (r191792) @@ -78,7 +78,7 @@ linux_sysctl_osname(SYSCTL_HANDLER_ARGS) } SYSCTL_PROC(_compat_linux, OID_AUTO, osname, - CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 0, 0, linux_sysctl_osname, A, Linux kernel OS name); @@ -100,7 +100,7 @@ linux_sysctl_osrelease(SYSCTL_HANDLER_AR } SYSCTL_PROC(_compat_linux, OID_AUTO, osrelease, - CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON, + CTLTYPE_STRING | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 0, 0, linux_sysctl_osrelease, A, Linux kernel OS release); @@ -121,7 +121,7 @@ linux_sysctl_oss_version(SYSCTL_HANDLER_ } SYSCTL_PROC(_compat_linux, OID_AUTO, oss_version, - CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_PRISON, + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_PRISON | CTLFLAG_MPSAFE, 0, 0, linux_sysctl_oss_version, I, Linux OSS version); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r191806 - in head/sys: kern sys
Author: jamie Date: Tue May 5 05:49:08 2009 New Revision: 191806 URL: http://svn.freebsd.org/changeset/base/191806 Log: Add a constant PR_MAXMETHOD to better define the jail/OSD interface. Reviewed by: dchagin, kib Approved by: bz (mentor) Modified: head/sys/kern/kern_osd.c head/sys/sys/jail.h Modified: head/sys/kern/kern_osd.c == --- head/sys/kern/kern_osd.cTue May 5 03:51:41 2009(r191805) +++ head/sys/kern/kern_osd.cTue May 5 05:49:08 2009(r191806) @@ -32,6 +32,7 @@ __FBSDID($FreeBSD$); #include sys/systm.h #include sys/sysctl.h #include sys/errno.h +#include sys/jail.h #include sys/malloc.h #include sys/lock.h #include sys/mutex.h @@ -73,7 +74,7 @@ static osd_method_t *osd_methods[OSD_LAS static u_int osd_nslots[OSD_LAST + 1]; /* (m) */ static osd_destructor_t *osd_destructors[OSD_LAST + 1];/* (o) */ static const u_int osd_nmethods[OSD_LAST + 1] = { - [OSD_JAIL] = 5, + [OSD_JAIL] = PR_MAXMETHOD, }; static struct sx osd_module_lock[OSD_LAST + 1]; Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Tue May 5 03:51:41 2009(r191805) +++ head/sys/sys/jail.h Tue May 5 05:49:08 2009(r191806) @@ -189,6 +189,7 @@ struct prison { #definePR_METHOD_SET 2 #definePR_METHOD_CHECK 3 #definePR_METHOD_ATTACH4 +#definePR_MAXMETHOD5 /* * Sysctl-set variables that determine global jail policy ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r187937 - head/share/misc
Author: jamie Date: Fri Jan 30 22:00:31 2009 New Revision: 187937 URL: http://svn.freebsd.org/changeset/base/187937 Log: Committo ergo sum. Approved by: bz Modified: head/share/misc/committers-src.dot Modified: head/share/misc/committers-src.dot == --- head/share/misc/committers-src.dot Fri Jan 30 20:17:08 2009 (r187936) +++ head/share/misc/committers-src.dot Fri Jan 30 22:00:31 2009 (r187937) @@ -102,6 +102,7 @@ iedowse [label=Ian dowse\niedo...@freeb imp [label=Warner losh\n...@freebsd.org\n1996/09/20] ivoras [label=Ivan voras\nivo...@freebsd.org\n2008/06/10] jake [label=Jake burkholder\nj...@freebsd.org\n2000/05/16] +jamie [label=Jamie gritton\nja...@freebsd.org\n2009/01/28] jayanth [label=Jayanth vijayaraghavan\njaya...@freebsd.org\n2000/05/08] jinmei [label=JINMEI tatuya\njin...@freebsd.org\n2007/03/17] jdp [label=John polstra\n...@freebsd.org\n/??/??] @@ -219,7 +220,9 @@ bms - thompsa brian - joe brooks - bushman +brooks - jamie +bz - jamie bz - syrinx cperciva - flz ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r188146 - in head/sys: kern sys
Author: jamie Date: Thu Feb 5 14:15:18 2009 New Revision: 188146 URL: http://svn.freebsd.org/changeset/base/188146 Log: Don't allow creating a socket with a protocol family that the current jail doesn't support. This involves a new function prison_check_af, like prison_check_ip[46] but that checks only the family. With this change, most of the errors generated by jailed sockets shouldn't ever occur, at least until jails are changeable. Approved by: bz (mentor) Modified: head/sys/kern/kern_jail.c head/sys/kern/uipc_socket.c head/sys/sys/jail.h Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Thu Feb 5 14:06:43 2009(r188145) +++ head/sys/kern/kern_jail.c Thu Feb 5 14:15:18 2009(r188146) @@ -1099,6 +1099,48 @@ prison_check_ip6(struct ucred *cred, str #endif /* + * Check if a jail supports the given address family. + * + * Returns 0 if not jailed or the address family is supported, EAFNOSUPPORT + * if not. + */ +int +prison_check_af(struct ucred *cred, int af) +{ + int error; + + KASSERT(cred != NULL, (%s: cred is NULL, __func__)); + + + if (!jailed(cred)) + return (0); + + error = 0; + switch (af) + { +#ifdef INET + case AF_INET: + if (cred-cr_prison-pr_ip4 == NULL) + error = EAFNOSUPPORT; + break; +#endif +#ifdef INET6 + case AF_INET6: + if (cred-cr_prison-pr_ip6 == NULL) + error = EAFNOSUPPORT; + break; +#endif + case AF_LOCAL: + case AF_ROUTE: + break; + default: + if (jail_socket_unixiproute_only) + error = EAFNOSUPPORT; + } + return (error); +} + +/* * Check if given address belongs to the jail referenced by cred (wrapper to * prison_check_ip[46]). * Modified: head/sys/kern/uipc_socket.c == --- head/sys/kern/uipc_socket.c Thu Feb 5 14:06:43 2009(r188145) +++ head/sys/kern/uipc_socket.c Thu Feb 5 14:15:18 2009(r188146) @@ -347,15 +347,8 @@ socreate(int dom, struct socket **aso, i prp-pr_usrreqs-pru_attach == pru_attach_notsupp) return (EPROTONOSUPPORT); - if (jailed(cred) jail_socket_unixiproute_only - prp-pr_domain-dom_family != PF_LOCAL - prp-pr_domain-dom_family != PF_INET -#ifdef INET6 - prp-pr_domain-dom_family != PF_INET6 -#endif - prp-pr_domain-dom_family != PF_ROUTE) { + if (prison_check_af(cred, prp-pr_domain-dom_family) != 0) return (EPROTONOSUPPORT); - } if (prp-pr_type != type) return (EPROTOTYPE); Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Thu Feb 5 14:06:43 2009(r188145) +++ head/sys/sys/jail.h Thu Feb 5 14:15:18 2009(r188146) @@ -191,6 +191,7 @@ int prison_local_ip6(struct ucred *, str int prison_remote_ip6(struct ucred *, struct in6_addr *); int prison_check_ip6(struct ucred *, struct in6_addr *); #endif +int prison_check_af(struct ucred *cred, int af); int prison_if(struct ucred *cred, struct sockaddr *sa); int prison_priv_check(struct ucred *cred, int priv); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r188148 - in head/sys: netinet netinet6
Author: jamie Date: Thu Feb 5 14:25:53 2009 New Revision: 188148 URL: http://svn.freebsd.org/changeset/base/188148 Log: Remove redundant calls of prison_local_ip4 in in_pcbbind_setup, and of prison_local_ip6 in in6_pcbbind. Approved by: bz (mentor) Modified: head/sys/netinet/in_pcb.c head/sys/netinet6/in6_pcb.c Modified: head/sys/netinet/in_pcb.c == --- head/sys/netinet/in_pcb.c Thu Feb 5 14:21:09 2009(r188147) +++ head/sys/netinet/in_pcb.c Thu Feb 5 14:25:53 2009(r188148) @@ -313,7 +313,10 @@ in_pcbbind_setup(struct inpcb *inp, stru return (EINVAL); if ((so-so_options (SO_REUSEADDR|SO_REUSEPORT)) == 0) wild = INPLOOKUP_WILDCARD; - if (nam) { + if (nam == NULL) { + if ((error = prison_local_ip4(cred, laddr)) != 0) + return (error); + } else { sin = (struct sockaddr_in *)nam; if (nam-sa_len != sizeof (*sin)) return (EINVAL); @@ -392,9 +395,6 @@ in_pcbbind_setup(struct inpcb *inp, stru t-inp_cred-cr_uid)) return (EADDRINUSE); } - error = prison_local_ip4(cred, sin-sin_addr); - if (error) - return (error); t = in_pcblookup_local(pcbinfo, sin-sin_addr, lport, wild, cred); if (t (t-inp_vflag INP_TIMEWAIT)) { @@ -428,10 +428,6 @@ in_pcbbind_setup(struct inpcb *inp, stru u_short first, last, aux; int count; - error = prison_local_ip4(cred, laddr); - if (error) - return (error); - if (inp-inp_flags INP_HIGHPORT) { first = V_ipport_hifirstauto; /* sysctl */ last = V_ipport_hilastauto; @@ -496,9 +492,6 @@ in_pcbbind_setup(struct inpcb *inp, stru } while (in_pcblookup_local(pcbinfo, laddr, lport, wild, cred)); } - error = prison_local_ip4(cred, laddr); - if (error) - return (error); *laddrp = laddr.s_addr; *lportp = lport; return (0); Modified: head/sys/netinet6/in6_pcb.c == --- head/sys/netinet6/in6_pcb.c Thu Feb 5 14:21:09 2009(r188147) +++ head/sys/netinet6/in6_pcb.c Thu Feb 5 14:25:53 2009(r188148) @@ -130,7 +130,11 @@ in6_pcbbind(register struct inpcb *inp, return (EINVAL); if ((so-so_options (SO_REUSEADDR|SO_REUSEPORT)) == 0) wild = INPLOOKUP_WILDCARD; - if (nam) { + if (nam == NULL) { + if ((error = prison_local_ip6(cred, inp-in6p_laddr, + ((inp-inp_flags IN6P_IPV6_V6ONLY) != 0))) != 0) + return (error); + } else { sin6 = (struct sockaddr_in6 *)nam; if (nam-sa_len != sizeof(*sin6)) return (EINVAL); @@ -221,9 +225,6 @@ in6_pcbbind(register struct inpcb *inp, return (EADDRINUSE); } } - if ((error = prison_local_ip6(cred, sin6-sin6_addr, - ((inp-inp_flags IN6P_IPV6_V6ONLY) != 0))) != 0) - return (error); t = in6_pcblookup_local(pcbinfo, sin6-sin6_addr, lport, wild, cred); if (t (reuseport ((t-inp_vflag INP_TIMEWAIT) ? @@ -256,9 +257,6 @@ in6_pcbbind(register struct inpcb *inp, } inp-in6p_laddr = sin6-sin6_addr; } - if ((error = prison_local_ip6(cred, inp-in6p_laddr, - ((inp-inp_flags IN6P_IPV6_V6ONLY) != 0))) != 0) - return (error); if (lport == 0) { if ((error = in6_pcbsetport(inp-in6p_laddr, inp, cred)) != 0) return (error); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r188149 - head/sys/net
Author: jamie Date: Thu Feb 5 14:58:16 2009 New Revision: 188149 URL: http://svn.freebsd.org/changeset/base/188149 Log: Call prison_if from rtm_get_jailed, instead of splitting it out into prison_check_ip4 and prison_check_ip6. As prison_if includes a jailed() check, remove that check before calling rtm_get_jailed. Approved by: bz (mentor) Modified: head/sys/net/rtsock.c Modified: head/sys/net/rtsock.c == --- head/sys/net/rtsock.c Thu Feb 5 14:25:53 2009(r188148) +++ head/sys/net/rtsock.c Thu Feb 5 14:58:16 2009(r188149) @@ -337,55 +337,48 @@ rtm_get_jailed(struct rt_addrinfo *info, struct rtentry *rt, union sockaddr_union *saun, struct ucred *cred) { + /* First, see if the returned address is part of the jail. */ + if (prison_if(cred, rt-rt_ifa-ifa_addr) == 0) { + info-rti_info[RTAX_IFA] = rt-rt_ifa-ifa_addr; + return (0); + } + switch (info-rti_info[RTAX_DST]-sa_family) { #ifdef INET case AF_INET: { struct in_addr ia; + struct ifaddr *ifa; + int found; + found = 0; /* -* 1. Check if the returned address is part of the jail. +* Try to find an address on the given outgoing interface +* that belongs to the jail. */ - ia = ((struct sockaddr_in *)rt-rt_ifa-ifa_addr)-sin_addr; - if (prison_check_ip4(cred, ia) == 0) { - info-rti_info[RTAX_IFA] = rt-rt_ifa-ifa_addr; - - } else { - struct ifaddr *ifa; - int found; - - found = 0; - + TAILQ_FOREACH(ifa, ifp-if_addrhead, ifa_link) { + struct sockaddr *sa; + sa = ifa-ifa_addr; + if (sa-sa_family != AF_INET) + continue; + ia = ((struct sockaddr_in *)sa)-sin_addr; + if (prison_check_ip4(cred, ia) == 0) { + found = 1; + break; + } + } + if (!found) { /* -* 2. Try to find an address on the given outgoing -*interface that belongs to the jail. +* As a last resort return the 'default' jail address. */ - TAILQ_FOREACH(ifa, ifp-if_addrhead, ifa_link) { - struct sockaddr *sa; - sa = ifa-ifa_addr; - if (sa-sa_family != AF_INET) - continue; - ia = ((struct sockaddr_in *)sa)-sin_addr; - if (prison_check_ip4(cred, ia) == 0) { - found = 1; - break; - } - } - if (!found) { - /* -* 3. As a last resort return the 'default' -* jail address. -*/ - if (prison_get_ip4(cred, ia) != 0) - return (ESRCH); - } - bzero(saun-sin, sizeof(struct sockaddr_in)); - saun-sin.sin_len = sizeof(struct sockaddr_in); - saun-sin.sin_family = AF_INET; - saun-sin.sin_addr.s_addr = ia.s_addr; - info-rti_info[RTAX_IFA] = - (struct sockaddr *)saun-sin; + if (prison_get_ip4(cred, ia) != 0) + return (ESRCH); } + bzero(saun-sin, sizeof(struct sockaddr_in)); + saun-sin.sin_len = sizeof(struct sockaddr_in); + saun-sin.sin_family = AF_INET; + saun-sin.sin_addr.s_addr = ia.s_addr; + info-rti_info[RTAX_IFA] = (struct sockaddr *)saun-sin; break; } #endif @@ -393,54 +386,40 @@ rtm_get_jailed(struct rt_addrinfo *info, case AF_INET6: { struct in6_addr ia6; + struct ifaddr *ifa; + int found; + found = 0; /* -* 1. Check if the returned address is part of the jail. +* Try to find an address on the given outgoing interface +* that belongs to the jail. */ - bcopy(((struct sockaddr_in6 *)rt-rt_ifa-ifa_addr)-sin6_addr, - ia6, sizeof(struct
svn commit: r236198 - head/usr.sbin/jail
Author: jamie Date: Mon May 28 20:44:11 2012 New Revision: 236198 URL: http://svn.freebsd.org/changeset/base/236198 Log: When writing the jid via the -i flag, do it right when the jail is created, before any commands run. /etc/rc.d/jail depends on this. Modified: head/usr.sbin/jail/command.c head/usr.sbin/jail/jail.c head/usr.sbin/jail/jailp.h Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cMon May 28 19:48:37 2012 (r236197) +++ head/usr.sbin/jail/command.cMon May 28 20:44:11 2012 (r236198) @@ -246,7 +246,7 @@ next_proc(int nonblock) /* * Run a single command for a jail, possible inside the jail. */ -int +static int run_command(struct cfjail *j) { const struct passwd *pwd; @@ -290,6 +290,8 @@ run_command(struct cfjail *j) } else { if (create_jail(j) 0) return -1; + if (iflag) + printf(%d\n, j-jid); if (verbose = 0 (j-name || verbose 0)) jail_note(j, created\n); dep_done(j, DF_LIGHT); Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Mon May 28 19:48:37 2012(r236197) +++ head/usr.sbin/jail/jail.c Mon May 28 20:44:11 2012(r236198) @@ -55,6 +55,7 @@ struct permspec { }; const char *cfname; +int iflag; int note_remove; int verbose; @@ -129,7 +130,7 @@ main(int argc, char **argv) size_t sysvallen; unsigned op, pi; int ch, docf, error, i, oldcl, sysval; - int dflag, iflag, Rflag; + int dflag, Rflag; char enforce_statfs[4]; #if defined(INET) || defined(INET6) char *cs, *ncs; @@ -139,7 +140,7 @@ main(int argc, char **argv) #endif op = 0; - dflag = iflag = Rflag = 0; + dflag = Rflag = 0; docf = 1; cfname = CONF_FILE; JidFile = NULL; @@ -415,8 +416,6 @@ main(int argc, char **argv) continue; jail_create_done: clear_persist(j); - if (iflag) - printf(%d\n, j-jid); if (jfp != NULL) print_jail(jfp, j, oldcl); dep_done(j, 0); Modified: head/usr.sbin/jail/jailp.h == --- head/usr.sbin/jail/jailp.h Mon May 28 19:48:37 2012(r236197) +++ head/usr.sbin/jail/jailp.h Mon May 28 20:44:11 2012(r236198) @@ -227,6 +227,7 @@ extern struct cfjails cfjails; extern struct cfjails ready; extern struct cfjails depend; extern const char *cfname; +extern int iflag; extern int note_remove; extern int paralimit; extern int verbose; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r236356 - stable/9/usr.sbin/jail
Author: jamie Date: Thu May 31 14:18:19 2012 New Revision: 236356 URL: http://svn.freebsd.org/changeset/base/236356 Log: MFC r235949, r236198: Don't try to set a null TERM environment. When writing the jid via the -i flag, do it right when the jail is created, before any commands run. /etc/rc.d/jail depends on this. Modified: stable/9/usr.sbin/jail/command.c stable/9/usr.sbin/jail/jail.c stable/9/usr.sbin/jail/jailp.h Directory Properties: stable/9/usr.sbin/jail/ (props changed) Modified: stable/9/usr.sbin/jail/command.c == --- stable/9/usr.sbin/jail/command.cThu May 31 08:22:02 2012 (r236355) +++ stable/9/usr.sbin/jail/command.cThu May 31 14:18:19 2012 (r236356) @@ -246,7 +246,7 @@ next_proc(int nonblock) /* * Run a single command for a jail, possible inside the jail. */ -int +static int run_command(struct cfjail *j) { const struct passwd *pwd; @@ -290,6 +290,8 @@ run_command(struct cfjail *j) } else { if (create_jail(j) 0) return -1; + if (iflag) + printf(%d\n, j-jid); if (verbose = 0 (j-name || verbose 0)) jail_note(j, created\n); dep_done(j, DF_LIGHT); @@ -584,7 +586,8 @@ run_command(struct cfjail *j) term = getenv(TERM); environ = cleanenv; setenv(PATH, /bin:/usr/bin, 0); - setenv(TERM, term, 1); + if (term != NULL) + setenv(TERM, term, 1); } if (setusercontext(lcap, pwd, pwd-pw_uid, username ? LOGIN_SETALL ~LOGIN_SETGROUP ~LOGIN_SETLOGIN Modified: stable/9/usr.sbin/jail/jail.c == --- stable/9/usr.sbin/jail/jail.c Thu May 31 08:22:02 2012 (r236355) +++ stable/9/usr.sbin/jail/jail.c Thu May 31 14:18:19 2012 (r236356) @@ -55,6 +55,7 @@ struct permspec { }; const char *cfname; +int iflag; int note_remove; int verbose; @@ -129,7 +130,7 @@ main(int argc, char **argv) size_t sysvallen; unsigned op, pi; int ch, docf, error, i, oldcl, sysval; - int dflag, iflag, Rflag; + int dflag, Rflag; char enforce_statfs[4]; #if defined(INET) || defined(INET6) char *cs, *ncs; @@ -139,7 +140,7 @@ main(int argc, char **argv) #endif op = 0; - dflag = iflag = Rflag = 0; + dflag = Rflag = 0; docf = 1; cfname = CONF_FILE; JidFile = NULL; @@ -415,8 +416,6 @@ main(int argc, char **argv) continue; jail_create_done: clear_persist(j); - if (iflag) - printf(%d\n, j-jid); if (jfp != NULL) print_jail(jfp, j, oldcl); dep_done(j, 0); Modified: stable/9/usr.sbin/jail/jailp.h == --- stable/9/usr.sbin/jail/jailp.h Thu May 31 08:22:02 2012 (r236355) +++ stable/9/usr.sbin/jail/jailp.h Thu May 31 14:18:19 2012 (r236356) @@ -228,6 +228,7 @@ extern struct cfjails cfjails; extern struct cfjails ready; extern struct cfjails depend; extern const char *cfname; +extern int iflag; extern int note_remove; extern int paralimit; extern int verbose; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234712 - in head: lib/libc/sys usr.sbin/jail
Author: jamie Date: Thu Apr 26 17:36:05 2012 New Revision: 234712 URL: http://svn.freebsd.org/changeset/base/234712 Log: A new jail(8) with a configuration file, ultimately to replace the work currently done by /etc/rc.d/jail. MFC after:3 months Added: head/usr.sbin/jail/command.c - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/command.c head/usr.sbin/jail/config.c - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/config.c head/usr.sbin/jail/jail.conf.5 - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jail.conf.5 head/usr.sbin/jail/jaillex.l - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jaillex.l head/usr.sbin/jail/jailp.h - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jailp.h head/usr.sbin/jail/jailparse.y - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/jailparse.y head/usr.sbin/jail/state.c - copied unchanged from r232242, projects/jailconf/usr.sbin/jail/state.c Modified: head/lib/libc/sys/jail.2 head/usr.sbin/jail/Makefile head/usr.sbin/jail/jail.8 head/usr.sbin/jail/jail.c Directory Properties: head/lib/libc/ (props changed) head/usr.sbin/jail/ (props changed) Modified: head/lib/libc/sys/jail.2 == --- head/lib/libc/sys/jail.2Thu Apr 26 17:35:11 2012(r234711) +++ head/lib/libc/sys/jail.2Thu Apr 26 17:36:05 2012(r234712) @@ -247,44 +247,6 @@ They return \-1 on failure, and set to indicate the error. .Pp .Rv -std jail_attach jail_remove -.Sh PRISON? -Once a process has been put in a prison, it and its descendants cannot escape -the prison. -.Pp -Inside the prison, the concept of -.Dq superuser -is very diluted. -In general, -it can be assumed that nothing can be mangled from inside a prison which -does not exist entirely inside that prison. -For instance the directory -tree below -.Dq Li path -can be manipulated all the ways a root can normally do it, including -.Dq Li rm -rf /* -but new device special nodes cannot be created because they reference -shared resources (the device drivers in the kernel). -The effective -.Dq securelevel -for a process is the greater of the global -.Dq securelevel -or, if present, the per-jail -.Dq securelevel . -.Pp -All IP activity will be forced to happen to/from the IP number specified, -which should be an alias on one of the network interfaces. -All connections to/from the loopback address -.Pf ( Li 127.0.0.1 -for IPv4, -.Li ::1 -for IPv6) will be changed to be to/from the primary address -of the jail for the given address family. -.Pp -It is possible to identify a process as jailed by examining -.Dq Li /proc/pid/status : -it will show a field near the end of the line, either as -a single hyphen for a process at large, or the name currently -set for the prison for jailed processes. .Sh ERRORS The .Fn jail @@ -415,7 +377,7 @@ and .Fn jail_attach call .Xr chroot 2 -internally, so it can fail for all the same reasons. +internally, so they can fail for all the same reasons. Please consult the .Xr chroot 2 manual page for details. Modified: head/usr.sbin/jail/Makefile == --- head/usr.sbin/jail/Makefile Thu Apr 26 17:35:11 2012(r234711) +++ head/usr.sbin/jail/Makefile Thu Apr 26 17:36:05 2012(r234712) @@ -3,9 +3,14 @@ .include bsd.own.mk PROG= jail -MAN= jail.8 -DPADD= ${LIBJAIL} ${LIBUTIL} -LDADD= -ljail -lutil +MAN= jail.8 jail.conf.5 +SRCS= jail.c command.c config.c state.c jailp.h jaillex.l jailparse.y y.tab.h + +DPADD= ${LIBJAIL} ${LIBKVM} ${LIBUTIL} ${LIBL} +LDADD= -ljail -lkvm -lutil -ll + +YFLAGS+=-v +CFLAGS+=-I. -I${.CURDIR} .if ${MK_INET6_SUPPORT} != no CFLAGS+= -DINET6 @@ -14,4 +19,6 @@ CFLAGS+= -DINET6 CFLAGS+= -DINET .endif +CLEANFILES= y.output + .include bsd.prog.mk Copied: head/usr.sbin/jail/command.c (from r232242, projects/jailconf/usr.sbin/jail/command.c) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/usr.sbin/jail/command.cThu Apr 26 17:36:05 2012 (r234712, copy of r232242, projects/jailconf/usr.sbin/jail/command.c) @@ -0,0 +1,857 @@ +/*- + * Copyright (c) 2011 James Gritton + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS
svn commit: r234744 - head/usr.sbin/jail
Author: jamie Date: Fri Apr 27 23:39:21 2012 New Revision: 234744 URL: http://svn.freebsd.org/changeset/base/234744 Log: Fix the dates and history as of the move to HEAD. Modified: head/usr.sbin/jail/jail.conf.5 Modified: head/usr.sbin/jail/jail.conf.5 == --- head/usr.sbin/jail/jail.conf.5 Fri Apr 27 22:27:21 2012 (r234743) +++ head/usr.sbin/jail/jail.conf.5 Fri Apr 27 23:39:21 2012 (r234744) @@ -1,4 +1,4 @@ -.\ Copyright (c) 2011 James Gritton +.\ Copyright (c) 2012 James Gritton .\ All rights reserved. .\ .\ Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd October 20, 2010 +.Dd April 26, 2012 .Dt JAIL.CONF 5 .Os .Sh NAME @@ -217,7 +217,7 @@ utility appeared in The .Nm file was added in -.Fx 9.0 . +.Fx 10.0 . .Sh AUTHORS .An -nosplit The jail feature was written by ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234934 - head/usr.sbin/jail
Author: jamie Date: Wed May 2 21:24:08 2012 New Revision: 234934 URL: http://svn.freebsd.org/changeset/base/234934 Log: Add YY_NO_INPUT so clang doesn't complain about input not being used. Modified: head/usr.sbin/jail/jaillex.l Modified: head/usr.sbin/jail/jaillex.l == --- head/usr.sbin/jail/jaillex.lWed May 2 20:01:28 2012 (r234933) +++ head/usr.sbin/jail/jaillex.lWed May 2 21:24:08 2012 (r234934) @@ -36,6 +36,7 @@ __FBSDID($FreeBSD$); #include jailp.h #include y.tab.h +#define YY_NO_INPUT #define YY_NO_UNPUT extern int yynerrs; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r234988 - head/usr.sbin/jail
Author: jamie Date: Thu May 3 21:39:23 2012 New Revision: 234988 URL: http://svn.freebsd.org/changeset/base/234988 Log: Add a meta-parameter IP__NULL to enum intparam, instead of mixing enum values and zeroes. This keeps clang happy (and is just good form). Submitted by: dim Modified: head/usr.sbin/jail/command.c head/usr.sbin/jail/config.c head/usr.sbin/jail/jail.c head/usr.sbin/jail/jailp.h Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cThu May 3 21:21:45 2012 (r234987) +++ head/usr.sbin/jail/command.cThu May 3 21:39:23 2012 (r234988) @@ -100,7 +100,7 @@ next_command(struct cfjail *j) if (j-comstring == NULL) { j-comparam += create_failed ? -1 : 1; switch ((comparam = *j-comparam)) { - case 0: + case IP__NULL: return 0; case IP_MOUNT_DEVFS: if (!bool_param(j-intparams[IP_MOUNT_DEVFS])) Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu May 3 21:21:45 2012(r234987) +++ head/usr.sbin/jail/config.c Thu May 3 21:39:23 2012(r234988) @@ -328,7 +328,7 @@ add_param(struct cfjail *j, const struct } } else { flags = PF_APPEND; - if (ipnum != 0) { + if (ipnum != IP__NULL) { name = intparams[ipnum].name; flags |= intparams[ipnum].flags; } else if ((cs = strchr(value, '='))) { @@ -350,7 +350,7 @@ add_param(struct cfjail *j, const struct } /* See if this parameter has already been added. */ - if (ipnum != 0) + if (ipnum != IP__NULL) dp = j-intparams[ipnum]; else TAILQ_FOREACH(dp, j-params, tq) @@ -375,10 +375,10 @@ add_param(struct cfjail *j, const struct np-flags = flags; np-gen = 0; TAILQ_INSERT_TAIL(j-params, np, tq); - if (ipnum != 0) + if (ipnum != IP__NULL) j-intparams[ipnum] = np; else - for (ipnum = 1; ipnum IP_NPARAM; ipnum++) + for (ipnum = IP__NULL + 1; ipnum IP_NPARAM; ipnum++) if (!(intparams[ipnum].flags PF_CONV) equalopts(name, intparams[ipnum].name)) { j-intparams[ipnum] = np; Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Thu May 3 21:21:45 2012(r234987) +++ head/usr.sbin/jail/jail.c Thu May 3 21:39:23 2012(r234988) @@ -81,7 +81,7 @@ static struct permspec perm_sysctl[] = { }; static const enum intparam startcommands[] = { -0, +IP__NULL, #ifdef INET IP__IP4_IFADDR, #endif @@ -97,11 +97,11 @@ static const enum intparam startcommands IP_EXEC_START, IP_COMMAND, IP_EXEC_POSTSTART, -0 +IP__NULL }; static const enum intparam stopcommands[] = { -0, +IP__NULL, IP_EXEC_PRESTOP, IP_EXEC_STOP, IP_STOP_TIMEOUT, @@ -116,7 +116,7 @@ static const enum intparam stopcommands[ #ifdef INET IP__IP4_IFADDR, #endif -0 +IP__NULL }; int Modified: head/usr.sbin/jail/jailp.h == --- head/usr.sbin/jail/jailp.h Thu May 3 21:21:45 2012(r234987) +++ head/usr.sbin/jail/jailp.h Thu May 3 21:39:23 2012(r234988) @@ -71,7 +71,8 @@ #define JF_DO_STOP(js) (((js) (JF_SET | JF_STOP)) == JF_STOP) enum intparam { - IP_ALLOW_DYING = 1, /* Allow making changes to a dying jail */ + IP__NULL = 0, /* Null command */ + IP_ALLOW_DYING, /* Allow making changes to a dying jail */ IP_COMMAND, /* Command run inside jail at creation */ IP_DEPEND, /* Jail starts after (stops before) another */ IP_EXEC_CLEAN, /* Run commands in a clean environment */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235291 - head/lib/libjail
Author: jamie Date: Fri May 11 21:22:52 2012 New Revision: 235291 URL: http://svn.freebsd.org/changeset/base/235291 Log: The linker isn't consistent in the ordering of dynamic sysctls, so don't assume that the unnamed final component of security.jail.param.foo. is one less than the foo component. It might be one greater instead. Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Fri May 11 21:13:43 2012(r235290) +++ head/lib/libjail/jail.c Fri May 11 21:22:52 2012(r235291) @@ -855,7 +855,7 @@ jailparam_type(struct jailparam *jp) { char *p, *nname; size_t miblen, desclen; - int isarray; + int i, isarray; struct { int i; char s[MAXPATHLEN]; @@ -977,21 +977,33 @@ jailparam_type(struct jailparam *jp) } break; case CTLTYPE_NODE: - /* A node might be described by an empty-named child. */ + /* +* A node might be described by an empty-named child, +* which would be immediately before or after the node itself. +*/ mib[1] = 1; - mib[(miblen / sizeof(int)) + 2] = - mib[(miblen / sizeof(int)) + 1] - 1; miblen += sizeof(int); - desclen = sizeof(desc.s); - if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, desclen, - NULL, 0) 0) { - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.1): %s, strerror(errno)); - return (-1); + for (i = -1; i = 1; i += 2) { + mib[(miblen / sizeof(int)) + 1] = + mib[(miblen / sizeof(int))] + i; + desclen = sizeof(desc.s); + if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, + desclen, NULL, 0) 0) { + if (errno == ENOENT) + continue; + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + sysctl(0.1): %s, strerror(errno)); + return (-1); + } + if (desclen == + sizeof(SJPARAM) + strlen(jp-jp_name) + 2 + memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 + memcmp(jp-jp_name, desc.s + sizeof(SJPARAM), + desclen - sizeof(SJPARAM) - 2) == 0 + desc.s[desclen - 2] == '.') + goto mib_desc; } - if (desc.s[desclen - 2] != '.') - goto unknown_parameter; - goto mib_desc; + goto unknown_parameter; default: snprintf(jail_errmsg, JAIL_ERRMSGLEN, unknown type for %s, jp-jp_name); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235624 - stable/9/lib/libjail
Author: jamie Date: Fri May 18 19:08:10 2012 New Revision: 235624 URL: http://svn.freebsd.org/changeset/base/235624 Log: MFC r235291: The linker isn't consistent in the ordering of dynamic sysctls, so don't assume that the unnamed final component of security.jail.param.foo. is one less than the foo component. It might be one greater instead. Modified: stable/9/lib/libjail/jail.c Directory Properties: stable/9/lib/libjail/ (props changed) Modified: stable/9/lib/libjail/jail.c == --- stable/9/lib/libjail/jail.c Fri May 18 19:02:39 2012(r235623) +++ stable/9/lib/libjail/jail.c Fri May 18 19:08:10 2012(r235624) @@ -855,7 +855,7 @@ jailparam_type(struct jailparam *jp) { char *p, *nname; size_t miblen, desclen; - int isarray; + int i, isarray; struct { int i; char s[MAXPATHLEN]; @@ -977,21 +977,33 @@ jailparam_type(struct jailparam *jp) } break; case CTLTYPE_NODE: - /* A node might be described by an empty-named child. */ + /* +* A node might be described by an empty-named child, +* which would be immediately before or after the node itself. +*/ mib[1] = 1; - mib[(miblen / sizeof(int)) + 2] = - mib[(miblen / sizeof(int)) + 1] - 1; miblen += sizeof(int); - desclen = sizeof(desc.s); - if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, desclen, - NULL, 0) 0) { - snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.1): %s, strerror(errno)); - return (-1); + for (i = -1; i = 1; i += 2) { + mib[(miblen / sizeof(int)) + 1] = + mib[(miblen / sizeof(int))] + i; + desclen = sizeof(desc.s); + if (sysctl(mib, (miblen / sizeof(int)) + 2, desc.s, + desclen, NULL, 0) 0) { + if (errno == ENOENT) + continue; + snprintf(jail_errmsg, JAIL_ERRMSGLEN, + sysctl(0.1): %s, strerror(errno)); + return (-1); + } + if (desclen == + sizeof(SJPARAM) + strlen(jp-jp_name) + 2 + memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 + memcmp(jp-jp_name, desc.s + sizeof(SJPARAM), + desclen - sizeof(SJPARAM) - 2) == 0 + desc.s[desclen - 2] == '.') + goto mib_desc; } - if (desc.s[desclen - 2] != '.') - goto unknown_parameter; - goto mib_desc; + goto unknown_parameter; default: snprintf(jail_errmsg, JAIL_ERRMSGLEN, unknown type for %s, jp-jp_name); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235799 - head/lib/libjail
Author: jamie Date: Tue May 22 18:30:32 2012 New Revision: 235799 URL: http://svn.freebsd.org/changeset/base/235799 Log: The fix in r235291 re-broke the allow.nomount case. Re-fix it by testing for the right parameter name. Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Tue May 22 18:30:14 2012(r235798) +++ head/lib/libjail/jail.c Tue May 22 18:30:32 2012(r235799) @@ -853,7 +853,7 @@ jailparam_free(struct jailparam *jp, uns static int jailparam_type(struct jailparam *jp) { - char *p, *nname; + char *p, *name, *nname; size_t miblen, desclen; int i, isarray; struct { @@ -863,7 +863,8 @@ jailparam_type(struct jailparam *jp) int mib[CTL_MAXNAME]; /* The lastjid parameter isn't real. */ - if (!strcmp(jp-jp_name, lastjid)) { + name = jp-jp_name; + if (!strcmp(name, lastjid)) { jp-jp_valuelen = sizeof(int); jp-jp_ctltype = CTLTYPE_INT | CTLFLAG_WR; return (0); @@ -872,19 +873,19 @@ jailparam_type(struct jailparam *jp) /* Find the sysctl that describes the parameter. */ mib[0] = 0; mib[1] = 3; - snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, jp-jp_name); + snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name); miblen = sizeof(mib) - 2 * sizeof(int); if (sysctl(mib, 2, mib + 2, miblen, desc.s, strlen(desc.s)) 0) { if (errno != ENOENT) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.3.%s): %s, jp-jp_name, strerror(errno)); + sysctl(0.3.%s): %s, name, strerror(errno)); return (-1); } /* * The parameter probably doesn't exist. But it might be * the no counterpart to a boolean. */ - nname = nononame(jp-jp_name); + nname = nononame(name); if (nname == NULL) { unknown_parameter: snprintf(jail_errmsg, JAIL_ERRMSGLEN, @@ -892,8 +893,10 @@ jailparam_type(struct jailparam *jp) errno = ENOENT; return (-1); } - snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, nname); + name = alloca(strlen(nname) + 1); + strcpy(name, nname); free(nname); + snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name); miblen = sizeof(mib) - 2 * sizeof(int); if (sysctl(mib, 2, mib + 2, miblen, desc.s, strlen(desc.s)) 0) @@ -906,7 +909,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib, (miblen / sizeof(int)) + 2, desc, desclen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.4.%s): %s, jp-jp_name, strerror(errno)); + sysctl(0.4.%s): %s, name, strerror(errno)); return (-1); } jp-jp_ctltype = desc.i; @@ -952,7 +955,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib + 2, miblen / sizeof(int), desc.s, desclen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl( SJPARAM .%s): %s, jp-jp_name, + sysctl( SJPARAM .%s): %s, name, strerror(errno)); return (-1); } @@ -970,7 +973,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib + 2, miblen / sizeof(int), NULL, jp-jp_valuelen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl( SJPARAM .%s): %s, jp-jp_name, + sysctl( SJPARAM .%s): %s, name, strerror(errno)); return (-1); } @@ -995,10 +998,9 @@ jailparam_type(struct jailparam *jp) sysctl(0.1): %s, strerror(errno)); return (-1); } - if (desclen == - sizeof(SJPARAM) + strlen(jp-jp_name) + 2 + if (desclen == sizeof(SJPARAM) + strlen(name) + 2 memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 - memcmp(jp-jp_name, desc.s + sizeof(SJPARAM), + memcmp(name, desc.s + sizeof(SJPARAM), desclen - sizeof(SJPARAM) - 2) == 0 desc.s[desclen - 2] == '.') goto mib_desc;
svn commit: r235836 - stable/9/lib/libjail
Author: jamie Date: Wed May 23 14:48:14 2012 New Revision: 235836 URL: http://svn.freebsd.org/changeset/base/235836 Log: MFC r235799: The fix in r235291 (r235624) re-broke the allow.nomount case. Re-fix it by testing for the right parameter name. PR: bin/168250 Modified: stable/9/lib/libjail/jail.c Directory Properties: stable/9/lib/libjail/ (props changed) Modified: stable/9/lib/libjail/jail.c == --- stable/9/lib/libjail/jail.c Wed May 23 14:44:57 2012(r235835) +++ stable/9/lib/libjail/jail.c Wed May 23 14:48:14 2012(r235836) @@ -853,7 +853,7 @@ jailparam_free(struct jailparam *jp, uns static int jailparam_type(struct jailparam *jp) { - char *p, *nname; + char *p, *name, *nname; size_t miblen, desclen; int i, isarray; struct { @@ -863,7 +863,8 @@ jailparam_type(struct jailparam *jp) int mib[CTL_MAXNAME]; /* The lastjid parameter isn't real. */ - if (!strcmp(jp-jp_name, lastjid)) { + name = jp-jp_name; + if (!strcmp(name, lastjid)) { jp-jp_valuelen = sizeof(int); jp-jp_ctltype = CTLTYPE_INT | CTLFLAG_WR; return (0); @@ -872,19 +873,19 @@ jailparam_type(struct jailparam *jp) /* Find the sysctl that describes the parameter. */ mib[0] = 0; mib[1] = 3; - snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, jp-jp_name); + snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name); miblen = sizeof(mib) - 2 * sizeof(int); if (sysctl(mib, 2, mib + 2, miblen, desc.s, strlen(desc.s)) 0) { if (errno != ENOENT) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.3.%s): %s, jp-jp_name, strerror(errno)); + sysctl(0.3.%s): %s, name, strerror(errno)); return (-1); } /* * The parameter probably doesn't exist. But it might be * the no counterpart to a boolean. */ - nname = nononame(jp-jp_name); + nname = nononame(name); if (nname == NULL) { unknown_parameter: snprintf(jail_errmsg, JAIL_ERRMSGLEN, @@ -892,8 +893,10 @@ jailparam_type(struct jailparam *jp) errno = ENOENT; return (-1); } - snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, nname); + name = alloca(strlen(nname) + 1); + strcpy(name, nname); free(nname); + snprintf(desc.s, sizeof(desc.s), SJPARAM .%s, name); miblen = sizeof(mib) - 2 * sizeof(int); if (sysctl(mib, 2, mib + 2, miblen, desc.s, strlen(desc.s)) 0) @@ -906,7 +909,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib, (miblen / sizeof(int)) + 2, desc, desclen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl(0.4.%s): %s, jp-jp_name, strerror(errno)); + sysctl(0.4.%s): %s, name, strerror(errno)); return (-1); } jp-jp_ctltype = desc.i; @@ -952,7 +955,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib + 2, miblen / sizeof(int), desc.s, desclen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl( SJPARAM .%s): %s, jp-jp_name, + sysctl( SJPARAM .%s): %s, name, strerror(errno)); return (-1); } @@ -970,7 +973,7 @@ jailparam_type(struct jailparam *jp) if (sysctl(mib + 2, miblen / sizeof(int), NULL, jp-jp_valuelen, NULL, 0) 0) { snprintf(jail_errmsg, JAIL_ERRMSGLEN, - sysctl( SJPARAM .%s): %s, jp-jp_name, + sysctl( SJPARAM .%s): %s, name, strerror(errno)); return (-1); } @@ -995,10 +998,9 @@ jailparam_type(struct jailparam *jp) sysctl(0.1): %s, strerror(errno)); return (-1); } - if (desclen == - sizeof(SJPARAM) + strlen(jp-jp_name) + 2 + if (desclen == sizeof(SJPARAM) + strlen(name) + 2 memcmp(SJPARAM ., desc.s, sizeof(SJPARAM)) == 0 - memcmp(jp-jp_name, desc.s + sizeof(SJPARAM), + memcmp(name, desc.s + sizeof(SJPARAM), desclen - sizeof(SJPARAM) - 2) == 0
svn commit: r235839 - in stable/9: lib/libc/sys usr.sbin/jail
Author: jamie Date: Wed May 23 15:29:34 2012 New Revision: 235839 URL: http://svn.freebsd.org/changeset/base/235839 Log: MFC r234712, r234744, r234934, r234988, r235294, r235335, and bits of r235337 and r235355: A new jail(8) with a configuration file, ultimately to replace the work currently done by /etc/rc.d/jail. Added: stable/9/usr.sbin/jail/command.c - copied, changed from r234712, head/usr.sbin/jail/command.c stable/9/usr.sbin/jail/config.c - copied, changed from r234712, head/usr.sbin/jail/config.c stable/9/usr.sbin/jail/jail.conf.5 - copied, changed from r234712, head/usr.sbin/jail/jail.conf.5 stable/9/usr.sbin/jail/jaillex.l - copied, changed from r234712, head/usr.sbin/jail/jaillex.l stable/9/usr.sbin/jail/jailp.h - copied, changed from r234712, head/usr.sbin/jail/jailp.h stable/9/usr.sbin/jail/jailparse.y - copied unchanged from r234712, head/usr.sbin/jail/jailparse.y stable/9/usr.sbin/jail/state.c - copied unchanged from r234712, head/usr.sbin/jail/state.c Modified: stable/9/lib/libc/sys/jail.2 stable/9/usr.sbin/jail/Makefile stable/9/usr.sbin/jail/jail.8 stable/9/usr.sbin/jail/jail.c Directory Properties: stable/9/lib/libc/ (props changed) stable/9/lib/libc/sys/ (props changed) stable/9/usr.sbin/jail/ (props changed) Modified: stable/9/lib/libc/sys/jail.2 == --- stable/9/lib/libc/sys/jail.2Wed May 23 15:10:41 2012 (r235838) +++ stable/9/lib/libc/sys/jail.2Wed May 23 15:29:34 2012 (r235839) @@ -59,7 +59,7 @@ system call sets up a jail and locks the The argument is a pointer to a structure describing the prison: .Bd -literal -offset indent struct jail { - u_int32_t version; + uint32_tversion; char*path; char*hostname; char*jailname; @@ -247,44 +247,6 @@ They return \-1 on failure, and set to indicate the error. .Pp .Rv -std jail_attach jail_remove -.Sh PRISON? -Once a process has been put in a prison, it and its descendants cannot escape -the prison. -.Pp -Inside the prison, the concept of -.Dq superuser -is very diluted. -In general, -it can be assumed that nothing can be mangled from inside a prison which -does not exist entirely inside that prison. -For instance the directory -tree below -.Dq Li path -can be manipulated all the ways a root can normally do it, including -.Dq Li rm -rf /* -but new device special nodes cannot be created because they reference -shared resources (the device drivers in the kernel). -The effective -.Dq securelevel -for a process is the greater of the global -.Dq securelevel -or, if present, the per-jail -.Dq securelevel . -.Pp -All IP activity will be forced to happen to/from the IP number specified, -which should be an alias on one of the network interfaces. -All connections to/from the loopback address -.Pf ( Li 127.0.0.1 -for IPv4, -.Li ::1 -for IPv6) will be changed to be to/from the primary address -of the jail for the given address family. -.Pp -It is possible to identify a process as jailed by examining -.Dq Li /proc/pid/status : -it will show a field near the end of the line, either as -a single hyphen for a process at large, or the name currently -set for the prison for jailed processes. .Sh ERRORS The .Fn jail @@ -334,7 +296,7 @@ flag is not set. The jail referred to by a .Va jid is not accessible by the process, because the process is in a different -jail. +jail. .It Bq Er EEXIST The jail referred to by a .Va jid @@ -382,7 +344,7 @@ parameter does not exist. The jail referred to by a .Va jid is not accessible by the process, because the process is in a different -jail. +jail. .It Bq Er ENOENT The .Va lastjid @@ -415,7 +377,7 @@ and .Fn jail_attach call .Xr chroot 2 -internally, so it can fail for all the same reasons. +internally, so they can fail for all the same reasons. Please consult the .Xr chroot 2 manual page for details. Modified: stable/9/usr.sbin/jail/Makefile == --- stable/9/usr.sbin/jail/Makefile Wed May 23 15:10:41 2012 (r235838) +++ stable/9/usr.sbin/jail/Makefile Wed May 23 15:29:34 2012 (r235839) @@ -3,9 +3,14 @@ .include bsd.own.mk PROG= jail -MAN= jail.8 -DPADD= ${LIBJAIL} ${LIBUTIL} -LDADD= -ljail -lutil +MAN= jail.8 jail.conf.5 +SRCS= jail.c command.c config.c state.c jailp.h jaillex.l jailparse.y y.tab.h + +DPADD= ${LIBJAIL} ${LIBKVM} ${LIBUTIL} ${LIBL} +LDADD= -ljail -lkvm -lutil -ll + +YFLAGS+=-v +CFLAGS+=-I. -I${.CURDIR} .if ${MK_INET6_SUPPORT} != no CFLAGS+= -DINET6 @@ -14,4 +19,6 @@ CFLAGS+= -DINET6 CFLAGS+= -DINET .endif +CLEANFILES= y.output + .include bsd.prog.mk Copied and modified: stable/9/usr.sbin/jail/command.c (from r234712, head/usr.sbin/jail/command.c)
svn commit: r235840 - head/usr.sbin/jail
Author: jamie Date: Wed May 23 15:30:13 2012 New Revision: 235840 URL: http://svn.freebsd.org/changeset/base/235840 Log: Note that the new jail(8) will be appearing in 9.1. Modified: head/usr.sbin/jail/jail.8 head/usr.sbin/jail/jail.conf.5 Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Wed May 23 15:29:34 2012(r235839) +++ head/usr.sbin/jail/jail.8 Wed May 23 15:30:13 2012(r235840) @@ -25,7 +25,7 @@ .\ .\ $FreeBSD$ .\ -.Dd April 26, 2012 +.Dd May 23, 2012 .Dt JAIL 8 .Os .Sh NAME @@ -1183,7 +1183,7 @@ utility appeared in Hierarchical/extensible jails were introduced in .Fx 8.0 . The configuration file was introduced in -.Fx 10.0 . +.Fx 9.1 . .Sh AUTHORS .An -nosplit The jail feature was written by Modified: head/usr.sbin/jail/jail.conf.5 == --- head/usr.sbin/jail/jail.conf.5 Wed May 23 15:29:34 2012 (r235839) +++ head/usr.sbin/jail/jail.conf.5 Wed May 23 15:30:13 2012 (r235840) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd April 26, 2012 +.Dd May 23, 2012 .Dt JAIL.CONF 5 .Os .Sh NAME @@ -217,7 +217,7 @@ utility appeared in The .Nm file was added in -.Fx 10.0 . +.Fx 9.1 . .Sh AUTHORS .An -nosplit The jail feature was written by ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r235841 - stable/8/usr.sbin/jls
Author: jamie Date: Wed May 23 15:47:07 2012 New Revision: 235841 URL: http://svn.freebsd.org/changeset/base/235841 Log: MFC r222465, r223224, r224841, r232613: Check for IPv4 or IPv6 to be available by the kernel to not provoke errors trying to query options not available. Make it possible to compile out INET or INET6 only parts. PR: bin/161957 Modified: stable/8/usr.sbin/jls/Makefile stable/8/usr.sbin/jls/jls.c Directory Properties: stable/8/usr.sbin/jls/ (props changed) Modified: stable/8/usr.sbin/jls/Makefile == --- stable/8/usr.sbin/jls/Makefile Wed May 23 15:30:13 2012 (r235840) +++ stable/8/usr.sbin/jls/Makefile Wed May 23 15:47:07 2012 (r235841) @@ -1,5 +1,7 @@ # $FreeBSD$ +.include bsd.own.mk + PROG= jls MAN= jls.8 DPADD= ${LIBJAIL} @@ -7,4 +9,11 @@ LDADD= -ljail WARNS?=6 +.if ${MK_INET6_SUPPORT} != no +CFLAGS+= -DINET6 +.endif +.if ${MK_INET_SUPPORT} != no +CFLAGS+= -DINET +.endif + .include bsd.prog.mk Modified: stable/8/usr.sbin/jls/jls.c == --- stable/8/usr.sbin/jls/jls.c Wed May 23 15:30:13 2012(r235840) +++ stable/8/usr.sbin/jls/jls.c Wed May 23 15:47:07 2012(r235841) @@ -59,6 +59,12 @@ __FBSDID($FreeBSD$); static struct jailparam *params; static int *param_parent; static int nparams; +#ifdef INET6 +static int ip6_ok; +#endif +#ifdef INET +static int ip4_ok; +#endif static int add_param(const char *name, void *value, size_t valuelen, struct jailparam *source, unsigned flags); @@ -112,6 +118,13 @@ main(int argc, char **argv) errx(1, usage: jls [-dhnqv] [-j jail] [param ...]); } +#ifdef INET6 + ip6_ok = feature_present(inet6); +#endif +#ifdef INET + ip4_ok = feature_present(inet); +#endif + /* Add the parameters to print. */ if (optind == argc) { if (pflags (PRINT_HEADER | PRINT_NAMEVAL)) @@ -124,13 +137,24 @@ main(int argc, char **argv) add_param(name, NULL, (size_t)0, NULL, JP_USER); add_param(dying, NULL, (size_t)0, NULL, JP_USER); add_param(cpuset.id, NULL, (size_t)0, NULL, JP_USER); - add_param(ip4.addr, NULL, (size_t)0, NULL, JP_USER); - add_param(ip6.addr, NULL, (size_t)0, NULL, - JP_USER | JP_OPT); +#ifdef INET + if (ip4_ok) + add_param(ip4.addr, NULL, (size_t)0, NULL, + JP_USER); +#endif +#ifdef INET6 + if (ip6_ok) + add_param(ip6.addr, NULL, (size_t)0, NULL, + JP_USER | JP_OPT); +#endif } else { pflags |= PRINT_DEFAULT; add_param(jid, NULL, (size_t)0, NULL, JP_USER); - add_param(ip4.addr, NULL, (size_t)0, NULL, JP_USER); +#ifdef INET + if (ip4_ok) + add_param(ip4.addr, NULL, (size_t)0, NULL, + JP_USER); +#endif add_param(host.hostname, NULL, (size_t)0, NULL, JP_USER); add_param(path, NULL, (size_t)0, NULL, JP_USER); @@ -327,7 +351,7 @@ print_jail(int pflags, int jflags) { char *nname; char **param_values; - int i, ai, jid, count, spc; + int i, ai, jid, count, n, spc; char ipbuf[INET6_ADDRSTRLEN]; jid = jailparam_get(params, nparams, jflags); @@ -345,31 +369,47 @@ print_jail(int pflags, int jflags) *(int *)params[4].jp_value ? DYING : ACTIVE, , *(int *)params[5].jp_value); - count = params[6].jp_valuelen / sizeof(struct in_addr); - for (ai = 0; ai count; ai++) - if (inet_ntop(AF_INET, - ((struct in_addr *)params[6].jp_value)[ai], - ipbuf, sizeof(ipbuf)) == NULL) - err(1, inet_ntop); - else - printf(%6s %-15.15s\n, , ipbuf); - if (!strcmp(params[7].jp_name, ip6.addr)) { - count = params[7].jp_valuelen / sizeof(struct in6_addr); + n = 6; +#ifdef INET + if (ip4_ok !strcmp(params[n].jp_name, ip4.addr)) { + count = params[n].jp_valuelen / sizeof(struct in_addr); + for (ai = 0; ai count; ai++) + if (inet_ntop(AF_INET, + ((struct in_addr *)params[n].jp_value)[ai], + ipbuf, sizeof(ipbuf))
svn commit: r235949 - head/usr.sbin/jail
Author: jamie Date: Fri May 25 00:38:06 2012 New Revision: 235949 URL: http://svn.freebsd.org/changeset/base/235949 Log: Don't try to set a null TERM environment. Submitted by: Mateusz Guzik mjguzik gmail.com Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cFri May 25 00:18:19 2012 (r235948) +++ head/usr.sbin/jail/command.cFri May 25 00:38:06 2012 (r235949) @@ -584,7 +584,8 @@ run_command(struct cfjail *j) term = getenv(TERM); environ = cleanenv; setenv(PATH, /bin:/usr/bin, 0); - setenv(TERM, term, 1); + if (term != NULL) + setenv(TERM, term, 1); } if (setusercontext(lcap, pwd, pwd-pw_uid, username ? LOGIN_SETALL ~LOGIN_SETGROUP ~LOGIN_SETLOGIN ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r242464 - stable/8/sys/kern
Author: jamie Date: Fri Nov 2 01:32:22 2012 New Revision: 242464 URL: http://svn.freebsd.org/changeset/base/242464 Log: MFC r225191: Delay the recursive decrement of pr_uref when jails are made invisible but not removed; decrement it instead when the child jail actually goes away. This avoids letting the counter go below zero in the case where dying (pr_uref==0) jails are resurrected, and an associated KASSERT panic. PR: kern/173120 Submitted by: Steven Hartland Modified: stable/8/sys/kern/kern_jail.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/kern/ (props changed) Modified: stable/8/sys/kern/kern_jail.c == --- stable/8/sys/kern/kern_jail.c Fri Nov 2 01:20:55 2012 (r242463) +++ stable/8/sys/kern/kern_jail.c Fri Nov 2 01:32:22 2012 (r242464) @@ -2454,32 +2454,11 @@ prison_deref(struct prison *pr, int flag if (!(flags PD_LOCKED)) mtx_lock(pr-pr_mtx); - /* Decrement the user references in a separate loop. */ - if (flags PD_DEUREF) { - for (tpr = pr;; tpr = tpr-pr_parent) { - if (tpr != pr) - mtx_lock(tpr-pr_mtx); - if (--tpr-pr_uref 0) - break; - KASSERT(tpr != prison0, (prison0 pr_uref=0)); - mtx_unlock(tpr-pr_mtx); - } - /* Done if there were only user references to remove. */ - if (!(flags PD_DEREF)) { - mtx_unlock(tpr-pr_mtx); - if (flags PD_LIST_SLOCKED) - sx_sunlock(allprison_lock); - else if (flags PD_LIST_XLOCKED) - sx_xunlock(allprison_lock); - return; - } - if (tpr != pr) { - mtx_unlock(tpr-pr_mtx); - mtx_lock(pr-pr_mtx); - } - } - for (;;) { + if (flags PD_DEUREF) { + pr-pr_uref--; + KASSERT(prison0.pr_uref != 0, (prison0 pr_uref=0)); + } if (flags PD_DEREF) pr-pr_ref--; /* If the prison still has references, nothing else to do. */ @@ -2532,7 +2511,7 @@ prison_deref(struct prison *pr, int flag /* Removing a prison frees a reference on its parent. */ pr = ppr; mtx_lock(pr-pr_mtx); - flags = PD_DEREF; + flags = PD_DEREF | PD_DEUREF; } } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r250968 - head/share/man/man8
Author: jamie Date: Fri May 24 14:57:38 2013 New Revision: 250968 URL: http://svnweb.freebsd.org/changeset/base/250968 Log: Mention the nojailvnet keyword. MFC after:3 days Modified: head/share/man/man8/rc.8 Modified: head/share/man/man8/rc.8 == --- head/share/man/man8/rc.8Fri May 24 11:27:06 2013(r250967) +++ head/share/man/man8/rc.8Fri May 24 14:57:38 2013(r250968) @@ -124,7 +124,9 @@ Load the configuration files. Determine if booting in a jail, and add .Dq Li nojail -to the list of KEYWORDS to skip in +(no jails allowed) or +.Dq Li nojailvnet +(only allow vnet-enabled jails) to the list of KEYWORDS to skip in .Xr rcorder 8 . .It Invoke ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r251021 - stable/9/share/man/man8
Author: jamie Date: Mon May 27 03:09:26 2013 New Revision: 251021 URL: http://svnweb.freebsd.org/changeset/base/251021 Log: MFC r250968: Mention the nojailvnet keyword. Modified: stable/9/share/man/man8/rc.8 Directory Properties: stable/9/share/man/man8/ (props changed) Modified: stable/9/share/man/man8/rc.8 == --- stable/9/share/man/man8/rc.8Mon May 27 00:26:29 2013 (r251020) +++ stable/9/share/man/man8/rc.8Mon May 27 03:09:26 2013 (r251021) @@ -124,7 +124,9 @@ Load the configuration files. Determine if booting in a jail, and add .Dq Li nojail -to the list of KEYWORDS to skip in +(no jails allowed) or +.Dq Li nojailvnet +(only allow vnet-enabled jails) to the list of KEYWORDS to skip in .Xr rcorder 8 . .It Invoke ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r246804 - head/usr.sbin/jail
Author: jamie Date: Thu Feb 14 19:27:52 2013 New Revision: 246804 URL: http://svnweb.freebsd.org/changeset/base/246804 Log: Handle (ignore) when a process disappears before it can be tracked. Modified: head/usr.sbin/jail/command.c Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cThu Feb 14 19:26:58 2013 (r246803) +++ head/usr.sbin/jail/command.cThu Feb 14 19:27:52 2013 (r246804) @@ -66,7 +66,7 @@ int paralimit = -1; extern char **environ; static int run_command(struct cfjail *j); -static void add_proc(struct cfjail *j, pid_t pid); +static int add_proc(struct cfjail *j, pid_t pid); static void clear_procs(struct cfjail *j); static struct cfjail *find_proc(pid_t pid); static int term_procs(struct cfjail *j); @@ -542,13 +542,12 @@ run_command(struct cfjail *j) if (pid 0) err(1, fork); if (pid 0) { - if (bg) { + if (bg || !add_proc(j, pid)) { free(j-comline); j-comline = NULL; return 0; } else { paralimit--; - add_proc(j, pid); return 1; } } @@ -622,7 +621,7 @@ run_command(struct cfjail *j) /* * Add a process to the hash, tied to a jail. */ -static void +static int add_proc(struct cfjail *j, pid_t pid) { struct kevent ke; @@ -632,8 +631,11 @@ add_proc(struct cfjail *j, pid_t pid) if (!kq (kq = kqueue()) 0) err(1, kqueue); EV_SET(ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); - if (kevent(kq, ke, 1, NULL, 0, NULL) 0) + if (kevent(kq, ke, 1, NULL, 0, NULL) 0) { + if (errno == ESRCH) + return 0; err(1, kevent); + } ph = emalloc(sizeof(struct phash)); ph-j = j; ph-pid = pid; @@ -658,6 +660,7 @@ add_proc(struct cfjail *j, pid_t pid) TAILQ_INSERT_TAIL(sleeping, j, tq); j-queue = sleeping; } + return 1; } /* @@ -730,7 +733,7 @@ term_procs(struct cfjail *j) for (i = 0; i pcnt; i++) if (ki[i].ki_jid == j-jid kill(ki[i].ki_pid, SIGTERM) == 0) { - add_proc(j, ki[i].ki_pid); + (void)add_proc(j, ki[i].ki_pid); if (verbose 0) { if (!noted) { noted = 1; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r247019 - stable/9/usr.sbin/jail
Author: jamie Date: Wed Feb 20 04:14:31 2013 New Revision: 247019 URL: http://svnweb.freebsd.org/changeset/base/247019 Log: MFC r246804: Handle (ignore) when a process disappears before it can be tracked. Modified: stable/9/usr.sbin/jail/command.c Directory Properties: stable/9/usr.sbin/jail/ (props changed) Modified: stable/9/usr.sbin/jail/command.c == --- stable/9/usr.sbin/jail/command.cWed Feb 20 03:59:45 2013 (r247018) +++ stable/9/usr.sbin/jail/command.cWed Feb 20 04:14:31 2013 (r247019) @@ -66,7 +66,7 @@ int paralimit = -1; extern char **environ; static int run_command(struct cfjail *j); -static void add_proc(struct cfjail *j, pid_t pid); +static int add_proc(struct cfjail *j, pid_t pid); static void clear_procs(struct cfjail *j); static struct cfjail *find_proc(pid_t pid); static int term_procs(struct cfjail *j); @@ -542,13 +542,12 @@ run_command(struct cfjail *j) if (pid 0) err(1, fork); if (pid 0) { - if (bg) { + if (bg || !add_proc(j, pid)) { free(j-comline); j-comline = NULL; return 0; } else { paralimit--; - add_proc(j, pid); return 1; } } @@ -622,7 +621,7 @@ run_command(struct cfjail *j) /* * Add a process to the hash, tied to a jail. */ -static void +static int add_proc(struct cfjail *j, pid_t pid) { struct kevent ke; @@ -632,8 +631,11 @@ add_proc(struct cfjail *j, pid_t pid) if (!kq (kq = kqueue()) 0) err(1, kqueue); EV_SET(ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); - if (kevent(kq, ke, 1, NULL, 0, NULL) 0) + if (kevent(kq, ke, 1, NULL, 0, NULL) 0) { + if (errno == ESRCH) + return 0; err(1, kevent); + } ph = emalloc(sizeof(struct phash)); ph-j = j; ph-pid = pid; @@ -658,6 +660,7 @@ add_proc(struct cfjail *j, pid_t pid) TAILQ_INSERT_TAIL(sleeping, j, tq); j-queue = sleeping; } + return 1; } /* @@ -730,7 +733,7 @@ term_procs(struct cfjail *j) for (i = 0; i pcnt; i++) if (ki[i].ki_jid == j-jid kill(ki[i].ki_pid, SIGTERM) == 0) { - add_proc(j, ki[i].ki_pid); + (void)add_proc(j, ki[i].ki_pid); if (verbose 0) { if (!noted) { noted = 1; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r247071 - head/sys/kern
Author: jamie Date: Thu Feb 21 02:41:37 2013 New Revision: 247071 URL: http://svnweb.freebsd.org/changeset/base/247071 Log: Don't worry if a module is already loaded when looking for a fstype to mount (possible in a race condition). Reviewed by: kib MFC after:1 week Modified: head/sys/kern/vfs_init.c Modified: head/sys/kern/vfs_init.c == --- head/sys/kern/vfs_init.cThu Feb 21 02:40:20 2013(r247070) +++ head/sys/kern/vfs_init.cThu Feb 21 02:41:37 2013(r247071) @@ -122,7 +122,7 @@ struct vfsconf * vfs_byname_kld(const char *fstype, struct thread *td, int *error) { struct vfsconf *vfsp; - int fileid; + int fileid, loaded; vfsp = vfs_byname(fstype); if (vfsp != NULL) @@ -130,13 +130,17 @@ vfs_byname_kld(const char *fstype, struc /* Try to load the respective module. */ *error = kern_kldload(td, fstype, fileid); + loaded = (*error == 0); + if (*error == EEXIST) + *error = 0; if (*error) return (NULL); /* Look up again to see if the VFS was loaded. */ vfsp = vfs_byname(fstype); if (vfsp == NULL) { - (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE); + if (loaded) + (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE); *error = ENODEV; return (NULL); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r247486 - stable/9/sys/kern
Author: jamie Date: Thu Feb 28 18:46:56 2013 New Revision: 247486 URL: http://svnweb.freebsd.org/changeset/base/247486 Log: MFC r247071: Don't worry if a module is already loaded when looking for a fstype to mount (possible in a race condition). Reviewed by: kib Modified: stable/9/sys/kern/vfs_init.c Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/kern/vfs_init.c == --- stable/9/sys/kern/vfs_init.cThu Feb 28 18:43:50 2013 (r247485) +++ stable/9/sys/kern/vfs_init.cThu Feb 28 18:46:56 2013 (r247486) @@ -122,7 +122,7 @@ struct vfsconf * vfs_byname_kld(const char *fstype, struct thread *td, int *error) { struct vfsconf *vfsp; - int fileid; + int fileid, loaded; vfsp = vfs_byname(fstype); if (vfsp != NULL) @@ -130,13 +130,17 @@ vfs_byname_kld(const char *fstype, struc /* Try to load the respective module. */ *error = kern_kldload(td, fstype, fileid); + loaded = (*error == 0); + if (*error == EEXIST) + *error = 0; if (*error) return (NULL); /* Look up again to see if the VFS was loaded. */ vfsp = vfs_byname(fstype); if (vfsp == NULL) { - (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE); + if (loaded) + (void)kern_kldunload(td, fileid, LINKER_UNLOAD_FORCE); *error = ENODEV; return (NULL); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r248854 - head/usr.sbin/jail
Author: jamie Date: Thu Mar 28 21:02:49 2013 New Revision: 248854 URL: http://svnweb.freebsd.org/changeset/base/248854 Log: Reverse the order of some implicit commands (FS mounts and ifconfigs) when stopping jails. This matters particularly for nested filesystem mounts. PR: kern/177325 Submitted by: Harald Schmalzbauer MFC after:3 days Modified: head/usr.sbin/jail/command.c head/usr.sbin/jail/config.c head/usr.sbin/jail/jailp.h Modified: head/usr.sbin/jail/command.c == --- head/usr.sbin/jail/command.cThu Mar 28 20:48:58 2013 (r248853) +++ head/usr.sbin/jail/command.cThu Mar 28 21:02:49 2013 (r248854) @@ -88,13 +88,14 @@ int next_command(struct cfjail *j) { enum intparam comparam; - int create_failed; + int create_failed, stopping; if (paralimit == 0) { requeue(j, runnable); return 1; } create_failed = (j-flags (JF_STOP | JF_FAILED)) == JF_FAILED; + stopping = (j-flags JF_STOP) != 0; comparam = *j-comparam; for (;;) { if (j-comstring == NULL) { @@ -113,14 +114,16 @@ next_command(struct cfjail *j) default: if (j-intparams[comparam] == NULL) continue; - j-comstring = create_failed + j-comstring = create_failed || (stopping + (j-intparams[comparam]-flags PF_REV)) ? TAILQ_LAST(j-intparams[comparam]-val, cfstrings) : TAILQ_FIRST(j-intparams[comparam]-val); } } else { j-comstring = j-comstring == dummystring ? NULL : - create_failed + create_failed || (stopping + (j-intparams[comparam]-flags PF_REV)) ? TAILQ_PREV(j-comstring, cfstrings, tq) : TAILQ_NEXT(j-comstring, tq); } Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Mar 28 20:48:58 2013(r248853) +++ head/usr.sbin/jail/config.c Thu Mar 28 21:02:49 2013(r248854) @@ -81,18 +81,18 @@ static const struct ipspec intparams[] = [IP_INTERFACE] = {interface, PF_INTERNAL}, [IP_IP_HOSTNAME] = {ip_hostname, PF_INTERNAL | PF_BOOL}, #endif -[IP_MOUNT] = {mount, PF_INTERNAL}, +[IP_MOUNT] = {mount, PF_INTERNAL | PF_REV}, [IP_MOUNT_DEVFS] = {mount.devfs, PF_INTERNAL | PF_BOOL}, [IP_MOUNT_FSTAB] = {mount.fstab, PF_INTERNAL}, [IP_STOP_TIMEOUT] ={stop.timeout,PF_INTERNAL | PF_INT}, [IP_VNET_INTERFACE] = {vnet.interface, PF_INTERNAL}, #ifdef INET -[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV}, +[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV | PF_REV}, #endif #ifdef INET6 -[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV}, +[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV | PF_REV}, #endif -[IP__MOUNT_FROM_FSTAB] = {mount.fstab, PF_INTERNAL | PF_CONV}, +[IP__MOUNT_FROM_FSTAB] = {mount.fstab, PF_INTERNAL | PF_CONV | PF_REV}, [IP__OP] = {NULL, PF_CONV}, [KP_ALLOW_CHFLAGS] = {allow.chflags, 0}, [KP_ALLOW_MOUNT] = {allow.mount, 0}, Modified: head/usr.sbin/jail/jailp.h == --- head/usr.sbin/jail/jailp.h Thu Mar 28 20:48:58 2013(r248853) +++ head/usr.sbin/jail/jailp.h Thu Mar 28 21:02:49 2013(r248854) @@ -50,6 +50,7 @@ #define PF_BOOL0x10/* Boolean parameter */ #define PF_INT 0x20/* Integer parameter */ #define PF_CONV0x40/* Parameter duplicated in converted form */ +#define PF_REV 0x80/* Run commands in reverse order on stopping */ #define JF_START 0x0001 /* -c */ #define JF_SET 0x0002 /* -m */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r248939 - stable/9/usr.sbin/jail
Author: jamie Date: Sun Mar 31 04:10:37 2013 New Revision: 248939 URL: http://svnweb.freebsd.org/changeset/base/248939 Log: MFC r248854: Reverse the order of some implicit commands (FS mounts and ifconfigs) when stopping jails. This matters particularly for nested filesystem mounts. PR: kern/177325 Submitted by: Harald Schmalzbauer Modified: stable/9/usr.sbin/jail/command.c stable/9/usr.sbin/jail/config.c stable/9/usr.sbin/jail/jailp.h Directory Properties: stable/9/usr.sbin/jail/ (props changed) Modified: stable/9/usr.sbin/jail/command.c == --- stable/9/usr.sbin/jail/command.cSun Mar 31 03:56:48 2013 (r248938) +++ stable/9/usr.sbin/jail/command.cSun Mar 31 04:10:37 2013 (r248939) @@ -88,13 +88,14 @@ int next_command(struct cfjail *j) { enum intparam comparam; - int create_failed; + int create_failed, stopping; if (paralimit == 0) { requeue(j, runnable); return 1; } create_failed = (j-flags (JF_STOP | JF_FAILED)) == JF_FAILED; + stopping = (j-flags JF_STOP) != 0; comparam = *j-comparam; for (;;) { if (j-comstring == NULL) { @@ -113,14 +114,16 @@ next_command(struct cfjail *j) default: if (j-intparams[comparam] == NULL) continue; - j-comstring = create_failed + j-comstring = create_failed || (stopping + (j-intparams[comparam]-flags PF_REV)) ? TAILQ_LAST(j-intparams[comparam]-val, cfstrings) : TAILQ_FIRST(j-intparams[comparam]-val); } } else { j-comstring = j-comstring == dummystring ? NULL : - create_failed + create_failed || (stopping + (j-intparams[comparam]-flags PF_REV)) ? TAILQ_PREV(j-comstring, cfstrings, tq) : TAILQ_NEXT(j-comstring, tq); } Modified: stable/9/usr.sbin/jail/config.c == --- stable/9/usr.sbin/jail/config.c Sun Mar 31 03:56:48 2013 (r248938) +++ stable/9/usr.sbin/jail/config.c Sun Mar 31 04:10:37 2013 (r248939) @@ -79,18 +79,18 @@ static const struct ipspec intparams[] = [IP_INTERFACE] = {interface, PF_INTERNAL}, [IP_IP_HOSTNAME] = {ip_hostname, PF_INTERNAL | PF_BOOL}, #endif -[IP_MOUNT] = {mount, PF_INTERNAL}, +[IP_MOUNT] = {mount, PF_INTERNAL | PF_REV}, [IP_MOUNT_DEVFS] = {mount.devfs, PF_INTERNAL | PF_BOOL}, [IP_MOUNT_FSTAB] = {mount.fstab, PF_INTERNAL}, [IP_STOP_TIMEOUT] ={stop.timeout,PF_INTERNAL | PF_INT}, [IP_VNET_INTERFACE] = {vnet.interface, PF_INTERNAL}, #ifdef INET -[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV}, +[IP__IP4_IFADDR] = {ip4.addr,PF_INTERNAL | PF_CONV | PF_REV}, #endif #ifdef INET6 -[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV}, +[IP__IP6_IFADDR] = {ip6.addr,PF_INTERNAL | PF_CONV | PF_REV}, #endif -[IP__MOUNT_FROM_FSTAB] = {mount.fstab, PF_INTERNAL | PF_CONV}, +[IP__MOUNT_FROM_FSTAB] = {mount.fstab, PF_INTERNAL | PF_CONV | PF_REV}, [IP__OP] = {NULL, PF_CONV}, [KP_ALLOW_CHFLAGS] = {allow.chflags, 0}, [KP_ALLOW_MOUNT] = {allow.mount, 0}, Modified: stable/9/usr.sbin/jail/jailp.h == --- stable/9/usr.sbin/jail/jailp.h Sun Mar 31 03:56:48 2013 (r248938) +++ stable/9/usr.sbin/jail/jailp.h Sun Mar 31 04:10:37 2013 (r248939) @@ -50,6 +50,7 @@ #define PF_BOOL0x10/* Boolean parameter */ #define PF_INT 0x20/* Integer parameter */ #define PF_CONV0x40/* Parameter duplicated in converted form */ +#define PF_REV 0x80/* Run commands in reverse order on stopping */ #define JF_START 0x0001 /* -c */ #define JF_SET 0x0002 /* -m */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r250804 - in head: etc etc/rc.d sys/kern
Author: jamie Date: Sun May 19 04:10:34 2013 New Revision: 250804 URL: http://svnweb.freebsd.org/changeset/base/250804 Log: Refine the nojail rc keyword, adding nojailvnet for files that don't apply to most jails but do apply to vnet jails. This includes adding a new sysctl security.jail.vnet to identify vnet jails. PR: conf/149050 Submitted by: mdodd MFC after:3 days Modified: head/etc/rc head/etc/rc.d/ipfw head/etc/rc.d/netif head/etc/rc.d/routing head/etc/rc.shutdown head/sys/kern/kern_jail.c Modified: head/etc/rc == --- head/etc/rc Sun May 19 03:04:34 2013(r250803) +++ head/etc/rc Sun May 19 04:10:34 2013(r250804) @@ -77,6 +77,9 @@ if [ `/sbin/sysctl -n security.jail.jail if [ $early_late_divider = FILESYSTEMS ]; then early_late_divider=NETWORKING fi + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + skip=$skip -s nojailvnet + fi fi # Do a first pass to get everything up to $early_late_divider so that Modified: head/etc/rc.d/ipfw == --- head/etc/rc.d/ipfw Sun May 19 03:04:34 2013(r250803) +++ head/etc/rc.d/ipfw Sun May 19 04:10:34 2013(r250804) @@ -5,7 +5,7 @@ # PROVIDE: ipfw # REQUIRE: ppp -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: head/etc/rc.d/netif == --- head/etc/rc.d/netif Sun May 19 03:04:34 2013(r250803) +++ head/etc/rc.d/netif Sun May 19 04:10:34 2013(r250804) @@ -28,7 +28,7 @@ # PROVIDE: netif # REQUIRE: atm1 FILESYSTEMS serial sppp sysctl # REQUIRE: ipfilter ipfs -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: head/etc/rc.d/routing == --- head/etc/rc.d/routing Sun May 19 03:04:34 2013(r250803) +++ head/etc/rc.d/routing Sun May 19 04:10:34 2013(r250804) @@ -7,7 +7,7 @@ # PROVIDE: routing # REQUIRE: faith netif ppp stf -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: head/etc/rc.shutdown == --- head/etc/rc.shutdownSun May 19 03:04:34 2013(r250803) +++ head/etc/rc.shutdownSun May 19 04:10:34 2013(r250804) @@ -81,7 +81,12 @@ fi # and perform the operation # rcorder_opts=-k shutdown -[ `/sbin/sysctl -n security.jail.jailed` -eq 1 ] rcorder_opts=$rcorder_opts -s nojail +if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then + rcorder_opts=$rcorder_opts -s nojail + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + rcorder_opts=$rcorder_opts -s nojailvnet + fi +fi case ${local_startup} in [Nn][Oo] | '') ;; Modified: head/sys/kern/kern_jail.c == --- head/sys/kern/kern_jail.c Sun May 19 03:04:34 2013(r250803) +++ head/sys/kern/kern_jail.c Sun May 19 04:10:34 2013(r250804) @@ -4132,6 +4132,26 @@ SYSCTL_PROC(_security_jail, OID_AUTO, ja CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, sysctl_jail_jailed, I, Process in jail?); +static int +sysctl_jail_vnet(SYSCTL_HANDLER_ARGS) +{ + int error, havevnet; +#ifdef VIMAGE + struct ucred *cred = req-td-td_ucred; + + havevnet = jailed(cred) prison_owns_vnet(cred); +#else + havevnet = 0; +#endif + error = SYSCTL_OUT(req, havevnet, sizeof(havevnet)); + + return (error); +} + +SYSCTL_PROC(_security_jail, OID_AUTO, vnet, +CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, +sysctl_jail_vnet, I, Jail owns VNET?); + #if defined(INET) || defined(INET6) SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, jail_max_af_ips, 0, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r250915 - in stable/9: etc etc/rc.d sys/kern
Author: jamie Date: Wed May 22 18:26:12 2013 New Revision: 250915 URL: http://svnweb.freebsd.org/changeset/base/250915 Log: MFC r250804: Refine the nojail rc keyword, adding nojailvnet for files that don't apply to most jails but do apply to vnet jails. This includes adding a new sysctl security.jail.vnet to identify vnet jails. PR: conf/149050 Submitted by: mdodd Modified: stable/9/etc/rc stable/9/etc/rc.d/ipfw stable/9/etc/rc.d/netif stable/9/etc/rc.d/routing stable/9/etc/rc.shutdown stable/9/sys/kern/kern_jail.c Directory Properties: stable/9/etc/ (props changed) stable/9/etc/rc.d/ (props changed) stable/9/sys/ (props changed) Modified: stable/9/etc/rc == --- stable/9/etc/rc Wed May 22 17:47:45 2013(r250914) +++ stable/9/etc/rc Wed May 22 18:26:12 2013(r250915) @@ -77,6 +77,9 @@ if [ `/sbin/sysctl -n security.jail.jail if [ $early_late_divider = FILESYSTEMS ]; then early_late_divider=NETWORKING fi + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + skip=$skip -s nojailvnet + fi fi # Do a first pass to get everything up to $early_late_divider so that Modified: stable/9/etc/rc.d/ipfw == --- stable/9/etc/rc.d/ipfw Wed May 22 17:47:45 2013(r250914) +++ stable/9/etc/rc.d/ipfw Wed May 22 18:26:12 2013(r250915) @@ -5,7 +5,7 @@ # PROVIDE: ipfw # REQUIRE: ppp -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: stable/9/etc/rc.d/netif == --- stable/9/etc/rc.d/netif Wed May 22 17:47:45 2013(r250914) +++ stable/9/etc/rc.d/netif Wed May 22 18:26:12 2013(r250915) @@ -28,7 +28,7 @@ # PROVIDE: netif # REQUIRE: atm1 FILESYSTEMS serial sppp sysctl # REQUIRE: ipfilter ipfs -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: stable/9/etc/rc.d/routing == --- stable/9/etc/rc.d/routing Wed May 22 17:47:45 2013(r250914) +++ stable/9/etc/rc.d/routing Wed May 22 18:26:12 2013(r250915) @@ -7,7 +7,7 @@ # PROVIDE: routing # REQUIRE: faith netif ppp stf -# KEYWORD: nojail +# KEYWORD: nojailvnet . /etc/rc.subr . /etc/network.subr Modified: stable/9/etc/rc.shutdown == --- stable/9/etc/rc.shutdownWed May 22 17:47:45 2013(r250914) +++ stable/9/etc/rc.shutdownWed May 22 18:26:12 2013(r250915) @@ -81,7 +81,12 @@ fi # and perform the operation # rcorder_opts=-k shutdown -[ `/sbin/sysctl -n security.jail.jailed` -eq 1 ] rcorder_opts=$rcorder_opts -s nojail +if [ `/sbin/sysctl -n security.jail.jailed` -eq 1 ]; then + rcorder_opts=$rcorder_opts -s nojail + if [ `/sbin/sysctl -n security.jail.vnet` -ne 1 ]; then + rcorder_opts=$rcorder_opts -s nojailvnet + fi +fi case ${local_startup} in [Nn][Oo] | '') ;; Modified: stable/9/sys/kern/kern_jail.c == --- stable/9/sys/kern/kern_jail.c Wed May 22 17:47:45 2013 (r250914) +++ stable/9/sys/kern/kern_jail.c Wed May 22 18:26:12 2013 (r250915) @@ -4147,6 +4147,26 @@ SYSCTL_PROC(_security_jail, OID_AUTO, ja CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, sysctl_jail_jailed, I, Process in jail?); +static int +sysctl_jail_vnet(SYSCTL_HANDLER_ARGS) +{ + int error, havevnet; +#ifdef VIMAGE + struct ucred *cred = req-td-td_ucred; + + havevnet = jailed(cred) prison_owns_vnet(cred); +#else + havevnet = 0; +#endif + error = SYSCTL_OUT(req, havevnet, sizeof(havevnet)); + + return (error); +} + +SYSCTL_PROC(_security_jail, OID_AUTO, vnet, +CTLTYPE_INT | CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, 0, +sysctl_jail_vnet, I, Jail owns VNET?); + #if defined(INET) || defined(INET6) SYSCTL_UINT(_security_jail, OID_AUTO, jail_max_af_ips, CTLFLAG_RW, jail_max_af_ips, 0, ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r241196 - head/usr.sbin/jail
Author: jamie Date: Thu Oct 4 18:59:46 2012 New Revision: 241196 URL: http://svn.freebsd.org/changeset/base/241196 Log: Move properly to the next parameter when jailparam_init fails (i.e. on an unknown parameter), to avoid freeing bogus pointers. Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Oct 4 15:42:45 2012(r241195) +++ head/usr.sbin/jail/config.c Thu Oct 4 18:59:46 2012(r241196) @@ -690,6 +690,7 @@ import_params(struct cfjail *j) if (jailparam_init(jp, p-name) 0) { error = -1; jail_warnx(j, %s, jail_errmsg); + jp++; continue; } if (TAILQ_EMPTY(p-val)) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r241197 - head/lib/libjail
Author: jamie Date: Thu Oct 4 19:07:05 2012 New Revision: 241197 URL: http://svn.freebsd.org/changeset/base/241197 Log: Fix some memory allocation errors: * jail_setv will leak a parameter name if jailparam_import fails. * jailparam_all loses the jailparam pointer on realloc error (a clear freshman mistake). * If jailparam_init fails, the caller doesn't need to jailparam_free the buffer. That's not really clear, so set things to NULL allowing jailparam_free to work without error (though it's still not required). Modified: head/lib/libjail/jail.c Modified: head/lib/libjail/jail.c == --- head/lib/libjail/jail.c Thu Oct 4 18:59:46 2012(r241196) +++ head/lib/libjail/jail.c Thu Oct 4 19:07:05 2012(r241197) @@ -85,19 +85,22 @@ jail_setv(int flags, ...) (void)va_arg(tap, char *); va_end(tap); jp = alloca(njp * sizeof(struct jailparam)); - for (njp = 0; (name = va_arg(ap, char *)) != NULL; njp++) { + for (njp = 0; (name = va_arg(ap, char *)) != NULL;) { value = va_arg(ap, char *); - if (jailparam_init(jp + njp, name) 0 || - jailparam_import(jp + njp, value) 0) { - jailparam_free(jp, njp); - va_end(ap); - return (-1); - } + if (jailparam_init(jp + njp, name) 0) + goto error; + if (jailparam_import(jp + njp++, value) 0) + goto error; } va_end(ap); jid = jailparam_set(jp, njp, flags); jailparam_free(jp, njp); return (jid); + + error: + jailparam_free(jp, njp); + va_end(ap); + return (-1); } /* @@ -195,7 +198,7 @@ jail_getv(int flags, ...) int jailparam_all(struct jailparam **jpp) { - struct jailparam *jp; + struct jailparam *jp, *tjp; size_t mlen1, mlen2, buflen; int njp, nlist; int mib1[CTL_MAXNAME], mib2[CTL_MAXNAME - 2]; @@ -242,11 +245,10 @@ jailparam_all(struct jailparam **jpp) /* Add the parameter to the list */ if (njp = nlist) { nlist *= 2; - jp = realloc(jp, nlist * sizeof(*jp)); - if (jp == NULL) { - jailparam_free(jp, njp); - return (-1); - } + tjp = realloc(jp, nlist * sizeof(*jp)); + if (tjp == NULL) + goto error; + jp = tjp; } if (jailparam_init(jp + njp, buf + sizeof(SJPARAM)) 0) goto error; @@ -277,6 +279,8 @@ jailparam_init(struct jailparam *jp, con } if (jailparam_type(jp) 0) { jailparam_free(jp, 1); + jp-jp_name = NULL; + jp-jp_value = NULL; return (-1); } return (0); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r239601 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 23 01:43:01 2012 New Revision: 239601 URL: http://svn.freebsd.org/changeset/base/239601 Log: Remember that I'm using length-defined strings in parameters: Remove a bogus null terminator when stripping the netmask from IP addresses. This was causing later addresses in a comma-separated string to disappear. Use memcpy instead of strcpy. This could just cause Bad Things. PR: 170832 MFC after:1 week Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Aug 23 00:39:08 2012(r239600) +++ head/usr.sbin/jail/config.c Thu Aug 23 01:43:01 2012(r239601) @@ -597,8 +597,7 @@ check_intparams(struct cfjail *j) ip4.addr: bad netmask \%s\, cs); error = -1; } - *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -621,8 +620,7 @@ check_intparams(struct cfjail *j) cs); error = -1; } - *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -714,7 +712,7 @@ import_params(struct cfjail *j) value = alloca(vallen); cs = value; TAILQ_FOREACH_SAFE(s, p-val, tq, ts) { - strcpy(cs, s-s); + memcpy(cs, s-s, s-len); if (ts != NULL) { cs += s-len + 1; cs[-1] = ','; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r239602 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 23 01:43:22 2012 New Revision: 239602 URL: http://svn.freebsd.org/changeset/base/239602 Log: Pre-separate IP addresses passed on the command line, so they can be properly parsed for interface prefixes and netmask suffixes. This was already done for the old-style (fixed) command line, but missed for the new-style. MFC after:1 week Modified: head/usr.sbin/jail/jail.c Modified: head/usr.sbin/jail/jail.c == --- head/usr.sbin/jail/jail.c Thu Aug 23 01:43:01 2012(r239601) +++ head/usr.sbin/jail/jail.c Thu Aug 23 01:43:22 2012(r239602) @@ -304,9 +304,33 @@ main(int argc, char **argv) for (i++; i argc; i++) add_param(NULL, NULL, IP_COMMAND, argv[i]); - break; } - add_param(NULL, NULL, 0, argv[i]); +#ifdef INET + else if (!strncmp(argv[i], ip4.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP4_ADDR, cs); + if (!ncs) + break; + } + } +#endif +#ifdef INET6 + else if (!strncmp(argv[i], ip6.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP6_ADDR, cs); + if (!ncs) + break; + } + } +#endif + else + add_param(NULL, NULL, 0, argv[i]); } } else { /* From the config file, perhaps with a specified jail */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r239621 - head/usr.sbin/jail
Author: jamie Date: Thu Aug 23 19:39:23 2012 New Revision: 239621 URL: http://svn.freebsd.org/changeset/base/239621 Log: Partially roll back r239601 - keep parameter strings both length-delimited and null-terminated at the same time, because they're later passed to libjail as null-terminated. That means I also need to add a nul byte when comma-combining array parameters. MFC after:6 days Modified: head/usr.sbin/jail/config.c Modified: head/usr.sbin/jail/config.c == --- head/usr.sbin/jail/config.c Thu Aug 23 19:32:57 2012(r239620) +++ head/usr.sbin/jail/config.c Thu Aug 23 19:39:23 2012(r239621) @@ -597,6 +597,7 @@ check_intparams(struct cfjail *j) ip4.addr: bad netmask \%s\, cs); error = -1; } + *cs = '\0'; s-len = cs - s-s; } } @@ -620,6 +621,7 @@ check_intparams(struct cfjail *j) cs); error = -1; } + *cs = '\0'; s-len = cs - s-s; } } @@ -713,11 +715,10 @@ import_params(struct cfjail *j) cs = value; TAILQ_FOREACH_SAFE(s, p-val, tq, ts) { memcpy(cs, s-s, s-len); - if (ts != NULL) { - cs += s-len + 1; - cs[-1] = ','; - } + cs += s-len + 1; + cs[-1] = ','; } + value[vallen - 1] = '\0'; } if (jailparam_import(jp, value) 0) { error = -1; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r239854 - stable/9/usr.sbin/jail
Author: jamie Date: Wed Aug 29 16:11:03 2012 New Revision: 239854 URL: http://svn.freebsd.org/changeset/base/239854 Log: MFC r239601: Remember that I'm using length-defined strings in parameters: Remove a bogus null terminator when stripping the netmask from IP addresses. This was causing later addresses in a comma-separated string to disappear. Use memcpy instead of strcpy. This could just cause Bad Things. MFC r239602: Pre-separate IP addresses passed on the command line, so they can be properly parsed for interface prefixes and netmask suffixes. This was already done for the old-style (fixed) command line, but missed for the new-style. MFC r239621: Partially roll back r239601 - keep parameter strings both length-delimited and null-terminated at the same time, because they're later passed to libjail as null-terminated. That means I also need to add a nul byte when comma-combining array parameters. PR: 170832 Modified: stable/9/usr.sbin/jail/config.c stable/9/usr.sbin/jail/jail.c Directory Properties: stable/9/usr.sbin/jail/ (props changed) Modified: stable/9/usr.sbin/jail/config.c == --- stable/9/usr.sbin/jail/config.c Wed Aug 29 16:00:26 2012 (r239853) +++ stable/9/usr.sbin/jail/config.c Wed Aug 29 16:11:03 2012 (r239854) @@ -596,7 +596,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -620,7 +620,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -712,12 +712,11 @@ import_params(struct cfjail *j) value = alloca(vallen); cs = value; TAILQ_FOREACH_SAFE(s, p-val, tq, ts) { - strcpy(cs, s-s); - if (ts != NULL) { - cs += s-len + 1; - cs[-1] = ','; - } + memcpy(cs, s-s, s-len); + cs += s-len + 1; + cs[-1] = ','; } + value[vallen - 1] = '\0'; } if (jailparam_import(jp, value) 0) { error = -1; Modified: stable/9/usr.sbin/jail/jail.c == --- stable/9/usr.sbin/jail/jail.c Wed Aug 29 16:00:26 2012 (r239853) +++ stable/9/usr.sbin/jail/jail.c Wed Aug 29 16:11:03 2012 (r239854) @@ -304,9 +304,33 @@ main(int argc, char **argv) for (i++; i argc; i++) add_param(NULL, NULL, IP_COMMAND, argv[i]); - break; } - add_param(NULL, NULL, 0, argv[i]); +#ifdef INET + else if (!strncmp(argv[i], ip4.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP4_ADDR, cs); + if (!ncs) + break; + } + } +#endif +#ifdef INET6 + else if (!strncmp(argv[i], ip6.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP6_ADDR, cs); + if (!ncs) + break; + } + } +#endif + else + add_param(NULL, NULL, 0, argv[i]); } } else { /* From the config file, perhaps with a specified jail */ ___ svn-src-all@freebsd.org
svn commit: r239871 - releng/9.1/usr.sbin/jail
Author: jamie Date: Wed Aug 29 18:40:12 2012 New Revision: 239871 URL: http://svn.freebsd.org/changeset/base/239871 Log: MFS r239854 (including MFC r239601, r239602, r239621): Remember that I'm using length-defined strings in parameters: Don't include the null terminator when recomputing the parameter length when stripping the netmask from IP addresses. This was causing later addresses in a comma-separated string to disappear. Use memcpy instead of strcpy. This could just cause Bad Things. Add a null byte when comma-combining array parameters. Pre-separate IP addresses passed on the command line, so they can be properly parsed for interface prefixes and netmask suffixes. This was already done for the old-style (fixed) command line, but missed for the new-style. PR: 170832 Approved by: re (kib) Modified: releng/9.1/usr.sbin/jail/config.c releng/9.1/usr.sbin/jail/jail.c Directory Properties: releng/9.1/usr.sbin/jail/ (props changed) Modified: releng/9.1/usr.sbin/jail/config.c == --- releng/9.1/usr.sbin/jail/config.c Wed Aug 29 18:37:10 2012 (r239870) +++ releng/9.1/usr.sbin/jail/config.c Wed Aug 29 18:40:12 2012 (r239871) @@ -596,7 +596,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -620,7 +620,7 @@ check_intparams(struct cfjail *j) error = -1; } *cs = '\0'; - s-len = cs - s-s + 1; + s-len = cs - s-s; } } } @@ -712,12 +712,11 @@ import_params(struct cfjail *j) value = alloca(vallen); cs = value; TAILQ_FOREACH_SAFE(s, p-val, tq, ts) { - strcpy(cs, s-s); - if (ts != NULL) { - cs += s-len + 1; - cs[-1] = ','; - } + memcpy(cs, s-s, s-len); + cs += s-len + 1; + cs[-1] = ','; } + value[vallen - 1] = '\0'; } if (jailparam_import(jp, value) 0) { error = -1; Modified: releng/9.1/usr.sbin/jail/jail.c == --- releng/9.1/usr.sbin/jail/jail.c Wed Aug 29 18:37:10 2012 (r239870) +++ releng/9.1/usr.sbin/jail/jail.c Wed Aug 29 18:40:12 2012 (r239871) @@ -304,9 +304,33 @@ main(int argc, char **argv) for (i++; i argc; i++) add_param(NULL, NULL, IP_COMMAND, argv[i]); - break; } - add_param(NULL, NULL, 0, argv[i]); +#ifdef INET + else if (!strncmp(argv[i], ip4.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP4_ADDR, cs); + if (!ncs) + break; + } + } +#endif +#ifdef INET6 + else if (!strncmp(argv[i], ip6.addr=, 9)) { + for (cs = argv[i] + 9;; cs = ncs + 1) { + ncs = strchr(cs, ','); + if (ncs) + *ncs = '\0'; + add_param(NULL, NULL, KP_IP6_ADDR, cs); + if (!ncs) + break; + } + } +#endif + else + add_param(NULL, NULL, 0, argv[i]); } } else { /* From the config file, perhaps with a specified jail */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to
svn commit: r188732 - head/sys/sys
Author: jamie Date: Tue Feb 17 21:29:39 2009 New Revision: 188732 URL: http://svn.freebsd.org/changeset/base/188732 Log: Remove obsolete prison_service declarations. Approved by: bz (mentor) Modified: head/sys/sys/jail.h Modified: head/sys/sys/jail.h == --- head/sys/sys/jail.h Tue Feb 17 21:17:21 2009(r188731) +++ head/sys/sys/jail.h Tue Feb 17 21:29:39 2009(r188732) @@ -195,21 +195,5 @@ int prison_check_af(struct ucred *cred, int prison_if(struct ucred *cred, struct sockaddr *sa); int prison_priv_check(struct ucred *cred, int priv); -/* - * Kernel jail services. - */ -struct prison_service; -typedef int (*prison_create_t)(struct prison_service *psrv, struct prison *pr); -typedef int (*prison_destroy_t)(struct prison_service *psrv, struct prison *pr); - -struct prison_service *prison_service_register(const char *name, -prison_create_t create, prison_destroy_t destroy); -void prison_service_deregister(struct prison_service *psrv); - -void prison_service_data_set(struct prison_service *psrv, struct prison *pr, -void *data); -void *prison_service_data_get(struct prison_service *psrv, struct prison *pr); -void *prison_service_data_del(struct prison_service *psrv, struct prison *pr); - #endif /* _KERNEL */ #endif /* !_SYS_JAIL_H_ */ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r188761 - in stable/7: lib/libc lib/libc/string lib/libc/sys sys sys/contrib/pf sys/dev/ath/ath_hal sys/dev/cxgb sys/kern sys/net sys/netinet sys/netinet6 sys/sys
Author: jamie Date: Wed Feb 18 20:12:08 2009 New Revision: 188761 URL: http://svn.freebsd.org/changeset/base/188761 Log: MFC: r188144: Standardize the various prison_foo_ip[46] functions and prison_if to return zero on success and an error code otherwise. The possible errors are EADDRNOTAVAIL if an address being checked for doesn't match the prison, and EAFNOSUPPORT if the prison doesn't have any addresses in that address family. For most callers of these functions, use the returned error code instead of e.g. a hard-coded EADDRNOTAVAIL or EINVAL. Always include a jailed() check in these functions, where a non-jailed cred always returns success (and makes no changes). Remove the explicit jailed() checks that preceded many of the function calls. r188146: Don't allow creating a socket with a protocol family that the current jail doesn't support. This involves a new function prison_check_af, like prison_check_ip[46] but that checks only the family. With this change, most of the errors generated by jailed sockets shouldn't ever occur, at least until jails are changeable. r188148: Remove redundant calls of prison_local_ip4 in in_pcbbind_setup, and of prison_local_ip6 in in6_pcbbind. r188149: Call prison_if from rtm_get_jailed, instead of splitting it out into prison_check_ip4 and prison_check_ip6. As prison_if includes a jailed() check, remove that check before calling rtm_get_jailed. r188151: Don't bother null-checking the thread pointer before the prison checks in udp6_connect (td is already dereferenced elsewhere without such a check). This makes the conversion from a sockaddr to a sockaddr_in6 always happen, so convert once at the beginning of the function rather than twice in the middle. Approved by: bz (mentor) Modified: stable/7/lib/libc/ (props changed) stable/7/lib/libc/string/ffsll.c (props changed) stable/7/lib/libc/string/flsll.c (props changed) stable/7/lib/libc/sys/send.2 stable/7/sys/ (props changed) stable/7/sys/contrib/pf/ (props changed) stable/7/sys/dev/ath/ath_hal/ (props changed) stable/7/sys/dev/cxgb/ (props changed) stable/7/sys/kern/kern_jail.c stable/7/sys/kern/uipc_socket.c stable/7/sys/net/if.c stable/7/sys/net/rtsock.c stable/7/sys/netinet/in.c stable/7/sys/netinet/in_pcb.c stable/7/sys/netinet/raw_ip.c stable/7/sys/netinet/tcp_usrreq.c stable/7/sys/netinet/udp_usrreq.c stable/7/sys/netinet6/in6.c stable/7/sys/netinet6/in6_pcb.c stable/7/sys/netinet6/in6_src.c stable/7/sys/netinet6/raw_ip6.c stable/7/sys/netinet6/udp6_usrreq.c stable/7/sys/sys/jail.h Modified: stable/7/lib/libc/sys/send.2 == --- stable/7/lib/libc/sys/send.2Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/lib/libc/sys/send.2Wed Feb 18 20:12:08 2009 (r188761) @@ -28,7 +28,7 @@ .\ From: @(#)send.2 8.2 (Berkeley) 2/21/94 .\ $FreeBSD$ .\ -.Dd September 13, 2006 +.Dd February 5, 2009 .Dt SEND 2 .Os .Sh NAME @@ -190,7 +190,7 @@ receiver is not listening on the remote The remote host was down. .It Bq Er ENETDOWN The remote network was down. -.It Bq Er EPERM +.It Bq Er EADDRNOTAVAIL The process using a .Dv SOCK_RAW socket was jailed and the source Modified: stable/7/sys/kern/kern_jail.c == --- stable/7/sys/kern/kern_jail.c Wed Feb 18 19:59:27 2009 (r188760) +++ stable/7/sys/kern/kern_jail.c Wed Feb 18 20:12:08 2009 (r188761) @@ -230,7 +230,7 @@ prison_check_conflicting_ips(struct pris if ((p-pr_ip4s = 1 pr-pr_ip4s 1) || (p-pr_ip4s 1 pr-pr_ip4s = 1)) { for (i = 0; i p-pr_ip4s; i++) { - if (_prison_check_ip4(pr, p-pr_ip4[i])) + if (_prison_check_ip4(pr, p-pr_ip4[i]) == 0) return (EINVAL); } } @@ -239,7 +239,7 @@ prison_check_conflicting_ips(struct pris if ((p-pr_ip6s = 1 pr-pr_ip6s 1) || (p-pr_ip6s 1 pr-pr_ip6s = 1)) { for (i = 0; i p-pr_ip6s; i++) { - if (_prison_check_ip6(pr, p-pr_ip6[i])) + if (_prison_check_ip6(pr, p-pr_ip6[i]) == 0) return (EINVAL); } } @@ -841,9 +841,10 @@ prison_proc_free(struct prison *pr) * Pass back primary IPv4 address of this jail. * * If not jailed return success but do not alter the address. Caller has to - * make sure to intialize it correctly (INADDR_ANY). + * make sure to intialize it correctly (e.g. INADDR_ANY). * - *